TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Code restructure push

Browse Source
This commit is contained in:
twotalesanimation
2025-12-04 15:09:44 +02:00
parent 86faad7a78
commit be2b757f4e
111 changed files with 17297 additions and 19420 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
src/pages/shop/add_to_cart.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
session_start();
require_once("env.php");
require_once("connection.php");
if (isset($_POST['tab_id']) && isset($_POST['item_id']) && isset($_POST['item_name']) && isset($_POST['item_price'])) {
$tab_id = mysqli_real_escape_string($conn, $_POST['tab_id']);
$item_id = mysqli_real_escape_string($conn, $_POST['item_id']);
$item_name = mysqli_real_escape_string($conn, $_POST['item_name']);
$item_price = mysqli_real_escape_string($conn, $_POST['item_price']);
$user_id = mysqli_real_escape_string($conn, $_POST['user_id']);
// Initialize cart session if not set
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = [];
}
// Add the drink to the cart for the given tab
if (!isset($_SESSION['cart'][$tab_id])) {
$_SESSION['cart'][$tab_id] = [];
}
// Add the drink as an associative array
$_SESSION['cart'][$tab_id][] = [
'item_id' => $item_id,
'item_name' => $item_name,
'item_price' => $item_price,
'user_id' => $user_id
];
echo json_encode(['status' => 'success', 'cart' => $_SESSION['cart']]);
} else {
echo json_encode(['status' => 'error', 'message' => 'Missing required parameters.']);
}
?>

485
src/pages/shop/bar_tabs.php Normal file
View File

@@ -0,0 +1,485 @@
<?php
$headerStyle = 'light';
include_once(dirname(dirname(dirname(__DIR__))) . '/header.php');
checkUserSession();
$user_id = $_SESSION['user_id'];
unset($_SESSION['cart']);
?>
<!-- Include jQuery UI CSS (required for autocomplete) -->
<link rel="stylesheet" href="https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css" />
<!-- Include jQuery and jQuery UI -->
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.min.js"></script>
<style>
.modal {
z-index: 1050 !important;
/* Ensures it's on top */
}
.modal-backdrop {
z-index: 0 !important;
/* Keeps the backdrop below */
opacity: 0 !important;
/* Adjust if necessary */
}
</style>
<style>
/* Style the autocomplete container */
.ui-autocomplete {
/* background-color: #fff; */
/* border: 1px solid #ccc; */
/* max-height: 200px; */
/* overflow-y: auto; */
/* width: 100%; */
/* position: absolute; */
/* z-index: 9999; */
box-shadow: 0 4px 8px rgba(0, 0, 0, 0.2);
}
/* Style the autocomplete suggestion items */
.ui-menu .ui-menu-item {
font-family: var(--base-font);
background-color: #fff;
border: 1px solid #ccc;
/* padding: 8px; */
cursor: pointer;
}
/* Hover effect for suggestions */
.ui-menu .ui-menu-item:hover {
background-color: rgb(207, 81, 81);
}
/* Selected item in autocomplete */
.ui-state-focus {
background-color: #dcdcdc;
color: #000;
}
/* Style the input field for better user experience */
#userSelect {
padding: 8px 12px;
border: 1px solid #ccc;
border-radius: 4px;
font-size: 16px;
width: 100%;
}
.profile-pic {
width: 50px;
height: 50px;
border-radius: 50%;
margin-right: 10px;
object-fit: cover;
/* Ensures the image fits without distortion */
}
.drinks-container {
display: flex;
flex-wrap: wrap;
gap: 10px;
}
.drink-option {
width: 180px;
text-align: center;
}
</style>
<!-- About Us Area start -->
<section class="about-us-area pt-90 pb-100 rel z-1">
<div class="container">
<div class="row gap-100 align-items-center">
<div class="col-lg-12">
<div class="destination-details-content rmb-55" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">
<div class="row">
<div class="col-lg-6 section-title mb-25">
<span class="h2 mb-15">BAR TABS</span>
</div>
<div id="tabTotalContainer" class="col-lg-6 section-title mb-25 text-end" style="display: none;">
<span id="tabTotal" class="h2 mb-15">TAB TOTAL: R 0.00</span>
</div>
</div>
<!-- Button to trigger modal -->
<div id="newTabButton">
<button type="button" class="theme-btn style-two bgc-secondary" style="width:100%; margin-top: 20px; background-color:rgb(80, 155, 82); padding: 10px 20px; color: white; text-decoration: none; border-radius: 25px;" data-bs-toggle="modal" data-bs-target="#userModal" data-bs-backdrop="false">
NEW BAR TAB
</button>
</div>
<!-- Bar Tabs Container -->
<div id="barTabsContainer" class="mt-4">
<div id="barTabsList" class="d-flex flex-wrap gap-3">
<!-- Dynamic Bar Tabs will be loaded here -->
</div>
</div>
<div class="row">
<div class="col-lg-9">
<input type="hidden" id="selectedTabId">
<input type="hidden" id="selectedUserId">
<!-- Drinks Container for the Selected Tab -->
<div id="drinksContainer" class="drinks-container" style="display: none;">
<!-- Drinks will be dynamically inserted here -->
