public static function fetchFromDbForCode($promoCode) { global $logger; $logger->LogDebug(__METHOD__ . " Fetching " . __CLASS__ . " object from database for promo code: {$promoCode}"); PromoCode::$staticErrors = array(); $sql = "SELECT * FROM bsi_promo_codes WHERE UPPER(TRIM(promo_code)) = '" . strtoupper(trim(mysql_escape_string($promoCode))) . "'"; $query = mysql_query($sql); if (!$query) { $logger->LogError("Error executing query: {$sql}"); $logger->LogFatal("Database error: " . mysql_errno() . ". Message: " . mysql_error()); die("There was an error connecting to the database. Please try your request again or contact the system administrator."); } if ($row = mysql_fetch_assoc($query)) { $promoCode = PromoCode::fetchFromParameters($row); return $promoCode; } else { $logger->LogWarn("There is no promo code for promo code: {$promoCode}"); PromoCode::setStaticError(BOOKING_DETAILS_COUPON_INVALID); return null; } }
<?php // TODO: Uncomment //include_once ("access.php"); include_once "../includes/SystemConfiguration.class.php"; global $systemConfiguration; global $logger; $errors = array(); $message = ""; $promoCode = new PromoCode(); if (isset($_POST['SBMT_REG'])) { $logger->LogInfo("Form has been submitted."); $promoCode = PromoCode::fetchFromParameters($_POST); if (!$promoCode->save()) { $logger->LogError("Error saving promo code."); foreach ($promoCode->errors as $error) { $logger->LogError($error); $errors[] = $error; } } else { header("Location: promo_codes_list.php"); } } else { if (isset($_REQUEST['id']) && is_numeric($_REQUEST['id'])) { $logger->LogInfo("Page was called for edit of id: " . $_REQUEST['id']); $id = intval($_REQUEST['id']); $logger->LogDebug("Numeric id is: {$id}"); $promoCode = PromoCode::fetchFromDb($id); if ($promoCode == null) { $logger->LogError("Invalid request. No promo code with id: {$id} exists."); $errors[] = "Invalid request. No promo code with id: {$id} exists.";