"; $bgclr =false; session_start(); if ($_GET["ptid"]) {$partner_id = $_GET["ptid"];} elseif($_POST["ptid"]){$partner_id = $_POST["ptid"];} else {$partner_id = 100;} if ($_GET["begin"]) { $sql = "delete from oitem where i_o_id = $new_orderid"; $res = mysql_query($sql); $sql ="delete from orders where o_id = $new_orderid"; $res = mysql_query($sql); $new_orderid = ""; session_destroy(); session_start(); } if ($showmelinks){ echo "select concat('http://www.sitesalive.com/secure/seltype.htm?u_type=',l.l_type,'&ptid=',l.l_pt_id,'&lic_type=',l.l_id,'&buy=true') as link, concat('--> ',p.p_name, ', ',l.l_name, ' $', l.l_price) as product from license l, products p where l.l_p_id = p.p_id ;"; //http://www.sitesalive.com/secure/seltype.htm?u_type=2&ptid=100&lic_type=5071&buy=true } if ($buy) { if (is_numeric($_GET['u_type']) && is_numeric($_GET['lic_type']) && is_numeric($partner_id)) { //url OK //make sure we start clean if (session_is_registered("logged_in")){ session_unregister("logged_in"); session_unregister("ses_user"); } if (session_is_registered("new_orderid")){ session_unregister("new_orderid"); } $i_order = "insert into orders (o_sess,o_uid,o_date,o_status,o_tid,o_pt_id,o_total) values"; $i_order .= "('" . session_id() . "',0,now(),100,'000000000000',$partner_id,0.00)"; $r_order = mysql_query($i_order); $new_orderid = mysql_insert_id(); //new order number here. session_register("new_orderid"); $query = "insert into oitem (i_o_id,i_qty,i_sdate,i_edate,i_ucost,i_subtot,i_l_id,i_code)"; $query .= " values ($new_orderid,1,now(),now(),0.00,0.00,{$_GET['lic_type']},'')"; $result = mysql_query($query); $upd_query = "select o.o_id, i.i_qty, l.l_price, l.l_code, concat(p.p_name, ', ',l.l_name) as product, i.i_id, l.l_edate,l.l_sdate,l.l_days,l.l_min from products p, license l , orders o, oitem i where p.p_id=l.l_p_id and o.o_id = $new_orderid and l.l_id = i.i_l_id and i.i_o_id = o.o_id and o.o_sess ='" . session_id()."'"; $upd_result = mysql_query($upd_query); $upd_row = mysql_fetch_array($upd_result, MYSQL_NUM); if ($upd_row[8] == 0) { $upd_order = "update oitem set i_ucost =$upd_row[2], i_subtot =" .($upd_row[1] * $upd_row[2]) .", i_code='$upd_row[3]', i_edate ='$upd_row[6] 23:59:59' , i_sdate ='$upd_row[7] 00:00:01', i_qty = $upd_row[9] where i_id = $upd_row[5] "; } else { $upd_order = "update oitem set i_ucost =$upd_row[2], i_subtot =" .($upd_row[1] * $upd_row[2]) .", i_code='$upd_row[3]', i_edate = date_add(now(), INTERVAL $upd_row[8] DAY) , i_sdate = now(), i_qty = $upd_row[9] where i_id = $upd_row[5] "; } $upd_oresult = mysql_query($upd_order); $o_total = $upd_row[9] * $upd_row[2]; $upd_order = "update orders set o_total = $o_total where o_id = $new_orderid"; //echo $upd_order; //die; $upd_oresult = mysql_query($upd_order); $ses_user = array("uid" => "", "uname" => "", "utype" => $_GET['u_type'] , "fname" => "","lname" => "", "code" => "", "end" => "", "amt" => $o_total); session_register("ses_user"); $tmp_pass = substr(session_id(),12); $i_usr = "insert into users (active, utype, uname, upass) values(0,{$_GET['u_type']},NULL,'$tmp_pass')"; $result = mysql_query($i_usr); $ses_user["uid"] = mysql_insert_id(); $ses_user["uname"] = "sa" . $ses_user["uid"]; session_register("ses_user"); $u_usr = "update users set uname = '{$ses_user["uname"]}' where id = {$ses_user["uid"]}"; $u_result = mysql_query($u_usr); $q_add_user = "insert into userinfo (u_uid) values ({$ses_user['uid']})"; $r_add_user = mysql_query($q_add_user); $u_order_user = "update orders set o_uid={$ses_user["uid"]} where o_id = $new_orderid"; $r_order_user = mysql_query($u_order_user); $u_type = $ses_user["utype"]; if ($u_type == 2 || $u_type == 3 || $u_type == 6){ mysql_close($conn); header("Location: " .$sslurl . "/secure/buynow.htm"); //header("Location: /secure/buynow.htm"); exit(); } if ($u_type == 5){ //$update=true; //mysql_close($conn); //header("Location: /secure/buynow.htm"); //exit(); //echo "here"; //die; $bk_btn = ""; $prod_desc = " StudentsProductPrice\n"; $bgclr= true; $u_msg = "Please enter number of students and continue
\n"; setbgclr(); $chk_box = ""; $qty_box = " ($upd_row[9] minimum)"; $qty_box .= ""; $prod_desc .= "". $chk_box ."\n"; $prod_desc .= "". $qty_box ."\n"; $prod_desc .= "" . $upd_row[4] . " $" . $upd_row[2] . " Per Student\n"; $hid_flds .= "\n"; $hid_flds .= "\n"; $hid_flds .= "\n"; } }else { $u_msg = "There are no licenses for this product available at this time.
\n"; } //end url OK } //end buy now if ($update || $u_type) { if (!isset($u_type) || $u_type == ""){ $u_msg= "Please select a license type

\n"; $frm_errs = true; $o_step = 0; } else { if (!$update) { if ($u_type == 1){ $q_prod ="select l.l_id from license l, products p where p.p_disp = 1 and p.p_id = l.l_p_id and l.l_active=1 and l.l_edate < now() and l.l_pt_id = $partner_id and l.l_type = $u_type order by l.l_price desc"; $r_prod = mysql_query($q_prod); if (mysql_num_rows($r_prod) >0 ){ $p_row = mysql_fetch_array($r_prod, MYSQL_NUM); $licid = $p_row[0]; $o_step = 2; } else { $frm_errs = true; $u_msg = "There are no licenses available at this time.
\n"; } }//utype 2 or 3 elseif ($u_type == 2 || $u_type == 3 || $u_type == 4 || $u_type == 5 || $u_type == 6 || $u_type == 10){ if ($buy){ $show_lic = true; }else{ $o_step = 1; } } else { $frm_errs = true; $u_msg = "There are no licenses available at this time.
\n"; } }//not updated } //utype not set. if ($o_step == 1) { //get products based on usertype and partner id $sqlwhere = "p.p_disp = 1 and l.l_active=1 and p.p_id = l.l_p_id and l.l_pt_id = $partner_id and l.l_type = $u_type "; if (isset($lic_type) && !$lic_type == ""){ $sqlwhere .= " and l.l_id = $lic_type "; $other_btn = ""; } $q_prod ="select l.l_id, concat(p.p_name, ' / ',l.l_name) as prod, l.l_price, l.l_min, l.l_days from products p, license l where $sqlwhere order by l.l_price desc, prod"; //echo $q_prod; //die; $r_prod = mysql_query($q_prod); if (mysql_num_rows($r_prod) >0){ //make sure there are some if ($u_type == 2 || $u_type == 3 || $u_type == 6){ // family,hsch,subscriber $bk_btn = ""; $prod_desc = "SelectProductPrice\n"; $bgclr= true; //if ($u_type == 4){$frm_ck = "radio";} //if ($u_type == 5){$frm_ck = "checkbox";} $frm_ck = "checkbox"; $u_msg = "Please select product(s)
\n"; while ($p_row = mysql_fetch_array($r_prod, MYSQL_NUM)) { setbgclr(); $chk_box = ""; //$qty_box = ""; $prod_desc .= "". $chk_box ."\n"; $prod_desc .= "". $p_row[1] ."\n"; $prod_desc .= " $" . $p_row[2] . "\n"; } // end while } // end utype 2,3 if ($u_type == 4 || $u_type == 5){ // school, class $bk_btn = ""; $prod_desc = "SelectStudentsProductPrice\n"; $bgclr= true; if ($u_type == 4){$frm_ck = "radio";} if ($u_type == 5){$frm_ck = "checkbox";} $u_msg = "Please select product(s)
\n"; while ($p_row = mysql_fetch_array($r_prod, MYSQL_NUM)) { setbgclr(); if ($p_row[3] > 1) { $chk_box = ""; $qty_box = " ($p_row[3] minimum)"; $qty_box .= ""; $prod_desc .= "". $chk_box ."\n"; $prod_desc .= "". $qty_box ."\n"; $prod_desc .= "" . $p_row[1] . " $" . $p_row[2] . " Per Student\n"; } else { $chk_box = ""; $qty_box = ""; $qty_box .= ""; $prod_desc .= "". $chk_box . $qty_box . "\n"; $prod_desc .= "N/A\n"; $prod_desc .= "" . $p_row[1] . " $" . $p_row[2] . "\n"; } } // end while } // end utype 4,5 if ($u_type == 10){ // free $p_row = mysql_fetch_array($r_prod, MYSQL_NUM); $prod_desc = "ProductDuration\n"; $prod_desc .= "" . $p_row[1] . " " . $p_row[4] . " Days \n"; $lic_id = $p_row[0]; $hid_flds .= "\n"; } $hid_flds .= "\n"; $hid_flds .= "\n"; } //end mysql else { $u_msg = "There are no licenses available at this time.
\n"; } $fw_btn = ""; }//end step if ($o_step == 2) { if ($u_type == 2 || $u_type == 3 || $u_type == 6){ $bk_btn = ""; if (sizeof($licid) == 0) { //make sure something is checked $u_msg = "No items selected, please start over
\n"; $fw_btn = ""; $hid_flds .= "\n"; $hid_flds .= "\n"; } else { $fw_btn = ""; $i_order = "insert into orders (o_sess,o_uid,o_date,o_status,o_tid,o_pt_id,o_total) values"; $i_order .= "('" . session_id() . "',0,now(),100,'000000000000',$partner_id,0.00)"; $r_order = mysql_query($i_order); $new_orderid = mysql_insert_id(); //new order number here. session_register("new_orderid"); for( $i = 0; $i < sizeof($licid); $i++ ){ //eval("\$frm_qty = \$qty_".$licid[$i] .";"); //if (!is_numeric($frm_qty)){$frm_qty = $min_qty;} //if ($frm_qty < $min_qty) {$frm_qty = $min_qty;} $query = "insert into oitem (i_o_id,i_qty,i_sdate,i_edate,i_ucost,i_subtot,i_l_id,i_code)"; $query .= " values ($new_orderid,1,now(),now(),0.00,0.00,$licid[$i],'')"; $result = mysql_query($query); } //forloop $show_order = true; } //end lic test else }// end utype 2,3 if ($u_type == 4 || $u_type == 5){ $bk_btn = ""; if (sizeof($licid) == 0) { //make sure something is checked $u_msg = "No items selected, please start over
\n"; $fw_btn = ""; $hid_flds .= "\n"; $hid_flds .= "\n"; } else { $fw_btn = ""; $i_order = "insert into orders (o_sess,o_uid,o_date,o_status,o_tid,o_pt_id,o_total) values"; $i_order .= "('" . session_id() . "',0,now(),100,'000000000000',$partner_id,0.00)"; $r_order = mysql_query($i_order); $new_orderid = mysql_insert_id(); //new order number here. session_register("new_orderid"); for( $i = 0; $i < sizeof($licid); $i++ ){ eval("\$frm_qty = \$qty_".$licid[$i] .";"); eval("\$min_qty = \$min_".$licid[$i] .";"); if (!is_numeric($frm_qty)){$frm_qty = $min_qty;} if ($frm_qty < $min_qty) {$frm_qty = $min_qty;} $query = "insert into oitem (i_o_id,i_qty,i_sdate,i_edate,i_ucost,i_subtot,i_l_id,i_code)"; $query .