function insert_order($order_details)
{
global $HTTP_SESSION_VARS;
//extract order_details out as variables
extract($order_details);
//set shipping address same as address
if (!$ship_name && !$ship_address && !$ship_city && !$ship_state && !$ship_zip && !$ship_country) {
$ship_name = $name;
$ship_address = $address;
$ship_city = $city;
$ship_state = $state;
$ship_zip = $zip;
$ship_country = $country;
}
$conn = db_connect();
//insert customer address
$query = "select customerid from customers where \n name = '{$name}' and address = '{$address}' \n and city = '{$city}' and state = '{$state}' \n and zip = '{$zip}' and country = '{$country}'";
$result = mysql_query($query);
if (mysql_numrows($result) > 0) {
$customer_id = mysql_result($result, 0, 'customerid');
} else {
$query = "insert into customers values\n ('', '{$name}','{$address}','{$city}','{$state}','{$zip}','{$country}')";
$result = mysql_query($query);
if (!$result) {
return false;
}
}
$query = "select customerid from customers where \n name = '{$name}' and address = '{$address}' \n and city = '{$city}' and state = '{$state}' \n and zip = '{$zip}' and country = '{$country}'";
$result = mysql_query($query);
if (mysql_numrows($result) > 0) {
$customerid = mysql_result($result, 0, 'customerid');
} else {
return false;
}
$date = date('Y-m-d');
$query = "insert into orders values\n ('', {$customerid}, " . $HTTP_SESSION_VARS['total_price'] . ", '{$date}', 'PARTIAL', '{$ship_name}',\n '{$ship_address}','{$ship_city}','{$ship_state}','{$ship_zip}',\n '{$ship_country}')";
$result = mysql_query($query);
if (!$result) {
return false;
}
$query = "select orderid from orders where \n customerid = {$customerid} and \n amount > " . $HTTP_SESSION_VARS['total_price'] . "-.001 and\n amount < " . $HTTP_SESSION_VARS['total_price'] . "+.001 and\n date = '{$date}' and\n order_status = 'PARTIAL' and\n ship_name = '{$ship_name}' and\n ship_address = '{$ship_address}' and\n ship_city = '{$ship_city}' and\n ship_state = '{$ship_state}' and\n ship_zip = '{$ship_zip}' and\n ship_country = '{$ship_country}'";
$result = mysql_query($query);
if (mysql_numrows($result) > 0) {
$orderid = mysql_result($result, 0, 'orderid');
} else {
return false;
}
// insert each book
foreach ($HTTP_SESSION_VARS['cart'] as $isbn => $quantity) {
$detail = get_book_details($isbn);
$query = "delete from order_items where \n orderid = '{$orderid}' and isbn = '{$isbn}'";
$result = mysql_query($query);
$query = "insert into order_items values\n ('{$orderid}', '{$isbn}', " . $detail['price'] . ", {$quantity})";
$result = mysql_query($query);
if (!$result) {
return false;
}
}
return $orderid;
}
function insert_order($order_details)
{
extract($order_details);
if (!$ship_name && !$ship_address && !$ship_city && !$ship_state && $ship_zip && !$ship_country) {
$ship_name = $name;
$ship_address = $address;
$ship_city = $city;
$ship_state = $state;
$ship_zip = $zip;
$ship_country = $country;
}
$conn = db_connect();
$conn->autocommit(FALSE);
$query = "select customerid from customers where\n name='" . $name . "' and address='" . $address . "'\n and city='" . $city . "' and state='" . $state . "'\n and zip='" . $zip . "' and country='" . $country . "'";
$result = $conn->query($query);
if ($result->num_rows > 0) {
$customer = $result->fetch_object();
$customerid = $customer->customerid;
} else {
$query = "insert into customers values\n ('', '" . $name . "', '" . $address . "', '" . $city . "',\n '" . $city . "', '" . $state . "', '" . $zip . "', '" . $country . "')";
$result = $conn->query($query);
if (!$result) {
return false;
}
}
$customerid = $conn->insert_id;
$date = date('Y-m-d');
$query = "insert into orders values\n ('', '" . $customerid . "', '" . $_SESSION['total_price'] . "',\n '" . $date . "', '" . PARTIAL . "', '" . $ship_name . "',\n '" . $ship_address . "', '" . $ship_city . "',\n '" . $ship_state . "', '" . $ship_zip . "',\n '" . $ship_country . "')";
$result = $conn->query($query);
if (!$result) {
return false;
}
$query = "select orderid from orders where\n customerid = '" . $customerid . "' and\n amount > (" . $_SESSION['total_price'] . "-.001) and\n amount < (" . $_SESSION['total_price'] . "+.001) and\n date = '" . $date . "' and\n order_status = 'PARTIAL' and\n ship_name = '" . $ship_name . "' and\n ship_address = '" . $ship_address . "' and\n ship_city = '" . $ship_city . "' and\n ship_state = '" . $ship_state . "' and\n ship_zip = '" . $ship_zip . "' and\n ship_country = '" . $ship_country . "'";
