$ip = getenv("REMOTE_ADDR"); $httpref = getenv("HTTP_REFERER"); $httpagent = getenv("HTTP_USER_AGENT"); switch ($strStatus) { case "CANCELLED": //echo "Hello!"; $arrItems = split(';', $strItems); foreach ($arrItems as $item) { //echo "<br>" . $item; //break up $item into a qty and a stock code.... $stockID = substr($item, 0, strpos($item, "(")); $qty = substr($item, strpos($item, "x") + 1); //echo "<br>" . $stockID . " * " . $qty; //re add the item into stock if ($stockID != '') { funcDeleteItem($stockID, $qty); //change the status of the order, that's already done higher up tho. //log it funcLogtoDebug("updateOrder.php: (" . $stockID . "*" . $qty . ") Item returned to stock"); } } exit; break; case "PROBLEM": $arrItems = split(';', $strItems); $strOrderList = ""; foreach ($arrItems as $item) { //echo "Value: " . substr($item, 0, strpos($item, "(" )) . "<br />" ; $strItemQueryX = "SELECT Name from tblItem where stockID = '" . substr($item, 0, strpos($item, "(")) . "'"; $strItemResultX = mysql_query($strItemQueryX) or die("Query Failed :" . mysql_error()); $strStockIDX = substr($item, 0, strpos($item, "("));
if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = array(); } include 'includes/SharedFunctions.php'; $basketCode = $_POST['ToDelete']; funcDebug("Basketcode: " . $basketCode); //connect to server $link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error()); //change to correct database mysql_select_db("sfvault_store") or die("Could not select database"); $strGetBasket = "SELECT * FROM tblBasket WHERE PHPSessionID = '" . $basketCode . "'"; $strGetBasketResult = mysql_query($strGetBasket) or die("Query Failed: " . mysql_error()); funcDebug("Deleting items in Basket"); while ($row = mysql_fetch_array($strGetBasketResult, MYSQL_ASSOC)) { funcDebug("Deleting " . $basketCode . ", " . $row["Item"]); funcDeleteItem($basketCode, $row["Item"], "0"); } funcDebug("Deleting Session entry"); $DeleteBasket = "DELETE FROM tblSession where PHPSessionID = '" . $basketCode . "'"; mysql_query($DeleteBasket) or die("Query Failed: " . mysql_error()); function funcDeleteItem($strSessionID, $itemcode, $qty) { //$qty = funcSanitize($_POST['qty']); //$itemcode = funcSanitize($_POST['item']); $strBool = 0; $counter = 0; //additional check to make sure $qty is a numeric if (ereg("[0-9]+", $qty)) { funcDebug("Quantity string is numeric"); } else { echo "Invalid Input, stop trying to put non-numerics in the quantity field";
//expires cookies after 1/2 hour $sessionExpire = 60 * 30; session_set_cookie_params($sessionExpire); //start new session session_start(); if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = array(); } include 'includes/SharedFunctionsStrict.php'; if (isset($_POST['remove']) or isset($_POST['altRemove'])) { $itemcode = funcSanitize($_POST['removeitem']); $emailaddress = funcSanitize($_POST['emailaddress']); $strBool = 0; $counter = 0; funcDeleteItem($itemcode, $emailaddress); } function funcDeleteItem($itemcode, $emailaddress) { //connect to server $link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error()); //change to correct database mysql_select_db("sfvault_store") or die("Could not select database"); //$qty = "1"; //$itemcode = funcSanitize($_POST['removeitem']); $strBool = 0; $counter = 0; $strUpdateStockQuery = "DELETE FROM tbl_PreOrder where stockID = '" . $itemcode . "' and emailaddress = '" . $emailaddress . "'"; mysql_query($strUpdateStockQuery) or die("Update Query Failed: " . mysql_error()); funcLogToDebug("RemovePreOrder.php: PreOrder for " . $itemcode . " by " . $emailaddress . "was removed."); //header('location: ' . $_SERVER['PHP_SELF']);
//start new session session_start(); if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = array(); } include 'includes/SharedFunctionsStrict.php'; if (isset($_POST['remove']) or isset($_POST['altRemove'])) { $qty = "1"; $itemcode = funcSanitize($_POST['removeitem']); $strBool = 0; $counter = 0; //additional check to make sure $qty is a numeric if (ereg("[0-9]+", $qty)) { //funcDebug ("Quantity string is numeric"); //echo $itemcode; funcDeleteItem(session_id(), $itemcode, $qty); } else { echo "Invalid Input, stop trying to put non-numerics in the quantity field"; exit; } } function funcDeleteItem($strSessionID, $itemcode, $qty) { //connect to server $link = mysql_connect("localhost", "sfvault_writeSto", "Ti*ESUf3*_b?Km") or die("Could not connect: " . mysql_error()); //change to correct database mysql_select_db("sfvault_store") or die("Could not select database"); //$qty = "1"; //$itemcode = funcSanitize($_POST['removeitem']); $strBool = 0; $counter = 0;