-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpurchaseHandler.php
More file actions
136 lines (105 loc) · 4.48 KB
/
purchaseHandler.php
File metadata and controls
136 lines (105 loc) · 4.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
<html lang="en">
<head>
<meta charset="UTF-8">
<?php
include "./includes/header.php"
?>
</head>
<body>
<?php
include "./includes/nav.php"
?>
<br>
<br>
<br>
<?php
session_start();
$memberid = 1; //debug only
$chargeid = "Randoomid"; //add payment gateway id here
if (isset($_SESSION['memberid'])) {
$memberid = $_SESSION['memberid'];
}
else {
echo "<meta http-equiv='refresh' content='0;url=./login.php'>";
return;
}
if ($_POST['results'] != "success") {
?>
<div class="page-header">
<h1>Purchase Failed</h1>
<h2><?php echo $_POST['results']?></h2>
<p>There was an error processing your order, please try again. If this persists, please contact our customer service!</p>
</div>
<?php
}
else {
$chargeid = $_POST['chargeid'];
$config = parse_ini_file('../../private/db-config.ini');
$conn = new mysqli($config['servername'], $config['username'], $config['password'], "project1004");
if ($conn->connect_error) {
$errorMsg = "Connection failed: " . $conn->connect_error;
echo $errorMsg;
$success = false;
}
else {
$stmt = $conn->prepare("SELECT * FROM cart where member_id = ?");
$stmt->bind_param("i", $memberid);
$stmt->execute();
$result = $stmt->get_result();
//echo $result->num_rows;
if ($result->num_rows > 0) {
$curdate = date("Y-m-d");
//CREATE sale in ORDERS table
$stmt3 = $conn->prepare("INSERT INTO orders (member_id, charge_id, transaction_date) VALUES (?, ?, ?)");
$stmt3->bind_param("iss", $memberid, $chargeid, $curdate);
$check = $stmt3->execute();
$orderID = $conn->insert_id;
while($row = $result->fetch_assoc()) {
$carId = $row["car_id"];
$qty = $row["qty"];
//the less efficient way for now
//should convert to bulk insert?
$stmt2 = $conn->prepare("INSERT INTO order_detail (order_id, car_id, qty) VALUES (?, ?, ?)");
$stmt2->bind_param("iii", $orderID, $carId, $qty);
$stmt2->execute();
$result2 = $conn->insert_id;
}
if ($check) {
//delete from cart after completion
$stmt = $conn->prepare("DELETE FROM cart where member_id = ?");
$stmt->bind_param("i", $memberid);
$stmt->execute();
$result = $stmt->get_result();
?>
<div class="page-header">
<h1>Purchase Successful</h1>
<h2>Thank you for your purchase!</h2>
<p>You will receive an invoice via your registered email. You may also check your order status in your profile</p>
<p>Order ID: #<?php echo $orderID; ?></p>
</div>
<?php
}
else {
?>
<div class="page-header">
<h1>Purchase Failed</h1>
<h2>Please try again!</h2>
<p>There was an error processing your order, please try again. If this persists, please contact our customer service!</p>
</div>
<?php
}
}
else {
?>
<div class="page-header">
<h1>Purchase Failed</h1>
<h2>Your Cart is empty!</h2>
<p>There was an error processing your order, please try again. If this persists, please contact our customer service!</p>
</div>
<?php
}
}
}
?>
</body>
</html>