</div>
</div>
<div class="col-lg-3">
<!-- Cart Section (Optional) -->
<div id="cartContainer" class="cart-container p-3 bg-light border rounded" style="display: none; height:100%">
<h4 id="orderTotal">Order:</h4>
<ul id="cartList"></ul>
</div>
</div>
<div class="col-lg-12" id="submitButton" style="display: none;">
<button id="submitOrder" class="btn btn-success" style="width:100%; margin-top: 20px; background-color:rgb(80, 155, 82); padding: 10px 20px; color: white; text-decoration: none; border-radius: 25px;">Submit Order</button>
</div>
</div>
<!-- Modal -->
</div>
</div>
</div>
</div>
</section>
<div class="modal fade" id="userModal" tabindex="-1" aria-labelledby="userModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="userModalLabel">Choose a Member</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<form id="barTabForm">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<div class="form-group">
<label for="userSelect">Select User</label>
<input type="text" id="userSelect" class="form-control" placeholder="Search User" required>
<!-- Hidden input for user_id -->
<input type="hidden" name="user_id" id="user_id" />
</div>
<button type="submit" class="theme-btn style-two bgc-secondary" style="width:100%; margin-top: 20px; background-color:rgb(80, 155, 82); padding: 10px 20px; color: white; text-decoration: none; border-radius: 25px;">Create Bar Tab</button>
</form>
</div>
</div>
</div>
</div>
<!-- About Us Area end -->
<script>
$(document).ready(function() {
$('#userSelect').autocomplete({
source: function(request, response) {
$.ajax({
url: 'fetch_users',
method: 'GET',
dataType: 'json',
success: function(data) {
// Filter the data based on the search query
var filteredUsers = data.filter(user => {
return user.first_name.toLowerCase().includes(request.term.toLowerCase()) ||
user.last_name.toLowerCase().includes(request.term.toLowerCase());
});
response(filteredUsers.map(user => ({
label: `${user.first_name} ${user.last_name}`, // Display name
name: `${user.first_name} ${user.last_name}`, // Display name
value: user.user_id // Use user_id for selection
})));
},
error: function() {
alert('Error fetching users.');
}
});
},
minLength: 1, // Start searching after typing 1 character
select: function(event, ui) {
// Set the selected user's name in the input field
$('#userSelect').val(ui.item.name); // Display name in the input field
// Set the user ID value in the hidden input field
$('#user_id').val(ui.item.value); // Store the user_id in the hidden input
console.log('User ID: ' + ui.item.value); // Log the selected user_id
console.log('User Name: ' + ui.item.name); // Log the selected user name
},
focus: function(event, ui) {
// Prevent the input field from showing the user_id when selecting an item
$('#userSelect').val(ui.item.name); // Always show the user's name in the input
}
});
// Handle form submission to create a new bar tab
$('#barTabForm').submit(function(e) {
e.preventDefault(); // Prevent default form submission
$.ajax({
url: 'create_bar_tab',
method: 'POST',
data: $(this).serialize(), // Send form data, including user_id
dataType: 'json',
success: function(response) {
if (response.status === 'success') {
// alert('Bar tab created successfully!');
$('#userModal').modal('hide'); // Close modal if applicable
// Reload the bar tabs after creation
loadBarTabs();
} else {
alert('Tab already exists for this member.');
}
},
error: function() {
alert('Error creating bar tab.');
}
});
});
// Fetch and render bar tabs
function loadBarTabs() {
$.ajax({
url: 'fetch_bar_tabs',
method: 'GET',
dataType: 'json',
success: function(data) {
if (data.length > 0) {
let tabsHtml = '';
data.forEach(function(barTab) {
tabsHtml += `
<div class="bar-tab-card p-3 bg-light border rounded" data-bar-tab-id="${barTab.tab_id}" data-user-id="${barTab.user_id}" style="cursor: pointer; width: 180px;">
<img src="assets/images/pp/${barTab.profile_pic}" alt="Profile Image" class="profile-pic" style="width: 150px; height: 150px;">
<h3 class="mb-0 font-weight-bold">${barTab.first_name} ${barTab.last_name}</h3>
</div>
`;
});
// Update the bar tabs list container
$('#barTabsList').html(tabsHtml);
} else {
$('#barTabsList').html('<p>No bar tabs available.</p>');
}
},
error: function() {
alert('Error fetching bar tabs.');
}
});
}
// Load the bar tabs on page load
loadBarTabs();
$(document).on('change', '#selectedTabId', function() {
var tabId = $(this).val();
if (tabId) {
fetchTabTotal(tabId);
}
});
// Handle bar tab clicks and display the drinks container
$(document).on('click', '.bar-tab-card', function() {
var tabId = $(this).data('bar-tab-id');
var userId = $(this).data('user-id');
console.log(tabId);
$('#selectedTabId').val(tabId);
$('#selectedUserId').val(userId);
