Sindbad~EG File Manager

Current Path : /home/beeson/public_html/helpwithmath/
Upload File :
Current File : //home/beeson/public_html/helpwithmath/Authorize.php

<?php 
session_start();
require_once('DB.php');
require_once('query.php');
if(is_null($_SESSION['CustomerID']) || is_null($_SESSION['OrderID']))
   header("Location:index.php");  // got here by typing in the URL maybe
$cid = $_SESSION['CustomerID'];
$oid = $_SESSION['OrderID'];   
if(!empty($_SESSION['PaymentType']))
   $ptype = $_SESSION['PaymentType'];
else 
   $ptype = "MasterCard";   
if(!empty($_SESSION['CustomerType']))
   $ctype = $_SESSION['CustomerType'];
else
   $ctype = "individual";   
if(!empty($_SESSION['SessionShippingMethodID']))
   $ShippingMethodID = $_SESSION['SessionShippingMethodID'];
else
   $ShippingMethodID = 1;  // download only
$format = "%01.2f"; // good for American currency, dollars and cents
function SqlDate($today)
// convert a PHP date object to a string in yyyy-mm-dd format
{  return $today['year'] . "-" . $today['mon'] . "-" . $today['mday'];
}

?>   
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- DW6 -->
<?php 
include ('include/head.php'); ?>
<body onmousemove="closesubnav(event);"> 
<?php include ('include/body.php'); ?>
  <div class="style1" id="pageName"> 
   <p></p>
  <h2> Payment Information and Authorization
	<img alt="MathXpert logo" src="TransparentMathXpertLogo.gif" height="50" width="118"/>
	</h2>
   <p class="glink">
   <strong>Your order: </strong> 
   <form name="OrderForm" action="Order2.php" method="post" >
   <table border="1" cellpadding=3> 
    <tr> <td>  <strong> Product </strong></td><td align=right><strong>Unit Price </strong></td><td><strong>Quantity</strong></td> <td> <strong>Price</strong></td></tr>
	<?php 
// first clear out any OrderDetail records with this OrderID.  This is needed in case the 
// user came here before, then used the back button instead of Confirm and Continue.
    $oid = $_SESSION['OrderID'];
	if(is_null($oid))
	  die();  // before we damage the database with a screwed up DELETE command
    $sql = "SELECT ProductName, Products.UnitPrice, Quantity, Discount FROM `Order Details` AND Products WHERE OrderID=$oid AND `Order Details`.ProductID=Products.ProductID;";
	$q = query($sql);
	$format = "%01.2f"; // good for American currency, dollars and cents
	$total = 0.0;
	while($q->fetchInto($row))
	   { $productid = $row[0]; 
		 $unitprice = sprintf($format,$row[1] * (1-row[3]));
		 $quantity = $row[2];
		 if($quantity == 0)
		   continue;
	     echo "<tr> <td>  $row[1] </td> <td align=right> $unitprice </td>";  // name and price
		 echo "<td align=right> $quantity </td>";  // number of that product ordered
		 $price = sprintf($format,$unitprice * $quantity);
		 $total += $price;
		 echo "<td align=right> $price </td>";		 
	  }
	$total = sprintf($format,$total);
	echo "<tr><td><strong>Subtotal</strong> </td> <td></td> <td></td> <td><strong>$total</strong></td></tr>";		
	$sql = SELECT FreightCharge FROM Orders WHERE OrderID='$OrderID';
	$q = query($sql);
	$q->fetchInto($row);
	$FreightCharge =  $row[0];
	echo "<tr><td><strong>Shipping</strong> </td> <td></td> <td></td> <td><strong>$FreightCharge</strong></td></tr>";		 
	$total += $FreightCharge;
	echo "<tr><td><strong>Total</strong> </td> <td></td> <td></td> <td><strong>$total</strong></td></tr>";		
	 ?>
   </table>
      <p>  This purchase is for <input type="radio" name="CustomerType"  value ="individual" <?php if($ctype == "individual") echo "checked"; ?>> an individual or family
		                   <input type="radio" name="CustomerType"  value ="company" <?php if($ctype == "company") echo "checked"; ?>>  a school or company.   (Your choice does not affect the price.)  </p>
       <p>  I will pay by <input type="radio" name="PaymentType"  value ="MasterCard" <?php if($ptype == "MasterCard") echo "checked"; ?>> MasterCard
		                   <input type="radio" name="PaymentType"  value ="Visa" <?php if($ptype == "Visa") echo "checked"; ?>> Visa
						   <input type="radio" name="PaymentType" value ="Purchase Order" <?php if($ptype == "PurchaseOrder") echo "checked"; ?>> Purchase order.
	  </p>
		
	    
   <h2>Delivery Options</h2>		
   <p> Whether or not you download MathXpert today, you can choose to receive MathXpert on a CD if you wish. <br> If you order a CD,
   it will be shipped on the next business day after today.</p>
   <table border="1" cellpadding=3>
	  <tr><td><strong>Shipping Method</strong></td> <td><strong>Cost</strong></td> <td></td></tr>
	  <tr><td>Download only, no CD</td><td>$0.0</td><td> <input type="radio" name="ShippingMethodID"  value ="1" <?php if($ShippingMethodID == 1) echo "checked"; ?>></td></tr>
	  <tr><td>US Mail (US destinations) </td> <td>$4.00</td><td> <input type="radio" name="ShippingMethodID"  value ="2" <?php if($ShippingMethodID == 2) echo "checked"; ?>></td></tr>
	  <tr><td>FedEx (US destinations)</td> <td>$14.00</td><td> <input type="radio" name="ShippingMethodID"  value ="3" <?php if($ShippingMethodID == 3) echo "checked"; ?>></td></tr>
	  <tr><td>Airmail (destinations outside the US)</td> <td>$6.00</td><td> <input type="radio" name="ShippingMethodID"  value ="4" <?php if($ShippingMethodID == 4) echo "checked"; ?>></td></tr>
	</table> 
		<p>
		<input type="submit" name="Submit" value="Confirm and continue">         
		</p>
   </form>
  </div>   
<?php include ('include/footer.php'); 
?>
</body>
</html>

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists