Server : LiteSpeed System : Linux us-phx-web1202.main-hosting.eu 4.18.0-553.84.1.lve.el8.x86_64 #1 SMP Tue Nov 25 18:33:03 UTC 2025 x86_64 User : u615232177 ( 615232177) PHP Version : 8.1.33 Disable Function : NONE Directory : /home/u615232177/public_html/ |
<?php use PHPMailer\PHPMailer\PHPMailer;use PHPMailer\PHPMailer\Exception;use PHPMailer\PHPMailer\SMTP; session_start();
//create a cookie so we can track add to cart
if( !isset($_COOKIE["cart"])){
$ip_add = substr(md5(rand()), 0, 20);
setcookie("cart", "$ip_add");
}
else{
$ip_add = $_COOKIE["cart"];
}
include("minks.php");
$stmt40 = $con -> prepare('SELECT * FROM top_stuff');
$stmt40 -> execute();
$stmt40 -> store_result();
$stmt40 -> bind_result($id43,$top_header,$top_paragraph,$shipping_fee);
$numrows40 = $stmt40 -> num_rows();
if($numrows40 > 0){
while ($stmt40 -> fetch()) {
}}
if(isset($_SESSION["user_id"])){
$user_id = $_SESSION["user_id"];
}
if(isset($_POST["place_order"])){
$first_name = mysqli_real_escape_string($con,$_POST['first_name']);
$last_name = mysqli_real_escape_string($con,$_POST['last_name']);
$email = mysqli_real_escape_string($con,$_POST['email']);
$password = mysqli_real_escape_string($con,$_POST['password']);
$address = mysqli_real_escape_string($con,$_POST['address']);
$phone = mysqli_real_escape_string($con,$_POST['phone']);
$comments = mysqli_real_escape_string($con,$_POST['comments']);
$payment_method = mysqli_real_escape_string($con,$_POST['payment_method']);
$first_name = trim($first_name);
$last_name = trim($last_name);
$first_name = strtolower($first_name);
$last_name = strtolower($last_name);
$first_name = ucwords($first_name);
$last_name = ucwords($last_name);
//is this first time? if so we insert,send welcome email,
$sql = "SELECT email FROM users WHERE email = '$email' LIMIT 1" ;
$check_query = mysqli_query($con,$sql);
$count_email = mysqli_num_rows($check_query);
//none found so insert and send welcome email
if($count_email < 1){
$user_id = substr(md5(rand()), 0, 10);
$date_signed_up = date("D,dS M, Y g:ia");
//insert email into our email database
mysqli_query($con,"INSERT INTO email_subscribers VALUES(
'0',
'$email',
'$date_signed_up'
)")or die(mysqli_error($con));
$sql = "INSERT INTO users VALUES(
'0',
'$user_id',
'$first_name',
'$last_name',
'$email',
'$password',
'$phone',
'$address',
'$date_signed_up'
)";
$run_query = mysqli_query($con,$sql)or die(mysqli_error($con));
//send welcome notification
$content ="Welcome to <b>$company_name</b>";
$sender ="System";
$receiver = "$user_id";
$seen ="No";
$date_notification = date("D,dS M, Y g:ia");
mysqli_query($con,"INSERT INTO notifications VALUES(
'0',
'$content',
'$sender',
'$receiver',
'$seen',
'$date_notification'
)")or die(mysqli_error($con));
//send them the confirmation email
$msg = '';
$subject = "$first_name thank you for signing up on $company_name";
$message="";
$button_link="$link/sign_in.php";
$button_text="Log in";
$email_topic="You are welcome!";
include("email_header.php");
$message .= "
Dear $first_name,<br/><br/>