fetchTabTotal(tabId);
// Fetch available drinks for the selected tab
$.ajax({
url: 'fetch_drinks',
method: 'GET',
data: {
tab_id: tabId
},
dataType: 'json',
success: function(drinks) {
displayDrinks(drinks);
$('#newTabButton').hide(); // Show the drinks container
$('#barTabsContainer').hide(); // Show the drinks container
$('#drinksContainer').show(); // Show the drinks container
$('#cartContainer').show(); // Show the cart container
$('#submitButton').show(); // Show the cart container
$('#tabTotalContainer').show(); // Show the cart container
}
});
});
// Display the drinks dynamically
function displayDrinks(drinks) {
var drinksHtml = '';
drinks.forEach(function(drink) {
drinksHtml += `
<div class="drink-option p-3 bg-light border rounded text-center"
data-item-id="${drink.item_id}"
data-item-price="${drink.price}"
data-item-name="${drink.description}"
style="width: 180px; flex: 0 0 auto; cursor: pointer;">
<img src="assets/images/bar/${drink.image}" alt="${drink.description}" class="drink-image"
style="width: 150px; height: 150px;">
<p>${drink.description}</p>
<h3>R ${drink.price}</h3>
</div>
`;
});
// Insert the drinks into the container and show it
$('#drinksContainer').html(drinksHtml).show();
// Add click event to each drink option
$('.drink-option').click(function() {
var drinkId = $(this).data('item-id');
var drinkPrice = $(this).data('item-price');
var drinkName = $(this).data('item-name');
var tabId = $('#selectedTabId').val();
var userId = $('#selectedUserId').val();
console.log('Clicked Drink ID:', drinkName);
console.log('Tab ID:', tabId);
if (!drinkId || !tabId) {
alert('Missing tab or drink ID. Cannot add to cart.');
return;
}
// Add the drink to the cart (session)
$.ajax({
url: 'add_to_cart',
method: 'POST',
data: {
tab_id: tabId,
user_id: userId,
item_id: drinkId,
item_price: drinkPrice,
item_name: drinkName
},
dataType: 'json',
success: function(response) {
if (response.status === 'success') {
updateCartUI(response.cart); // Update the cart UI with the added drink
} else {
console.error('Error response from server:', response);
alert('Error adding drink to cart.');
}
},
error: function(jqXHR, textStatus, errorThrown) {
console.error('AJAX request failed. Status:', textStatus, 'Error:', errorThrown);
alert('There was an error with the request. Check console for details.');
}
});
});
}
// Update the cart UI with the selected drinks
function updateCartUI(cart) {
var cartListHtml = '';
var totalPrice = 0; // Initialize total price
console.log("Cart Data:", cart);
// Iterate over each tab in the cart
Object.keys(cart).forEach(function(tabId) {
cartListHtml += `<li><strong>Tab ID: ${tabId}</strong></li>`;
// Iterate over each drink in this tab
cart[tabId].forEach(function(drink) {
cartListHtml += `
<li class="d-flex justify-content-between">
<span>${drink.item_name}</span>
<span>R ${parseFloat(drink.item_price).toFixed(2)}</span>
</li>
`;
totalPrice += parseFloat(drink.item_price); // Add drink price to total
});
});
// Update the cart list and total price in the UI
$('#cartList').html(cartListHtml);
$('#orderTotal').html(`Order Total: <strong>R ${totalPrice.toFixed(2)}</strong>`);
// Show the cart container if there are items
if (totalPrice > 0) {
$('#cartContainer').show();
} else {
$('#cartContainer').hide();
}
}
// Submit the order
$('#submitOrder').click(function() {
var tabId = $('#selectedTabId').val();
// Submit the order
$.ajax({
url: 'submit_order',
method: 'POST',
data: {
tab_id: tabId
},
dataType: 'json',
success: function(response) {
if (response.status === 'success') {
// alert('Order submitted successfully!');
$('#cartList').html('');
$('#orderTotal').html('Order Total:');
loadBarTabs(); // Optionally reload the bar tabs
$('#barTabsContainer').show();
$('#newTabButton').show(); // Show the drinks container
$('#drinksContainer').hide();
$('#cartContainer').hide();
$('#submitButton').hide(); // Show the cart container
$('#tabTotalContainer').hide(); // Show the cart container
} else {
// Display error messages
var errorMessage = 'Error submitting order.';
if (response.errors && response.errors.length > 0) {
errorMessage += '\n' + response.errors.join('\n'); // Concatenate all errors
}
alert(errorMessage);
// Optionally display errors in a div (if you have an error container)
$('#orderErrorContainer').html('<div class="alert alert-danger">' + errorMessage.replace(/\n/g, '<br>') + '</div>');
}
},
error: function(jqXHR, textStatus, errorThrown) {
console.error('AJAX request failed. Status:', textStatus, 'Error:', errorThrown);
console.error('Response:', jqXHR.responseText);
alert('There was an error with the request. Check console for details.');
}
});
});
function fetchTabTotal(tabId) {
console.log("fetching tab total...")
