Gv Send.php:
<?php
/*
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Enterprise Shopping Cart
http://www.enterprisecart.com
Copyright (c) 2004 Enterprise Shopping Cart Software. Portions Copyright (c) 2001-2004 osCommerce: http://www.oscommerce.com
Gift Voucher System v1.0
Copyright (c) 2001, 2002 Ian C Wilson
http://www.phesis.org
Released under the GNU General Public License
*/
require('includes/application_top.php');
require('includes/classes/http_client.php');
// if the customer is not logged on, redirect them to the login page
if (!escs_session_is_registered('customer_id')) {
$navigation->set_snapshot();
escs_redirect(escs_href_link(FILENAME_LOGIN, '', 'SSL'));
}
require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_GV_SEND);
if (($HTTP_POST_VARS['back_x']) || ($HTTP_POST_VARS['back_y'])) {
$HTTP_GET_VARS['action'] = '';
}
if ($HTTP_GET_VARS['action'] == 'send') {
$error = false;
if (!escs_validate_email(trim($HTTP_POST_VARS['email']))) {
$error = true;
$error_email = ERROR_ENTRY_EMAIL_ADDRESS_CHECK;
}
$gv_query = escs_db_query("select amount from " . TABLE_COUPON_GV_CUSTOMER . " where customer_id = '" . $customer_id . "'");
$gv_result = escs_db_fetch_array($gv_query);
$customer_amount = $gv_result['amount'];
$gv_amount = trim($HTTP_POST_VARS['amount']);
if (ereg('[^0-9/.]', $gv_amount)) {
$error = true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
}
if ($gv_amount>$customer_amount || $gv_amount == 0) {
$error = true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
}
}
if ($HTTP_GET_VARS['action'] == 'process') {
$id1 = create_coupon_code($mail['customers_email_address']);
$gv_query = escs_db_query("select amount from " . TABLE_COUPON_GV_CUSTOMER . " where customer_id='".$customer_id."'");
$gv_result=escs_db_fetch_array($gv_query);
$new_amount=$gv_result['amount']-$HTTP_POST_VARS['amount'];
if ($new_amount<0) {
$error= true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
$HTTP_GET_VARS['action'] = 'send';
} else {
$gv_query=escs_db_query("update " . TABLE_COUPON_GV_CUSTOMER . " set amount = '" . $new_amount . "' where customer_id = '" . $customer_id . "'");
$gv_query=escs_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $customer_id . "'");
$gv_customer=escs_db_fetch_array($gv_query);
$gv_query=escs_db_query("insert into " . TABLE_COUPONS . " (coupon_type, coupon_code, date_created, coupon_amount) values ('G', '" . $id1 . "', NOW(), '" . $HTTP_POST_VARS['amount'] . "')");
$insert_id = escs_db_insert_id($gv_query);
$gv_query=escs_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, sent_lastname, emailed_to, date_sent) values ('" . $insert_id . "' , '" . $customer_id . "', '" . $gv_customer['customers_firstname'] . "', '" . $gv_customer['customers_lastname'] . "', '" . $HTTP_POST_VARS['email'] . "', now())");
$gv_email = STORE_NAME . "\n" .
EMAIL_SEPARATOR . "\n" .
sprintf(EMAIL_GV_TEXT_HEADER, $currencies->format($HTTP_POST_VARS['amount'])) . "\n" .
EMAIL_SEPARATOR . "\n" .
sprintf(EMAIL_GV_FROM, $HTTP_POST_VARS['send_name']) . "\n";
if (isset($HTTP_POST_VARS['message'])) {
$gv_email .= EMAIL_GV_MESSAGE . "\n";
if (isset($HTTP_POST_VARS['to_name'])) {
$gv_email .= sprintf(EMAIL_GV_SEND_TO, $HTTP_POST_VARS['to_name']) . "\n\n";
}
$gv_email .= stripslashes($HTTP_POST_VARS['message']) . "\n\n";
}
$gv_email .= sprintf(EMAIL_GV_REDEEM, $id1) . "\n\n";
$gv_email .= EMAIL_GV_LINK . escs_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $id1);;
$gv_email .= "\n\n";
$gv_email .= EMAIL_GV_FIXED_FOOTER . "\n\n";
$gv_email .= EMAIL_GV_SHOP_FOOTER . "\n\n";;
$gv_email_subject = sprintf(EMAIL_GV_TEXT_SUBJECT, $HTTP_POST_VARS['send_name']);
escs_mail('', $HTTP_POST_VARS['email'], $gv_email_subject, nl2br($gv_email), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '');
}
}
$breadcrumb->add(NAVBAR_TITLE);
$content = CONTENT_GV_SEND;
require(DIR_WS_TEMPLATES . TEMPLATENAME_MAIN_PAGE);
require(DIR_WS_INCLUDES . 'application_bottom.php');
?>
Other E Commerce Scripts:
