PNG  IHDR pHYs   OiCCPPhotoshop ICC profilexڝSgTS=BKKoR RB&*! J!QEEȠQ, !{kּ> H3Q5 B.@ $pd!s#~<<+"x M0B\t8K@zB@F&S`cbP-`'{[! eDh;VEX0fK9-0IWfH  0Q){`##xFW<+*x<$9E[-qWW.(I+6aa@.y24x6_-"bbϫp@t~,/;m%h^ uf@Wp~<5j>{-]cK'Xto(hw?G%fIq^D$.Tʳ?D*A, `6B$BB dr`)B(Ͱ*`/@4Qhp.U=pa( Aa!ڈbX#!H$ ɈQ"K5H1RT UH=r9\F;2G1Q= C7F dt1r=6Ыhڏ>C03l0.B8, c˱" VcϱwE 6wB aAHXLXNH $4 7 Q'"K&b21XH,#/{C7$C2'ITFnR#,4H#dk9, +ȅ3![ b@qS(RjJ4e2AURݨT5ZBRQ4u9̓IKhhitݕNWGw Ljg(gwLӋT071oUX**| J&*/Tު UUT^S}FU3S ԖUPSSg;goT?~YYLOCQ_ cx,!k u5&|v*=9C3J3WRf?qtN (~))4L1e\kXHQG6EYAJ'\'GgSSݧ M=:.kDwn^Loy}/TmG X $ <5qo</QC]@Caaᄑ.ȽJtq]zۯ6iܟ4)Y3sCQ? 0k߬~OCOg#/c/Wװwa>>r><72Y_7ȷOo_C#dz%gA[z|!?:eAAA!h쐭!ΑiP~aa~ 'W?pX15wCsDDDޛg1O9-J5*>.j<74?.fYXXIlK9.*6nl {/]py.,:@LN8A*%w% yg"/6шC\*NH*Mz쑼5y$3,幄'L Lݛ:v m2=:1qB!Mggfvˬen/kY- BTZ(*geWf͉9+̳ې7ᒶKW-X潬j9(xoʿܔĹdff-[n ڴ VE/(ۻCɾUUMfeI?m]Nmq#׹=TR+Gw- 6 U#pDy  :v{vg/jBFS[b[O>zG499?rCd&ˮ/~јѡ򗓿m|x31^VwwO| (hSЧc3- cHRMz%u0`:o_F@8N ' p @8N@8}' p '#@8N@8N pQ9p!i~}|6-ӪG` VP.@*j>[ K^<֐Z]@8N'KQ<Q(`s" 'hgpKB`R@Dqj '  'P$a ( `D$Na L?u80e J,K˷NI'0eݷ(NI'؀ 2ipIIKp`:O'`ʤxB8Ѥx Ѥx $ $P6 :vRNb 'p,>NB 'P]-->P T+*^h& p '‰a ‰ (ĵt#u33;Nt̵'ޯ; [3W ~]0KH1q@8]O2]3*̧7# *p>us p _6]/}-4|t'|Smx= DoʾM×M_8!)6lq':l7!|4} '\ne t!=hnLn (~Dn\+‰_4k)0e@OhZ`F `.m1} 'vp{F`ON7Srx 'D˸nV`><;yMx!IS钦OM)Ե٥x 'DSD6bS8!" ODz#R >S8!7ّxEh0m$MIPHi$IvS8IN$I p$O8I,sk&I)$IN$Hi$I^Ah.p$MIN$IR8I·N "IF9Ah0m$MIN$IR8IN$I 3jIU;kO$ɳN$+ q.x* tEXtComment

Viewing File: /home/aqjktxqw/topcelebconnect.com/admin/inc/process2.php

<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css">

<!-- Include SweetAlert JavaScript -->
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<?php
require 'connection.php';
require 'contact/mail.php';
$SQL= "SELECT * FROM web ";
$query = mysqli_query($connection, $SQL);      
$info=mysqli_fetch_assoc($query);
$site_mail = $info["email"];

if(isset($_POST["add_celeb"])){
    //echo var_dump($_POST);
    // Check if file is uploaded successfully
    if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){
        // Use absolute path for uploads directory - FIXED PATH
        $dir = dirname(__DIR__) . "/uploads/"; // This goes from /admin/inc to /admin/uploads/
        
        // Create directory if it doesn't exist
        if (!is_dir($dir)) {
            mkdir($dir, 0755, true);
        }
        
        // Generate unique filename to avoid conflicts
        $originalName = $_FILES["photo"]["name"];
        $fileExtension = pathinfo($originalName, PATHINFO_EXTENSION);
        $uniqueFileName = uniqid() . '_' . time() . '.' . $fileExtension;
        $file = $dir . $uniqueFileName;

        // Check if file already exists
        if(file_exists($file)){
            $error = "Image already exists";
        }else{
            // Move uploaded file to the designated directory
            if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){
                // Store relative path for database
                $image = "uploads/" . $uniqueFileName;
                $name = $_POST["name"];
                $category_id = $_POST["category"];
                $detail = $_POST["about"];
                
                // Perform SQL injection prevention before executing the query
                $appearance_fee = mysqli_real_escape_string($connection, $_POST["appearance_fee"]);
                $sql = "INSERT INTO celeb (name, category_id, image, detail, appearance_fee) 
                        VALUES ('$name', '$category_id', '$image', '$detail', '$appearance_fee')";

                $query_celeb = mysqli_query($connection, $sql);

                if($query_celeb){
                    $success = "Celebrity added successfully";
                }else{
                    $error = "Error adding celebrity to the database";
                }
            }else{
                $error = "Error uploading image";
            }
        }
    }else{
        $error = "Failed to upload image";
    }
}else{
    
}



// edit celebrity 
if(isset($_POST["edit_celeb"])){
    $name = $_POST["name"];
    $category_id = $_POST["category"];
    $detail = $_POST["about"];
    $appearance_fee = mysqli_real_escape_string($connection, $_POST["appearance_fee"]);
    $id = $_POST["id"];

