';
# Don't forget that for prices entered into the merchant upload panel, we have to multiply by 100 internally before storing it in the list_of_products table in the database churchma_PRODUCTS_OF_MERCHANTS. For example, if a merchant enters £1.20, we store it internally as 120 (1.20 * 100 = 120). This is because of Barclays ePDQ purposes.
# We use parameterised queries here.
# Our code should be nimble enough to detect whether the user has used a comma, and for what purpose? In European countries, prices are usually represented as - for example - 1,00 whereas in the UK the equivalent would be 1.00 . Furthermore, in the UK, one-thousand pounds is represented as 1,000.00 but in Europe it would be 1.000,00. Even though as of 15th July 2021, we only accept British currency (GBP), European users or those from a European background might still write numbers in this way. The simplest approach to this is to declare a statement in the form to the effect requesting British users to not use punctuation *at all*. E.g. 1000 is acceptable but neither is 1,000 or 1.000. This gets around a number of issues. We should also communicate to users not to enter currencies into the field.
# UPDATE 16th July 2021: I just stupidly realised that not using punctuation at all wouldn't be able to encompass values like 4.99 (four pounds and ninety-nine pence). So to get around this, what we do is *insist* to the end user that they must state prices in the format used in Britain. Furthermore, we use the input type in HTML designated "number" which only accepts numbers.
# In future versions, we might accept fields for languages other than English.This would require configuring the list_of_products table to have more columns to accommodate the various translations. We would also have to accommodate our form as well.
# These are the various business subscriptions ChurchMapped is selling as of 16th JULY 2021 (product id is in brackets) :
# BUSINESS SUBSCRIPTION - 1 MONTH : £14.99 + VAT per month (1)
# BUSINESS SUBSCRIPTION - 3 MONTHS: £11.99 + VAT per month (2)
# BUSINESS SUBSCRIPTION - 6 - MONTHS: £7.99 + VAT per month (3)
# BUSINESS SUBSCRIPTION - 1 YEAR: £4.99 + VAT per month (4)
# Note that the amounts are prepaid in advance, e.g. for the 3 months plan we enter 11.99 * 3 = 35.97 and then multiply by 100 for ePDQ purposes making 3597. This avoids having to periodically email the end user, which is quite complicated as far as ePDQ is concerned. Note that we do not include VAT into the database; this will be determined at checkout stage.
# When using MySQL stored procedures, as always, use mysqli_next_result().
# It is possible in a future stage of ChurchMapped, we can further gain revenue by creating an API that taps into the Merchant Upload Panel.
#We use this section to find out the details of a user's business subscription.
$queryToFindBusinessSubscribersDetails = 'SELECT * FROM churchma_USERS_ON_CHURCHMAPPED.user_subscription_details WHERE (business_user_id_on_churchmapped = ' . (int)$_SESSION['sessionCHURCHMAPPEDUSERID'] . ' ' . 'AND TIMESTAMPDIFF(MICROSECOND, NOW() - INTERVAL 7 DAY, date_of_expiration_of_subscription) > 0) AND (product_id_of_subscription = 1 OR product_id_of_subscription = 2 OR product_id_of_subscription = 3 OR product_id_of_subscription = 4)'; #What we want to find here are the list of businesses who have paid their business subscription.
$resultOfQueryToFindBusinessSubscribersDetails = mysqli_query($conn, $queryToFindBusinessSubscribersDetails);
# We use this segment to prepare for check if the merchant user has already submitted 10 items. If they have, we prevent the merchant from adding more.
mysqli_select_db($conn, "churchma_PRODUCTS_OF_MERCHANTS");
$dateOfToday = date("Y-m-d"); #dateOfToday gives the date of today according to the time on the server. The parameter "Y-m-d" gives the date in YYYY-MM-DD format.
$queryToFindNumberOfItemsSubmittedByMerchantAlready = 'SELECT * FROM `list_of_products` WHERE DATE(timestamp_of_when_product_or_service_was_added) =" ' . $dateOfToday . ' " AND merchant_id =' . (int)$_SESSION['sessionCHURCHMAPPEDUSERID']; #We check to see the number of items the merchant user has submitted today already.
