DarkPrince2005 Posted July 31, 2009 Share Posted July 31, 2009 Ok fellow php developers, I've got a headache. 3 Pages, and the payable amount should depend on which country the client resides in(stored in database). I need expertize, as i cannot really make out what the original designer did... Personally I don't think he knew what he was doing, but ok. :facewall: functions.php <?php include "config.php"; if (((session_id() <> "") || (session_id()==0)) && ((!isset($_SESSION)))) { @session_start(); } array_walk_recursive($_REQUEST, 'sanitize_input'); array_walk_recursive($_POST, 'sanitize_input'); function sanitize_input(&$request) { $c = db_connect(); $request = mysql_real_escape_string(strip_tags($request)); } function db_connect() { global $dbhost, $dbname, $dbuname, $dbpass; $c = mysql_connect($dbhost, $dbuname, $dbpass) or die("Unable to connect to database server.".mysql_error()); mysql_select_db($dbname, $c) or die("Unable to select database.".mysql_error()); return $c; } function db_disconnect() { } function run_query($sql) { $c = db_connect(); mysql_query($sql,$c) or die(mysql_error()); return mysql_insert_id(); } function query_results_multiple($sql) { $c = db_connect(); $result = mysql_query($sql,$c) or die(mysql_error()); $count = 0; $final = false; while ($row = mysql_fetch_assoc($result)) { $final[$count] = $row; $count = $count + 1; } return $final; } function query_results_single($sql) { $c = db_connect(); $result = mysql_query($sql,$c) or die(mysql_error()); if ($row = mysql_fetch_assoc($result)) { return $row; } return false; } function get_atemplate($filename) { global $atpath; $filename = $atpath . $filename; $fh = fopen($filename,"r"); $contents = fread($fh, filesize($filename)); fclose($fh); return $contents; } function page() { return get_template("index.html"); } function admin_page() { return get_atemplate("adminindex.html"); } //menus function adminmenu() { return "<ul> <li>Cases<br> <ul> <li><a href=cases.php>View All</a></li> <li><a href=cases.php?paid=1>View Paid</a></li> <li><a href=cases.php?notpaid=1>View Non-Paid</a></li> <li><a href=cases.php?eft=1>View EFT</a></li> <li><a href=cases.php?cc=1>View CC</a></li> <li><a href=cases.php?archive=1>View Archive</a></li> <li><a href=cases.php?bycaseid=1>Search by Case ID</a></li> <li><a href=weblinkadmin.php>Weblink Admin</a></li> </ul> </li> </ul>"; } function normal_menu() { return ""; } //users function random_password($length) { $chars = "ABCDEFGHIJKLMOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01234567890"; $password = ""; $plen = strlen($chars) - 1; while (strlen($password) < $length) { $password .= $chars[mt_rand(0,$plen)]; } return $password; } function add_user($username,$password) { return run_query("insert into users values ('','".$username."','".$password."','')"); } function validate_user($username,$password) { return query_results_single("select userid from users where username='".$username."' and password='".$password."'"); } function log_user_in($session_id,$userid) { $ip = $_SERVER['REMOTE_ADDR']; run_query("insert into users_online values ('','".$session_id."','".$userid."','".$ip."')"); } function log_user_out($session_id) { run_query("delete from users_online where session_id = '".$session_id."';"); } function user_logged_in($session_id) { $ip = $_SERVER['REMOTE_ADDR']; return query_results_single("select userid from users_online where session_id='".$session_id."' and ip='".$ip."'"); } function log_passwd_reset($session_id) { run_query("insert into users_passwd_reset values ('','".$session_id."')"); } function unlog_passwd_reset($session_id) { run_query("delete from users_passwd_reset where session_id = '".$session_id."';"); } function user_passwd_reset($session_id) { return query_results_single("select * from users_passwd_reset where session_id='".$session_id."'"); } function add_user_details($name,$surname,$tel,$fax,$cell,$email,$area,$address,$userid) { return run_query("insert into users_details values('','".$name."','".$surname."','".$tel."','".$fax."','".