<?php
/*
Line 1 : Make sure this file is included instead of requested directly
Line 2 : Check if step is defined and the value is two
Line 3 : The POST request must come from this page but the value of step is one
*/
if (!defined('WEB_ROOT')
|| !isset($_GET['step']) || (int)$_GET['step'] != 3
|| $_SERVER['HTTP_REFERER'] != 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?step=2') {
exit;
}
$errorMessage = '';
if (!isset($orderId) || (int)$orderId == 0) {
$errorMessage = "An error occured when saving your order. Please <a href=\"checkout.php?step=1\">click here</a> to repeat the checkout process";
}
// check for double order, this can happen if the customer accidentally
// hit the order button more than once and there are still some items in
// the cart table either because the server is heavily loaded and the cart
// table was still not updated or the customer order not including all item
// in the cart
if (isset($_SESSION['order_id']) && isset($_SESSION['order_time'])
&& time() - $_SESSION['order_time'] < 30) {
$errorMessage = "Your order is already been placed. The order id is {$_SESSION['order_id']}. This error message is shown
probably because you accidentally refresh this page";
} else {
$_SESSION['order_id'] = $orderId;
$_SESSION['order_time'] = time();
}
?>
<p> </p>
<table width="550" border="0" align="center" cellpadding="20" cellspacing="1" bgcolor="#666666">
<tr>
<td colspan="3" bgcolor="#FFFFFF">
<?php
if ($errorMessage) {
?>
<p id="errorMessage"><?php echo $errorMessage; ?></p>
<?php
} else {
?>
<p align="center">Thankyou For Shopping</p>
<p>Your order has been placed. The order id is <?php echo $orderId; ?>. Please use this order id should you
need to inquire about your order </p>
<?php
}
?>
</td>
</tr>
</table>
<p> </p>
<p align="center">
<input name="btnBack" type="submit" id="btnBack" value="Back To Shop" onClick="window.location.href='index.php';" class="box">
</p>
<p> </p>
<p> </p>
|