$resultOfQueryToFindNumberOfItemsSubmittedByMerchantAlready = mysqli_query($conn, $queryToFindNumberOfItemsSubmittedByMerchantAlready); #This applies the mySQL query that attempts to see how many products the merchant has submitted this very day.
if($_SESSION['sessionTYPEOFUSER'] != "BUSINESS"){ #Both $_SESSION['sessionTYPEOFUSER'] and $_SESSION['sessionCHURCHMAPPEDUSERID'] should already be set in the script including this file.
die("Access forbidden. You must be a registered business on ChurchMapped to access this area."); #If the user is not on a Business account, we exit out of the script as they are forbidden here. Note that "!=" indicates "not equal to" (ignoring data type) whilst "!==" also considers data type.
}elseif(mysqli_num_rows($resultOfQueryToFindBusinessSubscribersDetails) <= 0 && ($_SESSION['sessionTYPEOFUSER'] == "BUSINESS" && $_SESSION['sessionCHURCHMAPPEDUSERID'] != 1)){ #We have to add the qualifier $_SESSION['sessionTYPEOFUSER'] == "BUSINESS" && $_SESSION['sessionCHURCHMAPPEDUSERID'] != 1 otherwise the user ChurchMapped (which should always have an ID of 1) would have to be forced to make a purchase of a business subscription in order to upload items, which does not make sense.
#We use this section to determine if the business user has paid their subscription fee. This is done by checking the table user_subscription_details in the database churchma_USERS_ON_CHURCHMAPPED. Within this table, we check the column date_of_expiration and see whether the merchant subscription today has passed the date_of_expiration. We can do this by using the TIMESTAMPDIFF function in MySQL. This takes three parameters: unit (e.g. SECOND, MINUTE, and so on), datetime expression 1, datetime expression 2. If the value returned is negative after using the following function,
# SELECT TIMESTAMPDIFF(MICROSECOND, NOW() - INTERVAL 7 DAY, date_of_expiration)
# Then it indicates that the subscription has expired and the functions should be disabled. We use INTERVAL 7 DAY (note that we subtract INTERVAL 7 DAY, not add) for the 7 day grace period.
# To clarify, TIMESTAMPDIFF works by substracting the second parameter from the third parameter. If the result is negative, it indicates the date/time has passed. Otherwise, if it is positive, it indicates the date/time is still to come. We use microsecond as we have to be precise (using DAY, for example, would allow a user an extra day or so).
# If the number of rows is 0 or less than 0 from $resultOfQueryToFindBusinessSubscribersDetails, this indicates that either the user has no subscription or whatever subscription they do have has ended.
echo 'Sadly, you either do not have a subscription or your subscription has now ended. Please visit ' . ' ' . $churchmappedMarketplaceWebsite . '' . ' ' . 'in order to purchase a subscription';
# We use the following area to echo the form but with all the fields disabled. However, we do not echo a submit button. The effect of this is to show to a user what they could potentially be missing out on.
}
elseif(mysqli_num_rows($resultOfQueryToFindNumberOfItemsSubmittedByMerchantAlready) >= 10){ #Here we prevent the user from submitting additional items if they have already submitted 10 this day. If they have already submitted 10 items,
echo 'Sadly, you have reached your daily limit of uploads for the day. Please try again tomorrow.';
}
else{
#Place main code of form here. This form should ask the following questions:
#"What is the name of the product or service you are providing?:" (The answer to this goes to product_name_english. We should only accept max 25 characters for this and no fewer than 0 characters).
#"Please provide a description of the product or service you are providing?" (The answer to this goes to product_description_english. We should accept max 1000 characters (because the description should allow the merchant to give a fuller account of the item) and no fewer than 0 characters).
# "How much does your item cost, excluding VAT (we will deal with that!)? Please provide a value that does not include the currency or decimal/comma separator. For example: 1000 , 400 , 300. Do NOT enter a value like £1.00 or 5,00." (The answer to this goes to product_price).
# "What category would you say your item or service falls under? Please select from the option below:" (The answer to this goes to category_of_product_by_sic_classification. We can call our stored procedure SELECTPRODUCTCATEGORIES(), which is based in the database churchma_PRODUCTS_OF_MERCHANTS. This returns a list of category codes corresponding to the SIC classification. The table format is (in this order): business_type_by_sic_code, business_type_sic_code, business_type_sic_description. We then echo it in the form of