This commit is contained in:
Frank Harris 2025-11-09 21:26:49 -05:00
parent b697e0e91a
commit 4a4a660433

View file

@ -57,11 +57,9 @@ if ($user_id <= 0) {
exit;
}
// Connect to database
// Connect to database (non-fatal)
$db = @mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$db) {
die('Database connection failed. Please try again later.');
}
$db_error = '';
// Initialize variables
$invoices = [];
@ -72,11 +70,16 @@ $applied_coupon = null;
$error_message = '';
$success_message = '';
// Fetch unpaid invoices for this user
$query = "SELECT i.*, s.game_key, s.game_name
if (!$db) {
// record error for UI/debugging but do not die here
$db_error = 'Database connection failed: ' . mysqli_connect_error();
$cart_empty = true;
} else {
// Fetch unpaid invoices for this user. Select only invoice fields to avoid referencing
// columns that may not exist in all deployments (some schemas differ).
$query = "SELECT i.*
FROM {$table_prefix}billing_invoices i
LEFT JOIN {$table_prefix}billing_services s ON i.service_id = s.service_id
WHERE i.user_id = " . $user_id . " AND i.status = 'due'
WHERE i.user_id = " . intval($user_id) . " AND i.status = 'due'
ORDER BY i.invoice_date ASC";
$result = mysqli_query($db, $query);
@ -89,6 +92,7 @@ if ($result) {
}
$cart_empty = (count($invoices) === 0);
}
// Handle coupon application
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['apply_coupon'])) {
@ -98,6 +102,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['apply_coupon'])) {
$error_message = 'Please enter a coupon code.';
} else {
// Validate coupon
if (!$db) {
$error_message = 'Coupon system unavailable: database connection failed.';
} else {
$safe_code = mysqli_real_escape_string($db, $coupon_code);
$coupon_query = "SELECT * FROM {$table_prefix}billing_coupons
WHERE code = '$safe_code' AND is_active = 1";
@ -135,7 +142,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['apply_coupon'])) {
if (is_array($allowed_games) && count($allowed_games) > 0) {
$has_valid_game = false;
foreach ($invoices as $inv) {
if (in_array($inv['game_key'], $allowed_games)) {
$inv_game_key = isset($inv['game_key']) ? $inv['game_key'] : null;
if ($inv_game_key !== null && in_array($inv_game_key, $allowed_games)) {
$has_valid_game = true;
break;
}
@ -175,6 +183,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['remove_coupon'])) {
// Re-validate coupon from session if present
if (empty($applied_coupon) && isset($_SESSION['cart_coupon_code'])) {
$coupon_code = $_SESSION['cart_coupon_code'];
if ($db) {
$safe_code = mysqli_real_escape_string($db, $coupon_code);
$coupon_query = "SELECT * FROM {$table_prefix}billing_coupons
WHERE code = '$safe_code' AND is_active = 1";
@ -190,6 +199,7 @@ if (empty($applied_coupon) && isset($_SESSION['cart_coupon_code'])) {
unset($_SESSION['cart_coupon_id']);
}
}
}
// Calculate discount
if ($applied_coupon && $coupon_discount_percent > 0) {
@ -223,8 +233,8 @@ $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https:
$host = $_SERVER['HTTP_HOST'] ?? 'localhost';
$siteBase = $protocol . $host;
// Close database connection
mysqli_close($db);
// Close database connection if opened
if ($db) mysqli_close($db);
?>
<!DOCTYPE html>
<html lang="en">
@ -459,6 +469,11 @@ mysqli_close($db);
<?php include(__DIR__ . '/includes/menu.php'); ?>
<div class="cart-container">
<?php if (!empty($db_error)): ?>
<div class="alert-error" style="margin-bottom:15px;">
<strong>Database error:</strong> <?php echo htmlspecialchars($db_error); ?>
</div>
<?php endif; ?>
<h1>🛒 Shopping Cart</h1>
<?php if ($error_message): ?>