    // Check if new image is uploaded
    if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){
        $dir = "uploads/";
        $file = $dir . basename($_FILES["photo"]["name"]);

        if(!file_exists($file)){
            if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){
                $image = $file;
                $sql = "UPDATE celeb SET name='$name', category_id='$category_id', image='$image', detail='$detail', appearance_fee='$appearance_fee' WHERE id='$id'";
            } else {
                $error = "Error uploading image";
            }
        } else {
            $error = "Image already exists";
        }
    } else {
        // Update without changing image
        $sql = "UPDATE celeb SET name='$name', category_id='$category_id', detail='$detail', appearance_fee='$appearance_fee' WHERE id='$id'";
    }

    if(!isset($error)){
        $query = mysqli_query($connection, $sql);
        
        if($query){
            echo "<script>
                Swal.fire({
                    title: 'Success!',
                    text: 'Celebrity updated successfully!',
                    icon: 'success'
                }).then(() => {
                    window.location.href = 'index.php';
                });
            </script>";
        } else {
            $error = "Error updating celebrity in database";
        }
    }
}
if(isset($_POST["deposit"])){
 
    $dir = "admin/uploads/proof_"; // Directory to store uploaded images
        $file = $dir . basename($_FILES["photo"]["name"]);
            // Move uploaded file to the designated directory
            if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){
               // echo "file uploaded";
                    $amount= $_POST["amount"];
                    $crypto_name= $_POST["crypto_name"];
                    $id= $_POST["id"];
                    $proof= $file;

                    $sql="UPDATE `booking` SET `amount_paid` = '$amount', `payment_channel` = '$crypto_name', `payment_proof` = '$proof' WHERE `booking`.`id` = $id;";
                    $query = mysqli_query($connection, $sql);

                    if($query){
                       
                        echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
                        <script>
                        document.addEventListener("DOMContentLoaded", function() {
                            Swal.fire({
                                title: "Payment Successful",
                                text: "You payment for this booking was successfuly! kindly check your email for further informations",
                                icon: "success"
                            }).then(function() {
                                window.location.href = "thankyou.php";
                            });
                        });
                        </script>';
 // process email for user
 $sql_pay ="SELECT * FROM booking WHERE id= $id";

 $query_pay= mysqli_query($connection, $sql_pay);
 $result_pay= mysqli_fetch_assoc($query_pay);

 $name = $result_pay["name"];
 echo $email =  $result_pay["email"];
 $amount = $result_pay["amount_paid"];
 $channel = $result_pay["payment_channel"];
 $ref =  $result_pay["booking_ref"];

 $emailTemplate = file_get_contents('admin/inc/contact/payment_temp.php');

 // Replace placeholders in the email template with PHP variables
 $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
 $emailTemplate= str_replace('[url]', $logo, $emailTemplate);
 $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
 $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
 $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
 $emailTemplate = str_replace('[Amount]', $amount, $emailTemplate);
 $emailTemplate = str_replace('[crypto]', $channel, $emailTemplate);


//send mail

$recipients = array(
    $email,
    $site_mail,
    
);
foreach ($recipients as $recipient) {
    $mail->addAddress($recipient);
}
$mail->Subject ="Payment Confirmation";
$mail->Body = $emailTemplate;
//send the email
$mail->send();
    

                    }else{
                        echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
                        <script>
                        document.addEventListener("DOMContentLoaded", function() {
                            Swal.fire({
                                title: "Payment Not Complete",
                                text: "You payment for this booking was not successfuly! kindly contact us for assistance",
                                icon: "error"
                            }).then(function() {
                                window.location.href = "";
                            });
                        });
                        </script>';
                    }
}else{
    echo "File Not Move";
}
        }
    
// donation 
if(isset($_POST["donate_pay"])){
   // echo var_dump($_POST);
    $dir = "admin/uploads/proof_"; // Directory to store uploaded images
        $file = $dir . basename($_FILES["photo"]["name"]);
            // Move uploaded file to the designated directory
            if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){
               // echo "file uploaded";
                    $amount= $_POST["amount"];
                    $crypto_name= $_POST["crypto_name"];
                    $id= $_POST["id"];
                    $proof= $file;
                    $ref=$_SESSION["donate"]["ref"];

                    $sql="UPDATE `donate` SET `amount` = '$amount', `proof` = '$proof',
                     `payment_channel` = '$crypto_name' WHERE `donate`.`id` = $id;";
                    $query = mysqli_query($connection, $sql);

                    if($query){
                        echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
                        <script>
                        document.addEventListener("DOMContentLoaded", function() {
                            Swal.fire({
                                title: "Payment Successful",
                                text: "You payment for was successfuly! kindly check your email for further informations",
                                icon: "success"
                            }).then(function() {
                                window.location.href = "thankyou.php";
                            });
                        });
                        </script>';
                         // process email for user
                $sql_pay ="SELECT * FROM donate WHERE id= $id";

                $query_pay= mysqli_query($connection, $sql_pay);
                $result_pay= mysqli_fetch_assoc($query_pay);

                $name = $result_pay["name"];
                $email =  $result_pay["email"];
                $amount = $result_pay["amount"];
                $channel = $result_pay["payment_channel"];
                $ref =  $result_pay["ref"];

                $emailTemplate = file_get_contents('admin/inc/contact/payment_temp.php');

                // Replace placeholders in the email template with PHP variables
                $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
                $emailTemplate= str_replace('[url]', $logo, $emailTemplate);
                $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
                $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
                $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
                $emailTemplate = str_replace('[Amount]', $amount, $emailTemplate);
                $emailTemplate = str_replace('[crypto]', $channel, $emailTemplate);


