dbConnection(); $this->conn = $db; } public function runQuery($sql) { $stmt = $this->conn->prepare($sql); return $stmt; } public function is_logged_in() { if(isset($_SESSION['userSession'])) { return true; } } public function redirect($url) { header("Location: $url"); } public function logout() { session_destroy(); $_SESSION['userSession'] = false; } public function lasdID() { $stmt = $this->conn->lastInsertId(); return $stmt; } public static function SetCartId() { // If the cart ID hasn't already been set ... if (self::$_mCartId == '') { // If the visitor's cart ID is in the session, get it from there if (isset ($_SESSION['cart_id'])) { self::$_mCartId = $_SESSION['cart_id']; } // If not, check whether the cart ID was saved as a cookie elseif (isset ($_COOKIE['cart_id'])) { // Save the cart ID from the cookie self::$_mCartId = $_COOKIE['cart_id']; $_SESSION['cart_id'] = self::$_mCartId; // Regenerate cookie to be valid for 7 days (604800 seconds) setcookie('cart_id', self::$_mCartId, time() + 604800); } else { /* Generate cart id and save it to the $_mCartId class member, the session and a cookie (on subsequent requests $_mCartId will be populated from the session) */ self::$_mCartId = md5(uniqid(rand(), true)); // Store cart id in session $_SESSION['cart_id'] = self::$_mCartId; // Cookie will be valid for 7 days (604800 seconds) setcookie('cart_id', self::$_mCartId, time() + 604800); } } } public function monitor($activities) { try { //$at = date("Y-m-d","h:i:sa") ; $stmt = $this->conn->prepare("INSERT INTO monitor(activities) VALUES(:fn)"); $stmt->bindparam(":fn",$activities); //$stmt->bindparam(":at",$at); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } // Returns the current visitor's card id public function GetCartId() { // Ensure we have a cart id for the current visitor if (!isset (self::$_mCartId)) self::SetCartId(); return self::$_mCartId; } public function add_product_to_cart($cartid,$productid,$productquantity,$measure,$rs,$mk) { try { // check if the item has been added before and update the quantity if yes or add it as a new cart item if no $stmt = $this->conn->prepare("SELECT * FROM shopping_cart WHERE (product_id =:pid and cart_id =:cid)"); $stmt->bindparam(":pid",$productid) ; $stmt->bindparam(":cid",$cartid) ; $stmt->execute() ; $cartrow =$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() == 1) { // update the cart with the current product quantity $updatecart = $this->conn->prepare("update shopping_cart set quantity = :qt where (cart_id =:cid and product_id =:pid)") ; $updatecart->bindparam(":pid",$productid) ; $updatecart->bindparam(":cid",$cartid) ; $updatecart->bindparam(":qt",$productquantity) ; $updatecart->execute() ; return $updatecart ; } else { // add the item as a new item to the cart $buy = 1 ; $tdate = date("Y/m/d") ; $additem = $this->conn->prepare("insert into shopping_cart(cart_id, product_id,quantity,measure,buy_now, trans_date,resseller,market) values(:cid,:pid,:qt,:ms,:bn,:td,:rs,:mk)") ; $additem->bindparam(":cid", $cartid) ; $additem->bindparam(":pid", $productid) ; $additem->bindparam(":qt", $productquantity) ; $additem->bindparam(":ms", $measure) ; $additem->bindparam(":bn", $buy) ; $additem->bindparam(":td", $tdate) ; $additem->bindparam(":rs", $rs) ; $additem->bindparam(":mk", $mk) ; $additem->execute() ; return $additem ; } } catch(PDOException $ex) { echo $ex->getMessage(); } } public function remove_item_from_cart($cartid,$product_id) { try { $remove = $this->conn->prepare("delete from shopping_cart where (cart_id =:cid and product_id =:pid)") ; $remove->bindparam(":cid",$cartid) ; $remove->bindparam(":pid",$product_id) ; $remove->execute() ; return $remove ; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function update_cart_item($cartid, $productid,$quantity) { try { // update the cart with the current product quantity $updatecart = $this->conn->prepare("update shopping_cart set quantity = :qt where (cart_id =:cid and