$.ajax({
url: 'get_tab_total',
method: 'POST',
data: {
tab_id: tabId
},
dataType: 'json',
success: function(response) {
if (response.status === 'success') {
$('#tabTotal').html(`<strong>Total: R ${response.total}</strong>`);
} else {
console.error(response.message);
$('#tabTotal').html('<strong>Error fetching total</strong>');
}
},
error: function(jqXHR, textStatus, errorThrown) {
console.error('AJAX error:', textStatus, errorThrown);
}
});
}
});
</script>
<?php include_once(dirname(dirname(dirname(__DIR__))) . '/components/insta_footer.php'); ?>

326
src/pages/shop/confirm.php Normal file
View File

@@ -0,0 +1,326 @@
<?php
// $pfHost = 'www.payfast.co.za';
function getOrderTotal($conn, $payment_id)
{
// Prepare the SQL statement
$sql = "SELECT amount FROM payments WHERE payment_id = ?";
$stmt = $conn->prepare($sql);
if ($stmt) {
// Bind the parameter
$stmt->bind_param("s", $payment_id); // Assuming order_id is a string (UUID)
// Execute the statement
$stmt->execute();
// Get the result
$result = $stmt->get_result();
// Fetch the order total
if ($row = $result->fetch_assoc()) {
return $row['amount'];
} else {
return 9999.00; // Order not found
}
// Close the statement
$stmt->close();
} else {
// Handle the error (you might want to log this or throw an exception)
return null;
}
}
function getOrderDesc($conn, $payment_id)
{
// Prepare the SQL statement
$sql = "SELECT description FROM payments WHERE payment_id = ?";
$stmt = $conn->prepare($sql);
if ($stmt) {
// Bind the parameter
$stmt->bind_param("s", $payment_id); // Assuming order_id is a string (UUID)
// Execute the statement
$stmt->execute();
// Get the result
$result = $stmt->get_result();
// Fetch the order total
if ($row = $result->fetch_assoc()) {
return $row['description'];
} else {
return null; // Order not found
}
// Close the statement
$stmt->close();
} else {
// Handle the error (you might want to log this or throw an exception)
return null;
}
}
function getUserIdByPaymentId($payment_id, $conn)
{
// Prepare the SQL query to fetch user_id from payments table
$query = "SELECT user_id FROM payments WHERE payment_id = ?";
$user_id = "0";
// Prepare the statement
if ($stmt = $conn->prepare($query)) {
// Bind the payment_id parameter to the query
$stmt->bind_param("s", $payment_id);
// Execute the query
$stmt->execute();
// Bind the result to a variable
$stmt->bind_result($user_id);
// Fetch the result
if ($stmt->fetch()) {
// Return the user_id
return $user_id;
} else {
// Return null if no user is found
return null;
}
// Close the statement
$stmt->close();
} else {
// Handle query preparation failure
throw new Exception("Query preparation failed: " . $conn->error);
}
}
function setMemberStatus($user_id, $conn)
{
// Prepare the SQL query to update the member status
$query = "UPDATE users SET member = 1 WHERE user_id = ?";
// Prepare the statement
if ($stmt = $conn->prepare($query)) {
// Bind the user_id parameter to the query
$stmt->bind_param("i", $user_id);
// Execute the query
if ($stmt->execute()) {
// Check if any rows were affected
if ($stmt->affected_rows > 0) {
return true; // Success
} else {
return false; // No rows updated, possibly no such user_id
}
} else {
// Handle query execution failure
throw new Exception("Failed to execute the query: " . $stmt->error);
}
// Close the statement
$stmt->close();
} else {
// Handle query preparation failure
throw new Exception("Query preparation failed: " . $conn->error);
}
}
function pfValidSignature($pfData, $pfParamString, $pfPassphrase = 'SheSells7Shells')
{
$tempParamString = $pfPassphrase === null ? $pfParamString : $pfParamString . '&passphrase=' . urlencode($pfPassphrase);
$signature = md5($tempParamString);
return ($pfData['signature'] === $signature);
}
function pfValidIP()
{
$validHosts = [
'www.payfast.co.za',
'sandbox.payfast.co.za',
'w1w.payfast.co.za',
'w2w.payfast.co.za',
];
$validIps = [];
foreach ($validHosts as $pfHostname) {
$ips = gethostbynamel($pfHostname);
if ($ips !== false) {
$validIps = array_merge($validIps, $ips);
}
}
$validIps = array_unique($validIps);
$referrerIp = gethostbyname(parse_url($_SERVER['HTTP_REFERER'])['host']);
return in_array($referrerIp, $validIps, true);
}
function pfValidPaymentData($cartTotal, $pfData)
{
return !(abs((float)$cartTotal - (float)$pfData['amount_gross']) > 0.01);
}
function pfValidServerConfirmation($pfParamString, $pfHost, $pfProxy = null)
{
if (in_array('curl', get_loaded_extensions(), true)) {