                //send mail

                $recipients = array(
                    $email,
                    $site_mail,
                    
                );
                foreach ($recipients as $recipient) {
                    $mail->addAddress($recipient);
                }
                $mail->Subject ="Payment Confirmation";
                $mail->Body = $emailTemplate;
                //send the email
                $mail->send();
                    }else{
                        echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
                        <script>
                        document.addEventListener("DOMContentLoaded", function() {
                            Swal.fire({
                                title: "Payment Not Complete",
                                text: "You payment for was not successfuly! kindly contact us for assistance",
                                icon: "error"
                            }).then(function() {
                                window.location.href = "";
                            });
                        });
                        </script>';
                    }
}else{
    echo "File Not Move";
}
        }
    

        if(isset($_GET['delete_booking'])){
            $id =$_GET['delete_booking'];

            $sql= "DELETE FROM booking WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                $success ="Booking Deleted";
            }else{
                $error ="Error Deleting Boking";
            }
        }
        //delete donation
        if(isset($_GET['delete_donation'])){
            $id =$_GET['delete_donation'];

            $sql= "DELETE FROM donate WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                $success ="Donation Deleted Deleted";
            }else{
                $error ="Error Deleting Donation";
            }
        }

        //delete Orphan donation
        if(isset($_GET['delete_orphan_donation'])){
            $id =$_GET['delete_orphan_donation'];

            $sql= "DELETE FROM orphan_donate WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                $success ="Donation Deleted Deleted";
            }else{
                $error ="Error Deleting Donation";
            }
        }
        if(isset($_GET['approve_booking'])){
            $id =$_GET['approve_booking'];

            $sql= "UPDATE `booking` SET `status` = '1'  WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                $success ="Booking Approved";
                            // process email for user
 $sql ="SELECT * FROM booking WHERE id= $id";
 $query= mysqli_query($connection, $sql);
 $result= mysqli_fetch_assoc($query);
 $celeb_id =  $result["celeb_id"];
 $type_id =  $result["type_id"];
 //get celeb name
 $sql_celeb ="SELECT * FROM celeb WHERE id= $celeb_id";
 $query_celeb= mysqli_query($connection, $sql_celeb);
 $result_celeb= mysqli_fetch_assoc($query_celeb);
 //get booking type
 $sql_type ="SELECT * FROM type WHERE id= $type_id";
 $query_type = mysqli_query($connection, $sql_type);
 $result_type = mysqli_fetch_assoc($query_type);

 $name = $result["name"];
 $email =  $result["email"];
 $celeb =  $result_celeb["name"];
 $type =  $result_type["name"];
 $status=  "Approved";
 $action=  "Approved Successfuly";
 $subject=  "Booking Approved";


 $emailTemplate = file_get_contents('inc/contact/action_temp.php');

 // Replace placeholders in the email template with PHP variables
 $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
 $emailTemplate= str_replace('[status]', $status, $emailTemplate);
 $emailTemplate= str_replace('[action]', $action, $emailTemplate);
 $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
 $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
 $emailTemplate = str_replace('[Celebrity Name]', $celeb, $emailTemplate);
 $emailTemplate = str_replace('[Booking Type]', $type, $emailTemplate);


//send mail

$recipients = array(
    $email,
    $site_mail,
    
);
foreach ($recipients as $recipient) {
    $mail->addAddress($recipient);
}
$mail->Subject =$subject;
$mail->Body = $emailTemplate;
//send the email
$mail->send();

            }else{
                $error ="Error approving Boking";
            }
        }
        //declin booking
        if(isset($_GET['decline_booking'])){
            $id =$_GET['decline_booking'];

            $sql= "UPDATE `booking` SET `status` = '3'  WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                echo '
                <script>
    alert("Booking Declined")
</script>';
// process email for user
$sql ="SELECT * FROM booking WHERE id= $id";
$query= mysqli_query($connection, $sql);
$result= mysqli_fetch_assoc($query);
$celeb_id =  $result["celeb_id"];
$type_id =  $result["type_id"];
//get celeb name
$sql_celeb ="SELECT * FROM celeb WHERE id= $celeb_id";
$query_celeb= mysqli_query($connection, $sql_celeb);
$result_celeb= mysqli_fetch_assoc($query_celeb);
//get booking type
$sql_type ="SELECT * FROM type WHERE id= $type_id";
$query_type = mysqli_query($connection, $sql_type);
$result_type = mysqli_fetch_assoc($query_type);

$name = $result["name"];
$email =  $result["email"];
$celeb =  $result_celeb["name"];
$type =  $result_type["name"];
$status=  "Declined";
$action=  "Declined";
$subject=  "Booking Declined";


$emailTemplate = file_get_contents('inc/contact/action_temp.php');

// Replace placeholders in the email template with PHP variables
$logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
$emailTemplate= str_replace('[status]', $status, $emailTemplate);
$emailTemplate= str_replace('[action]', $action, $emailTemplate);
$emailTemplate = str_replace('[Name]', $name, $emailTemplate);
$emailTemplate = str_replace('[Email]', $email, $emailTemplate);
$emailTemplate = str_replace('[Celebrity Name]', $celeb, $emailTemplate);
$emailTemplate = str_replace('[Booking Type]', $type, $emailTemplate);


//send mail

$recipients = array(
   $email,
   $site_mail,
   
);
foreach ($recipients as $recipient) {
   $mail->addAddress($recipient);
}
$mail->Subject =$subject;
$mail->Body = $emailTemplate;
//send the email
$mail->send();
            }else{
                echo '
                <script>
    alert("Error declining Booking")
</script>';
            }
        }

// initiate donation
        if (isset($_POST["donate"])) {
          // echo var_dump($_POST);
           
            // Retrieve form data
            $name = $_POST["name"];
            $email = $_POST["email"];
            $phone = $_POST["phone"];
            $address = $_POST["street"] . ", " . $_POST["city"] . ", " . $_POST["state"] . ", " . $_POST["country"];
            $celeb = $_POST["celeb"];
            $note = $_POST["note"];
            $ref = "DN_" . rand(0, 100);
            
        
            // Prepare and execute SQL query
            $sql = "INSERT INTO `donate` (`name`, `ref`, `email`, `phone_number`, `address`, `celeb_id`, `note`)
            VALUES ('$name', '$ref', '$email', '$phone', '$address', '$celeb', '$note')
            ";
            $query = mysqli_query($connection, $sql);
        