product_id =:pid)") ; $updatecart->bindparam(":pid",$productid) ; $updatecart->bindparam(":cid",$cartid) ; $updatecart->bindparam(":qt",$quantity) ; $updatecart->execute() ; return $updatecart ; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function get_cart_item ($cartid) { try { $getitem = $this->conn->prepare("select * from shopping_cart where cart_id = :cid") ; $getitem->bindparam(":cid",$cartid) ; $getitem->execute() ; return $getitem ; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function get_no_of_item_inmycart($cartid) { try { $itemno = $this->conn->prepare("select * from shopping_cart where cart_id = '$cartid'") ; $itemno->execute() ; $rows = $itemno->rowCount() ; return $rows ; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function createAdmin($user,$pwd,$code) { try { $password = md5($pwd); $stmt = $this->conn->prepare("INSERT INTO admin(username,pwd,tokenCode) VALUES(:un,:pw,:cd)"); // $stmt->bindparam(":std",$idno); $stmt->bindparam(":un",$user); $stmt->bindparam(":pw",$password); //$stmt->bindparam(":ph",$phone); //$stmt->bindparam(":lev",$level); $stmt->bindparam(":cd",$code); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function loginadmin($user,$upass) { try { $stmt = $this->conn->prepare("SELECT * FROM admin WHERE username =:us"); $stmt->execute(array(":us"=>$user)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() == 1) { //if($userRow['userStatus']=="Y") //{ if($userRow['pwd'] == md5($upass)) { $_SESSION['staff'] = $userRow['username']; //$_SESSION['level'] = $userRow['level']; return true; } else { header("Location: adlogin.php?errorp"); exit; } } else { header("Location: adlogin.php?errore"); exit; } } catch(PDOException $ex) { echo $ex->getMessage(); } } //} public function loginuser($user,$upass) { try { $stmt = $this->conn->prepare("SELECT * FROM admin WHERE username =:us"); $stmt->execute(array(":us"=>$user)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() == 1) { //if($userRow['userStatus']=="Y") //{ if($userRow['pwd'] == md5($upass)) { $_SESSION['staff'] = $userRow['staff_id_no']; $_SESSION['level'] = $userRow['level']; return true; } else { header("Location: adlogin.php?errorp"); exit; } } else { header("Location: adlogin.php?errore"); exit; } } catch(PDOException $ex) { echo $ex->getMessage(); } } //} function send_mail($email,$message,$subject) { require_once('mailer/class.phpmailer.php'); $mail = new PHPMailer(); $mail->IsSMTP(); $mail->SMTPDebug = 0; $mail->SMTPAuth = true; $mail->SMTPSecure = "ssl"; $mail->Host = "titano.protonhosting.com"; $mail->Port = 465; $mail->AddAddress($email); $mail->Username="info@afiamobileservices.com"; $mail->Password="Afiamob@2021"; $mail->SetFrom('info@afiamobileservices.com','AFIA MOBILE SERVICES'); $mail->AddReplyTo("info@afiamobileservices.com","AFIA MOBILE SERVICES"); $mail->Subject = $subject; $mail->MsgHTML($message); $mail->Send(); } public function customers($fname,$emails,$gender,$cty,$pwd,$rdate,$code) { try { $password = md5($pwd); $add = "nill" ; $city = "nill" ; $st = "nill" ; $phone = 'nill' ; $stmt = $this->conn->prepare("INSERT INTO customers(names,cemails,gender,phone,city,cstate,country,address,pwd,rdate,tokencode) VALUES(:fn,:cm,:gn,:ph,:ct,:st,:ctry,:ad,:pd,:rd,:cd)"); $stmt->bindparam(":fn",$fname); $stmt->bindparam(":cm",$emails); $stmt->bindparam(":gn",$gender); $stmt->bindparam(":ph",$phone); $stmt->bindparam(":ct",$city); $stmt->bindparam(":st",$st); $stmt->bindparam(":ctry",$cty); $stmt->bindparam(":ad",$add); $stmt->bindparam(":pd",$password); $stmt->bindparam(":rd",$rdate); $stmt->bindparam(":cd",$code); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function bookroom($date1,$date2,$rcat,$romeno,$guest,$tcost,$deposit,$bal,$bkid,$fname,$email,$ph,$idn,$adm) { try { $status = 'NOT CONFIRM' ; $tdate = date("Y-m-d") ; $stmt = $this->conn->prepare("INSERT INTO