Thank you for signing up with us at $company_name.Your search for an awesome shopping experience is over!<br/>If you have any questions please contact our dedicated support staff at $company_email<br/><br/>
The $company_name Team.<br/><br/>
$email_logo<br/><br/>
";
include("email_footer.php");
require 'PHPMailer/src/PHPMailer.php';
require 'PHPMailer/src/SMTP.php';
require 'PHPMailer/src/Exception.php';
$mail = new PHPMailer();
//$mail->IsSMTP(); // telling the class to use SMTP
//$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "localhost"; // sets the SMTP server
$mail->Port = 25; // set the SMTP port for the GMAIL server
$mail->Username = "$no_reply_email"; // SMTP account username
$mail->Password = "$no_reply_password"; // SMTP account password
$mail->SetFrom("$company_email", "$company_name");//Use a fixed address in your own domain as the from address
$mail->AddReplyTo("$company_email", "$company_name"); //Put the submitter's address in a reply-to header
$mail->Subject = "$subject";
$mail->MsgHTML("<html><body>$message<br></body></html>");
$mail->AddAddress("$email", "$email");//Send the message to yourself, or whoever should receive contact for submissions
//$mail->AddAttachment(""); // attachment
if(!$mail->Send()) {
//echo "Mailer Error: " . $mail->ErrorInfo;
$msg = "<div class='alert alert-danger'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<b>Something went wrong, please try again</b>
$mail->ErrorInfo
</div>";
}
else {
$msg = "<div class='alert alert-success'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<b>Email Sent</b>
</div>";
}
//email an autoresponse to the person too
$mail->clearAddresses();
$mail->clearReplyTos();
$subject1 = "$first_name $last_name signed up"; // form field
$message1 = "
<div style='font-family:Calibri;'>
Dear Admin,<br/><br/>
$first_name $last_name just signed up.
<br/><br/>
Click <a href='https://$link/admin$admin_no/user_view.php?u=$user_id'>here</a> to view.
<br/><br/>
$email_logo
</div>
";
$mail->SetFrom("$company_email", "$company_name");//Use a fixed address in your own domain as the from add
$mail->AddAddress("$company_email", "$company_name");//Send the message to yourself, or whoever should receive contact for submissions
$mail->AddReplyTo("$company_email", "$company_name"); //Put the submitter's address in a reply-to header
$mail->Subject = "$subject1";
$mail->MsgHTML("<html><body>$message1<br></body></html>");
if(!$mail->Send()) {
//echo "Mailer Error: " . $mail->ErrorInfo;
$msg = "Email not sent, please try again Mailer Error: ";
}
else {
//echo "Thanks for getting in touch, we will get back to ASAP";
$msg = "<span style='color:darkorange;'>Hey $first_name thanks for getting in touch with us, we will get back to you very shortly!</span>";
}
}//end of first time user
else{
//else we find them in the user table meaning its a returning person so we just update, and NO welcome email, that would be irritating
require 'PHPMailer/src/PHPMailer.php';
require 'PHPMailer/src/SMTP.php';
require 'PHPMailer/src/Exception.php';
$mail = new PHPMailer();
$stmt1 = $con -> prepare('UPDATE users SET
phone =?,
address =?
