Uname : Linux V-ShopU01 4.18.0-348.20.1.el8_5.x86_64 #1 SMP Thu Mar 10 20:59:28 UTC 2022 x86_64
Server : Apache/2.4.37 (rocky) OpenSSL/1.1.1k
Whoami : apache
Safe Mode : OFF
DOCUMENT ROOT : /var/www/html/site_shopudietDisable Function :
Path : /var/www/html/site_shopudiet/admin/
Server IP : 65.20.74.164
Client IP : 13.59.26.152
| Current File : /var/www/html/site_shopudiet/admin/edit_confirm.php |
<?php
include 'dbconnect.php';
$id=$_REQUEST['id'];
$user_id=$_POST['user_id'];
$username=$_POST['username'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$address=$_POST['address'];
$postcode=$_POST['postcode'];
$status=$_POST['order'];
$city=$_POST['city'];
$date=date('Y-m-d H:i:s');
$order_id = 'FC00'.$id;
$cart_id=$_POST['cart_id'];
$items = implode(',', $_POST['items']);
$items_no = implode(',', $_POST['no_item']);
$grand_total_fe = $_POST['total_grand'];
if(isset($status)){
$sam=explode(",",$items);
$num=explode(",",$items_no);
$count=count($sam);
$prdctrate=0;
$pkgrate=0;
$prdctgrand=$pkggrand=0;
$item_fin=array();
for($i=0;$i<count($sam);$i++){
$item1= $sam[$i];
/* $sql="select * from product where id ='".$item1."'";
$result_pin=mysqli_query($conn,$sql);
while($row=mysqli_fetch_array($result_pin)) {
$pr[]=$row['product_name'];
$pid[]=$row['id'];
}
if(mysqli_num_rows($result_pin)==0){
$pr[]=$item1;
}*/
$no_item = $num[$i];
if(is_numeric($item1))
{
$sql="select * from product where id ='".$item1."'";
$result_pin=mysqli_query($conn,$sql);
while($row=mysqli_fetch_array($result_pin)) {
$pr[]=$row['product_name'];
}
} else {
$pr[]=$item1;
}
$sql="select * from product where id ='".$item1."'";
$result_pin=mysqli_query($conn,$sql);
$row=mysqli_fetch_array($result_pin);
$item_fin=array();
if (mysqli_num_rows($result_pin)>0) {
$pro_id = $row['id'];
$usr_id = $user_id;
$car_id = $cart_id;
$con_id = $id;
$price = $row['price'];
$cgst = $row['cgst'];
$sgst = $row['sgst'];
$gst = $row['gst'];
$gst_price = $row['gst_price'];
$total = $price*$no_item;
$date = date('y-m-d');
mysqli_query($conn," INSERT INTO `purchased_products`(`product_id`, `user_id`, `cart_id`, `confirm_id`, `price`,`cgst`,`sgst`,`gst`,`gst_price`,`no_of_item`,`total`,`date`) VALUES ('$pro_id','$usr_id','$car_id','$con_id','$price','$cgst','$sgst','$gst','$gst_price','$no_item','$total','$date')");
$p_id[] = $row['id'];
$prduct_id=$row['id'];
$prdctname=$row['product_name'];
$stock=$row['stock'];
$price=$row['price'];
$quantity=$row['weight'];
$product_description=$row['description'];
$feature_image=$row['file1'];
$gst = $row['gst'];
$cgst = $row['cgst'];
$sgst = $row['sgst'];
$no=$_POST['qnty'];
$stock = $row['stock'];
$op = $stock-$no_item;
mysqli_query($conn," UPDATE product SET stock='$op' WHERE id='$prduct_id' ");
if($op <= 0) {
$sts ='no';
mysqli_query($conn," UPDATE product SET status='$sts' WHERE id='$prduct_id' ");
}
$total=$price*$no_item;
$date = date('Y-m-d H:i:s');
$flag='1';
$stat = 'confirm';
$sql="insert into product_cart(prdctname,price,prduct_id,user_id,user_name,email,phone,product_description,quantity,no_of_item,feature_image,status,date,total,flag,stock,gst,cgst,sgst,cart_id,order_id) values('$prdctname','$price','$prduct_id','$user_id','$username','$email','$phone','$product_description','$quantity','$no_item','$feature_image','$stat','$date','$total','$flag','$stock','$gst','$cgst','$sgst','$cart_id','$order_id')";
mysqli_query($conn,$sql);
$prdctrate=$num[$i]*$row['price'];
$prdctgrand=$prdctgrand+$prdctrate;
} else if (mysqli_num_rows($result_pin)==0) {
$sql="select * from packages where product_name='".$item1."'";
$result_pin=mysqli_query($conn,$sql);
$row=mysqli_fetch_array($result_pin);
$pro_id = $row['id'];
$usr_id = $user_id;
$car_id = $cart_id;
$con_id = $id;
$price = $row['price'];
$cgst = $row['cgst'];
$sgst = $row['sgst'];
$gst = $row['gst'];
$gst_price = $row['gst_price'];
$total = $price*$no_item;
$date = date('y-m-d');
mysqli_query($conn," INSERT INTO `purchased_products`(`product_id`, `user_id`, `cart_id`, `confirm_id`, `price`,`cgst`,`sgst`,`gst`,`gst_price`,`no_of_item`,`total`,`date`) VALUES ('$pro_id','$usr_id','$car_id','$con_id','$price','$cgst','$sgst','$gst','$gst_price','$no_item','$total','$date')");
$p_id[] = $row['id'];
$prduct_id=$row['id'];
$prdctname=$row['product_name'];
$price=$row['price'];
$total=$price*$no_item;
$quantity=$row['weight'];
$product_description=$row['description'];
$feature_image=$row['image'];
$status='confirm';
$flag=1;
$stat='confirm';
$gst_price = $row['gst_price'];
$date = date('Y-m-d H:i:s');
$sql="insert into product_cart(prdctname,price,prduct_id,user_id,user_name,email,phone,product_description,quantity,no_of_item,feature_image,status,date,gst_price,cart_id,flag,total,order_id) values('$prdctname','$price','$prduct_id','$user_id','$username','$email','$phone','$product_description','$quantity','$no_item','$feature_image','$stat','$date','$gst_price','$cart_id','$flag','$total','$order_id')";
mysqli_query($conn,$sql);
$pkgrate=$num[$i]*$row['price'];
$pkggrand=$pkggrand+$pkgrate;
}
}
$prod = implode(',',$pr);
$query="select * from confirm_order where id='$id'";
$result = mysqli_query($conn,$query);
$row = mysqli_fetch_array($result);
$prdct_name=explode(',', $row['product']);
$product_id = explode(',',$row['product_id']);
$product_no=explode(',', $row['no_item']);
$item=explode(',', $prod);
$no_item=explode(',', $items_no);
// $count1=count($prdct_name);
// $count2=count($coun_item);
// $count3=$count1+$cunt2;
// for($i=$count1;$i<$count3;$i++){
// $items = implode(',', $_POST['items']);
// }
$item_enter=array_merge($prdct_name,$item);
$pid=array_merge($product_id,$p_id);
$item_num=array_merge($product_no,$no_item);
//print_r($item_num);exit();
$items_enter = implode(',', $item_enter);
$pr_id = implode(',',$pid);
$items_num = implode(',', $item_num);
//print_r($items_num);exit();
$count=count($item_enter);
$product_org=explode(',', $items_enter);
$product_num_org=explode(',', $items_num);
// print_r($item_enter);
// print_r($item_num);
// echo $cat;
// echo $id;
for($i=0;$i<count($item_enter);$i++){
$sql="select * from product where product_name='".$product_org[$i]."'";
$result_pin=mysqli_query($conn,$sql);
$row=mysqli_fetch_array($result_pin);
$price=$row['price'];
if (mysqli_num_rows($result_pin)==0) {
$sql="select * from packages where product_name='".$product_org[$i]."'";
$result_pin=mysqli_query($conn,$sql);
$row=mysqli_fetch_array($result_pin);
$price=$row['price'];
}
$total=$total+($price*$product_num_org[$i]);
}
$grand_total=$total+30;
$grand_total_fes=$grand_total_fe+$prdctgrand+$pkggrand;
$sql="update confirm_order set username='$username',email='$email',phone='$phone',address='$address',postcode='$postcode',status='$status',date='$date',city='$city',product='$items_enter',no_item='$items_num',item_no='$count',total='$grand_total_fes',product_id='$pr_id' where id='$id' ";
if(mysqli_query($conn,$sql)){
header('location:conform_product.php');
}
else{
echo"not inserted".mysqli_error();
}
mysqli_close($conn);
}
else{
$sql="update confirm_order set username='$username',email='$email',phone='$phone',address='$address',postcode='$postcode',status='$status' where id='$id' ";
if(mysqli_query($conn,$sql)){
header('location:conform_product.php');
}
else{
echo"not inserted".mysqli_error();
}
mysqli_close($conn);
}
?>