            // Check if query was successful
            if ($query) {
                unset($_SESSION["booking"]);
                unset($_SESSION["ticket"]);
                unset($_SESSION["fan_card"]);
                unset($_SESSION["orphan_donate"]);
                $_SESSION["donate"] = array(
                    "ref" => $ref,
                    "key" => "1"
                );
                echo '
                <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
                    <script>
                    document.addEventListener("DOMContentLoaded", function() {
                        Swal.fire({
                            title: "Success!",
                            text: "Donation initiated successfully!.Kindly proceed to make your payment",
                            icon: "success"
                        }).then(function() {
                            window.location.href = "pay.php";
                        });
                    });
                    </script>
                    ';
                   
            } else {
               $error= "Error initiating donation";
            }
        }

// initiate orpahnage donation
        if (isset($_POST["orphan-donate"])) {
          // echo var_dump($_POST);
          
         
            // Retrieve form data
            $name = $_POST["name"];
            $email = $_POST["email"];
            $phone = $_POST["phone"];
            $address = $_POST["street"] . ", " . $_POST["city"] . ", " . $_POST["state"] . ", " . $_POST["country"];
            $celeb = $_POST["orphan_id"];
            $note = $_POST["note"];
            $ref = "OPH_" . rand(1000, 100000);
            
        
            // Prepare and execute SQL query
            $sql = "INSERT INTO `orphan_donate` (`name`, `ref`, `email`, `phone_number`, `address`, `orphan_id`, `note`)
            VALUES ('$name', '$ref', '$email', '$phone', '$address', '$celeb', '$note')
            ";
            $query = mysqli_query($connection, $sql);
        
            // Check if query was successful
            if ($query) {
                unset($_SESSION["booking"]);
                unset($_SESSION["ticket"]);
                unset($_SESSION["donate"]);
                unset($_SESSION["fan_card"]);
              
                $_SESSION["orphan_donate"] = array(
                    "ref" => $ref,
                    "key" => "1"
                );
                echo '
                <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
                    <script>
                    document.addEventListener("DOMContentLoaded", function() {
                        Swal.fire({
                            title: "Success!",
                            text: "Donation initiated successfully!.Kindly proceed to make your payment",
                            icon: "success"
                        }).then(function() {
                            window.location.href = "pay.php";
                        });
                    });
                    </script>
                    ';
                    

                   
            } else {
               $error= "Error initiating donation";
            }
        }


        if(isset($_POST["add_ticket"])){
            //echo var_dump($_POST);
            // Check if file is uploaded successfully
            if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){
                $dir = "uploads/"; // Directory to store uploaded images
                $file = $dir . basename($_FILES["photo"]["name"]);
        
                // Check if file already exists
                if(file_exists($file)){
                    $error = "Image already exists";
                }else{
                    // Move uploaded file to the designated directory
                    if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){
                        $image = $file;
                        $name = $_POST["name"];
                        $date = $_POST["date"];
                        $location = $_POST["location"];
                        $price = $_POST["price"];
        
                        
                        // Perform SQL injection prevention before executing the query
                        $sql = "INSERT INTO `ticket` (`name`, `date_event`, `location`, `thumbnail`, `price`) VALUES 
                        ('$name', '$date', '$location', '$image', '$price')";
                        $query_celeb = mysqli_query($connection, $sql);
        
                        if($query_celeb){
                            $success = "Ticket added successfully";
                        }else{
                            $error = "Error adding Ticket to the database";
                        }
                    }else{
                        $error = "Error uploading image";
                    }
                }
            }else{
                $error = "Failed to upload image";
            }
        }else{
            
        }
        
        if(isset($_GET['delete_ticket'])){
            $id =$_GET['delete_ticket'];

            $sql= "DELETE FROM ticket WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                $success ="Ticket Deleted";
            }else{
                $error ="Error Deleting Ticket";
            }
        }
        // delete purchase
        if(isset($_GET['delete_purchase'])){
            $id =$_GET['delete_purchase'];

            $sql= "DELETE FROM buy_ticket WHERE id=$id";
            $query = mysqli_query($connection, $sql);
            if($query){
                $success ="Ticket purchase Deleted";
            }else{
                $error ="Error Deleting Ticket purchase";
            }
        }

if(isset($_POST["buy_ticket"])){
            $name = $_POST["name"];
            $email = $_POST["email"];
            $Phone = $_POST["Phone"];
            $ticket_id = $_POST["id"];
            $event = $_POST["event"];
            $date = $_POST["date"];
            $ref = "TIC_".rand(0,time());

            
            // Perform SQL injection prevention before executing the query
            $sql = "INSERT INTO `buy_ticket` (`name`, `ticket_id`,`email`, `phone_number`, `ref`) VALUES 
            ('$name', '$ticket_id', '$email', '$Phone', '$ref')";
            $query_celeb = mysqli_query($connection, $sql);
            

            if($query_celeb){
                unset($_SESSION["booking"]);
                unset($_SESSION["donate"]);
                unset($_SESSION["orphan_donate"]);
                unset($_SESSION["fan_card"]);
                $_SESSION["ticket"]= $ref;
               echo '<script>
               // Display alert
               alert("Ticket Order successful. procced to make payment");
               
               // Redirect after the alert is closed
               window.location.href = "pay.php";
               </script>';
                // process email for user
        $sql_pay ="SELECT * FROM ticket WHERE id= $ticket_id";

        $query_pay= mysqli_query($connection, $sql_pay);
        $result_pay= mysqli_fetch_assoc($query_pay);

        $name = $name;
        $email =  $email;
        $phone =  $Phone;
        $ref = "TIC_".rand(0,time());
        $emailTemplate = file_get_contents('admin/inc/contact/ticket.php');

        // Replace placeholders in the email template with PHP variables
        $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
      
        $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
        $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
        $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
        $emailTemplate = str_replace('[phone]', $phone, $emailTemplate);
        $emailTemplate = str_replace('[event]', $event, $emailTemplate);
        $emailTemplate = str_replace('[Date]', $date, $emailTemplate);
        
        


        //send mail

        $recipients = array(
        $email,
        $site_mail,

        );
        foreach ($recipients as $recipient) {
        $mail->addAddress($recipient);
        }
        $mail->Subject ="Ticket Confirmation";
        $mail->Body = $emailTemplate;
        //send the email
        $mail->send();
            }else{
                $error = "Error adding Ticket to the database";
            }

        }
// PAY FOR TICKET
if(isset($_POST["ticket_pay"])) {
   // echo var_dump($_POST);
    $dir = "admin/uploads/"; // Directory to store uploaded images
    $file = $dir . basename($_FILES["photo"]["name"]);
    
    // Move uploaded file to the designated directory
    if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)) {
        $amount= $_POST["amount"];
        $crypto_name= $_POST["crypto_name"];
        $id = $_POST["id"];
        $proof= $file;

        $sql="UPDATE `buy_ticket` SET `amount_paid` = '$amount',  `proof` = '$proof' WHERE `ref` = '$id';";
        $query = mysqli_query($connection, $sql);

        if($query){
            echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
            <script>
            document.addEventListener("DOMContentLoaded", function() {
                Swal.fire({
                    title: "Payment Successful",
                    text: "You payment for was successfuly! kindly check your email for further informations",
                    icon: "success"
                }).then(function() {
                    window.location.href = "thankyou.php";
                });
            });
            </script>';
             //process email for user
        $sql_pay ="SELECT * FROM buy_ticket WHERE ref= '$id'";
        $query_pay= mysqli_query($connection, $sql_pay);
        $result_pay= mysqli_fetch_assoc($query_pay);
echo $id;
       echo  $name = $result_pay["name"];
        $email =  $result_pay["email"];
        $amount = $result_pay["amount_paid"];
       
        $ref =  $result_pay["ref"];

        $emailTemplate = file_get_contents('admin/inc/contact/payment_temp.php');

        // Replace placeholders in the email template with PHP variables
        $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
        $emailTemplate= str_replace('[url]', $logo, $emailTemplate);
        $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
        $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
        $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
        $emailTemplate = str_replace('[Amount]', $amount, $emailTemplate);
        


        //send mail

        $recipients = array(
            $email,
            $site_mail,
            
        );
        foreach ($recipients as $recipient) {
            $mail->addAddress($recipient);
        }
        $mail->Subject ="Payment Confirmation";
        $mail->Body = $emailTemplate;
        //send the email
        $mail->send();
        }else{
            echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
            <script>
            document.addEventListener("DOMContentLoaded", function() {
                Swal.fire({
                    title: "Payment Not Complete",
                    text: "You payment for was not successfuly! kindly contact us for assistance",
                    icon: "error"
                }).then(function() {
                    window.location.href = "";
                });
            });
            </script>';
        }
    } else {
        // Error moving file
        echo "File Not Moved";
    }
}

// PAY FOR orphanage donation
if(isset($_POST["orphan_pay"])) {
   // echo var_dump($_POST);
    $dir = "admin/uploads/"; // Directory to store uploaded images
    $file = $dir . basename($_FILES["photo"]["name"]);
    
    // Move uploaded file to the designated directory
    if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)) {
        $amount= $_POST["amount"];
        $crypto_name= $_POST["crypto_name"];
      echo  $id = $_POST["id"];
        $proof= $file;

        $sql="UPDATE `orphan_donate` SET `amount` = '$amount',  `proof` = '$proof' WHERE `ref` = '$id';";
        $query = mysqli_query($connection, $sql);

        if($query){
            
             //process email for user
        $sql_pay ="SELECT * FROM orphan_donate WHERE ref= '$id'";
        $query_pay= mysqli_query($connection, $sql_pay);
        $result_pay= mysqli_fetch_assoc($query_pay);
 $id;
         $name = $result_pay["name"];
        $email =  $result_pay["email"];
        $amount = $result_pay["amount"];
       
        $ref =  $result_pay["ref"];

        $emailTemplate = file_get_contents('admin/inc/contact/payment_temp.php');

        // Replace placeholders in the email template with PHP variables
        $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
        $emailTemplate= str_replace('[url]', $logo, $emailTemplate);
        $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
        $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
        $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
        $emailTemplate = str_replace('[Amount]', $amount, $emailTemplate);
        


        //send mail

        $recipients = array(
            $email,
            $site_mail,
            
        );
        foreach ($recipients as $recipient) {
            $mail->addAddress($recipient);
        }
        $mail->Subject ="Payment Confirmation";
        $mail->Body = $emailTemplate;
        //send the email
        $mail->send();
        echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
            <script>
            document.addEventListener("DOMContentLoaded", function() {
                Swal.fire({
                    title: "Payment Successful",
                    text: "You payment for was successfuly! kindly check your email for further informations",
                    icon: "success"
                }).then(function() {
                    window.location.href = "thankyou.php";
                });
            });
            </script>';
        }else{
            echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
            <script>
            document.addEventListener("DOMContentLoaded", function() {
                Swal.fire({
                    title: "Payment Not Complete",
                    text: "You payment for was not successfuly! kindly contact us for assistance",
                    icon: "error"
                }).then(function() {
                    window.location.href = "";
                });
            });
            </script>';
        }
    } else {
        // Error moving file
        echo "File Not Moved";
    }
}




        


if (isset($_POST["book"])) {
    // Retrieve form data
    $name = $_POST["name"];
    $email = $_POST["email"];
    $phone = $_POST["phone"];
    $address = $_POST["street"] . ", " . $_POST["city"] . ", " . $_POST["state"] . ", " . $_POST["country"];
    $celeb = $_POST["celeb"];
    $book_type = $_POST["book_type"];
    $date = $_POST["date"];
    $time = $_POST["time"];
    $note = $_POST["note"];
    $ref = "CEL_" . rand(0, time());

