92cc227532d17e56e07902b254dfad10

View file

File name : addcommets.php
Content :
<?php
session_start();
include("../include/config.php");
include("../include/functions.php"); 
include("../include/simpleimage.php");
validate_admin();

if($_REQUEST['submitForm']=='yes'){
	$comments=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['comments']);
	$order_status=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['order_status']);
    $order_id=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['order_id']);
	$payment_status=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['payment_status']);
	$pay_via=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['pay_via']);
	$transaction_id=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['transaction_id']);
	$card_number=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['card_number']);
	$pay_date=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['pay_date']);
	$pay_amount=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['pay_amount']);
    $uid=mysqli_real_escape_string($GLOBALS['conn'],$_REQUEST['uid']);
	$obj->query("insert into $tbl_order_comments set comments='$comments',order_status='$order_status',payment_status='$payment_status',pay_amount='$pay_amount',pay_via='$pay_via',transaction_id='$transaction_id',card_number='$card_number',pay_date='$pay_date',order_id='$order_id',posted_date=now()");
	
	$obj->query("UPDATE $tbl_order set order_status='$order_status',payment_status='$payment_status' where id='$order_id'");	
    
    if($order_status==3){
        $obj->query("insert into tbl_klaviyoEvents set oid='$order_id',uid='$uid',event='Fulfilled Order',status=1");
    }elseif($order_status==15){
        $obj->query("insert into tbl_klaviyoEvents set oid='$order_id',uid='$uid',event='Canceled Order',status=1");
    }elseif($order_status==14){
        $obj->query("insert into tbl_klaviyoEvents set oid='$order_id',uid='$uid',event='Refunded Order',status=1");
    }
    
	################################ Reward Point Management ##################################

	$oArr=$obj->query("select user_id,total_amount,payment_status, coupon_code from $tbl_order where id='$order_id' ");
	$resultOrder=$obj->fetchNextObject($oArr);
	$user_id=$resultOrder->user_id;
	$total_amount=$resultOrder->total_amount;
	$setting_reward=getField('rewardamount',$tbl_setting,1);
	$reward_point=floor($total_amount/$setting_reward);

	if($_REQUEST['payment_status']==1){
		$ordArr=$obj->query("select id from $tbl_reward_history where  order_id='$order_id' and type='Cr' ");
		if($obj->numRows($ordArr)==0){
		$obj->query("insert into  $tbl_reward_history set order_id='$order_id',user_id='$user_id',reward_point='$reward_point',type='Cr',added_date=now(),status=1  ");
		}
	}
	if($resultOrder->payment_status==1){
		if($_REQUEST['payment_status']==0){
			$ordArr=$obj->query("select id from $tbl_reward_history where  order_id='$order_id' and type='Dr' ");
			if($obj->numRows($ordArr)==0){
			$obj->query("insert into  $tbl_reward_history set order_id='$order_id',user_id='$user_id',reward_point='$reward_point',type='Dr',added_date=now(),status=1  ");
			}
		}
	}
	
		if($order_status==17){
	    
	    $obj->query("UPDATE tbl_user set status='1',deleted_on=null,reviewStatus='Allowed' where id='$uid'");
	    $obj->query("update tbl_userUniqueDeviceIds set status=1 where userID='$uid'");
	    $tokenData = callAPI('POST','https://ormwebapi.quicklly.com/'.'login',array("email"=>"web-app@quicklly.com", "password"=>"cgcptcu97b"));
$apitoken = $tokenData->token;
$token=$apitoken;
	$results = callAPI('POST', 'https://ormwebapi.quicklly.com/'.'checkout/Checkout-Step2',array("oid"=>$order_id,'uid'=>$uid,'status'=>'success','token'=>$token));
	 $results->msg;
	 $obj->query("UPDATE tbl_order set order_status='17' where id='$order_id'");
	}
	################################ Reward Point Management End##################################
	$_SESSION['sess_msg']="Comment posted successfully.!";
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
	<title><?php echo SITE_TITLE; ?></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<link href="css/admin.css" rel="stylesheet" type="text/css" />
	<script type="text/javascript">

function validate(obj){

if(obj.order_status.value=='')	{

alert("Please select status");	

obj.order_status.focus();

return false;	

}

if(obj.payment_status.value==1){

if(obj.pay_via.value!='' && obj.pay_via.value=='Credit/Debit Card'){

	if(obj.transaction_id.value=='')	{

	alert("Please enter transaction id");	

    obj.transaction_id.focus();

    return false;	

	}

	

} 

if(obj.pay_amount.value==''){

	alert("Please enter received amount");	

    obj.pay_amount.focus();

    return false;	

	}



}}

</script>
	<script type="text/javascript">

function showFields(val){

	if(val==1){

	document.getElementById('pay_details').style.display='';	

	}else{

	document.getElementById('pay_details').style.display='none';	

	}

	

	}



</script>
	<script type="text/javascript">

function showCardDetail(val){

	if(val==1){

	document.getElementById('card_details').style.display='';	

	}else{

	document.getElementById('card_details').style.display='none';	

	}

	

	}



</script>
	<script type="text/javascript" src="js/jquery-1.7.2.min.js"></script>
	<link rel="stylesheet" href="calender/css/jquery-ui.css">
	<script src="calender/js/jquery-ui.js"></script>
	<script>

	$(function() {

	       $( "#pay_date" ).datepicker({

			changeMonth: true,

			changeYear: true,

			numberOfMonths: 1,

			dateFormat:'yy-mm-dd' ,

			yearRange:'2014:<?php echo date('Y');  ?>',

			

          })



		});

	

	</script>
	</head>

	<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
    <td align="left" valign="middle" class="headingbg bodr text14"><em><img src="images/arrow2.gif" width="21" height="21" hspace="10" align="absmiddle" /></em>Admin: Add Comment
          
          On Order ID : <?php echo $_REQUEST['order_id']; ?></td>
  </tr>
      <tr>
    <td height="100" align="left" valign="top" bgcolor="#f7faf9" class="bodr"><form name="frm" method="POST" enctype="multipart/form-data" action="" onSubmit="return validate(this)">
        <input type="hidden" name="submitForm" value="yes" />
        <input type="hidden" name="order_id" value="<?php echo $_REQUEST['order_id'];?>" />
        <table width="100%" cellpadding="0" cellspacing="0">
          <tr>
            <td align="center" colspan="2" style="color:#C00;"><?php echo $_SESSION['sess_msg'];$_SESSION['sess_msg']=''; ?></td>
          </tr>
          <tr>
            <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Current Status</strong></td>
            <td width="67%" align="left" class="paddBot11"><select name="order_status" style="width:240px;" >
                <option value="">Select  Status</option>
                <?php $statusArr=$obj->query("select * from $tbl_order_status where status=1 ");

									  $current_status=getField('order_status',$tbl_order,$_REQUEST['order_id']);

									   while($resultStatus=$obj->fetchNextObject($statusArr)){ ?>
                <option value="<?php echo $resultStatus->id; ?>" <?php if($resultStatus->id==$current_status){ ?>selected<?php } ?>><?php echo stripslashes($resultStatus->order_status); ?></option>
                <?php } ?>
              </select></td>
          </tr>
          <tr>
            <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Payment Status</strong></td>
            <td width="67%" align="left" class="paddBot11"><select name="payment_status" style="width:240px;"  onchange="return showFields(this.value)">
                <?php   $current_status=getField('payment_status',$tbl_order,$_REQUEST['order_id']);?>
                <option value="">Select</option>
                <option value="1" <?php if($current_status==1){ ?>selected<?php } ?>>Successfull</option>
                <option value="0" <?php if($current_status==0){ ?>selected<?php } ?>>Unsuccessfull</option>
              </select></td>
          </tr>
   <!--       <tr>
            <td colspan="2" <?php if($current_status!=1){ ?>style="display:none;"<?php } ?> id="pay_details"><table width="100%" border="0" cellspacing="0" cellpadding="0">
                <tr>
                  <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Payment Via</strong></td>
                  <td width="67%" align="left" class="paddBot11"><input type="radio" name="pay_via" value="Cash"  onclick="return showCardDetail(0)" checked="checked" />
                    Cash &nbsp;
                    <input type="radio" name="pay_via" value="Credit/Debit Card"  onclick="return showCardDetail(1)"/>
                    Cedit Card/Debit Card</td>
                </tr>
                <tr>
                  <td colspan="2" style="display:none;" id="card_details"><table width="100%" border="0" cellspacing="0" cellpadding="0">
                      <tr>
                        <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Transaction ID</strong></td>
                        <td width="67%" align="left" class="paddBot11"><input type="text" name="transaction_id" value="" /></td>
                      </tr>
                      <tr>
                        <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Card Last 4 Digits</strong></td>
                        <td width="67%" align="left" class="paddBot11"><input type="text" name="card_number" value="" /></td>
                      </tr>
                      <tr>
                        <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Payment Made Date</strong></td>
                        <td width="67%" align="left" class="paddBot11"><input type="text" name="pay_date" id="pay_date" value="" /></td>
                      </tr>
                    </table></td>
                </tr>
                <tr>
                  <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Received Amount</strong></td>
                  <td width="67%" align="left" class="paddBot11"><input type="text" name="pay_amount" value="" />
                    INR</td>
                </tr>
              </table></td>
          </tr>-->
          <tr>
            <td width="33%" align="right" class="paddBot11 paddRt14"><strong>Comment</strong></td>
            <td width="67%" align="left" class="paddBot11"><textarea name="comments" rows="5" cols="40"></textarea>
            <input type="hidden" name="uid" value="<?=$uid=getField('user_id',$tbl_order,$_REQUEST['order_id']);?>">
            </td>
          </tr>
          <tr>
            <td align="right" class="paddRt14 paddBot11">&nbsp;</td>
            <td align="left" class="paddBot11">&nbsp;</td>
          </tr>
          <tr>
            <td width="33%" align="right" class="paddRt14 paddBot11">&nbsp;</td>
            <td width="67%" align="left" class="paddBot11"><input type="submit" name="submit" value="Submit"  class="submit" border="0" />
              &nbsp;&nbsp;&nbsp;&nbsp;</td>
          </tr>
        </table>
      </form></td>
  </tr>
      <tr>
    <td align="center"></td>
  </tr>
      <?php $commentArr=$obj->query("select * from $tbl_order_comments where order_id='".$_REQUEST['order_id']."'  order by id desc ");

