<? 
require('../connect.php'); 
session_start();
$styleAbout = 'class="navBoxSel"';
$rev_id=$_GET['id'];
$rev_email=$_GET['em'];
$rev_key=$_GET['key'];
if(isset($rev_id)&&isset($rev_email)&&isset($rev_key)){
	$q1 = "SELECT * FROM reviews WHERE rev_id='{$rev_id}' AND rev_email='{$rev_email}' AND rev_key='{$rev_key}' AND rev_confirm='0'";
	$r1 = mysql_query($q1) or die(mysql_error());
	$a1 = mysql_fetch_array($r1);
	$adid=$a1['rev_ad_id'];
	$rev_name=$a1['rev_name'];
	$rev_date=$a1['rev_date'];;
	$n1 = mysql_num_rows($r1);
	if ($n1>0){
		$q5 = "UPDATE reviews SET rev_key='', rev_confirm='1' WHERE rev_id='{$rev_id}'";
		$r5 =  mysql_query($q5) or die(mysql_error());
		$success=TRUE;
		
		// select advert and email advert owner
		$q2 = "SELECT * FROM ads WHERE adid='{$adid}'";
		$r2 = mysql_query($q2) or die(mysql_error());
		$a2 = mysql_fetch_array($r2);
		$ad_email = $a2['email'];
		$company_name=$a2['companyname'];
		$company_name_url=strtolower($company_name);
		$company_name_url=str_replace(" ","-",$company_name_url);
		
		// sending email
		$to  = "$company_name <$ad_email>";
		$subject = 'New Review on '.$company_name.' - YellowLeaf';
		$email_message = '
			<div style="margin-bottom:5px;">Dear <b>'.$company_name.'</b></div>
			<div>
			A YellowLeaf user has left a review on your profile page for \''.$company_name.'\' on '.date('d/m/Y',$rev_date).'. To manage and view all of your reviews, please click on the link below.<br><br>
			<a href="http://www.yellowleaf.co.uk/members/review.html?adid='.$adid.'">Click here to manage all reviews for '.$company_name.'.</a>
			</div>';
		
		// message template which includes $message and $email_message 
		include '../email_tmp/em_tmp.php';

		// To send HTML mail, the Content-type header must be set
		$headers  = 'MIME-Version: 1.0' . "\r\n";
		$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

		$headers .= 'From: YellowLeaf <support@yellowleaf.co.uk>' . "\r\n";
		mail($to, $subject, $message, $headers,"-f support@yellowleaf.co.uk");
		
		if($a2['review_on']=='1'){
			// reviews table
			$r7 = mysql_query("SELECT * FROM `reviews` WHERE `rev_ad_id` = '{$adid}' AND `rev_confirm`='1' AND `rev_spam`='0' ORDER BY rev_id DESC") or die(mysql_error());
			$rev_num_row = mysql_num_rows($r7);
			
			while($rev_row = mysql_fetch_array($r7)){
				$ratings[] = $rev_row['rev_rating'];
			}
			
			// company overall review rating
			$arr_sum = array_sum($ratings);
			$mean = $arr_sum  / $rev_num_row;
			$average = round($mean*2)/2; // round to the nearest half

			$r3 = mysql_query("UPDATE ads SET review_rate = '$average' WHERE adid = '$adid'") or die(mysql_error());
		}
				
		
	}else{$success=FALSE;} // fail if key is wrong
}else{$success=FALSE;} // if no id & email & key then fail

?>
<!DOCTYPE html>
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Review Confirmation - YellowLeaf UK</title>
<link href="/style.css" rel="stylesheet" type="text/css">
<script src="/js/js.js"></script>
</head>

<body>

<? include '../header.php'; ?>
<table class="tbwdth">
	<tr>
		<td style="line-height:22px;color:#666;" valign="top">
		<?if($success==TRUE){?>
		<span class="pgeHead">Thank you for your review!</span>
		<div style="margin-top:20px;">
		Thanks for submitting a review <?=$rev_name?>! Your review for '<?=$company_name?>' has been successfully confirmed and is now active on YellowLeaf.
		You can view your review by going on to the profile page for '<?=$company_name?>'.<br><br>
		<a class="button blue" style="border:0px;float:none;margin-top:10px" href="/pages/<?=$adid?>-<?=$company_name_url?>.html">Visit <?=$company_name?> Profile Page</a>
		</div>
		<?}else{?>
		<span class="pgeHead">ERROR!</span>
		<div style="margin-top:20px;">Confirmation failed! Please go back to your email and try again!</div>
		<?}?>
		</td>
	</tr>
</table>
<? include '../footer.php'; ?>

</body>

</html>