<?php
session_start();
include("../includes/database.php");
include("../functions/functions.php");
// Import PHPMailer classes into the global namespace
// These must be at the top of your script, not inside a function
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\Exception;
// Load Composer's autoloader
require "PHPMailer/vendor/autoload.php";
function sendEmail($to, $from, $fromName, $body){
$mail = new PHPMailer(true);
$mail->setFrom($from, $fromName);
$mail->addAddress($to);
$mail->isHTML(true);
$mail->Subject = "Customer Payment Confirmation";
$mail->Body = $body;
return $mail->send();
}
if(!$_SESSION["customer_email"]){
header("location: ../checkout.php?error=Please-Provide-Your-Login-Details-Thanks.");
}else{
$user_a = @$_SESSION["customer_email"];
$user_ip_a = getIp();
$get_user_a = "select * from customers where customer_email = '$user_a' AND customer_ip = '$user_ip_a'";
$run_user_a = mysqli_query($con, $get_user_a);
$row_a = mysqli_fetch_array($run_user_a);
$cust_id_a = $row_a["customer_id"];
$cust_name_a = $row_a["customer_name"];
$cust_image_a = $row_a["customer_image"];
$cust_email_a = $row_a["customer_email"];
$cust_pass_a = $row_a["customer_pass"];
$cust_address_a = $row_a["customer_address"];
$cust_gender_a = $row_a["customer_gender"];
$cust_location_a = $row_a["customer_location"];
$cust_phone_a = $row_a["customer_phone"];
$order_id = $_GET['payment'];
$get_ord = "select * from customer_orders where order_id = '$order_id'";
$run_ord = mysqli_query($con, $get_ord);
$row_ord = mysqli_fetch_array($run_ord);
$inv_num = $row_ord['invoice_no'];
$due_amt = $row_ord['due_amount'];
$ord_date = $row_ord['order_date'];
$due_amt = number_format((float) $due_amt);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title><?php echo $cust_name_a; ?>'s Payment Confirmation | <?php echo $comp_title; ?></title>
<?php include("includes/head.php"); ?>
<script>
function numbersOnly(input){
var regex = /[^0-9]/g;
input.value = input.value.replace(regex, "");
}
</script>
</head>
<body class="cbp-spmenu-push">
<div class="main-content">
<!--left-fixed -navigation-->
<div class=" sidebar" role="navigation">
<div class="navbar-collapse">
<?php include("includes/menu.php"); ?>
</div>
</div>
<!--left-fixed -navigation-->
<!-- header-starts -->
<?php include("includes/header.php"); ?>
<!-- //header-ends -->
<!-- main content start-->
<div id="page-wrapper">
<div class="main-page">
<div class="grid_3 grid_5 widget-shadow">
<h3 class="hdg">Please Confirm Your Payment</h3>
<div>
<form action="confirm.php?payment=<?php echo $order_id; ?>" method="POST">
<table class="table table-responsive table-striped">
<tr>
<td>Invoice Number:</td>
<td><input type="text" name="invoice_no" readonly class="input-control" value="#<?php echo $inv_num; ?>" required /></td>
</tr>
<tr>
<td>Amount Paid:</td>
<td><input type="text" name="amount_paid" onkeyup="numbersOnly(this)" class="input-control" placeholder="Amount Payable - <?php echo $currency; ?><?php echo $due_amt; ?>.00" required /></td>
</tr>
<tr>
<td>Payment Method:</td>
<td><select name="payment_method" class="input-control">
<option value="null">Select Payment Method</option>
<option value="Bank Transfer">Bank Transfer</option>
<option value="Online Transfer">Online Transfer</option>
<option value="Western Union">Western Union</option>
</select></td>
</tr>
<tr>
<td>Transaction ID:</td>
<td><input type="text" name="ref_id" class="input-control" placeholder="Your Transaction ID" required /></td>
</tr>
<tr>
<td>Payment Date:</td>
<td><input type="date" name="date" class="input-control" required /></td>
</tr>
</table>
<hr />
<center><input type="submit" class="btn btn-primary" name="confirm_payment" value="Confirm Payment" /></center>
</form>
<?php
if(isset($_POST['confirm_payment'])){
$inv_no = mysqli_real_escape_string($con, $_POST['invoice_no']);
$amt_paid = mysqli_real_escape_string($con, $_POST['amount_paid']);
$pmt_method = mysqli_real_escape_string($con, $_POST['payment_method']);
$ref_no = mysqli_real_escape_string($con, $_POST['ref_id']);
$pmt_date = mysqli_real_escape_string($con, $_POST['date']);
/*
$to_bcc = "paredaimplus@gmail.com"; //Additional Email Address to recieve this email
$to_email = "info@360degreepharmacy.com"; //Main Email Address to recieve this email
$name = $cust_name_a;
$email = $cust_email_a;
$body = "
<h1>New Customer Order</h1>
<h3>Customer Name: $cust_name_a</h3>
<h3>Customer Email: $cust_email_a</h3>
<h3>Customer Phone: $cust_phone_a</h3>
<h3>Customer Address: $cust_address_a</h3>
<hr />
<h3>Invoice Number: $inv_no</h3>
<h3>Amount Paid: $amt_paid</h3>
<h3>Payment Method: $pmt_method</h3>
<h3>Ref. No.: $ref_no</h3>
<h3>Payment Date: $pmt_date</h3>
";*/
if($pmt_method == "null"){
echo "<script>alert('Please fill in all fields, thanks!')</script>";
exit();
}else{
$pmt_query = "insert into payments (invoice_no, amount_paid, payment_method, transaction_id, payment_date, confirmation_date) values ('$inv_no','$amt_paid','$pmt_method','$ref_no','$pmt_date',NOW())";
$run_pmt = mysqli_query($con, $pmt_query);
if($run_pmt){
$update_ord = "update customer_orders set order_status = 'Complete', order_date = '$ord_date' where order_id = '$order_id'";
$run_update = mysqli_query($con, $update_ord);
//sendEmail($to_email, $email, $name, $body);
//sendEmail($to_bcc, $email, $name, $body);
echo "<script>alert('Thank you for completing your order. You will get a call within the hour confirming your payment/order and your order delivery date, thanks!')</script>";
echo "<script>window.open('my_orders.php','_self')</script>";
}
}
}
?>
</div>
</div>
<div class="clearfix"> </div>
</div>
</div>
<!--footer-->
<?php include("includes/footer.php"); ?>
<!--//footer-->
</div>
</body>
</html>
<?php } ?>