$url = 'https://' . $pfHost . '/eng/query/validate';
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, NULL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $pfParamString);
if (!empty($pfProxy)) curl_setopt($ch, CURLOPT_PROXY, $pfProxy);
$response = curl_exec($ch);
curl_close($ch);
return $response === 'VALID';
}
return false;
}
// Tell Payfast that this page is reachable by triggering a header 200
header('HTTP/1.0 200 OK');
flush();
$dbhost = "localhost";
$dbuser = "aqmqeocm_4wdcsa";
$dbpass = "Toxicbuny1!";
$dbname = "aqmqeocm_4wdcsa";
if (!$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname)) {
die("Failed to connect: " . mysqli_connect_error());
}
define('SANDBOX_MODE', true);
$pfHost = SANDBOX_MODE ? 'sandbox.payfast.co.za' : 'www.payfast.co.za';
// Posted variables from ITN
$pfData = $_POST;
$payment_id = $pfData['m_payment_id'];
$pfstatus = $pfData['payment_status'];
$orderTotal = getOrderTotal($conn, $payment_id);
$description = getOrderDesc($conn, $payment_id);
$user_id = getUserIdByPaymentId($payment_id, $conn);
// Strip any slashes in data
foreach ($pfData as $key => $val) {
$pfData[$key] = stripslashes($val);
}
// Convert posted variables to a string
$pfParamString = '';
foreach ($pfData as $key => $val) {
if ($key !== 'signature') {
$pfParamString .= $key . '=' . urlencode($val) . '&';
} else {
break;
}
}
$pfParamString = rtrim($pfParamString, '&');
// Initialize check results
$checkResults = [];
// Perform checks
if (!pfValidSignature($pfData, $pfParamString)) {
$checkResults[] = "Signature check failed.";
}
if (!pfValidIP()) {
$checkResults[] = "IP check failed.";
}
if (!pfValidPaymentData($orderTotal, $pfData)) {
$checkResults[] = "Payment data check failed. order= " . $payment_id . " 4WDCSA_Total=" . $orderTotal . " PFtotal=" . $pfData['amount_gross'];
}
if (!pfValidServerConfirmation($pfParamString, $pfHost)) {
$checkResults[] = "Server confirmation check failed.";
}
// Log results to the file
$myfile = fopen($payment_id . ".txt", "w") or die("Unable to open file!");
if (empty($checkResults)) {
fwrite($myfile, $pfstatus . "\n");
fwrite($myfile, $payment_id . " passed all checks.\n");
// Update the database
$conn->begin_transaction();
try {
// Update payments table
$stmt = $conn->prepare("UPDATE payments SET status = ? WHERE payment_id = ?");
$status = "PAID"; // Explicitly set the status to "PAID"
$stmt->bind_param("ss", $status, $payment_id);
if (!$stmt->execute()) {
throw new Exception("Failed to update payments table.");
}
$stmt = $conn->prepare("UPDATE bookings SET status = ? WHERE payment_id = ?");
if ($stmt) {
$status = "PAID"; // Explicitly set the status to "PAID"
$stmt->bind_param("ss", $status, $payment_id);
if (!$stmt->execute()) {
throw new Exception("Failed to update bookings table.");
}
$stmt->close();
} else {
throw new Exception("Failed to prepare statement for bookings table: " . $conn->error);
}
setMemberStatus($user_id, $conn);
// Commit transaction
$conn->commit();
fwrite($myfile, "Database updated successfully.\n");
} catch (Exception $e) {
// Rollback transaction in case of error
$conn->rollback();
fwrite($myfile, "Database update failed: " . $e->getMessage() . "\n");
}
$stmt->close();
} else {
fwrite($myfile, $pfstatus . "\n");
foreach ($checkResults as $result) {
fwrite($myfile, $result . "\n");
}
$conn->begin_transaction();
try {
// Update payments table with 'FAILED CHECKS' status
$stmt = $conn->prepare("UPDATE payments SET status = 'FAILED CHECKS' WHERE payment_id = ?");
$stmt->bind_param("i", $payment_id);
if (!$stmt->execute()) {
throw new Exception("Failed to update payments table.");
}
// Commit transaction
$conn->commit();
fwrite($myfile, "Database updated successfully.\n");
} catch (Exception $e) {
// Rollback transaction in case of error
$conn->rollback();
fwrite($myfile, "Database update failed: " . $e->getMessage() . "\n");
}
$stmt->close();
}
fclose($myfile);
$conn->close();

336
src/pages/shop/confirm2.php Normal file
View File

@@ -0,0 +1,336 @@
<?php
// $pfHost = 'www.payfast.co.za';
function getOrderTotal($conn, $payment_id)
{
// Prepare the SQL statement
$sql = "SELECT amount FROM payments WHERE payment_id = ?";
$stmt = $conn->prepare($sql);
if ($stmt) {
// Bind the parameter
$stmt->bind_param("s", $payment_id); // Assuming order_id is a string (UUID)
// Execute the statement
$stmt->execute();
// Get the result
$result = $stmt->get_result();
// Fetch the order total
if ($row = $result->fetch_assoc()) {
