admin/39728-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
39728-vm/api/place_order.php
Flatlogic Bot 9b0dd7d971 sales update 2
2026-04-22 03:19:22 +00:00

153 lines
4.5 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../includes/app.php';
header('Content-Type: application/json; charset=utf-8');
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
echo json_encode(['success' => false, 'error' => 'Invalid method']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
if (!$input || empty($input['items'])) {
echo json_encode(['success' => false, 'error' => 'Cart is empty']);
exit;
}
$name = trim($input['name'] ?? '');
$phoneInput = trim($input['phone'] ?? '');
$phone = normalize_oman_phone($phoneInput);
$address = trim($input['address'] ?? '');
if ($name === '' || $phoneInput === '' || $address === '') {
echo json_encode(['success' => false, 'error' => 'Missing customer details']);
exit;
}
if ($phone === '') {
echo json_encode(['success' => false, 'error' => 'Phone must be an 8-digit Oman number']);
exit;
}
$items = $input['items'];
$subtotal = 0;
$totalVat = 0;
// Recalculate total for security
$db = db();
$processedItems = [];
foreach ($items as $id => $item) {
$qty = (int)$item['qty'];
if ($qty <= 0) continue;
// get price and vat from DB
$stmt = $db->prepare("SELECT sku, name, price, vat FROM items WHERE id = ?");
$stmt->execute([$id]);
$dbItem = $stmt->fetch();
if ($dbItem) {
$price = (float)$dbItem['price'];
$vatPercent = (float)($dbItem['vat'] ?? 0);
$lineTotal = $price * $qty;
$itemVat = $lineTotal * ($vatPercent / 100);
$subtotal += $lineTotal;
$totalVat += $itemVat;
$processedItems[] = [
'id' => $id,
'sku' => $dbItem['sku'],
'name' => $dbItem['name'],
'price' => $price,
'vat' => $vatPercent,
'vat_amount' => $itemVat,
'qty' => $qty,
'line_total' => $lineTotal
];
}
}
if (empty($processedItems)) {
echo json_encode(['success' => false, 'error' => 'Invalid items']);
exit;
}
$totalAmount = $subtotal + $totalVat;
try {
$db->beginTransaction();
$stmt = $db->prepare("INSERT INTO online_orders (customer_name, customer_phone, customer_address, items_json, subtotal, vat_amount, total_amount) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([
$name,
$phone,
$address,
json_encode($processedItems, JSON_UNESCAPED_UNICODE),
$subtotal,
$totalVat,
$totalAmount
]);
$orderId = (int) $db->lastInsertId();
sync_online_order_stock_reservation([], 'rejected', $processedItems, 'pending');
$db->commit();
// Optional: send telegram and WhatsApp notifications if configured
try {
$orderData = [
'id' => $orderId,
'customer_name' => $name,
'customer_phone' => $phone,
'customer_address' => $address,
'items' => $processedItems,
'subtotal' => $subtotal,
'vat_amount' => $totalVat,
'total_amount' => $totalAmount,
'status' => 'pending',
'created_at' => date('Y-m-d H:i:s'),
];
$msg = "🛒 *New Online Order #{$orderId}*
";
$msg .= "👤 {$name}
📞 " . phone_display($phone) . "
📍 {$address}
";
$msg .= "💰 Subtotal: " . currency($subtotal) . "
";
$msg .= "🧾 VAT: " . currency($totalVat) . "
";
$msg .= "💵 Total: " . currency($totalAmount) . "
";
$botToken = getenv('TELEGRAM_BOT_TOKEN') ?: get_setting('telegram_bot_token');
$chatId = getenv('TELEGRAM_CHAT_ID') ?: get_setting('telegram_chat_id');
if ($botToken && $chatId) {
$url = "https://api.telegram.org/bot{$botToken}/sendMessage";
$data = ['chat_id' => $chatId, 'text' => $msg, 'parse_mode' => 'Markdown'];
$options = [
'http' => [
'header' => "Content-type: application/x-www-form-urlencoded
",
'method' => 'POST',
'content' => http_build_query($data)
]
];
$context = stream_context_create($options);
@file_get_contents($url, false, $context);
}
if (wablas_is_configured()) {
wablas_notify_online_order($orderData, 'created');
}
} catch (Exception $e) {
// ignore notification errors
}
echo json_encode(['success' => true]);
} catch (Throwable $e) {
if ($db->inTransaction()) {
$db->rollBack();
}
echo json_encode(['success' => false, 'error' => 'Database error: ' . $e->getMessage()]);
}
Reference in New Issue View Git Blame Copy Permalink