$cell."','".$email."','".$area."','".$address."',0,'".$userid."',now())"); } function update_user_details($name,$surname,$tel,$fax,$cell,$email,$area,$address,$userid) { return run_query("update users_details set name='".$name."',surname='".$surname."',tel='".$tel."',fax='".$fax."',cell='".$cell."',email='".$email."',area_id='".$area."',address='".$address."' where userid='".$userid."'"); } function user_details($userid) { return query_results_single("select * from users_details where userid='".$userid."'"); } function user_login_details($userid) { return query_results_single("select * from users where userid='".$userid."'"); } function update_user_email($userid,$email) { run_query("update users set username='".$email."' where userid='".$userid."'"); } function password_from_email($email) { return query_results_single("select password from users where username='".$email."'"); } //pets function add_user_pet($name,$age,$sex,$sterilized,$species,$size,$body,$userid) { return run_query("insert into users_pets values('','".$name."','".$age."','".$sex."','".$sterilized."','".$species."','".$size."','".$body."','".$userid."')"); } function update_user_pet($name,$age,$sex,$sterilized,$species_id,$size_id,$body_id,$pets_id) { return run_query("update users_pets set pets_name='".$name."',pets_age='".$age."',pets_sex='".$sex."',pets_sterilized='".$sterilized."',size_id='".$size_id."',body_id='".$body_id."' where pets_id='".$pets_id."'"); } function user_pet_details($petsid) { return query_results_single("select * from users_pets where pets_id = '".$petsid."'"); } function species_name_from_id($id) { $name = query_results_single("select * from select_species where species_id='".$id."'"); return $name['species_name']; } function body_name_from_id($id) { $name = query_results_single("select * from select_body where body_id='".$id."'"); return $name['body_name']; } function size_name_from_id($id) { $name = query_results_single("select * from select_size where size_id='".$id."'"); return $name['size_name']; } //case stuff function add_case($pets_id,$case_history,$d1id,$d2id,$d3id,$case_complaint,$case_otherinfo,$case_vet,$case_blood,$case_xray,$case_sound,$case_endoscopy,$case_histopath,$case_vetscomment,$userid) { return run_query("insert into `case` values ('','".$pets_id."','".$case_history."','".$d1id."','".$d2id."','".$d3id."','".$case_complaint."','".$case_otherinfo."','".$case_vet."','".$case_blood."','".$case_xray."','".$case_sound."','".$case_endoscopy."','".$case_histopath."','".$case_vetscomment."','".$userid."','NOT PAID',0,0,'N',now(),0,'','')"); } function update_user_case_picture($id,$filename,$number) { run_query("update `case` set picture".$number."='".$filename."' where case_id='".$id."'"); } function update_case_payment_type($case_id,$type) { run_query("update `case` set payment_type='".$type."' where case_id='".$case_id."'"); } function update_case_payment_status($case_id,$status) { run_query("update `case` set payment_status='".strtoupper($status)."' where case_id='".$case_id."'"); } function cases($where = null) { return query_results_multiple("select * from `case` $where"); } function get_case($caseid) { return query_results_single("select * from `case` where case_id='".$caseid."'"); } function add_case_response($case_id,$case_response_comment) { return run_query("insert into case_response values ('','".$case_id."',now(),'".$case_response_comment."')"); } function get_case_responses($case_id) { return query_results_multiple("select * from case_response where case_id='".$case_id."'"); } function add_case_picture($case_id,$filename,$comments) { return run_query ("insert into case_pictures values ('','".$case_id."','".$filename."','".$comments."')"); } function update_case_picture($case_id,$filename) { return run_query ("update case_pictures set path='".$filename."' where case_pictures_id = '".$case_id."'"); } function case_pictures($case_id) { return query_results_multiple("select * from case_pictures where case_id='".