|
Server : Apache System : Linux p3plzcpnl507073.prod.phx3.secureserver.net 4.18.0-553.53.1.lve.el8.x86_64 #1 SMP Wed May 28 17:01:02 UTC 2025 x86_64 User : swg98tjyzel1 ( 5098476) PHP Version : 8.1.34 Disable Function : NONE Directory : /home/swg98tjyzel1/public_html/bityatra.com/ |
Upload File : |
<?php
ob_start();
/* --- IMPORTANT: allow config.php include --- */
define('SECURE_ACCESS', true);
include("config.php");
/* --- Get ID safely but do NOT kill the page if missing --- */
$id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
/* --- Fetch the record once (avoid duplicate queries) --- */
$chk = null;
if ($id > 0) {
$res = mysqli_query($con, "SELECT * FROM event_mandap_booking WHERE id={$id}");
if ($res) {
$chk = mysqli_fetch_array($res);
}
}
/* --- Mailer setup (kept as close to your original as possible) --- */
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
require 'vendor/autoload.php';
error_reporting(0); // keep your current behavior
$mail = new PHPMailer(true);
/* --- Handle form submit (kept same logic, light hardening) --- */
if (isset($_POST['submit'])) {
$fname = isset($_POST['fname']) ? trim($_POST['fname']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$phone = isset($_POST['phone']) ? trim($_POST['phone']) : '';
$address = isset($_POST['address']) ? trim($_POST['address']) : '';
$fdate = isset($_POST['fdate']) ? trim($_POST['fdate']) : '';
// Build email body (unchanged in spirit)
$message = '<html><body>';
$message .= "<p><b>Dear </b> " . htmlspecialchars($fname) . " </p><br/>";
$message .= "<p><strong>Greeting from Tours & Travel!</strong></p>";
$message .= "<p>You have sucessfully booking package.</p>";
$message .= "<p><b>Best Regards,</b></p>";
$message .= "<p><b>Tours & Travel Team</b></p><br/>";
$message .= "<p style='color:#ff0000'><b>Note : This is a system-generated e-mail. Please do NOT reply to it.</b></p>";
$message .= "</body></html>";
try {
$mail->isSMTP();
$mail->Host = 'mail.capellodgtl.com';
$mail->SMTPAuth = true;
$mail->Username = 'noreply@capellodgtl.com';
$mail->Password = 'I0@(AAx5E4eJ';
$mail->SMTPSecure = 'tls';
$mail->Port = 587;
// Your original used $name (undefined). Use a safe label here.
$mail->setFrom("noreply@capellodgtl.com", "Tours & Travel");
$mail->addAddress("satapathy.kunu@gmail.com", "Package Booking");
$mail->isHTML(true);
$mail->Subject = "Package Booking";
$mail->Body = $message;
$mail->send();
// Keep your insert logic; lightly escape to avoid malformed SQL
$pkgTitle = $chk && isset($chk['title']) ? $chk['title'] : '';
$iSql = sprintf(
"INSERT INTO booking_packages SET package_name='%s', name='%s', email='%s', phone='%s', address='%s', fdate='%s', tdate='%s', adults='%s', children='%s'",
$con->real_escape_string($pkgTitle),
$con->real_escape_string($fname),
$con->real_escape_string($email),
$con->real_escape_string($phone),
$con->real_escape_string($address),
$con->real_escape_string($fdate),
$con->real_escape_string(''),
$con->real_escape_string(''),
$con->real_escape_string('')
);
mysqli_query($con, $iSql);
?>
<script>
alert('Our team will get back to you in 1 business day.');
window.location = 'index.php';
</script>
<?php
exit;
} catch (Exception $e) {
echo " Error Message ";
exit;
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Required meta tags -->
<meta charset="utf-8">
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="author" content="Set Private Limited" />
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<!--[if IE]><meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'><![endif]-->
<title>Touran - Travel & Tour HTMl5 Template</title>
<!-- CSS (kept as-is) -->
<link rel="stylesheet" href="css/bootstrap.min.css">
<link rel="stylesheet" href="css/font-awesome.min.css">
<link rel="stylesheet" href="css/menu.css">
<link rel="stylesheet" href="css/custom-animation.css">
<link rel="stylesheet" href="css/style.css">
<link rel="stylesheet" href="css/responsive.css">
<link href="images/favicon.png" rel="shortcut icon" type="image/png">
</head>
<body>
<div class="preloader"></div>
<!-- Start Page Wrapper -->
<div class="page-wrapper">
<?php include "header.php"; ?>
<!-- Inner Section Start -->
<section class="inner-area parallax-bg" data-background="images/bg/px-2.jpg" data-type="parallax" data-speed="3">
<div class="container">
<div class="section-content">
<div class="row">
<div class="col-12">
<h4>Mandap Booking Details</h4>
<p>Home <a href="#">Mandap Booking Details</a></p>
</div>
</div>
</div>
</section>
</div>
<!-- Inner Section End -->
<!-- Special Packages Section Start -->
<section class="special-packages-sec pt-85 pb-60">
<div class="container">
<div class="row grid-mb">
<div class="col-xl-7 col-lg-8 col-md-10">
<div class="special-packages dtl-st">
<div class="thumb">
<?php if ($chk): ?>
<img src="upload_image/<?php echo htmlspecialchars($chk['image']); ?>" alt="" width="100%" height="420">
<div class="post-title-box">
<div class="price-box">
<h5 style="font-size:20px"><span>Rs</span><?php echo htmlspecialchars($chk['price']); ?></h5>
</div>
<div class="title-box">
<h4><?php echo ucwords(htmlspecialchars($chk['name'])); ?></h4>
<h3><?php echo htmlspecialchars($chk['address']); ?></h3>
</div>
</div>
<?php else: ?>
<!-- Graceful fallback if id missing or not found -->
<div style="padding:20px;background:#fff;border:1px solid #eee;border-radius:8px;">
<h4 style="margin-bottom:10px;">Details not available</h4>
<p>The requested mandap could not be found. Please go back and select a valid item.</p>
</div>
<?php endif; ?>
</div>
<div class="content" style="font-size:18px">
<?php
if ($chk) {
// content may include HTML from DB; output as-is like your original
echo $chk['content'];
}
?>
</div>
</div>
</div>
<div class="col-xl-5 col-lg-12" style="box-shadow: 2px 2px 2px 2px #888888;height:460px">
<div class="col-md-12 col-lg-12 style-2">
<h2 style="text-align:center;font-weight:bold">Enquiry Form</h2>
<form class="booking-form" method="post" action="">
<div class="form-group col-md-12">
<input type="text" name="fname" id="fname" class="form-control" placeholder="Name" required>
</div>
<div class="form-group col-md-12">
<input type="email" name="email" id="email" class="form-control" placeholder="Email" required>
</div>
<div class="form-group col-md-12">
<input type="text" name="phone" id="phone" class="form-control" placeholder="Phone No" required>
</div>
<div class="form-group col-md-12">
<input type="text" name="address" id="address" class="form-control" placeholder="Address" required>
</div>
<div class="form-group col-md-12">
<label>Booking Date</label>
<input type="date" name="fdate" id="fdate" class="form-control" required>
</div>
<div class="form-group col-md-4">
<div class="contact-textarea text-center">
<input name="submit" value="Submit" class="btn btn-theme" type="submit">
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</section>
<!-- Special Packages Section End -->
<?php include "footer.php"; ?>
</body>
</html>