	if($obj->numRows($commentArr)>0){?>
      <tr>
    <td><table width="100%" border="0" cellspacing="4" cellpadding="4" bgcolor="#f7faf9" class="bodr">
        <tr>
          <td width="21%"><strong>Date</strong></td>
          <td width="21%"><strong>Pay Via</strong></td>
          <td width="21%"><strong>Received Amount</strong></td>
          <td width="21%"><strong>Received Date</strong></td>
          <td width="58%"><strong>Comment</strong></td>
        </tr>
        <?php while($resultComment=$obj->fetchNextObject($commentArr)){?>
        <tr>
          <td><?php echo date('d M Y H:i',strtotime($resultComment->posted_date)); ?></td>
          <td><?php  if($resultComment->pay_via=='Credit/Debit Card'){

		if($resultComment->transaction_id!=''){

		echo 'Transaction ID:#'.$resultComment->transaction_id."<br/>";

		}

		if($resultComment->card_number!=''){

		echo 'Crad Last digits:'.$resultComment->card_number."<br/>";

		}	

		

		?>
            <?php } else{?>
            Cash
            <?php }?></td>
          <td><?php  if($resultComment->pay_amount!=0){echo 'Rs. '.stripslashes($resultComment->pay_amount);} ?></td>
          <td><?php if($resultComment->posted_date!='0000-00-00'){ echo stripslashes($resultComment->posted_date); }?></td>
          <td><?php echo stripslashes($resultComment->comments); ?></td>
        </tr>
        <?php } ?>
      </table></td>
  </tr>
      <?php } ?>
    </table>
</td>
</tr>
</table>
<?php
if($resultOrder->coupon_code!=''){
// insert refer a friend reward point
if($_REQUEST['order_status']==3 && $_REQUEST['payment_status']==1){
$referarr=$obj->query("select ref_user_id,hero from tbl_coupon where coupon_code='$resultOrder->coupon_code' and status=1");
$resultrefer=$obj->fetchNextObject($referarr);

if($resultrefer->ref_user_id!='' && $resultrefer->hero==''){
	$obj->query("insert into tbl_reward_history set user_id='$resultrefer->ref_user_id', order_id='$order_id', reward_point='500', type='Cr', added_date='now()', status='1'");
	} 
	
// insert be a hero reward point
if($resultrefer->ref_user_id!='' && $resultrefer->hero=='0'){
$start_date= date('Y-m-01',strtotime(date('Y-m-d')));
$last_date = date('Y-m-t',strtotime(date('Y-m-d')));
$cArr=$obj->query("select count(*) as ordered from $tbl_order where coupon_code='$resultOrder->coupon_code' and order_date>'$start_date' and order_date<'$last_date'");
$os=$obj->fetchNextObject($cArr);

if($os==5){ $rewardearned=5000; 
$obj->query("insert into tbl_reward_history set user_id='$resultrefer->ref_user_id', order_id='$order_id', reward_point='$rewardearned', type='Cr', added_date='now()', status='1'"); }

if($os==10){ $rewardearned=5000; 
$obj->query("insert into tbl_reward_history set user_id='$resultrefer->ref_user_id', order_id='$order_id', reward_point='$rewardearned', type='Cr', added_date='now()', status='1'"); }

if($os==15){ $rewardearned=5000; 
$obj->query("insert into tbl_reward_history set user_id='$resultrefer->ref_user_id', order_id='$order_id', reward_point='$rewardearned', type='Cr', added_date='now()', status='1'"); }
}
}
	}
	


?>
</body>
</html>
Gel4y Mini Shell

View file
