I have a website that has two separate databases - customdbase2 and sfdsomni.
There are two problems I believe are caused by the system not pulling configs and coupons tables from the correct database:
1. Coupon amount is posted on the form, but the authorize.net transaction is for the non-coupon amount. The coupons table is in the customdbase2 database NOT the sfdsomni database.
2. Email is supposed to be generated (Thanks for signing up kind of thing). The email that goes through is blank. The configs tables contains the email text used to create the body of the message. The configs table is in the customdbase2 database NOT the sfdsomni database.
There is a form that uses authorize.net to process a credit card for customers to make purchases. I've tested it and the purchase works and it goes through but it does not apply the coupon to the price and processes the transaction without the coupon. After the transaction goes through, I get the following:
Thank you for signing up! You should receive an e-mail confirmation of your purchase soon. You may start right away by logging in here: http://www.x1234.com/driving/. Table 'sfdsomni.configs' doesn't exist
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in/home/content/90/11644390/html/www.x1234.com/includes/config.inc.php on line 296
Table 'sfdsomni.configs' doesn't existTable 'sfdsomni.configs' doesn't existTable 'sfdsomni.coupons' doesn't exist
It seems to be asking for the two tables "configs" and "coupons" from the sfdsomni db when it should be getting them from customdbase2. In session.inc.php the database connects to customdbase2 as $sqlbase and sfdsomni as @sqlbase_de. I have looked in buynow.php and it is setting a $global that looks suspicious.
<?
session_start();
// removed these slashes to turn on https 1-13-2014 1116am
if ($_SERVER[HTTPS] != "on") header("Location: https://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]);
// turn these off if you want to disable adding the users to the database
$adduser_normal = true;
$adduser_driversed = true;
$root_dir = "./";
require_once($root_dir."includes/config.inc.php");
require_once($root_dir."includes/overall_header.inc.php");
require_once($root_dir."includes/dbconnect.php");
$action = $_REQUEST[action];
if (empty($action)) $action = "showform";
$sqlbase = dbConnect();
$id = mysql_real_escape_string($_REQUEST[id]);
if (empty($id)) exit;
$sql = "SELECT * FROM packages WHERE packageID='$id'";
$query = mysql_query($sql, $sqlbase); echo mysql_error();
$pkg = mysql_fetch_array($query);
if (empty($pkg[packageID])) exit;
function create_uid()
{
global $sqlbase_de; /* THIS IS WHAT I AM SUSPICIOUS OF */
$size = 16;
$str = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
do {
do {
$id = "";
for($i=0;$i<$size;$i++) {
$id = $id . substr($str,mt_rand(0,strlen($str)-1),1);
}
$row = mysql_fetch_array(mysql_query("SELECT id FROM ac_users WHERE UID='".mysql_real_escape_string($id)."'", $sqlbase_de));
} while ($row);
} while(strlen($id) != 16);
return $id;
}
if ($action == "checkcoupon")
{
$sql = "SELECT * FROM coupons WHERE code='".mysql_real_escape_string($_REQUEST[code=auto:0])."' ".
"AND maxuses > timesused ".
"AND (expiration > NOW() OR expiration IS NULL)";
$query = mysql_query($sql); echo mysql_error();
$coup = mysql_fetch_array($query);
if ($coup[code=auto:0] && $coup[minpurchase] <= $pkg[price])
{
$_SESSION[couponID] = $coup[couponID];
$dollaroff = $coup[amount] / $pkg[payments];
$pkg[price] = number_format($pkg[price] - $dollaroff, "2", ".", ",");
$action = "showform";
}
elseif ($coup[code=auto:0])
{
echo "You entered a correct coupon code, however the minimum purchase price for this coupon is ".displayAsCurrency($coup[minpurchase]).". Please try again.";
$action = "applycoupon";
}
else
{
echo "You entered an invalid coupon code.<br /><br />";
$action = "applycoupon";
}
}
if ($_SESSION[couponID])
{
$sql = "SELECT * FROM coupons WHERE couponID='".mysql_real_escape_string($_SESSION[couponID])."' ";
$query = mysql_query($sql); echo mysql_error();
$coup = mysql_fetch_array($query);
}
$authnet_payments = $pkg[payments];
$authnet_charge = $pkg[price];
$product_title = $pkg[title];
$product_desc = $pkg[description];
if ($action == "applycoupon")
{
?>
<a href="<?= $_SERVER[PHP_SELF]; ?>?id=<?= $id; ?>">Back</a> to order form.<br /><br />
<form method="POST" action="<?= $_SERVER[PHP_SELF]; ?>">
<input type="hidden" name="action" value="checkcoupon" />
<input type="hidden" name="id" value="<?= $id; ?>">
Coupon Code: <input type="text" name="code" size="30" value="<?= $_REQUEST[code=auto:0]; ?>" /><br /><br />
<input type="submit" value="Apply Coupon" />
</form>
<?
}
