-
Notifications
You must be signed in to change notification settings - Fork 0
/
checkout_process.php
89 lines (72 loc) · 2.62 KB
/
checkout_process.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
session_start();
include "db.php";
if (isset($_SESSION["uid"])) {
$f_name = $_POST["firstname"];
$email = $_POST['email'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip= $_POST['zip'];
$cardname= $_POST['cardname'];
$cardnumber= $_POST['cardNumber'];
$expdate= $_POST['expdate'];
$cvv= $_POST['cvv'];
$user_id=$_SESSION["uid"];
$cardnumberstr=(string)$cardnumber;
$total_count=$_POST['total_count'];
$prod_total = $_POST['total_price'];
$sql0="SELECT order_id from `orders_info`";
$runquery=mysqli_query($con,$sql0);
if (mysqli_num_rows($runquery) == 0) {
echo( mysqli_error($con));
$order_id=1;
}else if (mysqli_num_rows($runquery) > 0) {
$sql2="SELECT MAX(order_id) AS max_val from `orders_info`";
$runquery1=mysqli_query($con,$sql2);
$row = mysqli_fetch_array($runquery1);
$order_id= $row["max_val"];
$order_id=$order_id+1;
echo( mysqli_error($con));
}
$sql = "INSERT INTO `orders_info`
(`order_id`,`user_id`,`f_name`, `email`,`address`,
`city`, `state`, `zip`, `cardname`,`cardnumber`,`expdate`,`prod_count`,`total_amt`,`cvv`)
VALUES ($order_id, '$user_id','$f_name','$email',
'$address', '$city', '$state', '$zip','$cardname','$cardnumberstr','$expdate','$total_count','$prod_total','$cvv')";
if(mysqli_query($con,$sql)){
$i=1;
$prod_id_=0;
$prod_price_=0;
$prod_qty_=0;
while($i<=$total_count){
$str=(string)$i;
$prod_id_+$str = $_POST['prod_id_'.$i];
$prod_id=$prod_id_+$str;
$prod_price_+$str = $_POST['prod_price_'.$i];
$prod_price=$prod_price_+$str;
$prod_qty_+$str = $_POST['prod_qty_'.$i];
$prod_qty=$prod_qty_+$str;
$sub_total=(int)$prod_price*(int)$prod_qty;
$sql1="INSERT INTO `order_products`
(`order_pro_id`,`order_id`,`product_id`,`qty`,`amt`)
VALUES (NULL, '$order_id','$prod_id','$prod_qty','$sub_total')";
if(mysqli_query($con,$sql1)){
$del_sql="DELETE from cart where user_id=$user_id";
if(mysqli_query($con,$del_sql)){
echo"<script>window.location.href='store.php'</script>";
}else{
echo(mysqli_error($con));
}
}else{
echo(mysqli_error($con));
}
$i++;
}
}else{
echo(mysqli_error($con));
}
}else{
echo"<script>window.location.href='index.php'</script>";
}
?>