    // Prepare and execute SQL query
    $sql = "INSERT INTO `booking` (`booking_ref`, `name`, `email`, `phone_number`, `address`, `type_id`, `celeb_id`, `date_to_meet`, `time_to_meet`, `note`)
    VALUES ('$ref', '$name', '$email', '$phone', '$address', '$book_type', '$celeb', '$date', '$time', '$note')";
    $query = mysqli_query($connection, $sql);

    // Check if query was successful
    if ($query) {
        
        $_SESSION["booking"]= $ref;      
        unset($_SESSION["donate"]); 
        unset($_SESSION["fan_card"]); 
        unset($_SESSION["orphan_donate"]); 
        unset($_SESSION["ticket"]); 
        echo  '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
        <script>
        document.addEventListener("DOMContentLoaded", function() {
            Swal.fire({
                title: "Booking Successful",
                text: "Your Booking for was  successful!",
                icon: "success"
            }).then(function() {
                window.location.href = "pay.php";
            });
        });
        </script>';
       
  
               // process email for user
                $sql_celeb ="SELECT * FROM celeb WHERE id= $celeb";

                $query_celeb= mysqli_query($connection, $sql_celeb);
                $result_celeb= mysqli_fetch_assoc($query_celeb);

                $sql_type ="SELECT * FROM type WHERE id= $book_type";
                $query_type= mysqli_query($connection, $sql_type);
                $result_type= mysqli_fetch_assoc($query_type);
                
                
                $celebrityName= $result_celeb["name"];
                $book= $result_type["name"];
                $name = $_POST["name"];
                $email = $_POST["email"];
                $phone = $_POST["phone"];
                $address = $_POST["street"] . ", " . $_POST["city"] . ", " . $_POST["state"] . ", " . $_POST["country"];
                $celeb = $_POST["celeb"];
                $date = $_POST["date"];
                $time = $_POST["time"];
                $note = $_POST["note"];
                $ref = "CEL_" . rand(0, time());

                $emailTemplate = file_get_contents('admin/inc/contact/booking_confim.php');

                // Replace placeholders in the email template with PHP variables
                $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
                $emailTemplate= str_replace('[url]', $logo, $emailTemplate);
                $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
                $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
                $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
                $emailTemplate = str_replace('[phone]', $phone, $emailTemplate);
                $emailTemplate = str_replace('[Booking Type]', $book, $emailTemplate);
                $emailTemplate = str_replace('[Booking Date]', $date, $emailTemplate);
                $emailTemplate = str_replace('[Booking Time]', $time, $emailTemplate);
                $emailTemplate = str_replace('[Celebrity Name]', $celebrityName, $emailTemplate);
                //$emailTemplate = str_replace('[Booking Type]', $bookingType, $emailTemplate);
                //$emailTemplate = str_replace('[Additional Note]', $additionalNote, $emailTemplate);


    //send mail
    $recipients = array(
        $email,
        $site_mail,
        
    );
    foreach ($recipients as $recipient) {
        $mail->addAddress($recipient);
    }
    $mail->Subject ="Booking Confirmation";
    $mail->Body = $emailTemplate ;
    $mail->send();
   
    } else {
        echo "Error: " . mysqli_error($connection); // Output detailed error message
    }
}

 // contact form
 if(isset($_POST["send"])){
    $name = $_POST['name'];
   $email = $_POST['email'];
   $subject = $_POST['subject'];
   $message = $_POST['message'];
   
   // process email for user
   $sql ="SELECT * FROM web ";
   $query= mysqli_query($connection, $sql);
   $result= mysqli_fetch_assoc($query);
   $web_email= $result["email"];
   
   
   $emailTemplate = file_get_contents('admin/inc/contact/contactform_temp.html');
   
   // Replace placeholders in the email template with PHP variables
   
   
   $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
   $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
   $emailTemplate = str_replace('[message]', $message, $emailTemplate);
   
   //$emailTemplate = str_replace('[Booking Type]', $bookingType, $emailTemplate);
   //$emailTemplate = str_replace('[Additional Note]', $additionalNote, $emailTemplate);
   
   
   //send mail
   
   $mail->addAddress($web_email);// recepient email
   $mail->Subject = $subject;
   $mail->Body = $emailTemplate;
   if($mail->send()){
            echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
            <script>
            document.addEventListener("DOMContentLoaded", function() {
                Swal.fire({
                    title: "Email Sent Successfully",
                    text: "We will respond to you as soon as possible",
                    icon: "success"
                });
            });
            </script>';

   }else{
    echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
    <script>
    document.addEventListener("DOMContentLoaded", function() {
        Swal.fire({
            title: "Opps!",
               text: "A system error occured while processing your email. Please try again later",
               icon: "error"
        });
    });
    </script>';
   }
 
   }
   
   // add orphanage
   if(isset($_POST["add_orphanage"])){
    //echo var_dump($_POST);
    // Check if file is uploaded successfully
    if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){
        $dir = "admin/uploads/"; // Directory to store uploaded images
        $file = $dir . basename($_FILES["photo"]["name"]);

        // Check if file already exists
        if(file_exists($file)){
            $error = "Image already exists";
        }else{
            // Move uploaded file to the designated directory
            if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){
                $image = $file;
                $name = $_POST["name"];
                $detail = $_POST["about"];
                

                
                // Perform SQL injection prevention before executing the query
                $sql = "INSERT INTO orphanage (name, description, thumbnail) VALUES ('$name', '$detail', '$image')";
                $query_celeb = mysqli_query($connection, $sql);

                if($query_celeb){
                    $success = "Orphanage added successfully";
                }else{
                    $error = "Error adding Orphanage to the database";
                }
            }else{
                $error = "Error uploading image";
            }
        }
    }else{
        $error = "Failed to upload image";
    }
}else{
    
}

// delete orphange 
if (isset($_GET["delete_orphan"]) && !empty($_GET["delete_orphan"])){
    $id= $_GET["delete_orphan"];

