88 lines
2.9 KiB
PHP
88 lines
2.9 KiB
PHP
<?php
|
|
header('Content-Type: application/json');
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
// Check if user is logged in
|
|
if (!isset($_SESSION['user_id'])) {
|
|
http_response_code(401); // Unauthorized
|
|
echo json_encode(['error' => 'You must be logged in to complete a sale.']);
|
|
exit;
|
|
}
|
|
|
|
// Get cart data from POST body
|
|
$json_data = file_get_contents('php://input');
|
|
$cart = json_decode($json_data, true);
|
|
|
|
if (empty($cart) || !is_array($cart)) {
|
|
http_response_code(400); // Bad Request
|
|
echo json_encode(['error' => 'Invalid or empty cart data provided.']);
|
|
exit;
|
|
}
|
|
|
|
$pdo = db();
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
// 1. Calculate total and generate receipt number
|
|
$total_amount = 0;
|
|
foreach ($cart as $item) {
|
|
$total_amount += ($item['price'] * $item['quantity']);
|
|
}
|
|
$tax_amount = 0; // Assuming 0% tax for now
|
|
$receipt_number = 'SALE-' . date('Ymd-His') . '-' . strtoupper(uniqid());
|
|
$user_id = $_SESSION['user_id'];
|
|
|
|
// 2. Insert into `sales` table
|
|
$stmt = $pdo->prepare(
|
|
"INSERT INTO sales (receipt_number, total_amount, tax_amount, user_id) VALUES (?, ?, ?, ?)"
|
|
);
|
|
$stmt->execute([$receipt_number, $total_amount, $tax_amount, $user_id]);
|
|
$sale_id = $pdo->lastInsertId();
|
|
|
|
// 3. Insert into `sale_items` and update `inventory`
|
|
$sale_item_stmt = $pdo->prepare(
|
|
"INSERT INTO sale_items (sale_id, product_id, quantity, price_at_sale) VALUES (?, ?, ?, ?)"
|
|
);
|
|
$update_inventory_stmt = $pdo->prepare(
|
|
"UPDATE inventory SET quantity = quantity - ? WHERE product_id = ?"
|
|
);
|
|
|
|
// Check stock and lock rows before proceeding
|
|
foreach ($cart as $product_id => $item) {
|
|
$stmt = $pdo->prepare("SELECT quantity FROM inventory WHERE product_id = ? FOR UPDATE");
|
|
$stmt->execute([$product_id]);
|
|
$current_stock = $stmt->fetchColumn();
|
|
if ($current_stock === false || $current_stock < $item['quantity']) {
|
|
throw new Exception("Not enough stock for product: " . htmlspecialchars($item['name']));
|
|
}
|
|
}
|
|
|
|
// If all checks pass, insert items and update inventory
|
|
foreach ($cart as $product_id => $item) {
|
|
$sale_item_stmt->execute([$sale_id, $product_id, $item['quantity'], $item['price']]);
|
|
$update_inventory_stmt->execute([$item['quantity'], $product_id]);
|
|
}
|
|
|
|
// If we got here, everything is fine. Commit the transaction.
|
|
$pdo->commit();
|
|
|
|
// 4. Return success response
|
|
echo json_encode([
|
|
'success' => true,
|
|
'message' => 'Sale completed successfully!',
|
|
'sale_id' => $sale_id,
|
|
'receipt_number' => $receipt_number
|
|
]);
|
|
|
|
} catch (Exception $e) {
|
|
// An error occurred, roll back the transaction
|
|
if ($pdo->inTransaction()) {
|
|
$pdo->rollBack();
|
|
}
|
|
|
|
http_response_code(500); // Internal Server Error
|
|
echo json_encode(['error' => 'Failed to complete sale: ' . $e->getMessage()]);
|
|
}
|
|
?>
|