if (empty($ids) or count($ids) == 0) {
$message .= "Please select a product for request refund .<br>";
}
if ($message == '') {
// check if message is empty
if (!empty($ids)) {
//echo "<pre>";print_r($_POST);exit;
foreach ($_POST['ids'] as $key => $value) {
$pid = mysql_real_escape_string($value);
$reasonid = "reason" . $pid;
$qty = "qty" . $pid;
$seller = "sellerid" . $pid;
$product = "pname" . $pid;
$price = "price_" . $pid;
$sellerid = addslashes($_POST[$seller]);
$seller_name = getSellerFullname($sellerid);
$userid = addslashes($_POST['userid']);
$reason = addslashes($_POST[$reasonid]);
$quantity = addslashes($_POST[$qty]);
$productname = $_POST[$product];
$product_price = $_POST[$price];
$comments = addslashes($_POST['comments']);
$orderid = addslashes($_POST['orderid']);
$sql_insert = "insert into " . $tableprefix . "refunds(seller_id,buyer_id,product_id,order_id,quantity,return_reason,Additional_info,date)\n\t\t\t\t\tVALUES('" . $sellerid . "','" . $userid . "','" . $pid . "','" . $orderid . "','" . $quantity . "','" . $reason . "','" . $comments . "',now()) ";
$rs_insert = mysql_query($sql_insert) or die(mysql_error());
$refund_id = mysql_insert_id();
////////////////////////insert into support desk ticket table//////////
//
//fetch user deatails from support desk user table
$supportUser = getUserSupportDetails($userid);
//echo "<pre>";print_r($supportUser);
}
}
if ($message != "") {
// error
$message = "<br>Please correct the following errors to continue!<br>" . $message;
} else {
// no error so insert user details
$sql = "UPDATE " . $tableprefix . "artists SET\n\t\t\tpassword = '******'\n\t\t\tWHERE artist_id = '" . addslashes($artistid) . "'\n\t\t\t";
mysql_query($sql);
$updatedRows = mysql_affected_rows();
//send mail to admin if this feature is enabled for this seller
$vendorSettings = getVendorEnabledSettings($artistid, 'enableSendMailChangePassword');
if ($vendorSettings == 'Y') {
if ($updatedRows > 0) {
$to = SITE_EMAIL;
$sellerName = getSellerFullname($artistid);
//$link = "<a target= '_blank' href='".SITE_URL."/admin/editartist.php?artistid=".$artistid."&rghtMenu=rghtMenu4&displayDiv=Members'> Click here to view the details</a>";
$date = date('m/d/Y');
$subject = "Password of a seller has been changed in - " . stripslashes(SITE_NAME);
/*---------Email Template Reading Fuction Call----------------------------------------*/
$mailcontent = readEmailTemplate('seller_change_password');
$mailcontent = str_replace('[seller_name]', $sellerName, $mailcontent);
$mailcontent = str_replace('[date_change]', $date, $mailcontent);
$mailcontent = str_replace('[site_name]', SITE_NAME, $mailcontent);
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type: text/html; charset=iso-8859-1" . "\r\n";
$headers .= "From: " . SITE_NAME . "<" . SITE_EMAIL . ">" . "\r\n";
$headers .= "Reply-To: " . SITE_NAME . "<" . SITE_EMAIL . ">" . "\r\n";
$headers .= "Return-Path: " . SITE_NAME . "<noreply@" . SITE_NAME . ">" . "\r\n";
$headers .= "Organization: " . SITE_NAME . "\r\n";
$mailcontent = nl2br($mailcontent);
