-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcart.php
More file actions
121 lines (99 loc) · 3.94 KB
/
cart.php
File metadata and controls
121 lines (99 loc) · 3.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
include_once 'header.php';
include_once 'includes/dbh-inc.php';
//set time zone
date_default_timezone_set("America/New_York");
//remove book is user clicked remove under item
if(isset($_POST['bRemove'])){
$b2RemoveIndex = (int)mysqli_real_escape_string($connection, $_POST['bRemove']);
//remove from order array
unset($_SESSION['order'][$b2RemoveIndex]);
//resort array so there isn't an empty index
array_values($_SESSION['order']);
}
//calculate total cost of cart
$totalCost = 0;
if(isset($_SESSION['order'])) {
$books = $_SESSION['order'];
foreach ($books as $i => $book) {
$bCost = $books[$i]['orderAmt'] * $books[$i]['price'];
$totalCost += $bCost;
}
}
//check the user out
if (isset($_POST['order']) && isset($_SESSION['email'])) {
$shipAddr = mysqli_real_escape_string($connection, $_POST['shipaddr']);
$billAddr = mysqli_real_escape_string($connection, $_POST['billaddr']);
$cardNum = mysqli_real_escape_string($connection, $_POST['cardNum']);
//get the user
$email = $_SESSION['email'];
$sql = "SELECT * FROM user WHERE email='$email'";
$result = mysqli_query($connection, $sql);
$resultCheck = mysqli_num_rows($result);
//if no results then exit
if($resultCheck < 1){
header("Location: cart.php?user=error");
exit();
}
$user = mysqli_fetch_assoc($result);
if(isset($_SESSION['order'])) {
$books = $_SESSION['order'];
$orderDate = date("Y-m-d");
$userID = $user['id'];
foreach ($books as $i => $book) {
$bCost = $books[$i]['orderAmt'] * $books[$i]['price'];
$bQuantity = $books[$i]['orderAmt'];
$bOISBM = $books[$i]['id'];
$order = "INSERT INTO orders (shipaddr, billaddr, cardnum, ordered, quantity, cost, status, oisbm, oid)
VALUES ('$shipAddr', '$billAddr', '$cardNum', '$orderDate', '$bQuantity', '$bCost', 'in progress', '$bOISBM', '$userID')";
mysqli_query($connection, $order);
//remove from order array
unset($_SESSION['order'][$i]);
//resort array so there isn't an empty index
array_values($_SESSION['order']);
//update amount in books db
$bookUpdate = "UPDATE books SET quantity = (quantity - $bQuantity) WHERE id = '$bOISBM'";
mysqli_query($connection, $bookUpdate);
}
}
}
?>
<section class="cart-container">
<div class="cart-wrapper">
<h1>Cart</h1>
<hr>
<ul>
<?php
if(isset($_SESSION['order']) && count($_SESSION['order']) > 0) {
$books = $_SESSION['order'];
foreach ($books as $i => $book) {
echo '
<li>
<h3>' . $books[$i]['name'] . '</h3>
<p>'. $books[$i]['orderAmt'] . ' at $' . $books[$i]['price'] . ' each</p>
<p>' . '</p>
<form class="remove-form" action="cart.php" method="post">
<button type="submit" name="bRemove" value="' . $i . '">Remove</button>
</form>
</li>
';
}
} else {
echo '<h2>Cart is Empty</h2>';
}
?>
</ul>
<hr>
<h3><?php echo 'TOTAL: $' . $totalCost; ?></h3>
<hr>
<form class="signup-form" action="cart.php" method="post">
<input type="text" name="shipaddr" placeholder="Shipping Address*">
<input type="text" name="billaddr" placeholder="Billing Address*">
<input type="number" name="cardNum" minlength="16" maxlength="16" placeholder="Card Number*">
<button type="submit" name="order">Order</button>
</form>
</div>
</section>
<?php
include_once 'footer.php';
?>