= " values ($new_orderid,$frm_qty,now(),now(),0.00,0.00,$licid[$i],'')"; $result = mysql_query($query); } //forloop $show_order = true; } //end lic test else }// end utype 4,5 if ($u_type == 10){ $i_order = "insert into orders (o_sess,o_uid,o_date,o_status,o_tid,o_pt_id,o_total,o_pmttype) values"; $i_order .= "('" . session_id() . "',0,now(),10,'000000000000',$partner_id,0.00,'FT')"; $r_order = mysql_query($i_order); $new_orderid = mysql_insert_id(); //new order number here. session_register("new_orderid"); //check howlong $dur_query = "select l_days from license where l_id = $licid"; $dur_result = mysql_query($dur_query); $dur_row = mysql_fetch_array($dur_result, MYSQL_NUM); $i_item = "insert into oitem (i_o_id,i_qty,i_sdate,i_edate,i_ucost,i_subtot,i_l_id,i_code)"; $i_item .= " values ($new_orderid,1,now(),date_add(now(), INTERVAL $dur_row[0] DAY),0.00,0.00,$licid,'all')"; $r_item = mysql_query($i_item); //order & item in there, create free user. $tmp_pass = substr(session_id(),12); $i_usr = "insert into users (active, utype, uname, upass) values(1,10,NULL,'$tmp_pass')"; $result = mysql_query($i_usr); $new_uid= mysql_insert_id(); $new_uname = "ft" . $new_uid; $u_usr = "update users set uname = '$new_uname' where id = $new_uid"; $u_result = mysql_query($u_usr); $q_add_user = "insert into userinfo (u_uid) values ($new_uid)"; $r_add_user = mysql_query($q_add_user); $u_order_user = "update orders set o_uid=$new_uid where o_id = $new_orderid"; $r_order_user = mysql_query($u_order_user); $ses_user = array("uid" => $new_uid, "uname" => $new_uname, "utype" => 10 , "fname" => "","lname" => "", "code" => "", "end" => "", "amt" => 0.00); session_register("ses_user"); mysql_close($conn); header("Location: /secure/userinfo.htm"); exit(); }// end utype 10 -free } //end step 2 if ($o_step == 3) { if (sizeof($remid) > 0) { //items to remove for( $i = 0; $i < sizeof($remid); $i++ ){ $query = "delete from oitem where i_o_id = $new_orderid and i_id = $remid[$i]"; $result = mysql_query($query); } $chk_query = "select i_o_id from oitem where i_o_id = $new_orderid"; $r_chk_query = mysql_query($chk_query); if (mysql_num_rows($r_chk_query) > 0){ $show_order = true; $fw_btn = ""; } else { //no line items, delete order $del_query = "delete from orders where o_id = $new_orderid"; $r_del_query = mysql_query($del_query ); $u_msg = "No items selected, please start over
\n"; $bk_btn = ""; $fw_btn = ""; $hid_flds .= "\n"; } } else { if ($o_total){ // proceed $upd_order = "update orders set o_total = $o_total where o_id = $new_orderid"; $upd_oresult = mysql_query($upd_order); if (session_is_registered("logged_in")){ session_unregister("logged_in"); session_unregister("ses_user"); } $ses_user = array("uid" => "", "uname" => "", "utype" => $u_type , "fname" => "","lname" => "", "code" => "", "end" => "", "amt" => $o_total); session_register("ses_user"); $tmp_pass = substr(session_id(),12); $tmp_utype = $ses_user["utype"]; $i_usr = "insert into users (active, utype, uname, upass) values(0,{$ses_user["utype"]},NULL,'$tmp_pass')"; $result = mysql_query($i_usr); $ses_user["uid"] = mysql_insert_id(); $ses_user["uname"] = "sa" . $ses_user["uid"]; session_register("ses_user"); $u_usr = "update users set uname = '{$ses_user["uname"]}' where id = {$ses_user["uid"]}"; $u_result = mysql_query($u_usr); $q_add_user = "insert into userinfo (u_uid) values ({$ses_user['uid']})"; $r_add_user = mysql_query($q_add_user); $u_order_user = "update orders set o_uid={$ses_user["uid"]} where o_id = $new_orderid"; $r_order_user = mysql_query($u_order_user); mysql_close($conn); if ($u_type == 2 || $u_type == 3 || $u_type == 6){ header("Location: " .