require "functions.php"; session_start(); ######################################################### #### INIT System Data ######################################################### $cfg = array(); define('DATE_FORMAT_LONG', '%A %d %B, %Y'); ###################################################### ##### Configuration File ############################ ###################################################### $dir = getcwd(); list($b_cgibin, $a_cgibin) = strpos($dir, 'httpdocs') !== false ? explode('httpdocs', $dir) : explode('cgi-bin/', $dir); $cfg_folder = ''; $actual_link = "http://{$_SERVER['HTTP_HOST']}"; load_custom_data(); $mensaje = ''; if (isset($_GET['dato'])) { connectDB(); $result = mysql_query("\tSELECT count(products.ID_products) as found, products.ID_products, products.Name, products.Logo, ( SELECT folio FROM code_warranty WHERE folio = '" . $_GET['dato'] . "') AS folio\r\n\t\t\t\t\t\t\t\tFROM products WHERE Initial_folio <= '" . $_GET['dato'] . "' AND Final_folio >= '" . $_GET['dato'] . "';"); $codigo = mysql_fetch_assoc($result); if ($codigo['found'] == 0) { $mensaje = 'Lo lamentamos, pero el codigo es incorrecto, por favor escanea nuevamente tu codigo QR.'; } else { if ($codigo['folio'] == $_GET['dato']) { $mensaje = 'La garantía con codigo ' . $_GET['dato'] . ' ya ha sido registrada.'; } else { $mensaje = '¡Felicidades el codigo de tu producto es correcto! <br> Por favor ingrese los siguientes datos para activar tu garantía.'; } } }
<div class="main"> <h1>Rastrea tu Pedido</h1> <hr> <?php $in['id_orders'] = trim($in['id_orders']); if (isset($in['id_orders']) && strlen($in['id_orders']) >= 6) { if ($in['id_orders'] >= 100000) { $e_data = 1; } } if (isset($e_data)) { ###################################################### ##### Load Paths and URLs ############################ ###################################################### load_custom_data($e_data); connectDB(); $result = mysql_query("select *, (select email from sl_customers where ID_customers=sl_orders.ID_customers) email from sl_orders where id_orders='" . $in['id_orders'] . "';"); $va = mysql_fetch_array($result); if ($va) { if ($va['Status'] == 'Shipped') { $sql = "select tracking, shpprovider from sl_orders_products where id_orders='" . $in['id_orders'] . "' and shpprovider is not null and tracking is not null group by tracking;"; $result_shp = mysql_query($sql); } $in['email'] = filter_values(mysql_escape_string($in['email'])); if ($va['email'] == '') { mysql_query("UPDATE sl_customers SET email='" . $in['email'] . "' WHERE ID_customers = '" . $va['ID_customers'] . "';"); } else { mysql_query("INSER INTO sl_customers_notes (ID_customers, Notes, Type, Date, Time, ID_admin_users) VALUES('" . $va['ID_customers'] . "', 'Correo brindado al solicitar el status', 'Low', CURDATE(), CURTIME(), '" . $va['id_admin_users'] . "');"); } }