$case_id."'"); } function has_responses($case_id) { return query_results_single("select * from case_response where case_id='".$case_id."'"); } //payment stuff function payment_form($case_id) { global $netcashuser, $netcashpass, $netcashpin, $netcashterm,$netcashprod,$netcashgross,$url; $Str = ""; $Str.="<form action='https://gateway.netcash.co.za/vvonline/ccnetcash.asp' method='POST' name='pay'>"; $Str.="<input type='hidden' name='m_1' value='".$netcashuser."'>"; $Str.="<input type='hidden' name='m_2' value='".$netcashpass."'>"; $Str.="<input type='hidden' name='m_3' value='".$netcashpin."'>"; $Str.="<input type='hidden' name='p1' value='".$netcashterm."'>"; $Str.="<input type='hidden' name='p2' value='A".$case_id."'>"; $Str.="<input type='hidden' name='p3' value='".$netcashprod."'>"; $Str.="<input type='hidden' name='p4' value='".$netcashgross."'>"; $Str.="<input type='hidden' name='m_4' value='A".$case_id."'>"; $Str.="<input type='hidden' name='m_5' value='A".$case_id."'>"; $Str.="<input type='hidden' name='p10' value='".$url."payment_cancel.php?opt=cancel&id=".$case_id."'>"; $Str.="<input type=submit value='Click here to proceed to the secure online payment site'>"; $Str.="</form>"; return $Str; } //file extensions function file_extension_allowed($s) { switch ($s) { case 'jpg': return true; break; case 'gif': return true; break; case 'doc': return true; break; default: return false; break; } } //email stuff function send_email($txt,$email_to,$subject) { global $email_from_name,$email_from; require_once ("library/htmlmail/htmlMimeMail5.php"); $mail = new htmlMimeMail5(); $mail->setFrom($email_from_name . ' <'.$email_from.'>'); $mail->setReturnPath($email_from); $mail->setSubject($subject); $mail->setPriority('high'); $mail->setText($txt); $mail->setHTML("<html><body>".eregi_replace("\r\n","<br>",$txt)."</body></html>"); $mail->send(array($email_to)); } //selects function area_select($name,$selected) { $final = "<select id='$name' name='$name'>"; if ($selected == 'Eastern Cape') { $final .= "<option value='Eastern Cape' selected>Eastern Cape</option>"; } else { $final .= "<option value='Eastern Cape'>Eastern Cape</option>"; } $final .= "</select>"; return $final; } function sex_select($name,$selected) { $final = "<select id='$name' name='$name'>"; if ($selected == 'M') { $final .= "<option value='M' selected>M</option>"; $final .= "<option value='F'>F</option>"; } else { $final .= "<option value='F' selected>F</option>"; $final .= "<option value='M'>M</option>"; } $final .= "</select>"; return $final; } function yesno_select($name,$selected) { $final = "<select id='$name' name='$name'>"; if ($selected == 'Y') { $final .= "<option value='Y' selected>Y</option>"; $final .= "<option value='N'>N</option>"; } else { $final .= "<option value='N' selected>N</option>"; $final .= "<option value='Y'>Y</option>"; } $final .= "</select>"; return $final; } function select_generate($table,$first,$second,$default=null,$where=null,$update=null) { $results = query_results_multiple("select $first,$second from $table $where"); $final = "<select name='$first' $update>"; for ($i=0;$i<count($results);$i++) { if ($default == $results[$i][$first]) { $final .= "<option selected value='".$results[$i][$first]."'>".$results[$i][$second]; } else { $final .= "<option value='".$results[$i][$first]."'>".$results[$i][$second]; } } $final .= "</select>"; return $final; } //dropdowns function dropdown1() { return query_results_multiple("select * from dropdown_1;"); } function dropdown2($id) { return query_results_multiple("select * from dropdown_2 where did=$id;"); } function dropdown3($id) { return query_results_multiple("select * from dropdown_3 where did=$id;"); } function drop_down_name($id,$type) { if ($id == 0) { return "none"; } $name = query_results_single("select dropname from dropdown_".$type." where d".$type."id='".$id."'"); return $name['dropname']; } function area_name_from_id($id) { $name = query_results_single("select * from select_area where area_id='".