booking.processing.php

1. <?php
2.  
3. require_once("includes/config.php"); //Load the configurations
4.  
5. bw_do_action("bw_load");
6. ##################################################################################
7. # 1. GET ALL VARIABLES
8. $name = (!empty($_POST["name"])) ? strip_tags(str_replace("'", "`", $_POST["name"])) : '';
9. $phone = (!empty($_POST["phone"])) ? strip_tags(str_replace("'", "`", $_POST["phone"])) : '';
10. $email = (!empty($_POST["email"])) ? strip_tags(str_replace("'", "`", $_POST["email"])) : '';
11. $email1 = (!empty($_POST["email1"])) ? strip_tags(str_replace("'", "`", $_POST["email1"])) : '';
12. $comments = (!empty($_POST["comments"])) ? strip_tags(str_replace("'", "`", $_POST["comments"])) : '';
13. $date = (!empty($_POST["date"])) ? strip_tags(str_replace("'", "`", $_POST["date"])) : '';
14. $interval = (!empty($_POST["interval"])) ? strip_tags(str_replace("'", "`", $_POST["interval"])) : '';
15. $time = (!empty($_POST["time"])) ? $_POST["time"] : '';
16. $captcha_sum = (!empty($_POST["captcha_sum"])) ? strip_tags(str_replace("'", "`", $_POST["captcha_sum"])) : '';
17. $captcha = (!empty($_POST["captcha"])) ? strip_tags(str_replace("'", "`", $_POST["captcha"])) : '';
18. $serviceID = (!empty($_REQUEST["serviceID"])) ? strip_tags(str_replace("'", "`", $_REQUEST["serviceID"])) : getDefaultService();;
19. $qty = (!empty($_REQUEST["qty"])) ? intval($_REQUEST["qty"]) : 1;
20. $couponCode = (!empty($_POST["couponCode"])) ? strip_tags(str_replace("'", "`", $_POST["couponCode"])) : '';
21. $referrer = (!empty($_REQUEST["referrer"]))?strip_tags(str_replace("'","`",$_REQUEST["referrer"])):'';
22. // captcha check
23.  
24. if (empty($captcha_sum) || empty($captcha) || md5($captcha) != $captcha_sum || !empty($email1)) {
25. $queryString = array(
26. "date" => $date,
27. "lb1" => "yes",
28. "serviceID" => $serviceID,
29. "name" => $name,
30. "phone" => $phone,
31. "email" => $email,
32. "comments" => $comments,
33. "time" => $time,
34. "qty" => $qty,
35. "couponCode" => $couponCode,
36. "referrer"=>$referrer
37. );
38.  
39. $timeURL = http_build_query($time);
40. if (getOption('use_popup') && $referrer!='calendar') {
41. header("Location: index.php?" . http_build_query($queryString));
42. } else {
43. header("Location: booking.php?" . http_build_query($queryString));
44. }
45. exit();
46. }
47. ## Check Qty allowed
48. $error = checkQtyForTimeBooking($serviceID, $time, $date, $interval, $qty);
49.  
50. if (!$error) {
51. if (!empty($name) && !empty($phone) && !empty($email)) {
52.  
53. if (!preg_match("(^[-\w\.]+@([-a-z0-9]+\.)+[a-z]{2,4}$)i", $email)) {
54. $msg = "<div class='error_msg'>" . BEP_10 . "</div>";
55. } else {
56. if (!empty($couponCode)) {
57. $couponData = checkCoupon($couponCode, $serviceID);
58. if ($couponData['responce']) {
59. $couponValue = $couponData['value'];
60. $couponType = $couponData['type'];
61. } else {
62. $msg = "<div class='error_msg'>" . $couponData['message'] . "</div>";
63. $couponCode = '';
64. }
65. }
66.  
67. ##################################################################################
68. # 3. PREPARE BOOKING DATE/TIME
69. # CREATE ORDER
70.  
71. $price_per_spot = getPricePerSpot($serviceID);
72. $status = getServiceSettings($serviceID, 'payment_method') == 'invoice' ? 1 : 2;
73.  
74.  
75. $q = "INSERT INTO bs_reservations (dateCreated, name, email, phone, comments,status, `interval`,`serviceID`,`qty`,`coupon`)
76. VALUES ('".DATETIME."','" . $name . "','" . $email . "','" . $phone . "','" . $comments . "','" . $status . "','" . $interval . "','" . $serviceID . "','" . $qty . "','" . $couponCode . "')";
77. $res = mysql_query($q) or die("error! 001:" . mysql_error());
78. $orderID = mysql_insert_id();
79. $serviceName = getService($serviceID, 'name');
80. if (!empty($orderID)) {
81. $tempVar = "";
82. $bookingData = array();
83. $spots = 0;
84. foreach ($time as $k => $v) {
85. $dateFrom = date("Y-m-d H:i:s", strtotime($date . " +" . $v . " minutes"));
86. $dateTo = date("Y-m-d H:i:s", strtotime($dateFrom . " +" . $interval . " minutes"));
87. $q = "INSERT INTO bs_reservations_items (reservationID,dateCreated,reserveDateFrom,reserveDateTo,qty)
88. VALUES ('" . $orderID . "','".DATETIME."','" . $dateFrom . "','" . $dateTo . "','" . $qty . "')";
89. $res = mysql_query($q) or die("error! 002");
90.  
91. //needed for message
92. $tempVar .= "<tr><td>" . getDateFormat($date) . "</td><td>" . date((getTimeMode()) ? "g:i a" : "H:i", strtotime($dateFrom)) . "</td><td>" . date((getTimeMode()) ? "g:i a" : "H:i", strtotime($dateTo)) . "</td><td>" . $qty . "</td></tr>";
93. $bookingData[] = array(
94. 'date' => getDateFormat($date),
95. 'timeFrom' => date((getTimeMode()) ? "g:i a" : "H:i", strtotime($dateFrom)),
96. 'timeTo' => date((getTimeMode()) ? "g:i a" : "H:i", strtotime($dateTo)),
97. 'qty' => $qty,
98. 'dateFrom'=>$dateFrom,
99. 'dateTo'=>$dateTo
100. );
101. $spots++;
102. }
103.  
104.  
105.  
106.  
107. $paymentBookingIngo = get_payment_info($orderID);
108. if ($price_per_spot == 0 || $paymentBookingIngo['amount']==0) {
109. $infoForBooking = BEP_11;
110. $subject = BEP_161 . " (#" . $orderID . ")!";
111. } else {
112. $subject = BEP_16 . " (#" . $orderID . ")!";
113. $infoForBooking = do_payment($orderID, getServiceSettings($serviceID, "payment_method"),null,$referrer);
114. }
115.  
116. //bw_dump($paymentBookingIngo);
117.  
118. $uid = md5($email . "FtTtffT");
119. $linkCancelReservation = "<a href=\"http://" . $_SERVER['SERVER_NAME'] . $baseDir . "manageReservation.php?email=" . urlencode($email) . "&uid=" . $uid . "\">link</a>";
120. ##################################################################################
121. # 4. SEND NOTICE TO ADMIN AND CUSTOMER
122. //send email to admin
123.  
124.  
125.  
126. $adminMail = getAdminMail();
127.  
128. $_startDate = dateToUTC($bookingData[0]['dateFrom']);
129. $_endDate = end($bookingData);
130. $_endDate = dateToUTC($_endDateIcal);
131.  
132.  
133.  
134.  
135.  
136. $eventURL = "http://{$_SERVER['SERVER_NAME']}".$baseDir."booking.php?serviceID={$serviceID}&date=". _date($_endDate);
137. $googleLinkData = array(
138. "action"=>"TEMPLATE",
139. "text"=> $serviceName,
140. "dates"=>date("Ymd",strtotime($_startDate))."T".date("His",strtotime($_startDate))."Z/".date("Ymd",strtotime($_endDate))."T".date("His",strtotime($_endDate))."Z",
141. "sprop"=>urlencode("website:{$eventURL}"),
142. "details"=>$serviceName,
143. "location"=>''
144. );
145. $googleLink = "http://www.google.com/calendar/event?".http_build_query($googleLinkData);
146.  
