public static function fetchFromDbForCode($promoCode)
{
global $logger;
$logger->LogDebug(__METHOD__ . " Fetching " . __CLASS__ . " object from database for promo code: {$promoCode}");
PromoCode::$staticErrors = array();
$sql = "SELECT * FROM bsi_promo_codes WHERE UPPER(TRIM(promo_code)) = '" . strtoupper(trim(mysql_escape_string($promoCode))) . "'";
$query = mysql_query($sql);
if (!$query) {
$logger->LogError("Error executing query: {$sql}");
$logger->LogFatal("Database error: " . mysql_errno() . ". Message: " . mysql_error());
die("There was an error connecting to the database. Please try your request again or contact the system administrator.");
}
if ($row = mysql_fetch_assoc($query)) {
$promoCode = PromoCode::fetchFromParameters($row);
return $promoCode;
} else {
$logger->LogWarn("There is no promo code for promo code: {$promoCode}");
PromoCode::setStaticError(BOOKING_DETAILS_COUPON_INVALID);
return null;
}
}
<?php
// TODO: Uncomment
//include_once ("access.php");
include_once "../includes/SystemConfiguration.class.php";
global $systemConfiguration;
global $logger;
$errors = array();
$message = "";
$promoCode = new PromoCode();
if (isset($_POST['SBMT_REG'])) {
$logger->LogInfo("Form has been submitted.");
$promoCode = PromoCode::fetchFromParameters($_POST);
if (!$promoCode->save()) {
$logger->LogError("Error saving promo code.");
foreach ($promoCode->errors as $error) {
$logger->LogError($error);
$errors[] = $error;
}
} else {
header("Location: promo_codes_list.php");
}
} else {
if (isset($_REQUEST['id']) && is_numeric($_REQUEST['id'])) {
$logger->LogInfo("Page was called for edit of id: " . $_REQUEST['id']);
$id = intval($_REQUEST['id']);
$logger->LogDebug("Numeric id is: {$id}");
$promoCode = PromoCode::fetchFromDb($id);
if ($promoCode == null) {
$logger->LogError("Invalid request. No promo code with id: {$id} exists.");
$errors[] = "Invalid request. No promo code with id: {$id} exists.";