$id."'"); return $name['area_name']; } function country_amount() { run_query("SELECT c.userid, c.session_id FROM users_online AS c JOIN users AS d ON c.userid = d.userid WHERE c.userid LIKE '$_GET[userid]' AND EXISTS (SELECT a.userid, a.country, b.userid FROM users_details AS a JOIN users AS b ON a.userid = b.userid WHERE a.country LIKE '$_GET[country]')"); } ?> config.php <?php $dbhost = "localhost"; $dbname = ""; $dbuname = "root"; $dbpass = ""; $dbhost = "localhost"; $dbname = ""; $dbuname = "root"; $dbpass = ""; $path = ""; $apath = ""; $tpath = $path."/templates/"; $atpath = $apath."/templates/"; $url = ""; $path = ""; $tpath = $path."/templates/"; $apath = $path . "/admin"; $atpath = $apath."/templates/"; $url = "/"; $title = ""; $keywords = ""; $description = ""; $imagepath = $path."/images/"; $caseimagepath = $path."/images/cases/"; $usercaseimagepath = $path."/images/usercases/"; $password_length = 10; $case_num_cols = 4; $case_logo_height = 100; $case_logo_width = 100; $case_logo_big_height = 300; $case_logo_big_width = 300; $website_name = ""; $email_from_name = ""; $email_from = ""; $realurl = "%url%comeback.php"; $netcashuser = ""; $netcashpass = ""; $netcashpin = ""; $netcashterm = ""; $netcashprod = "Consultation"; $netcashgross = "55.00"; ?> add_case.php <?php include_once "functions.php"; if ($userid = user_logged_in(session_id())) { } else { echo "Not logged in"; exit; } //echo $_FILES['picture1']['name']; $carryon = true; if (($_POST['add_case'] == "add_case") || ($_POST['add_case'] == "Add Case")) { $picture1_fine = false; $picture2_fine = false; if ((!($_FILES['picture1']['name'])) || ($_FILES['picture1']['name'] == "") || ($_FILES['picture1']['error'] == "4")) { $picture1_fine = true; } if ((!($_FILES['picture2']['name'])) || ($_FILES['picture2']['name'] == "") || ($_FILES['picture2']['error'] == "4")) { $picture2_fine = true; } $path_parts1 = pathinfo($_FILES['picture1']['name']); if (file_extension_allowed(strtolower($path_parts1['extension']))) { $picture1_fine = true; } $path_parts2 = pathinfo($_FILES['picture2']['name']); if (file_extension_allowed(strtolower($path_parts2['extension']))) { $picture2_fine = true; } if ($_POST['case_vet'] == "on") { $_POST['case_vet'] = true; } if ($_POST['case_blood'] == "on") { $_POST['case_blood'] = true; } if ($_POST['case_xray'] == "on") { $_POST['case_xray'] = true; } if ($_POST['case_sound'] == "on") { $_POST['case_sound'] = true; } if ($_POST['case_endoscopy'] == "on") { $_POST['case_endoscopy'] = true; } if ($_POST['case_histopath'] == "on") { $_POST['case_histopath'] = true; } if (($picture1_fine) && ($picture2_fine)) { $case_id = add_case($_POST['pets_id'],$_POST['case_history'],$_POST['d1id'],$_POST['d2id'],$_POST['d3id'],$_POST['case_complaint'],$_POST['case_otherinfo'],$_POST['case_vet'],$_POST['case_blood'],$_POST['case_xray'],$_POST['case_sound'],$_POST['case_endoscopy'],$_POST['case_histopath'],$_POST['case_vetcomment'],$userid['userid']); global $usercaseimagepath; $filename = $case_id; $path = $usercaseimagepath . $filename . "a." .strtolower($path_parts1['extension']); if ($error = move_uploaded_file($_FILES['picture1']['tmp_name'], $path)) { update_user_case_picture($case_id,$filename. "a." .strtolower($path_parts1['extension']),1); } $path = $usercaseimagepath . $filename . "b." .strtolower($path_parts2['extension']); if ($error = move_uploaded_file($_FILES['picture2']['tmp_name'], $path)) { update_user_case_picture($case_id,$filename. "b." .strtolower($path_parts2['extension']),2); } ?> <html><body> <p>Your case has been added.</p> <p>Please select your payment type:</p> <p><form action=add_case.php method=post><input type=hidden name=case_id value=<?php echo $case_id; ?>><input type=submit name=eft value='EFT / Bank Transfer'></form></p> <p> <a href=# onClick="window.open('payment.php?case_id=<?php echo $case_id; ?>','mywin','left=20,top=20,width=800,height=600,toolbar=1,resizable=1')">Pay by Credit Card</a> South African Clients ONLY to use this link please. <?php //echo payment_form($case_id); ?