return $row['amount'];
} else {
return 9999.00; // Order not found
}
// Close the statement
$stmt->close();
} else {
// Handle the error (you might want to log this or throw an exception)
return null;
}
}
function getOrderDesc($conn, $payment_id)
{
// Prepare the SQL statement
$sql = "SELECT description FROM payments WHERE payment_id = ?";
$stmt = $conn->prepare($sql);
if ($stmt) {
// Bind the parameter
$stmt->bind_param("s", $payment_id); // Assuming order_id is a string (UUID)
// Execute the statement
$stmt->execute();
// Get the result
$result = $stmt->get_result();
// Fetch the order total
if ($row = $result->fetch_assoc()) {
return $row['description'];
} else {
return null; // Order not found
}
// Close the statement
$stmt->close();
} else {
// Handle the error (you might want to log this or throw an exception)
return null;
}
}
function getUserIdByPaymentId($payment_id, $conn)
{
// Prepare the SQL query to fetch user_id from payments table
$query = "SELECT user_id FROM payments WHERE payment_id = ?";
$user_id = "0";
// Prepare the statement
if ($stmt = $conn->prepare($query)) {
// Bind the payment_id parameter to the query
$stmt->bind_param("s", $payment_id);
// Execute the query
$stmt->execute();
// Bind the result to a variable
$stmt->bind_result($user_id);
// Fetch the result
if ($stmt->fetch()) {
// Return the user_id
return $user_id;
} else {
// Return null if no user is found
return null;
}
// Close the statement
$stmt->close();
} else {
// Handle query preparation failure
throw new Exception("Query preparation failed: " . $conn->error);
}
}
function setMemberStatus($user_id, $conn)
{
// Prepare the SQL query to update the member status
$query = "UPDATE users SET member = 1 WHERE user_id = ?";
// Prepare the statement
if ($stmt = $conn->prepare($query)) {
// Bind the user_id parameter to the query
$stmt->bind_param("i", $user_id);
// Execute the query
if ($stmt->execute()) {
// Check if any rows were affected
if ($stmt->affected_rows > 0) {
return true; // Success
} else {
return false; // No rows updated, possibly no such user_id
}
} else {
// Handle query execution failure
throw new Exception("Failed to execute the query: " . $stmt->error);
}
// Close the statement
$stmt->close();
} else {
// Handle query preparation failure
throw new Exception("Query preparation failed: " . $conn->error);
}
}
function pfValidSignature($pfData, $pfParamString, $pfPassphrase = 'SheSells7Shells')
{
$tempParamString = $pfPassphrase === null ? $pfParamString : $pfParamString . '&passphrase=' . urlencode($pfPassphrase);
$signature = md5($tempParamString);
return ($pfData['signature'] === $signature);
}
function pfValidIP()
{
$validHosts = [
'www.payfast.co.za',
'sandbox.payfast.co.za',
'w1w.payfast.co.za',
'w2w.payfast.co.za',
];
$validIps = [];
foreach ($validHosts as $pfHostname) {
$ips = gethostbynamel($pfHostname);
if ($ips !== false) {
$validIps = array_merge($validIps, $ips);
}
}
$validIps = array_unique($validIps);
$referrerIp = gethostbyname(parse_url($_SERVER['HTTP_REFERER'])['host']);
return in_array($referrerIp, $validIps, true);
}
function pfValidPaymentData($cartTotal, $pfData)
{
return !(abs((float)$cartTotal - (float)$pfData['amount_gross']) > 0.01);
}
function pfValidServerConfirmation($pfParamString, $pfHost, $pfProxy = null)
{
if (in_array('curl', get_loaded_extensions(), true)) {
$url = 'https://' . $pfHost . '/eng/query/validate';
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, NULL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $pfParamString);
if (!empty($pfProxy)) curl_setopt($ch, CURLOPT_PROXY, $pfProxy);
$response = curl_exec($ch);
curl_close($ch);
return $response === 'VALID';
}
return false;
}
// Tell Payfast that this page is reachable by triggering a header 200
header('HTTP/1.0 200 OK');
flush();
$dbhost = "localhost";
$dbuser = "aqmqeocm_4wdcsa";
$dbpass = "Toxicbuny1!";
$dbname = "aqmqeocm_4wdcsa";
if (!$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname)) {
die("Failed to connect: " . mysqli_connect_error());
}
define('SANDBOX_MODE', true);
$pfHost = SANDBOX_MODE ? 'sandbox.payfast.co.za' : 'www.payfast.co.za';
// Posted variables from ITN
$pfData = $_POST;
$payment_id = $pfData['m_payment_id'];
$pfstatus = $pfData['payment_status'];
$orderTotal = getOrderTotal($conn, $payment_id);
$description = getOrderDesc($conn, $payment_id);
$user_id = getUserIdByPaymentId($payment_id, $conn);
// Strip any slashes in data
