TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
488e3c156dd52a37f385ff9b325e145d47ae5064
4WDCSA.co.za/submit_pop.php
Chris Pinto 488e3c156d New POP Uploads
2025-05-23 14:19:25 +02:00

157 lines
6.8 KiB
PHP
Raw Blame History

<?php include_once('header02.php');
checkUserSession();
$user_id = $_SESSION['user_id'] ?? null;
if (!$user_id) {
die("Not logged in.");
}
// Handle POST submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$eft_id = $_POST['eft_id'] ?? null;
if (!$eft_id || !isset($_FILES['pop_file'])) {
echo "<div class='alert alert-danger'>Invalid submission: missing eft_id or file.</div>";
echo "<pre>";
echo "POST data: " . print_r($_POST, true);
echo "FILES data: " . print_r($_FILES, true);
echo "</pre>";
} else {
$file = $_FILES['pop_file'];
$target_dir = "uploads/pop/";
$target_file = $target_dir . $eft_id . ".pdf";
// Check for upload errors first
if ($file['error'] !== UPLOAD_ERR_OK) {
echo "<div class='alert alert-danger'>Upload error code: " . $file['error'] . "</div>";
// You can decode error code if needed:
// https://www.php.net/manual/en/features.file-upload.errors.php
exit;
}
// Check for PDF extension
$file_type = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
if ($file_type !== "pdf") {
echo "<div class='alert alert-danger'>Only PDF files allowed. You tried uploading: .$file_type</div>";
exit;
}
// Make sure target directory exists and writable
if (!is_dir($target_dir)) {
echo "<div class='alert alert-danger'>Upload directory does not exist: $target_dir</div>";
exit;
}
if (!is_writable($target_dir)) {
echo "<div class='alert alert-danger'>Upload directory is not writable: $target_dir</div>";
exit;
}
if (move_uploaded_file($file['tmp_name'], $target_file)) {
// Update EFT and booking status
$stmt1 = $conn->prepare("UPDATE efts SET status = 'PROCESSING' WHERE eft_id = ?");
$stmt1->bind_param("s", $eft_id);
$stmt1->execute();
$stmt2 = $conn->prepare("UPDATE bookings SET status = 'PROCESSING' WHERE eft_id = ?");
$stmt2->bind_param("s", $eft_id);
$stmt2->execute();
//TODO send mail with pop attachment to jacqui & louise
$_SESSION['message'] = "We have received your P.O.P. We will process it soon.";
header("Location: bookings.php");
exit;
} else {
echo "<div class='alert alert-danger'>Unable to move uploaded file.</div>";
echo "<pre>Tmp file exists? " . (file_exists($file['tmp_name']) ? "Yes" : "No") . "</pre>";
echo "<pre>Tmp file path: " . htmlspecialchars($file['tmp_name']) . "</pre>";
exit;
}
}
}
// Fetch bookings for dropdown
$stmt = $conn->prepare("SELECT eft_id FROM bookings WHERE user_id = ? AND status = 'AWAITING PAYMENT'");
//TODO add membership id as well
$stmt->bind_param("i", $user_id);
$stmt->execute();
$result = $stmt->get_result();
$bookings = $result->fetch_all(MYSQLI_ASSOC);
$bannerFolder = 'assets/images/banners/';
$bannerImages = glob($bannerFolder . '*.{jpg,jpeg,png,webp}', GLOB_BRACE);
$randomBanner = 'assets/images/base4/camping.jpg'; // default fallback
if (!empty($bannerImages)) {
$randomBanner = $bannerImages[array_rand($bannerImages)];
}
?>
<section class="page-banner-area pt-50 pb-35 rel z-1 bgs-cover" style="background-image: url('<?php echo $randomBanner; ?>');">
<div class="banner-overlay"></div>
<div class="container">
<div class="banner-inner text-white mb-50">
<h2 class="page-title mb-10" data-aos="fade-left" data-aos-duration="1500" data-aos-offset="50">Submit Proof of Payment</h2>
<nav aria-label="breadcrumb">
<ol class="breadcrumb justify-content-center mb-20" data-aos="fade-right" data-aos-delay="200" data-aos-duration="1500" data-aos-offset="50">
<li class="breadcrumb-item"><a href="index.php">Home</a></li>
<li class="breadcrumb-item active">Submit Proof of Payment</li>
</ol>
</nav>
</div>
</div>
</section>
<!-- Tour List Area start -->
<section class="tour-list-page py-100 rel z-1">
<div class="container" style="max-width:600px;">
<div class="row">
<div class="comment-form bgc-lighter z-1 rel mb-30 rmb-55" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="widget widget-booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<div class="section-title">
<h3>Submit Proof of Payment</h3>
<div style="text-align: center;" id="responseMessage"></div>
<p>To finalise your booking, select the booking that you have paid for below, and then upload your PDF proof of payment.</p> <!-- Message display area -->
</div>
<?php if (count($bookings) > 0) {?>
<form enctype="multipart/form-data" method="POST">
<div class="row mt-35">
<ul class="tickets clearfix">
<li>
Select Booking
<select name="eft_id" id="eft_id" required>
<?php
if (count($bookings) > 0) {
foreach ($bookings as $booking) {
echo '<option value="' . htmlspecialchars($booking['eft_id']) . '">' . htmlspecialchars($booking['eft_id']) . '</option>';
}
} else {
echo '<option value="" disabled selected>No bookings available</option>';
}
?>
</select>
</li>
</ul>
<li>
<input style="border-radius:30px;" type="file" name="pop_file" id="pop_file" accept="application/pdf" class="form-control" required>
</li>
</div>
<div class="mt-10 mb-0">
<button type="submit" class="theme-btn style-two" style="width:100%;">Submit POP</button>
</div>
</form>
<?php
}else{
echo 'No unpaid bookings';
}?>
</div>
</div>
</div>
</div>
</section>
<?php include_once("insta_footer.php"); ?>
Reference in New Issue View Git Blame Copy Permalink