></p> </body></html> <?php $carryon = false; } else { $msg = "Error adding your casefile"; $carryon = true; } } else if ($_POST['eft'] == "EFT / Bank Transfer") { update_case_payment_type($_POST['case_id'],'E'); ?> <html><body> <p>Please pay the amount of R<?php country_amount; ?>.00 into the following banking details:</p> <p> Account Name: Cybervets cc</br> Account Number: 6219 6935 632</br> Branch Code: 261 550</br> Branch: Centurion</br> Bank: FNB</br> Account Type: Cheque</br> Use your name and surname as used in the registration process for our reference please. </p> <br> <p>Once you have made your deposite please fax or e-mail your proof of payment to:</br> Fax: 012 664 7812</br> e-mail: accounts@cybervets.co.za</br> Thank you for your Consult.</br> Remember that if we do not receive your proof of payment we will not answer your case.</p> </body></html> <?php $carryon = false; } if ($carryon == true) { ?> <html><head> <script language="javascript" src="library/list.php"></script> <?php include "library/validation.php"; echo validate_form("newcase","regform"); ?> </head><body onload="fillCategory();"> <p><img src="images/line.jpg" width="544"><br> <b>New Case:</b> <form enctype="multipart/form-data" action="add_case.php" id="regform" name="regform" method=post onsubmit='return validateForm();'> <table> <?php if ($msg <> "") {echo "<tr><td colspan=2>* ".$msg."</td></tr>";} ?> <tr><b><i>Your case will be answered for a minimal fee of R<?php country_amount; ?>. We accept credit cards and EFT.</i></b></tr> <tr><td width=300><b>The Pet:</b><br><small>Select the pet you want to fill out a consult form. If you have no pets added then use the add new pet link to add a pet.</small></td><td><?php echo select_generate("users_pets","pets_id","pets_name","","where userid='".$userid['userid']."'"); ?> <a href=my_pets.php>Add New Pet</a></td></tr> <tr><td><b>History:</b><br><small>Tell us about your pet's problem, how long has it been going on for? Is it getting better or worse? Have there been major surgeries? Major problems in the past?</small></td><td><textarea id="case_history" name="case_history" cols=50 rows=10><?php echo $values['case_history']; ?></textarea></td></tr> <tr><td><b>General Problems:</b><br><small>Use these drop down lists if your pet is suffering from any of these conditions. If your pet does not have any of these problems, then do not use this function.</small></td><td><select name=d1id onChange="SelectSubCat();" ></select></td></tr> <tr><td> </td><td><select name=d2id></select></td></tr> <tr><td> </td><td><select name=d3id></select></td></tr> <tr><td><b>Main Complaint:</b><br><small>What is the problem with your pet, in one sentence?</small></td><td><textarea id="case_complaint" name="case_complaint" cols=50 rows=2><?php echo $values['case_complaint']; ?></textarea></td></tr> <tr><td><b>Other Information:</b><br><small>Would you like to add more information? If not then just write none in the box.</small></td><td><textarea id="case_otherinfo" name="case_otherinfo" cols=50 rows=10><?php echo $values['case_otherinfo']; ?></textarea></td></tr> <tr><td><b>Were any of the following done:</b></td><td> <table> <tr><td>Seen by VET</td><td><input type=checkbox name=case_vet></td><td> </td><td>Blood work</td><td><input type=checkbox name=case_blood></td></tr> <tr><td>Radiographs (Xrays)</td><td><input type=checkbox name=case_xray></td><td> </td><td>Ultrasound</td><td><input type=checkbox name=case_sound></td></tr> <tr><td>Endoscopy</td><td><input type=checkbox name=case_endoscopy></td><td> </td><td>Histopath</td><td><input type=checkbox name=case_histopath></td></tr> </table></td></tr> <tr><td><b>What did the VET say?</b></td><td><textarea id="case_vetcomment" name="case_vetcomment" cols=50 rows=2><?php echo $values['case_vetcomment']; ?></textarea></td></tr> <tr><td>Picture 1</td><td><input type=file name=picture1></td></tr> <tr><td>Picture 2</td><td><input type=file name=picture2></td></tr> <tr><td>I have read the <a href=terms.php>terms and conditions</a> and accept it:</td><td><input type=checkbox name=terms></td></tr> <tr><td> </td><td><button id=add_case name=add_case value=add_case type=submit>Add Case</button></a></td></tr> </table> </form> </p> </body></html> <?php } ?> Quote Link to comment Share on other sites More sharing options...