WHERE email =?');
$stmt1 -> bind_param('sss',
$phone,
$address,
$email);
$stmt1 -> execute();
//we need the user_id to sign them in,
$sql = "SELECT user_id FROM users WHERE email = '$email' LIMIT 1" ;
$checker_query = mysqli_query($con,$sql);
while ($rower=mysqli_fetch_array($checker_query)) {
$user_id = $rower["user_id"];
}
}
//create the sesssion
$_SESSION["email"] = $email;
$_SESSION["user_id"] = $user_id;
$_SESSION["first_name"] = $first_name;
//create their order send them an email about it and tell the merchant about it too
//generate the order_id
$order_id = substr(md5(rand()), 0, 8);
$sql = "SELECT a.product_id,a.product_title,a.product_price,a.old_price,a.product_image,b.id,b.qty FROM products a,cart b WHERE a.product_id=b.p_id AND b.ip_add = '$ip_add'";
$run_query = mysqli_query($con,$sql);
$n=0;
while ($row=mysqli_fetch_array($run_query)) {
$n++;
$product_id = $row["product_id"];
$product_title = $row["product_title"];
$product_price = $row["product_price"];
$product_image = $row["product_image"];
$cart_item_id = $row["id"];
$qty = $row["qty"];
$old_price = $row["old_price"];
if(!$old_price == ""){
$full_price = $product_price;
$percent_off = $old_price;
$percentInDecimal = $percent_off / 100;
$percent = $percentInDecimal * $full_price;
$discounted_price = $full_price - $percent;
$product_price = $discounted_price;
}
//dump the cart details into this nifty looking array
$query = mysqli_query($con,"INSERT INTO cart_details VALUES(
'0',
'$order_id',
'$product_id',
'$product_title',
'$product_price',
'$product_image',
'$qty'
)")or die(mysqli_error($con));
//get total
$total = $qty * $product_price;
$total_array[] = $total;
}//while ends here
//get the total amount
$grand_total = array_sum($total_array);
$gt = $grand_total + $shipping_fee;
//nice date
$nice_date = date("D,dS M, Y g:ia");
//horrible date
$horrible_date = date("Y-m-d");
$status = "Pending";
$query = mysqli_query($con,"INSERT INTO my_orders VALUES(
'0',
'$user_id',
'$order_id',
'$gt',
'$nice_date',
'$horrible_date',
'$status',
'no',
'no',
'$shipping_fee',
'$payment_method'
)")or die(mysqli_error($con));
if($payment_method=="Pay on Delivery"){
//send the emails to both customer and merchant
$msg = '';
$subject = "Order No $order_id";
$message="";
$message .= "
Hello Admin,<br/><br/>
Name - $first_name $last_name<br/>
Email - $email<br/>
Phone - $phone<br/>
Comments - $comments<br/>
Payment Method - $payment_method<br/>
Details of order <b style='color:cornflowerblue;'>$order_id</b><br/>";
$che = mysqli_query($con,"SELECT * FROM cart_details WHERE order_id='$order_id'");
if (mysqli_num_rows($che) > 0) {
while ($get = mysqli_fetch_array($che)) {
$product_id = $get["product_id"];
$product_title = $get["product_title"];
$product_image = $get["product_image"];
$product_price = $get["product_price"];
$qty = $get["qty"];
$message .="
<img src='$link/admin$admin_no/assets/img/products/$product_image' alt='$product_title' style='width:70px;height:70px;'>
<h5 style='font-weight:700;font-size:14px;line-height:1px;'>$product_title</h5>
<p style='font-size:10px;line-height:1px;'>$currency$product_price.00</p>
<p style='font-size:10px;line-height:1px;'>Quantity - $qty</p>
<div style='color:gainsboro;opacity:0.5;'><hr/></div>
";
}
}
$message .="
<span style='font-weight:900;'>$currency$shipping_fee.00</span> - Shipping Fee<br/>
<span style='font-weight:900;'>$currency$total.00</span> - Total<br/><br/>
To attend to this order click <a href='$link/admin$admin_no/orders_pending.php'>here</a>
";
//$mail->IsSMTP(); // telling the class to use SMTP
//$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "localhost"; // sets the SMTP server
$mail->Port = 25; // set the SMTP port for the GMAIL server
$mail->Username = "$no_reply_email"; // SMTP account username
$mail->Password = "$no_reply_password"; // SMTP account password
$mail->SetFrom("$company_email", "$company_name");//Use a fixed address in your own domain as the from address
$mail->AddReplyTo("$company_email", "$company_name"); //Put the submitter's address in a reply-to header
$mail->Subject = "$subject";
$mail->MsgHTML("<html><body>$message<br></body></html>");
$mail->AddAddress("$company_email", "$company_name");//Send the message to yourself, or whoever should receive contact for submissions
//$mail->AddAttachment(""); // attachment
if(!$mail->Send()) {
