MSV FM

dot.antimicrobial@66.96.161.157: ~ $
Path : /hermes/sb_web/b2680/childrendccom.domain.com/
File Upload :
Current < : /hermes/sb_web/b2680/childrendccom.domain.com/paypalData.php

<?php
include("includes/database.php");
include("functions/functions.php");

if(isset($_POST['send_custID'])){
	
	$send_custID = mysqli_real_escape_string($con, $_POST['send_custID']);
	$send_amtDue = mysqli_real_escape_string($con, $_POST['send_amtDue']);
	$send_invNo = mysqli_real_escape_string($con, $_POST['send_invNo']);
	$send_totalItem = mysqli_real_escape_string($con, $_POST['send_totalItem']);
	$ordStatus = "Pending";
	$pmt_method = "paypal";
	$couponStatus = "Complete";
	
	$send_custIP = getIp();
	$send_custAgentID = $customa_user_agent_id;
	
	$sel_price2 = "select * from cart where ip_address = '$send_custIP' AND customer_user_agent = '$send_custAgentID'";
	$run_price2 = mysqli_query($con, $sel_price2);
	while($row_p2 = mysqli_fetch_array($run_price2)){
		
		$prod_id2 = $row_p2['product_id'];
		$prod_qty2 = $row_p2['quantity'];
		
		$pen_query2 = "insert into pending_orders (customer_id, invoice_no, product_id, quantity, order_status) values ('$send_custID','$send_invNo','$prod_id2','$prod_qty2','$ordStatus')";
		$run_penq2 = mysqli_query($con, $pen_query2);
	}
	
	$insert_order = "insert into customer_orders (customer_id, due_amount, invoice_no, total_products, order_date, order_status, payment_method) values ('$send_custID','$send_amtDue','$send_invNo','$send_totalItem',NOW(),'$ordStatus','$pmt_method')";
	$run_order = mysqli_query($con, $insert_order);
	
	//coupon code system
	$CuQuery = "select * from coupon_code where customer_id = '$send_custID' AND usage_status = 'used' AND coupon_status = '' ORDER BY coupon_id DESC LIMIT 1";
	$run_CuQuery = mysqli_query($con, $CuQuery);
	$count_CuQuery = mysqli_num_rows($run_CuQuery);
	if($count_CuQuery == 1){
		$row_CuQuery = mysqli_fetch_array($run_CuQuery);
		$CuQ_coupID = $row_CuQuery["coupon_id"];
		$upd_CuQuery = "UPDATE coupon_code set coupon_status = '$couponStatus' where coupon_id = '$CuQ_coupID'";
		$run_upd_CuQuery = mysqli_query($con, $upd_CuQuery);
	}
	//coupon code system

	$empty_cart = "delete from cart where ip_address = '$send_custIP' AND customer_user_agent = '$send_custAgentID'";
	$run_del = mysqli_query($con, $empty_cart);
	
}
?>