48 lines
1.5 KiB
PHP
48 lines
1.5 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
if (!isset($_SESSION['user_id'])) {
|
|
header("Location: login.php");
|
|
exit();
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$user_id = $_SESSION['user_id'];
|
|
$order_id = $_POST['order_id'];
|
|
$restaurant_id = $_POST['restaurant_id'];
|
|
$rating = $_POST['rating'];
|
|
$comment = $_POST['comment'];
|
|
|
|
// Validation
|
|
if (empty($order_id) || empty($restaurant_id) || empty($rating) || $rating < 1 || $rating > 5) {
|
|
// Handle error - redirect back to profile with an error message
|
|
$_SESSION['rating_error'] = "Invalid data provided.";
|
|
header("Location: profile.php");
|
|
exit();
|
|
}
|
|
|
|
// Check if the user has already rated this order
|
|
$stmt = $db()->prepare("SELECT id FROM ratings WHERE user_id = ? AND order_id = ?");
|
|
$stmt->execute([$user_id, $order_id]);
|
|
if ($stmt->fetch()) {
|
|
$_SESSION['rating_error'] = "You have already rated this order.";
|
|
header("Location: profile.php");
|
|
exit();
|
|
}
|
|
|
|
// Insert the rating
|
|
$stmt = $db()->prepare("INSERT INTO ratings (user_id, order_id, restaurant_id, rating, comment) VALUES (?, ?, ?, ?, ?)");
|
|
if ($stmt->execute([$user_id, $order_id, $restaurant_id, $rating, $comment])) {
|
|
$_SESSION['rating_success'] = "Thank you for your feedback!";
|
|
} else {
|
|
$_SESSION['rating_error'] = "Something went wrong. Please try again.";
|
|
}
|
|
|
|
header("Location: profile.php");
|
|
exit();
|
|
} else {
|
|
header("Location: profile.php");
|
|
exit();
|
|
}
|
|
?>
|