//echo "Mailer Error: " . $mail->ErrorInfo;
$msg = "<div class='alert alert-danger'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<b>Something went wrong, please try again</b>
$mail->ErrorInfo
</div>";
}
else {
$msg = "<div class='alert alert-success'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<b>Email Sent</b>
</div>";
}
$mail->clearAddresses();
$mail->clearReplyTos();
unset($message);
$msg = '';
$subject = "$first_name thank you for your order $order_id";
$message="";
$button_link="$link/sign_in.php";
$button_text="Log in";
$email_topic="Your order has been made.";
include("email_header.php");
$message .= "
Dear $first_name,<br/><br/>
Thank you for shopping up with us at $company_name.Your order is now being processed. We will contact you shortly to confirm your order.<br/>If you have any questions please contact our dedicated support staff at $company_email<br/><br/>
The $company_name Team.<br/><br/>
Please find the details of your order below:<br/>";
$che = mysqli_query($con,"SELECT * FROM cart_details WHERE order_id='$order_id'");
if (mysqli_num_rows($che) > 0) {
while ($get = mysqli_fetch_array($che)) {
$product_id = $get["product_id"];
$product_title = $get["product_title"];
$product_image = $get["product_image"];
$product_price = $get["product_price"];
$qty = $get["qty"];
$message .="
<img src='$link/admin$admin_no/assets/img/products/$product_image' alt='$product_title' style='width:70px;height:70px;'>
<h5 style='font-weight:700;font-size:14px;line-height:1px;'>$product_title</h5>
<p style='font-size:10px;line-height:1px;'>$currency$product_price.00</p>
<p style='font-size:10px;line-height:1px;'>Quantity - $qty</p>
<div style='color:gainsboro;opacity:0.5;'><hr/></div>
";
}
}
$message.="$email_logo<br/><br/>
";
include("email_footer.php");
//$mail->IsSMTP(); // telling the class to use SMTP
//$mail->SMTPAuth = true; // enable SMTP authentication
$mail->Host = "localhost"; // sets the SMTP server
$mail->Port = 25; // set the SMTP port for the GMAIL server
$mail->Username = "$no_reply_email"; // SMTP account username
$mail->Password = "$no_reply_password"; // SMTP account password
$mail->SetFrom("$company_email", "$company_name");//Use a fixed address in your own domain as the from address
$mail->AddReplyTo("$company_email", "$company_name"); //Put the submitter's address in a reply-to header
$mail->Subject = "$subject";
$mail->MsgHTML("<html><body>$message<br></body></html>");
$mail->AddAddress("$email", "$email");//Send the message to yourself, or whoever should receive contact for submissions
//$mail->AddAttachment(""); // attachment
if(!$mail->Send()) {
//echo "Mailer Error: " . $mail->ErrorInfo;
$msg = "<div class='alert alert-danger'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<b>Something went wrong, please try again</b>
$mail->ErrorInfo
</div>";
}
else {
$msg = "<div class='alert alert-success'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<b>Email Sent</b>
</div>";
}
//send notification
$content ="Your order $order_id has been successfully made";
$sender ="System";
$receiver = "$user_id";
$seen ="No";
$date_notification = date("D,dS M, Y g:ia");
mysqli_query($con,"INSERT INTO notifications VALUES(
'0',
'$content',
'$sender',
'$receiver',
'$seen',
'$date_notification'
)")or die(mysqli_error($con));
//take them to the success page
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Your order has been successfully made. We will contact you shortly to confirm your order. Thanks for shopping at $company_name";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=your_account.php&m=$message\">";
exit();
}
if($payment_method=="Online Payment"){
//take them to the success page
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Thanks for shopping at $company_name, you are being directed to our secure payment page.";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=order_payment.php?order_id=$order_id&m=$message\">";
exit();
}
if($payment_method=="Bank Transfer"){
//take them to the success page
//create a session to verify it's coming from here
$_SESSION["action"] = "true";
$message="Thanks for shopping at $company_name, you are being directed to our Bank transfer payment page.";
echo "<meta http-equiv=\"refresh\" content=\"0; url=success.php?u=order_transfer.php?order_id=$order_id&m=$message\">";
exit();
}
}
?>