Code: Select all
<?php
$success ='';
$cancel = '';
$OrderId = $_POST['OrderId'];
$OrderId = mysql_real_escape_string($OrderId );
$ShopperEmail = $_POST['ShopperEmail'];
$ShopperEmail = mysql_real_escape_string($ShopperEmail );
$MerchantData = $_POST['MerchantData'];
$MerchantData = mysql_real_escape_string($MerchantData );
$CpiResultsCode = $_POST['CpiResultsCode'];
$CpiResultsCode = mysql_real_escape_string($CpiResultsCode );
//if the payment approved
if($CpiResultsCode == 0)
{
require_once "*******.php";
// get the information from the unpaid table
$sql = mysql_query("SELECT * FROM FirstTable WHERE OrderID='$OrderId' LIMIT 1");
$productCount = mysql_num_rows($sql); // count the output amount
/////////////////////////////////////////////// if payment is temporary table > 0 Begins /////////////////////////////////////////////////////////////
if ($productCount > 0)
{
while($row = mysql_fetch_array($sql))
{
// get the information from temporary table
$CartItemNames = $row["ItemName"];
$CartItemNames = mysql_real_escape_string($CartItemNames);
$BillingFirstName = $row["BillingFirstName"];
$BillingFirstName = mysql_real_escape_string($BillingFirstName);
$BillingLastName = $row["BillingLastName"];
$BillingLastName = mysql_real_escape_string($BillingLastName);
$ShopperEmail = $row["ShopperEmail"];
$ShopperEmail = mysql_real_escape_string($ShopperEmail);
$BillingAddress1 = $row["BillingAddress1"];
$BillingAddress1 = mysql_real_escape_string($BillingAddress1);
$BillingAddress2 = $row["BillingAddress2"];
$BillingAddress2 = mysql_real_escape_string($BillingAddress2);
$BillingCity = $row["BillingCity"];
$BillingCity = mysql_real_escape_string($BillingCity);
$BillingCounty = $row["BillingCounty"];
$BillingCounty = mysql_real_escape_string($BillingCounty);
$BillingPostal = $row["BillingPostal"];
$BillingPostal = mysql_real_escape_string($BillingPostal);
$BillingCountry = $row["BillingCountry"];
$BillingCountry = mysql_real_escape_string($BillingCountry);
$ShippingFirstName = $row["ShippingFirstName"];
$ShippingFirstName = mysql_real_escape_string($ShippingFirstName);
$ShippingLastName = $row["ShippingLastName"];
$ShippingLastName = mysql_real_escape_string($ShippingLastName);
$ShippingAddress1 = $row["ShippingAddress1"];
$ShippingAddress1 = mysql_real_escape_string($ShippingAddress1);
$ShippingAddress2 = $row["ShippingAddress2"];
$ShippingAddress2 = mysql_real_escape_string($ShippingAddress2);
$ShippingCity = $row["ShippingCity"];
$ShippingCity = mysql_real_escape_string($ShippingCity);
$ShippingCounty = $row["ShippingCounty"];
$ShippingCounty = mysql_real_escape_string($ShippingCounty);
$ShippingPostal = $row["ShippingPostal"];
$ShippingPostal = mysql_real_escape_string($ShippingPostal);
$ShippingCountry = $row["ShippingCountry"];
$ShippingCountry = mysql_real_escape_string($ShippingCountry);
$IP = $row["IP"];
$IP = mysql_real_escape_string($IP);
$Date = $row["Date"];
$Date = mysql_real_escape_string($Date);
};
//insert the payment into the database
$sql = mysql_query("INSERT INTO SecondTable (OrderID, BillingFirstName, BillingLastName, ShopperEmail, BillingAddress1 ,BillingAddress2, BillingCity, BillingCounty, BillingPostal, BillingCountry, ShippingFirstName, ShippingLastName, ShippingAddress1, ShippingAddress2, ShippingCity, ShippingCounty, ShippingPostal, ShippingCountry, IP, Date) VALUES ('$OrderId', '$BillingFirstName', '$BillingLastName', '$ShopperEmail', '$BillingAddress1', '$BillingAddress2','$BillingCity', '$BillingCounty','$BillingPostal', '$BillingCountry', '$ShippingFirstName','$ShippingLastName', '$ShippingAddress1', '$ShippingAddress2', '$ShippingCity', '$ShippingCounty' , '$ShippingPostal', '$ShippingCountry', '$IP', '$today' )");