147. $data = array(
148. "{%name%}" => $name,
149. "{%serviceName%}" => $serviceName,
150. "{%email%}" => $email,
151. "{%phone%}" => $phone,
152. "{%comments%}" => $comments,
153. "{%status%}" => $status== 1?BOOKING_FRM_CONFIRMED:BOOKING_FRM_NOTCONFIRMED,
154. "_info" => $bookingData,
155. "{%collect%}" => ($status == 1 &&$price_per_spot>0 ? " (Please collect payment from customer)<br/>" : ""),
156. "{%currencyB%}" => getOption('currency_position') == 'b' ? getOption('currency') : "",
157. "{%currencyA%}" => getOption('currency_position') == 'a' ? getOption('currency') : "",
158. "{%tax%}" => number_format($paymentBookingIngo['tax'], 2),
159. "{%subtotal%}" => number_format($paymentBookingIngo['subAmount'], 2),
160. "{%_subtotal%}" => number_format($paymentBookingIngo['_subAmount'], 2),
161. "discount" => $paymentBookingIngo['discount'],
162. "{%coupon%}" => $couponCode,
163. "{%total%}" => number_format($paymentBookingIngo['amount'], 2),
164. "{%taxRate%}" => $paymentBookingIngo['taxRate'],
165. "_payment" => ($price_per_spot != 0 ? 1 : 0),
166. "_taxable" => !empty($paymentBookingIngo['tax']) ? 1 : 0,
167. "{%linkCancelReservation%}" => $linkCancelReservation,
168. "{%google_link%}"=>$googleLink,
169. "deposit"=>$paymentBookingIngo['deposit'],
170. "{%totalToPay%}"=>number_format($paymentBookingIngo['amountToPay'], 2)
171. );
172.  
173. sendMail($adminMail, $subject, "timeBookingConfirmationAdmin.php", $serviceID, $data);
174. //send email to customer
175.  
176.  
177.  
178. include_once './includes/export/booking_ical.php';
179. sendMailFile($email, $subject, "timeBookingConfirmationCustomer.php",$serviceID, $data,$ical_file);
180. //sendMail($email, $subject, "timeBookingConfirmationCustomer.php", $serviceID, $data,$ical_file);
181. //header("Location: thank-you.php");
182.  
183. if (($price_per_spot == 0 && $status!=1) || $paymentBookingIngo['amount']==0) {
184. if (getService($serviceID, "autoconfirm") && $paymentBookingIngo['amount']==0) {
185. $subject = EMAIL_SUBJ_CONFIRMED;
186. $data = array(
187. "{%name%}" => $name,
188. "{%status%}" => BOOKING_FRM_CONFIRMED,
189. "_info" => $bookingData,
190.  
191. );
192. sendMail($email, $subject, "timeBookingConfirmationStatus.php", $serviceID, $data);
193.  
194. $sql = "UPDATE bs_reservations SET status = 1 WHERE id='{$orderID}'";
195. $res = mysql_query($sql) or die("error autoconfirm booking!");
196. }
197. }
198. }
199. }
200. } else {
201. //throw error
202. $msg = "<div class='error_msg'>" . BEP_17 . "</div>";
203. }
204. } else {
205. $msg = "<div class='error_msg'>" . BEP_18 . "</div>";
206. $paypal_form = "";
207. }
208.  
209.  
210. ?>
211. <?php include "includes/header.php"?>
212. <script type="text/javascript">
213. $(function(){
214. if(($.browser.msie) && (($.browser.version == '7.0') ||($.browser.version == '8.0') )){
215. $("#back").show();
216. }
217. })
218. </script>
219. <div id="index">
220. <h1><?php echo BEP_14;?></h1>
221. <?php echo $msg;?>
222. <?php echo !$error?getOrderSummery($orderID):"";?>
223.  
224. <?php echo $infoForBooking?>
225. <br><br>
226. <?php
227. if(!empty($_SESSION['site']) && getOption('use_popup')=='0'){
228. echo "<a href='{$_SESSION['site']}' id='back'>".BACK_RETURN."</a>";
229. }else{
230. echo "<br/><br/><a href=\"http://". MAIN_URL."index.php?serviceID={$serviceID}\">".BEP_15."</a>";
231. }
232. ?>
233.  
234.  
235. <?php include "includes/footer.php"?>