-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathapi-order.php
executable file
·64 lines (51 loc) · 1.99 KB
/
api-order.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php
require_once 'bootstrap.php';
require_once 'utils/functions.php';
if(isUserLoggedIn("customer")){
if(count($_SESSION["final_products"]) > 0){
$finalProducts = $_SESSION["final_products"];
switch($_POST["paymentRadio"]){
case "defaultCardRadio":
$cardNumber = htmlspecialchars($_POST["defaultCardNumber"]);
break;
case "altCardRadio":
if(isset($_POST["altCardNumber"])){
$cardNumber = htmlspecialchars($_POST["altCardNumber"]);
}else {
header("Location: checkout.php");
}
break;
}
$shipperName = htmlspecialchars($_POST["shipperCarrier"]);
switch($_POST["shippingRadio"]){
case "defaultShipping":
$city = NULL;
$address = NULL;
$postalCode = NULL;
break;
case "altShipping":
$city = htmlspecialchars($_POST["altCity"]);
$postalCode = intVal(htmlspecialchars($_POST["altPostalCode"]), 10);
$address = htmlspecialchars($_POST["altAddress"]);
break;
}
$email = htmlspecialchars($_SESSION["email"]);
/* We add the order */
$order_id = $dbh->addOrder($city, $postalCode, $address, date("Y-m-d"), $email, $cardNumber, $shipperName);
$finalProducts = $_SESSION["final_products"];
foreach($finalProducts as $product){
if(isset($product["print_id"])){
$dbh->addFinalProduct($product["title"], $product["technique_id"], $product["frame_id"], $product["passpartout_id"],
$product["width"], $product["height"], $order_id, $product["price"]);
}
}
$_SESSION["final_products"] = [];
$_SESSION["products_count"] = 0;
require 'index.php';
}else{
require 'index.php';
}
} else{
require 'login.php';
}
?>