169 lines
5.5 KiB
PHP
169 lines
5.5 KiB
PHP
<?php
|
|
require_once 'header.php';
|
|
require_once 'db/config.php';
|
|
|
|
$cart_items = [];
|
|
$total = 0;
|
|
|
|
if (isset($_SESSION['cart']) && !empty($_SESSION['cart'])) {
|
|
$product_ids = array_keys($_SESSION['cart']);
|
|
$placeholders = implode(',', array_fill(0, count($product_ids), '?'));
|
|
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare("SELECT * FROM products WHERE id IN ($placeholders)");
|
|
$stmt->execute($product_ids);
|
|
$products = $stmt->fetchAll();
|
|
|
|
foreach ($products as $product) {
|
|
$product_id = $product['id'];
|
|
$quantity = $_SESSION['cart'][$product_id];
|
|
$subtotal = $product['price'] * $quantity;
|
|
$total += $subtotal;
|
|
|
|
$cart_items[] = [
|
|
'id' => $product_id,
|
|
'name' => $product['name'],
|
|
'price' => $product['price'],
|
|
'quantity' => $quantity,
|
|
'subtotal' => $subtotal
|
|
];
|
|
}
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_cart'])) {
|
|
foreach ($_POST['quantities'] as $product_id => $quantity) {
|
|
if ($quantity > 0) {
|
|
$_SESSION['cart'][$product_id] = (int)$quantity;
|
|
} else {
|
|
unset($_SESSION['cart'][$product_id]);
|
|
}
|
|
}
|
|
header("Location: cart.php");
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['checkout'])) {
|
|
if (!isset($_SESSION['user_id'])) {
|
|
header("Location: login.php");
|
|
exit;
|
|
}
|
|
|
|
if (empty($cart_items)) {
|
|
header("Location: shop.php");
|
|
exit;
|
|
}
|
|
|
|
$pdo = db();
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
// Check if user has enough balance
|
|
$stmt = $pdo->prepare("SELECT balance FROM users WHERE id = ?");
|
|
$stmt->execute([$_SESSION['user_id']]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user['balance'] < $total) {
|
|
// Not enough balance
|
|
$pdo->rollBack();
|
|
// Redirect to cart with an error message
|
|
header("Location: cart.php?error=balance");
|
|
exit;
|
|
}
|
|
|
|
// Create order
|
|
$stmt = $pdo->prepare("INSERT INTO orders (user_id, total) VALUES (?, ?)");
|
|
$stmt->execute([$_SESSION['user_id'], $total]);
|
|
$order_id = $pdo->lastInsertId();
|
|
|
|
// Create order items
|
|
$stmt = $pdo->prepare("INSERT INTO order_items (order_id, product_id, quantity, price) VALUES (?, ?, ?, ?)");
|
|
foreach ($cart_items as $item) {
|
|
$stmt->execute([$order_id, $item['id'], $item['quantity'], $item['price']]);
|
|
}
|
|
|
|
// Deduct balance from user
|
|
$new_balance = $user['balance'] - $total;
|
|
$stmt = $pdo->prepare("UPDATE users SET balance = ? WHERE id = ?");
|
|
$stmt->execute([$new_balance, $_SESSION['user_id']]);
|
|
|
|
$pdo->commit();
|
|
|
|
// Clear cart
|
|
unset($_SESSION['cart']);
|
|
|
|
// Redirect to a success page
|
|
header("Location: order_success.php?order_id=" . $order_id);
|
|
exit;
|
|
|
|
} catch (Exception $e) {
|
|
$pdo->rollBack();
|
|
// Log the error
|
|
error_log($e->getMessage());
|
|
// Redirect to cart with a generic error
|
|
header("Location: cart.php?error=checkout");
|
|
exit;
|
|
}
|
|
}
|
|
?>
|
|
|
|
<header class="hero text-center">
|
|
<div class="container">
|
|
<h1 class="display-4">Shopping Cart</h1>
|
|
</div>
|
|
</header>
|
|
|
|
<main class="container my-5">
|
|
<?php if (isset($_GET['error'])): ?>
|
|
<div class="alert alert-danger">
|
|
<?php if ($_GET['error'] === 'balance'): ?>
|
|
You do not have enough balance to complete this purchase.
|
|
<?php else: ?>
|
|
An error occurred during checkout. Please try again.
|
|
<?php endif; ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<?php if (empty($cart_items)): ?>
|
|
<div class="text-center">
|
|
<p class="lead">Your cart is empty.</p>
|
|
<a href="shop.php" class="btn btn-primary">Continue Shopping</a>
|
|
</div>
|
|
<?php else: ?>
|
|
<form action="cart.php" method="POST">
|
|
<table class="table">
|
|
<thead>
|
|
<tr>
|
|
<th>Product</th>
|
|
<th>Price</th>
|
|
<th>Quantity</th>
|
|
<th>Subtotal</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($cart_items as $item): ?>
|
|
<tr>
|
|
<td><?php echo htmlspecialchars($item['name']); ?></td>
|
|
<td>$<?php echo htmlspecialchars(number_format($item['price'], 2)); ?></td>
|
|
<td>
|
|
<input type="number" name="quantities[<?php echo $item['id']; ?>]" value="<?php echo $item['quantity']; ?>" min="0" class="form-control" style="width: 100px;">
|
|
</td>
|
|
<td>$<?php echo htmlspecialchars(number_format($item['subtotal'], 2)); ?></td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
|
|
<div class="d-flex justify-content-between align-items-center">
|
|
<button type="submit" name="update_cart" class="btn btn-secondary">Update Cart</button>
|
|
<p class="fs-4">Total: $<?php echo htmlspecialchars(number_format($total, 2)); ?></p>
|
|
</div>
|
|
</form>
|
|
|
|
<form action="cart.php" method="POST" class="mt-3 text-end">
|
|
<button type="submit" name="checkout" class="btn btn-primary btn-lg">Checkout</button>
|
|
</form>
|
|
<?php endif; ?>
|
|
</main>
|
|
|
|
<?php require_once 'footer.php'; ?>
|