foreach ($pfData as $key => $val) {
$pfData[$key] = stripslashes($val);
}
// Convert posted variables to a string
$pfParamString = '';
foreach ($pfData as $key => $val) {
if ($key !== 'signature') {
$pfParamString .= $key . '=' . urlencode($val) . '&';
} else {
break;
}
}
$pfParamString = rtrim($pfParamString, '&');
// Initialize check results
$checkResults = [];
// Perform checks
if (!pfValidSignature($pfData, $pfParamString)) {
$checkResults[] = "Signature check failed.";
}
if (!pfValidIP()) {
$checkResults[] = "IP check failed.";
}
if (!pfValidPaymentData($orderTotal, $pfData)) {
$checkResults[] = "Payment data check failed. order= " . $payment_id . " 4WDCSA_Total=" . $orderTotal . " PFtotal=" . $pfData['amount_gross'];
}
if (!pfValidServerConfirmation($pfParamString, $pfHost)) {
$checkResults[] = "Server confirmation check failed.";
}
// Log results to the file
$myfile = fopen($payment_id . ".txt", "w") or die("Unable to open file!");
if (empty($checkResults)) {
fwrite($myfile, "Starting database update process for payment ID: $payment_id\n");
fwrite($myfile, "Payment status: $pfstatus\n");
// Begin database transaction
$conn->begin_transaction();
fwrite($myfile, "Transaction started.\n");
try {
// Step 1: Update payments table
fwrite($myfile, "Preparing to update payments table...\n");
$stmt = $conn->prepare("UPDATE payments SET status = ? WHERE payment_id = ?");
if (!$stmt) {
throw new Exception("Failed to prepare statement for payments table: " . $conn->error);
}
fwrite($myfile, "Prepared statement for payments table.\n");
$status = "PAID"; // Explicitly set the status to "PAID"
$stmt->bind_param("ss", $status, $payment_id);
fwrite($myfile, "Bound parameters for payments table update.\n");
if (!$stmt->execute()) {
throw new Exception("Failed to execute update for payments table: " . $stmt->error);
}
fwrite($myfile, "Payments table updated successfully.\n");
$stmt->close();
fwrite($myfile, "Closed statement for payments table update.\n");
// Step 2: Update membership_fees table
fwrite($myfile, "Preparing to update membership_fees table...\n");
$stmt = $conn->prepare("UPDATE membership_fees SET payment_status = ? WHERE payment_id = ?");
if (!$stmt) {
throw new Exception("Failed to prepare statement for membership_fees table: " . $conn->error);
}
fwrite($myfile, "Prepared statement for membership_fees table.\n");
$status = "PAID"; // Explicitly set the status to "PAID"
$stmt->bind_param("ss", $status, $payment_id);
fwrite($myfile, "Bound parameters for membership_fees table update.\n");
if (!$stmt->execute()) {
throw new Exception("Failed to execute update for membership_fees table: " . $stmt->error);
}
fwrite($myfile, "Membership_fees table updated successfully.\n");
$stmt->close();
fwrite($myfile, "Closed statement for membership_fees table update.\n");
// Step 3: Set member status
fwrite($myfile, "Calling setMemberStatus()...\n");
setMemberStatus($user_id, $conn);
fwrite($myfile, "setMemberStatus() executed successfully.\n");
// Commit transaction
$conn->commit();
fwrite($myfile, "Transaction committed successfully. Database updates complete.\n");
} catch (Exception $e) {
// Rollback transaction in case of error
$conn->rollback();
fwrite($myfile, "Transaction rolled back due to error: " . $e->getMessage() . "\n");
}
} else {
fwrite($myfile, $pfstatus . "\n");
foreach ($checkResults as $result) {
fwrite($myfile, $result . "\n");
}
$conn->begin_transaction();
try {
// Update payments table with 'FAILED CHECKS' status
$stmt = $conn->prepare("UPDATE payments SET status = 'FAILED CHECKS' WHERE payment_id = ?");
$stmt->bind_param("i", $payment_id);
if (!$stmt->execute()) {
throw new Exception("Failed to update payments table.");
}
// Commit transaction
$conn->commit();
fwrite($myfile, "Database updated successfully.\n");
} catch (Exception $e) {
// Rollback transaction in case of error
$conn->rollback();
fwrite($myfile, "Database update failed: " . $e->getMessage() . "\n");
}
$stmt->close();
}
fclose($myfile);
$conn->close();

150
src/pages/shop/payment_confirmation.php Normal file
View File

@@ -0,0 +1,150 @@
<?php
$headerStyle = 'light';
include_once(dirname(dirname(dirname(__DIR__))) . '/header.php');
checkUserSession();
$user_id = $_SESSION['user_id'];
if (!isset($_GET['token']) || empty($_GET['token'])) {
die("Invalid request.");
}
$token = $_GET['token'];
// echo $token;
$booking_id = decryptData($token, $salt);
// Retrieve booking details from the database
