-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathplace_order.php
More file actions
86 lines (69 loc) · 3.45 KB
/
place_order.php
File metadata and controls
86 lines (69 loc) · 3.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
<?php
include("header.php");
if ($_SERVER["REQUEST_METHOD"] === "POST") {
$user_id = $_SESSION['id'];
$productIds = isset($_POST['product_id']) ? explode(",", $_POST['product_id']) : [];
$quantities = isset($_POST['quantity']) ? explode(",", $_POST['quantity']) : [];
$selected_address = $_POST['selected_address'];
$payment_method = isset($_POST['payment_method']) ? $_POST['payment_method'] : null;
if (empty($payment_method)) {
echo "<script>alert('Please select a payment method!'); window.location.href='checkout.php';</script>";
exit();
}
if (empty($selected_address)) {
echo "<script>alert('Please select a shipping address!'); window.location.href='shipping_address.php';</script>";
exit();
}
$order_total = 0;
$order_details = [];
foreach ($productIds as $index => $product_id) {
$quantity = isset($quantities[$index]) ? $quantities[$index] : 1;
// Fetch stock details for the product
$query = "SELECT price, stocks_count FROM product WHERE p_id = '$product_id'";
$result = mysqli_query($conn, $query);
if ($result && mysqli_num_rows($result) > 0) {
$product = mysqli_fetch_assoc($result);
$price = $product['price'];
$stock = $product['stocks_count'];
// Check if stock is sufficient
if ($quantity > $stock) {
echo "<script>alert('Insufficient stock for product ID $product_id. Please adjust the quantity.'); window.location.href='show_cart.php';</script>";
exit();
}
$order_details[] = [
'product_id' => $product_id,
'quantity' => $quantity,
'price' => $price,
];
} else {
echo "<script>alert('Invalid product selected!'); window.location.href='cart.php';</script>";
exit();
}
}
// Insert order into the `orders` table
$order_query = "INSERT INTO orders(u_id, order_date, status, payment_method, address_id) VALUES ('$user_id', NOW(), 'Pending', '$payment_method', '$selected_address')";
if (mysqli_query($conn, $order_query)) {
$order_id = mysqli_insert_id($conn);
foreach ($order_details as $detail) {
$product_id = $detail['product_id'];
$quantity = $detail['quantity'];
$price = $detail['price'];
$order_total = $price * $quantity;
$detail_query = "INSERT INTO order_details (order_id, p_id, quantity, price) VALUES ('$order_id', '$product_id', '$quantity', '$order_total')";
mysqli_query($conn, $detail_query);
$update_stock_query = "UPDATE product SET stocks_count = stocks_count - $quantity WHERE p_id = '$product_id'";
mysqli_query($conn, $update_stock_query);
$adminOrderRequestQuery = "INSERT INTO admin_order_request (order_id, u_id, status) VALUES ($order_id, $user_id, 'Pending')";
mysqli_query($conn, $adminOrderRequestQuery);
}
$clear_cart_query = "DELETE FROM cart WHERE u_id = '$user_id'";
mysqli_query($conn, $clear_cart_query);
echo "<script>window.location.href='order_success.php?order_id=$order_id';</script>";
}
else {
echo "<script>alert('Failed to place the order. Please try again later.'); window.location.href='cart.php';</script>";
}
} else {
echo "<script>alert('Invalid request!'); window.location.href='cart.php';</script>";
}
?>