//create excel file in xsl folder
$today = date("d/m/y");
include("excelwriter.inc.php");
$fileName = "xls/AB-MXRPayment.xls";
$excel = new ExcelWriter($fileName);
if($excel==false)
{
echo $excel->error;
die;
}
//Assign a name to the product Begins
if(strstr($MerchantData,'R'))
{
$itemnumber = "ABMXR RED";
}
else if(strstr($MerchantData,'B'))
{
$itemnumber = "ABMXR BLUE";
}
else if(strstr($MerchantData,'L'))
{
$itemnumber = "ABMXR LIGHT BLACK";
}
//if they coming from shopping cart
else if(strstr($MerchantData,'k'))
{
$itemnumber = $CartItemNames;
}
else
{
$itemnumber = "none";
}
//Assign a name to the product Ends
$myArr=array( $OrderId , " " , $itemnumber , 1 , $today , $ShippingLastName , $ShippingAddress1 , $ShippingAddress2 , $ShippingCity , $ShippingCounty , " " ,$ShippingPostal, $ShippingCountry , "Registered Post" , $ShippingLastName , " No Comments " , " No Number" , );
$excel->writeLine($myArr);
$excel->close();
//Send the excel file into the email Begins
$to = '********';
$subject = 'HSBC The payment info to 3P Logistics';
$bound_text = "jimmyP123";
$bound = "--".$bound_text."\r\n";
$bound_last = "--".$bound_text."--\r\n";
$headers = "From:*************\r\n";
$headers .= "MIME-Version: 1.0\r\n"."Content-Type: multipart/mixed; boundary=\"$bound_text\"";
$message .= "If you can see this MIME than your client doesn't accept MIME types!\r\n" . $bound;
$message .= "Content-Type: text/html; charset=\"iso-8859-1\"\r\n"."Content-Transfer-Encoding: 7bit\r\n\r\n"."<b>Hi there</b><br/> Please upload the attachment excel file into Filezilla.\r\n".$bound;
$file = file_get_contents("http://www.*********.com/xls/*********.xls");
$message .= "Content-Type: image/jpg; name=\"*********.xls\"\r\n"."Content-Transfer-Encoding: base64\r\n"."Content-disposition: attachment; file=\"******.xls\"\r\n"."\r\n".chunk_split(base64_encode($file)).$bound_last;
mail($to, $subject, $message, $headers);
//Send the excel file into the email Ends
//Delete the excel file from the folder Begins
$filetodelete = ("xls/working.xls");
if (file_exists($filetodelete))
{
unlink($filetodelete);
};
//Delete the excel file from the folder Ends
}
/////////////////////////////////////////////// if payment is temporary table > 0 Ends /////////////////////////////////////////////////////////////
$success =
'
<h2 style="margin-top:50px; color:green">You have made the payment successfully.</h2><br/><br/>
Your Order Number is: <strong>' . $OrderId . '</strong>.<br/>
Write your order number dawn as you will need it in the future for any information regarding this order.<br/>
Please do not hesitate to contact us if you require any more information.<br/><br/><br/>
<a href="http://www.*********.com/wantone.php"><strong>Continue Shopping</strong></a><br/><br/><br/><br/><br/><br/><br/>
';
}
//if the user cancelled the payment
elseif($CpiResultsCode == 1)
{
$cancel =
'
<h2 style="margin-top:50px; color:green">You have cancelled the payment successfully.</h2><br/>
Please do not hesitate to contact us if you require any more information.<br/>
<a href="http://www.********.com/wantone.php"><strong>Continue Shopping</strong></a><br/><br/><br/><br/><br/><br/><br/>
';
}
?>