booking_table(bk_date,Ar_date,Dp_date,Room_category,Room_no,guest,T_cost,Deposit,Ballance,booking_id,customer,email,phones,id_no,confirm_status,staff) VALUES(:a,:b,:c,:d,:e,:f,:g,:h,:i,:j,:k,:l,:n,:o,:p,:m)"); $stmt->bindparam(":a",$tdate); $stmt->bindparam(":b",$date1); $stmt->bindparam(":c",$date2); $stmt->bindparam(":d",$rcat); $stmt->bindparam(":e",$romeno); $stmt->bindparam(":f",$guest); $stmt->bindparam(":g",$tcost); $stmt->bindparam(":h",$deposit); $stmt->bindparam(":i",$bal); $stmt->bindparam(":j",$bkid); $stmt->bindparam(":k",$fname); $stmt->bindparam(":l",$email); $stmt->bindparam(":n",$ph); $stmt->bindparam(":o",$idn); $stmt->bindparam(":p",$status); $stmt->bindparam(":m",$adm); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regstaff($stno,$fname,$phone,$emails,$gender,$res,$sec,$gua,$gp,$ctry,$st,$city,$adm) { try { $stmt = $this->conn->prepare("INSERT INTO staff_table(staff_id_no,names,phone_no,emails,gender,residential,sections,guarantor,guarantor_phones,country,states,city,createAt,Admin) VALUES(:idno,:fn,:ph,:em,:gn,:rs,:sec,:gua,:gp,:ctry,:st,:ct,NOW(),:ad)"); $stmt->bindparam(":idno",$stno); $stmt->bindparam(":fn",$fname); $stmt->bindparam(":ph",$phone); $stmt->bindparam(":em",$emails); $stmt->bindparam(":gn",$gender); $stmt->bindparam(":rs",$res); $stmt->bindparam(":sec",$sec); $stmt->bindparam(":gua",$gua); $stmt->bindparam(":gp",$gp); $stmt->bindparam(":ctry",$ctry); $stmt->bindparam(":st",$st); $stmt->bindparam(":ct",$city); $stmt->bindparam(":ad",$adm); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regdetails($name,$phone,$emails,$location,$admin) { try { $logo = 'null' ; $image = 'null'; $stmt = $this->conn->prepare("INSERT INTO hotel_details(ht_name,ht_location,ht_mails,ht_phones,ht_logo,ht_image,admin) VALUES(:hn,:hl,:hm,:hp,:hi,:him,:ad)"); $stmt->bindparam(":hn",$name); $stmt->bindparam(":hl",$location); $stmt->bindparam(":hm",$emails); $stmt->bindparam(":hp",$phone); $stmt->bindparam(":hi",$logo); $stmt->bindparam(":him",$image); $stmt->bindparam(":ad",$admin); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regrooms($cat,$sname,$adm) { try { $stmt = $this->conn->prepare("INSERT INTO rooms(Room_category,Room_no,CreatedAt,UpdatedAt,Staff) VALUES(:cat,:rn,NOW(),NOW(),:ad)"); $stmt->bindparam(":cat",$cat); $stmt->bindparam(":rn",$sname); //$stmt->bindparam(":pc",$price); $stmt->bindparam(":ad",$adm); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regsection($sname,$adm) { try { $stmt = $this->conn->prepare("INSERT INTO section(names,cdate,admin) VALUES(:fn,NOW(),:ad)"); $stmt->bindparam(":fn",$sname); $stmt->bindparam(":ad",$adm); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regserviceitems($sname) { try { $stmt = $this->conn->prepare("INSERT INTO serviceitems(names) VALUES(:fn)"); $stmt->bindparam(":fn",$sname); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regmenus($sname,$price) { try { $stmt = $this->conn->prepare("INSERT INTO menus(menu_names,price) VALUES(:fn,:pc)"); $stmt->bindparam(":fn",$sname); $stmt->bindparam(":pc",$price); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function regroomcategory($sname,$price,$adm) { try { $stmt = $this->conn->prepare("INSERT INTO room_category(category_name,price,rdate,admin) VALUES(:fn,:p,NOW(),:ad)"); $stmt->bindparam(":fn",$sname); $stmt->bindparam(":p",$price); $stmt->bindparam(":ad",$adm); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function change_password($emails,$pass) { try { $password = md5($pass); $stmt = $this->conn->prepare("update customers set pwd =:pd where cemails =:ml"); $stmt->bindparam(":pd",$password); $stmt->bindparam(":ml",$emails); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function change_pwd($emails,$pass) { try { $password = md5($pass); $stmt = $this->conn->prepare("update admin set pwd =:pd where staff_id_no =:ml"); $stmt->bindparam(":pd",$password); $stmt->bindparam(":ml",$emails); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function Resseler($mg,$sname,$phone1,$phone2, $emails,$country,$states,$cty,$pwd,$rsd,$rdate,$code) { try { $password = md5($pwd); $st = 'NOT ACTIVE' ; $stmt = $this->conn->prepare("INSERT INTO resseller(maneger,shop_name, phone_no, phone_no2,email_address,password,country,state,city,resseller_id,pdate,code,status) VALUES(:mg,:sn,:ph1,:ph2,:em,:pwd,:ctry,:st,:ct,:rs,:pd,:cd,:tus)"); $stmt->bindparam(":mg",$mg); $stmt->bindparam(":sn",$sname); $stmt->bindparam(":ph1",$phone1); $stmt->bindparam(":ph2",$phone2); $stmt->bindparam(":em",$emails); $stmt->bindparam(":pwd",$password); $stmt->bindparam(":ctry",$country); $stmt->bindparam(":st",$states); $stmt->bindparam(":ct",$cty); $stmt->bindparam(":rs",$rsd); $stmt->bindparam(":pd",$rdate); $stmt->bindparam(":cd",$code); $stmt->bindparam(":tus",$st); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function chkcustomers($fname,$emails,$gender,$phone,$cty,$pwd,$rdate,$code) { try { $password = md5($pwd); $add = "nill" ; $city = "nill" ; $st = "nill" ; //$phone = 'nill' ; $stmt = $this->conn->prepare("INSERT INTO customers(names,cemails,gender,phone,city,cstate,country,address,pwd,rdate,tokencode) VALUES(:fn,:cm,:gn,:ph,:ct,:st,:ctry,:ad,:pd,:rd,:cd)"); $stmt->bindparam(":fn",$fname); $stmt->bindparam(":cm",$emails); $stmt->bindparam(":gn",$gender); $stmt->bindparam(":ph",$phone); $stmt->bindparam(":ct",$city); $stmt->bindparam(":st",$st); $stmt->bindparam(":ctry",$cty); $stmt->bindparam(":ad",$add); $stmt->bindparam(":pd",$password); $stmt->bindparam(":rd",$rdate); $stmt->bindparam(":cd",$code); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } public function clogin($user,$upass) { try { $stmt = $this->conn->prepare("SELECT * FROM customers WHERE cemails=:us"); $stmt->execute(array(":us"=>$user)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() == 1) { if($userRow['pwd']==md5($upass)) { $_SESSION['userSession'] = $userRow['names']; $_SESSION['usermail'] = $userRow['cemails']; return true; } else { header("Location: signin.php?errorp"); exit; } } else { header("Location: signin.php?erroru"); exit; } } catch(PDOException $ex) { echo $ex->getMessage(); } } public function rlogin($user,$upass) { try { $stmt = $this->conn->prepare("SELECT * FROM resseller WHERE email_address=:us"); $stmt->execute(array(":us"=>$user)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() == 1) { if($userRow['password']==md5($upass)) { $_SESSION['adm'] = $userRow['maneger']; $_SESSION['user'] = $userRow['email_address']; $_SESSION['rs'] = $userRow['resseller_id']; //$_SESSION['user'] = $userRow['EMAILS']; $_SESSION['lv'] = 'RESSELLER'; $_SESSION['st'] = $userRow['state']; $_SESSION['ctry'] = $userRow['country']; $_SESSION['city'] = $userRow['city']; return true; } else { header("Location: rsignin.php?errorp"); exit; } } else { header("Location: rsignin.php?erroru"); exit; } } catch(PDOException $ex) { echo $ex->getMessage(); } } public function chklogin($user,$upass) { try { $stmt = $this->conn->prepare("SELECT * FROM customers WHERE cemails=:us"); $stmt->execute(array(":us"=>$user)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() == 1) { if($userRow['pwd']==md5($upass)) { $_SESSION['userSession'] = $userRow['names']; $_SESSION['usermail'] = $userRow['cemails']; return true; } else { header("Location: checkout.php?errorp"); exit; } } else { header("Location: checkout.php?erroru"); exit; } } catch(PDOException $ex) { echo $ex->getMessage(); } } public function update_address($address,$city, $names,$ctry,$states,$mobile,$mails,$gen) { try { $stmt = $this->conn->prepare("update customers set phone = :mb, address = :ad, gender =:sx, city =:ct, cstate =:st, country = :ctr, names =:nm where cemails = :ml") ; $stmt->bindparam(":mb",$mobile); $stmt->bindparam(":ad",$address); $stmt->bindparam(":ct",$city); $stmt->bindparam(":ctr",$ctry); $stmt->bindparam(":st",$states); $stmt->bindparam(":nm",$names); $stmt->bindparam(":ml",$mails); $stmt->bindparam(":sx",$gen); $stmt->execute(); return $stmt; } catch(PDOException $ex) { echo $ex->getMessage(); } } } ?>