$ip = getenv("REMOTE_ADDR");
$httpref = getenv("HTTP_REFERER");
$httpagent = getenv("HTTP_USER_AGENT");
switch ($strStatus) {
case "CANCELLED":
//echo "Hello!";
$arrItems = split(';', $strItems);
foreach ($arrItems as $item) {
//echo "<br>" . $item;
//break up $item into a qty and a stock code....
$stockID = substr($item, 0, strpos($item, "("));
$qty = substr($item, strpos($item, "x") + 1);
//echo "<br>" . $stockID . " * " . $qty;
//re add the item into stock
if ($stockID != '') {
funcDeleteItem($stockID, $qty);
//change the status of the order, that's already done higher up tho.
//log it
funcLogtoDebug("updateOrder.php: (" . $stockID . "*" . $qty . ") Item returned to stock");
}
}
exit;
break;
case "PROBLEM":
$arrItems = split(';', $strItems);
$strOrderList = "";
foreach ($arrItems as $item) {
//echo "Value: " . substr($item, 0, strpos($item, "(" )) . "<br />" ;
$strItemQueryX = "SELECT Name from tblItem where stockID = '" . substr($item, 0, strpos($item, "(")) . "'";
$strItemResultX = mysql_query($strItemQueryX) or die("Query Failed :" . mysql_error());
$strStockIDX = substr($item, 0, strpos($item, "("));
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = array();
}
include 'includes/SharedFunctions.php';
$basketCode = $_POST['ToDelete'];
funcDebug("Basketcode: " . $basketCode);
//connect to server
$link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error());
//change to correct database
mysql_select_db("sfvault_store") or die("Could not select database");
$strGetBasket = "SELECT * FROM tblBasket WHERE PHPSessionID = '" . $basketCode . "'";
$strGetBasketResult = mysql_query($strGetBasket) or die("Query Failed: " . mysql_error());
funcDebug("Deleting items in Basket");
while ($row = mysql_fetch_array($strGetBasketResult, MYSQL_ASSOC)) {
funcDebug("Deleting " . $basketCode . ", " . $row["Item"]);
funcDeleteItem($basketCode, $row["Item"], "0");
}
funcDebug("Deleting Session entry");
$DeleteBasket = "DELETE FROM tblSession where PHPSessionID = '" . $basketCode . "'";
mysql_query($DeleteBasket) or die("Query Failed: " . mysql_error());
function funcDeleteItem($strSessionID, $itemcode, $qty)
{
//$qty = funcSanitize($_POST['qty']);
//$itemcode = funcSanitize($_POST['item']);
$strBool = 0;
$counter = 0;
//additional check to make sure $qty is a numeric
if (ereg("[0-9]+", $qty)) {
funcDebug("Quantity string is numeric");
} else {
echo "Invalid Input, stop trying to put non-numerics in the quantity field";
//expires cookies after 1/2 hour
$sessionExpire = 60 * 30;
session_set_cookie_params($sessionExpire);
//start new session
session_start();
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = array();
}
include 'includes/SharedFunctionsStrict.php';
if (isset($_POST['remove']) or isset($_POST['altRemove'])) {
$itemcode = funcSanitize($_POST['removeitem']);
$emailaddress = funcSanitize($_POST['emailaddress']);
$strBool = 0;
$counter = 0;
funcDeleteItem($itemcode, $emailaddress);
}
function funcDeleteItem($itemcode, $emailaddress)
{
//connect to server
$link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error());
//change to correct database
mysql_select_db("sfvault_store") or die("Could not select database");
//$qty = "1";
//$itemcode = funcSanitize($_POST['removeitem']);
$strBool = 0;
$counter = 0;
$strUpdateStockQuery = "DELETE FROM tbl_PreOrder where stockID = '" . $itemcode . "' and emailaddress = '" . $emailaddress . "'";
mysql_query($strUpdateStockQuery) or die("Update Query Failed: " . mysql_error());
funcLogToDebug("RemovePreOrder.php: PreOrder for " . $itemcode . " by " . $emailaddress . "was removed.");
//header('location: ' . $_SERVER['PHP_SELF']);
//start new session
session_start();
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = array();
}
include 'includes/SharedFunctionsStrict.php';
if (isset($_POST['remove']) or isset($_POST['altRemove'])) {
$qty = "1";
$itemcode = funcSanitize($_POST['removeitem']);
$strBool = 0;
$counter = 0;
//additional check to make sure $qty is a numeric
if (ereg("[0-9]+", $qty)) {
//funcDebug ("Quantity string is numeric");
//echo $itemcode;
funcDeleteItem(session_id(), $itemcode, $qty);
} else {
echo "Invalid Input, stop trying to put non-numerics in the quantity field";
exit;
}
}
function funcDeleteItem($strSessionID, $itemcode, $qty)
{
//connect to server
$link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error());
//change to correct database
mysql_select_db("sfvault_store") or die("Could not select database");
//$qty = "1";
//$itemcode = funcSanitize($_POST['removeitem']);
$strBool = 0;
$counter = 0;