    $SQL= "SELECT * FROM orphanage WHERE id = $id ";
    $query = mysqli_query($connection, $SQL);            
    $resul=mysqli_fetch_assoc($query);
    $image = $resul["thumbnail"];

    if(unlink("$image")){
    $sql= "DELETE FROM orphanage WHERE id= '$id'";
    $query= mysqli_query($connection, $sql);
    if ($query){
        echo " <script>
        alert('Orphanage deleted Sucessfuly' );
   
        </script>";

   }else{
    echo"
    <script>
    alert('Unable to Delete Orphanage' );

    </script>";
   }
}
}

// delete Fan card 
if (isset($_GET["delete_fan"]) && !empty($_GET["delete_fan"])){
    $id= $_GET["delete_fan"];

    $SQL= "SELECT * FROM fan_card WHERE id = $id ";
    $query = mysqli_query($connection, $SQL);            
    $resul=mysqli_fetch_assoc($query);
    $image = $resul["thumbnail"];

    if(unlink("$image")){
    $sql= "DELETE FROM fan_card WHERE id= '$id'";
    $query= mysqli_query($connection, $sql);
    if ($query){
        echo " <script>
        alert('Card deleted Sucessfuly' );
   
        </script>";

   }else{
    echo"
    <script>
    alert('Unable to Delete Fan card' );

    </script>";
   }
}
}

// Add fan card
if(isset($_POST["add_card"])){

    // Check if file is uploaded successfully
    if(isset($_FILES["photo"]) && $_FILES["photo"]["error"] == 0){

        // Directory to store uploaded images
        $dir = __DIR__ . "/../uploads/";
        
        // Generate a unique filename to avoid collisions
        $filename = uniqid() . '_' . basename($_FILES["photo"]["name"]);
        $file = $dir . $filename;

        // Web path to store in DB
        $image = '/admin/uploads/' . $filename;

        // Check if file already exists (should rarely happen due to uniqid)
        if(file_exists($file)){
            $error = "Image already exists";
        } else {
            // Move uploaded file to the designated directory
            if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)){

                // Get form data
                $name = mysqli_real_escape_string($connection, $_POST["name"]);
                $price = mysqli_real_escape_string($connection, $_POST["price"]);
                $description = mysqli_real_escape_string($connection, $_POST["description"]);

                // Insert into database
                $sql = "INSERT INTO `fan_card` (`name`, `description`, `price`, `thumbnail`) 
                        VALUES ('$name', '$description', '$price', '$image')";
                $query_celeb = mysqli_query($connection, $sql);

                if($query_celeb){
                    $success = "Card added successfully";
                } else {
                    $error = "Error adding Card to the database: " . mysqli_error($connection);
                }

            } else {
                $error = "Error uploading image";
            }
        }

    } else {
        $error = "Failed to upload image";
    }
}


if(isset($_GET['delete_ticket'])){
    $id =$_GET['delete_ticket'];

    $sql= "DELETE FROM ticket WHERE id=$id";
    $query = mysqli_query($connection, $sql);
    if($query){
        $success ="Ticket Deleted";
    }else{
        $error ="Error Deleting Ticket";
    }
}

// Apply for fan card 
if (isset($_POST["fan_app"])) {
    // echo var_dump($_POST);
     
      // Retrieve form data
      $id = $_POST["id"];
      $name = $_POST["name"];
      $email = $_POST["email"];
      $phone = $_POST["phone"];
      $address = $_POST["street"] . ", " . $_POST["city"] . ", " . $_POST["state"] . ", " . $_POST["country"];
      $celeb = $_POST["celeb"];
      $note = $_POST["note"];
      $ref = "FAN_" . rand (111, 9999);
      
  
      // Prepare and execute SQL query
      $sql = "INSERT INTO `buy_fancard` (`card_id`, `celeb_id`, `name`, `email`, `phone_number`, `ref`) VALUES
       ('$id', '$celeb', '$name', '$email', '$phone', '$ref');
      ";
      $query = mysqli_query($connection, $sql);
  
      // Check if query was successful
      if ($query) {
                unset($_SESSION["booking"]);
                unset($_SESSION["orphan_donate"]);
                unset($_SESSION["donate"]);
                unset($_SESSION["ticket"]);
              $_SESSION["fan_card"] = array(
                  "ref" => $ref,
                  "key" => "1"
              );
          echo '
          
          <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
              <script>
              document.addEventListener("DOMContentLoaded", function() {
                  Swal.fire({
                      title: "Success!",
                      text: "application initiated successfully!.Kindly proceed to make your payment",
                      icon: "success"
                  }).then(function() {
                      window.location.href = "pay.php";
                  });
              });
              </script>
              ';
             
      } else {
         $error= "Error initiating Application";
      }
  }

  // PAY FOR Fan card
if(isset($_POST["fancard_pay"])) {
    // echo var_dump($_POST);
     $dir = "admin/uploads/"; // Directory to store uploaded images
     $file = $dir . basename($_FILES["photo"]["name"]);
     
     // Move uploaded file to the designated directory
     if(move_uploaded_file($_FILES["photo"]["tmp_name"], $file)) {
         $amount= $_POST["amount"];
         $crypto_name= $_POST["crypto_name"];
       echo  $id = $_POST["id"];
         $proof= $file;
 
         $sql="UPDATE `buy_fancard` SET `amount_paid` = '$amount',  `proof` = '$proof' WHERE `ref` = '$id';";
         $query = mysqli_query($connection, $sql);
 
         if($query){
             
              //process email for user
         $sql_pay ="SELECT * FROM buy_fancard WHERE ref= '$id'";
         $query_pay= mysqli_query($connection, $sql_pay);
         $result_pay= mysqli_fetch_assoc($query_pay);
        $id;
        $name = $result_pay["name"];
         $email =  $result_pay["email"];
         $amount = $result_pay["amount_paid"];
        
         $ref =  $result_pay["ref"];
 
         $emailTemplate = file_get_contents('admin/inc/contact/payment_temp.php');
 