$sslurl . "/secure/buynow.htm"); exit(); } if ($u_type == 4){ header("Location: /secure/userinfo.htm"); exit(); } if ($u_type == 5){ if ($u_pmt == "CC"){ header("Location: " .$sslurl . "/secure/buynow.htm"); exit(); }else{ header("Location: /secure/userinfo.htm"); exit(); } } } } } //end step 3 if ($show_order) { $upd_query = "select o.o_id, i.i_qty, l.l_price, l.l_code, concat(p.p_name, ', ',l.l_name) as product, i.i_id, l.l_edate,l.l_sdate,l.l_days from products p, license l , orders o, oitem i where p.p_id=l.l_p_id and o.o_id = $new_orderid and l.l_id = i.i_l_id and i.i_o_id = o.o_id and o.o_sess ='" . session_id()."'"; $upd_result = mysql_query($upd_query); $u_msg = "
Please confirm your selection(s)
\n"; $bgclr = true; if ($u_type == 2 || $u_type == 3 || $u_type == 6){ $prod_desc = "ProductPriceRemove"; while ($upd_row = mysql_fetch_array($upd_result, MYSQL_NUM)) { //$upd_row = mysql_fetch_array($upd_result, MYSQL_NUM); setbgclr(); if ($upd_row[8] == 0 ) { $upd_order = "update oitem set i_ucost =$upd_row[2], i_subtot =" .($upd_row[1] * $upd_row[2]) .", i_code='$upd_row[3]', i_edate ='$upd_row[6] 23:59:59' , i_sdate ='$upd_row[7] 00:00:01' where i_id = $upd_row[5] "; } else { $upd_order = "update oitem set i_ucost =$upd_row[2], i_subtot =" .($upd_row[1] * $upd_row[2]) .", i_code='$upd_row[3]', i_edate = date_add(now(), INTERVAL $upd_row[8] DAY) , i_sdate = now() where i_id = $upd_row[5] "; } $upd_oresult = mysql_query($upd_order); //$q .= $upd_order . "
\n"; $chk_box = ""; $prod_desc .= "" . $upd_row[4] . " $" . number_format($upd_row[2] * $upd_row[1], 2) . " \n"; $prod_desc .= "". $chk_box ."\n"; $ord_total = $ord_total + $upd_row[2] * $upd_row[1]; } setbgclr(); $prod_desc .= "Total: $" . number_format($ord_total, 2) . "  \n"; } else { $prod_desc = "ProductPriceStudentsSubtotalRemove"; while ($upd_row = mysql_fetch_array($upd_result, MYSQL_NUM)) { setbgclr(); $upd_order = "update oitem set i_ucost =$upd_row[2], i_subtot =" .($upd_row[1] * $upd_row[2]) .", i_code='$upd_row[3]' , i_edate ='$upd_row[6] 23:59:59' , i_sdate ='$upd_row[7] 00:00:01' where i_id = $upd_row[5] "; $upd_oresult = mysql_query($upd_order); $chk_box = ""; $prod_desc .= "" . $upd_row[4] . "$upd_row[2]"; if ($upd_row[1] == 1){$prod_desc .= "N/A";} else {$prod_desc .= $upd_row[1];} $prod_desc .= " $" . number_format($upd_row[2] * $upd_row[1], 2) . " \n"; $prod_desc .= "". $chk_box ."\n"; $ord_total = $ord_total + $upd_row[2] * $upd_row[1]; } setbgclr(); $prod_desc .= "Total: $" . number_format($ord_total, 2) . "  \n"; if ($u_type == 5) { $prod_desc .= "Payment Method:    Credit Card\n"; $prod_desc .= "     Purchase Order\n"; } } $hid_flds .= "\n"; $hid_flds .= "\n"; $hid_flds .= "\n"; //echo $q; //die; } //end show order //} } $hid_flds .= "\n"; ?> Product Selection
Family :    Home School :   School:   Class Room:    Subscriber: