-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathplace_order.php
More file actions
36 lines (31 loc) · 1.26 KB
/
place_order.php
File metadata and controls
36 lines (31 loc) · 1.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
session_start();
include "db.php";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$user_id = $_SESSION['user_id'];
$address = mysqli_real_escape_string($conn, $_POST['address']);
$payment_method = mysqli_real_escape_string($conn, $_POST['payment_method']);
$total_price = 0;
foreach ($_SESSION['cart'] as $book_id => $qty) {
$book = $conn->query("SELECT price FROM books WHERE id = $book_id")->fetch_assoc();
$total_price += $book['price'] * $qty;
}
// Insert into orders
$conn->query("INSERT INTO orders (user_id, address, payment_method, total_price) VALUES (
$user_id, '$address', '$payment_method', $total_price
)");
$order_id = $conn->insert_id;
// Insert order items
foreach ($_SESSION['cart'] as $book_id => $qty) {
$book = $conn->query("SELECT price FROM books WHERE id = $book_id")->fetch_assoc();
$price = $book['price'];
$conn->query("INSERT INTO order_items (order_id, book_id, quantity, price) VALUES (
$order_id, $book_id, $qty, $price
)");
}
unset($_SESSION['cart']); // Clear cart after order
echo "<div class='container'><h4>✅ Order placed successfully! Order ID: $order_id</h4></div>";
} else {
echo "❌ Invalid request.";
}
?>