<?php
include_once 'include/base/page.php';
include_once 'include/mysql.php';
include_once 'include/functions.php';
$id = $_GET['card_id'];
//The Andrew Clause:
//A friend of mine sent a real card to his mom already, and since the mail text was not updated, his card would be broken without this line. ;)
if (!$id) {
$id = $_GET['id'];
}
$page = new Page();
$page->begin();
$get_card = "SELECT `to_first_name`, `to_last_name`, `template_id`, `message`, `sender_id` FROM `cards` WHERE `hash_id`='" . $mysqli->real_escape_string($id) . "'";
$record = $mysqli->query($get_card) or die;
if (!$record) {
echo "Error: " . $mysqli->error;
}
?>
<h1>Thank you for sending your card!</h1>
<div id="final-card">
<?php
while ($card_object = $record->fetch_assoc()) {
echo '<img src="/image.php?card_id=' . $id . '" class="final-card">';
$get_sender = "SELECT `first_name`, `email_address` FROM `senders` WHERE `id`='" . $card_object['sender_id'] . "'";
$sender_object = $mysqli->query($get_sender) or die;
break;
}
?>
