-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcheckout.php
More file actions
29 lines (29 loc) · 1.39 KB
/
checkout.php
File metadata and controls
29 lines (29 loc) · 1.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
<?php
session_start(); //starts the session
if (isset($_SESSION['user']) && isset($_SESSION['totalprice'])){ //checks if user is logged in
} else {
header("location:home.php"); // redirects if user is not logged in
}
if($_SERVER['REQUEST_METHOD'] == "POST" && $_SESSION['totalprice']>0) {
$user = $_SESSION['user'];
$price = $_SESSION['totalprice'];
$address = $_POST['address'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$card = $_POST['card'];
$notes = $_POST['notes'];
$time = strftime("%X");//time
$date = strftime("%B %d, %Y");//date
$con = mysqli_connect("localhost", "id17778834_root", "-2JrCu|K*@hws%OX", "id17778834_dayonedb") or die(mysqli_error()); //Connect to server
mysqli_query($con, "INSERT INTO `orders` (user,price,address,fname,lname,card,time_posted,date_posted,notes,status) VALUES ('$user','$price','$address','$fname','$lname','$card','$time','$date','$notes','0')");
$order = mysqli_fetch_assoc(mysqli_query($con, "SELECT id FROM orders WHERE user='$user' ORDER BY id DESC LIMIT 1")); //finds empty value
$orderId = $order['id'];
mysqli_query($con,"UPDATE `cart` SET orderId=$orderId WHERE user='$user' AND orderId=0");
unset($_SESSION['price']);
echo '<script>alert("Thank you for your purchase!");
window.location.assign("user.php")</script>';
} else {
echo '<script>alert("You do not have any items in your cart!");
window.location.assign("cart.php")</script>';
}
?>