         // Replace placeholders in the email template with PHP variables
         $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
         $emailTemplate= str_replace('[url]', $logo, $emailTemplate);
         $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
         $emailTemplate = str_replace('[ref]', $ref, $emailTemplate);
         $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
         $emailTemplate = str_replace('[Amount]', $amount, $emailTemplate);
         
 
 
         //send mail
 
         $recipients = array(
             $email,
             $site_mail,
             
         );
         foreach ($recipients as $recipient) {
             $mail->addAddress($recipient);
         }
         $mail->Subject ="Payment Confirmation";
         $mail->Body = $emailTemplate;
         //send the email
         $mail->send();

         echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
             <script>
             document.addEventListener("DOMContentLoaded", function() {
                 Swal.fire({
                     title: "Payment Successful",
                     text: "You payment for was successfuly! kindly check your email for further informations",
                     icon: "success"
                 }).then(function() {
                     window.location.href = "thankyou.php";
                 });
             });
             </script>';
         }else{
             echo '<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
             <script>
             document.addEventListener("DOMContentLoaded", function() {
                 Swal.fire({
                     title: "Payment Not Complete",
                     text: "You payment for was not successfuly! kindly contact us for assistance",
                     icon: "error"
                 }).then(function() {
                     window.location.href = "";
                 });
             });
             </script>';
         }
     } else {
         // Error moving file
         echo "File Not Moved";
     }
 }

 // approve fan card
 if(isset($_GET['approve_card'])){
    $id =$_GET['approve_card'];

    $sql= "UPDATE `buy_fancard` SET `status` = '1'  WHERE id=$id";
    $query = mysqli_query($connection, $sql);
    if($query){
        $success ="Booking Approved";
                    // process email for user
$sql ="SELECT * FROM buy_fancard WHERE id= $id";
$query= mysqli_query($connection, $sql);
$result= mysqli_fetch_assoc($query);
$celeb_id =  $result["celeb_id"];
$fan_id =  $result["ref"];
$type_id =  $result["type_id"];
//get celeb name
$sql_celeb ="SELECT * FROM celeb WHERE id= $celeb_id";
$query_celeb= mysqli_query($connection, $sql_celeb);
$result_celeb= mysqli_fetch_assoc($query_celeb);
//get booking type
$sql_type ="SELECT * FROM type WHERE id= $type_id";
$query_type = mysqli_query($connection, $sql_type);
$result_type = mysqli_fetch_assoc($query_type);

$name = $result["name"];
$email =  $result["email"];
$celeb =  $result_celeb["name"];

$status=  "Approved";
$action=  "Approved Successfuly";
$subject=  "Fan Card Approved";


$emailTemplate = file_get_contents('inc/contact/card.html');

// Replace placeholders in the email template with PHP variables
$logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
$emailTemplate= str_replace('[status]', $status, $emailTemplate);
$emailTemplate= str_replace('[action]', $action, $emailTemplate);
$emailTemplate = str_replace('[Name]', $name, $emailTemplate);
$emailTemplate = str_replace('[Email]', $email, $emailTemplate);
$emailTemplate = str_replace('[Celebrity Name]', $celeb, $emailTemplate);
$emailTemplate = str_replace('[id]', $fan_id, $emailTemplate);


//send mail

$recipients = array(
$email,
$site_mail,

);
foreach ($recipients as $recipient) {
$mail->addAddress($recipient);
}
$mail->Subject =$subject;
$mail->Body = $emailTemplate;
//send the email
$mail->send();

    }else{
        $error ="Error approving Boking";
    }
}
//declin fan card
if(isset($_GET['decline_card'])){
    $id =$_GET['decline_card'];

    $sql= "UPDATE `buy_fancard` SET `status` = '3'  WHERE id=$id";
    $query = mysqli_query($connection, $sql);
    if($query){
        echo '
        <script>
alert("Fan Card Declined")
</script>';
// process email for user
  // process email for user
  $sql ="SELECT * FROM buy_fancard WHERE id= $id";
  $query= mysqli_query($connection, $sql);
  $result= mysqli_fetch_assoc($query);
  $celeb_id =  $result["celeb_id"];
  $fan_id =  $result["ref"];
  $type_id =  $result["type_id"];
  //get celeb name
  $sql_celeb ="SELECT * FROM celeb WHERE id= $celeb_id";
  $query_celeb= mysqli_query($connection, $sql_celeb);
  $result_celeb= mysqli_fetch_assoc($query_celeb);
  //get booking type
  $sql_type ="SELECT * FROM type WHERE id= $type_id";
  $query_type = mysqli_query($connection, $sql_type);
  $result_type = mysqli_fetch_assoc($query_type);
  
  $name = $result["name"];
  $email =  $result["email"];
  $celeb =  $result_celeb["name"];
  
  $status=  "Declined";
  $action=  "Declined";
  $subject=  "Fan Card Declined";
  
  
  $emailTemplate = file_get_contents('inc/contact/card.html');
  
  // Replace placeholders in the email template with PHP variables
  $logo= "../uploads/web/300456837_195914286197056_6259989243564983274_n.jpg";
  $emailTemplate= str_replace('[status]', $status, $emailTemplate);
  $emailTemplate= str_replace('[action]', $action, $emailTemplate);
  $emailTemplate = str_replace('[Name]', $name, $emailTemplate);
  $emailTemplate = str_replace('[Email]', $email, $emailTemplate);
  $emailTemplate = str_replace('[Celebrity Name]', $celeb, $emailTemplate);
  $emailTemplate = str_replace('[id]', $fan_id, $emailTemplate);
  
  
//send mail

$recipients = array(
$email,
$site_mail,

);
foreach ($recipients as $recipient) {
$mail->addAddress($recipient);
}
$mail->Subject =$subject;
$mail->Body = $emailTemplate;
//send the email
$mail->send();
    }else{
        echo '
        <script>
alert("Error declining Booking")
</script>';
    }
}
Back to Directory=ceiIENDB`