$sql = "SELECT eft_id, total_amount, discount_amount, trip_id, course_id FROM bookings WHERE booking_id = ?";
$stmt = $conn->prepare($sql);
if (!$stmt) {
die("Prepare failed: " . $conn->error);
}
$stmt->bind_param("i", $booking_id);
$stmt->execute();
$stmt->bind_result($eft_id, $amount, $discount, $trip_id, $course_id);
$stmt->fetch();
$stmt->close();
// Check if booking was found
if (!$eft_id) {
die("Error: Booking not found.");
}
// Retrieve trip details
$sql = "SELECT trip_name, start_date, end_date FROM trips WHERE trip_id = ?";
$stmt = $conn->prepare($sql);
if (!$stmt) {
die("Prepare failed: " . $conn->error);
}
$stmt->bind_param("i", $trip_id);
$stmt->execute();
$stmt->bind_result($trip_name, $start_date, $end_date);
$stmt->fetch();
$stmt->close();
// Retrieve trip details
$sql = "SELECT course_type, date FROM courses WHERE course_id = ?";
$stmt = $conn->prepare($sql);
if (!$stmt) {
die("Prepare failed: " . $conn->error);
}
$stmt->bind_param("i", $course_id);
$stmt->execute();
$stmt->bind_result($type, $start_date);
$stmt->fetch();
$stmt->close();
if ($type === "driver_training") {
$course_name = "Basic 4X4 Driver Training Course";
} elseif ($type === "bush_mechanics") {
$course_name = "Bush Mechanics Course";
} elseif ($type === "rescue_recovery") {
$course_name = "Rescue & Recovery Training Course";
} else {
$course_name = "General Course"; // Default fallback description
}
// $start_date = $date;
// Get user's email
$sql = "SELECT email FROM users WHERE user_id = ?";
$stmt = $conn->prepare($sql);
if (!$stmt) {
die("Prepare failed: " . $conn->error);
}
$stmt->bind_param("i", $user_id);
$stmt->execute();
$stmt->bind_result($user_email);
$stmt->fetch();
$stmt->close();
$conn->close();
$payment_amount = $amount - $discount;
?>
<?php
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
$randomBanner = 'assets/images/base4/camping.jpg'; // default fallback
if (!empty($bannerImages)) {
$randomBanner = $bannerImages[array_rand($bannerImages)];
}
?>
<section class="page-banner-area pt-50 pb-35 rel z-1 bgs-cover" style="background-image: url('<?php echo $randomBanner; ?>');">
<div class="banner-overlay"></div>
<div class="container">
<div class="banner-inner text-white mb-50">
<h2 class="page-title mb-10" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">Payment</h2>
<nav aria-label="breadcrumb">
<ol class="breadcrumb justify-content-center mb-20" data-aos="fade-right" data-aos-delay="200" data-aos-duration="1500" data-aos-offset="50">
<li class="breadcrumb-item"><a href="index">Home</a></li>
<li class="breadcrumb-item">Booking</li>
<li class="breadcrumb-item active">Payment</li>
</ol>
</nav>
</div>
</div>
</section>
<!-- About Us Area start -->
<section class="about-us-area pt-90 pb-100 rel z-1">
<div class="container">
<div class="row gap-100 align-items-center">
<div class="col-lg-12">
<div class="destination-details-content rmb-55" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">
<div class="section-title mb-25">
<span class="h2 mb-15">Booking Summary:</span>
<h2><?php
if ($trip_name != NULL){
echo htmlspecialchars($trip_name).'</h2><h3>'. htmlspecialchars($start_date).' - '.htmlspecialchars($end_date).'</h3>';
} else {
echo htmlspecialchars($course_name).'</h2><h3>'. htmlspecialchars($start_date).'</h3>';
}?>
</div>
<p>Your invoice has been sent to <b><?php echo htmlspecialchars($user_email); ?></b>. Please upload your proof of payment below.</p>
<!-- <p>Bookings not paid for within 24 hours will be forfeited.</p> -->
<h5>Payment Details:</h5>
<p>The Four Wheel Drive Club of Southern Africa<br>FNB<br>Account Number: 58810022334<br>Branch code: 250655<br>Reference: <?php echo htmlspecialchars($eft_id); ?><br>Amount: R <?php echo number_format($payment_amount, 2); ?></p>
<a href="submit_pop" class="theme-btn style-two style-three" style="width:100%;">
<span data-hover="Submit Proof of Payment">Submit Proof of Payment</span>
<i class="fal fa-arrow-right"></i>
</a>
</div>
</div>
</div>
</div>
</section>
<!-- About Us Area end -->
<?php include_once(dirname(dirname(dirname(__DIR__))) . '/components/insta_footer.php'); ?>

12
src/pages/shop/view_cart.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
session_start();
// Check if the cart exists in the session
if (isset($_SESSION['cart']) && !empty($_SESSION['cart'])) {
echo '<pre>';
print_r($_SESSION['cart']); // Display cart contents in a readable format
echo '</pre>';
} else {
echo 'Cart is empty.';
}
?>