ignace Posted July 31, 2009 Share Posted July 31, 2009 Personally I don't think he knew what he was doing After looking through the code I concur, the code is a mess. What is the actual problem? What does or does not happen? Or could you pinpoint to what we should be looking for? Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted July 31, 2009 Author Share Posted July 31, 2009 Well actually create a variable that retrieves the logged in users userid and country and depending on their country set the value of another value depending on their country. what i thought is to use a global get, execute a query after which i can set 2 variables, then use those two in another query which'll return a true or false and basically echo it. If you have a better suggestion please could you advise me... I do have a deadline on this Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted July 31, 2009 Author Share Posted July 31, 2009 something like: global $_GET; if ($uid=run_query("select * from users_details where exists (select * from users_online where session_id like '$_GET[$userid]')")){ $paiduserid = $uid['userid']; $paidcountry = $uid['country']; } Quote Link to comment Share on other sites More sharing options...
ignace Posted July 31, 2009 Share Posted July 31, 2009 $sessionid = $_GET[$userid]; run_query("select * from users_details where userid IN (select session_id from users_online where session_id = $sessionid)"); Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted July 31, 2009 Author Share Posted July 31, 2009 I'm lost... this php script has stretched my mind to an extent that it can't think anymore. could you please tell me how i would achieve the complicated task in setting the value of the $netcashgross variable in the config.php file depending on the country of a loged in user? Quote Link to comment Share on other sites More sharing options...
ignace Posted July 31, 2009 Share Posted July 31, 2009 I'm lost... this php script has stretched my mind to an extent that it can't think anymore. could you please tell me how i would achieve the complicated task in setting the value of the $netcashgross variable in the config.php file depending on the country of a loged in user? Ok, I think I know what you mean. So you want the $netcashgross (=55.00) to modify depending on the country locale? So for example if your system uses dollars and I'm from belgium it would display: 38.90 EUR. It's discussed here: http://discuss.joelonsoftware.com/default.asp?biz.5.650513.7 Eventual winner: http://www.ecb.europa.eu/stats/eurofxref/eurofxref-daily.xml (free) Other viable options: http://www.xe.com/ (my personal recommendation, however for one single computer it's $540/year) http://dynamicconverter.com/ (free to some extend) http://www.webservicex.net/ws/WSDetails.aspx?CATID=2&WSID=10 (free) Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted July 31, 2009 Author Share Posted July 31, 2009 Yes, thats correct I want the value of $netcashgross to change from 55 to a other pre defined amount depening on the country of the user which'll be retrieved from the database. I really don't know what to do anymore. don't wanna use an external script. Any ideas? Quote Link to comment Share on other sites More sharing options...
ignace Posted August 1, 2009 Share Posted August 1, 2009 Yes, thats correct I want the value of $netcashgross to change from 55 to a other pre defined amount depening on the country of the user which'll be retrieved from the database. I really don't know what to do anymore. don't wanna use an external script. Any ideas? Create a database table countries and create an entry for each and every country and it's currency conversion from - if you use - USD to the country currency and update this daily or weekly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.