$result = $conn->query($query);
if ($result->num_rows > 0) {
$order = $result->fetch_object();
$orderid = $order->orderid;
} else {
return false;
}
foreach ($_SESSION['cart'] as $isbn => $quantity) {
$detail = get_book_details($isbn);
$query = "delete from order_itens where\n orderid = '" . $orderid . "' and isbn='" . $isbn . "'";
$result = $conn->query($query);
$query = "insert into order_items values\n ('" . $orderid . "', '" . $isbn . "', '" . $detail['price'] . ", {$quantity}')";
$result = $conn->query($query);
if (!$result) {
return false;
}
}
$conn->commit();
$conn->autocommit(TRUE);
return $orderid;
}
unset($_SESSION['cart'][$isbn]);
} else {
$_SESSION['cart'][$isbn] = $_POST[$isbn];
}
// Cập nhật số lượng mới
}
$_SESSION['total_price'] = calculate_price($_SESSION['cart']);
$_SESSION['items'] = calculate_items($_SESSION['cart']);
}
?>
<?php
/*echo "<pre>";
// print_r($_SESSION);
echo "</pre>";*/
// Tiếp bài học 19.11.2015
if ($_SESSION['cart']) {
display_cart($_SESSION['cart']);
} else {
echo "<p>Giỏ hàng rỗng</p>";
echo "<hr>";
}
$url = "index.php?dk=loaisach";
if ($new) {
$detail = get_book_details($new);
if ($detail[catid]) {
$url = "index.php?dk=show_cart&catid={$detail['catid']}";
}
}
display_button($url, 'continue-shopping', 'Continue Shopping');
display_button('index.php?dk=checkout', 'go-to-checkout', 'Go-To-Checkout');
<?php
include 'book_sc_fns.php';
// The shopping cart needs sessions, so start one
session_start();
$isbn = $_GET['isbn'];
// get this book out of database
$book = get_book_details($isbn);
do_html_header($book['title']);
display_book_details($book);
// set url for "continue button"
$target = 'index.php';
if ($book['catid']) {
$target = 'show_cat.php?catid=' . $book['catid'];
}
// if logged in as admin, show edit book links
if (check_admin_user()) {
display_button("edit_book_form.php?isbn={$isbn}", 'edit-item', 'Edit Item');
display_button('admin.php', 'admin-menu', 'Admin Menu');
display_button($target, 'continue', 'Continue');
} else {
display_button("show_cart.php?new={$isbn}", 'add-to-cart', 'Add ' . $book['title'] . ' To My Shopping Cart');
display_button($target, 'continue-shopping', 'Continue Shopping');
}
do_html_footer();
function display_cart($cart, $change = true, $images = 1)
{
// display items in shopping cart
// optionally allow changes (true or false)
// optionally include images (1 - yes, 0 - no)
global $HTTP_SESSION_VARS;
echo '<table border = 0 width = 100% cellspacing = 0>
<form action = show_cart.php method = post>
<tr><th colspan = ' . (1 + $images) . ' bgcolor="#cccccc">Item</th>
<th bgcolor="#cccccc">Price</th><th bgcolor="#cccccc">Quantity</th>
<th bgcolor="#cccccc">Total</th></tr>';
//display each item as a table row
foreach ($cart as $isbn => $qty) {
$book = get_book_details($isbn);
echo '<tr>';
if ($images == true) {
echo '<td align = left>';
if (file_exists("images/{$isbn}.jpg")) {
$size = GetImageSize('images/' . $isbn . '.jpg');
if ($size[0] > 0 && $size[1] > 0) {
echo '<img src="images/' . $isbn . '.jpg" border=0 ';
echo 'width = ' . $size[0] / 3 . ' height = ' . $size[1] / 3 . '>';
}
} else {
echo ' ';
}
echo '</td>';
}
echo '<td align = left>';
echo '<a href = "show_book.php?isbn=' . $isbn . '">' . $book['title'] . '</a> by ' . $book['author'];
echo '</td><td align = center>$' . number_format($book['price'], 2);
echo '</td><td align = center>';
// if we allow changes, quantities are in text boxes
if ($change == true) {
echo "<input type = text name = \"{$isbn}\" value = \"{$qty}\" size = 3>";
} else {
echo $qty;
}
echo '</td><td align = center>$' . number_format($book['price'] * $qty, 2) . "</td></tr>\n";
}
// display total row
echo '<tr>
<th colspan = ' . (2 + $images) . " bgcolor=\"#cccccc\"> </td>\n <th align = center bgcolor=\"#cccccc\"> \n " . $HTTP_SESSION_VARS['items'] . "\n </th>\n <th align = center bgcolor=\"#cccccc\">\n \$" . number_format($HTTP_SESSION_VARS['total_price'], 2) . '</th>
</tr>';
// display save change button
if ($change == true) {
echo '<tr>
<td colspan = ' . (2 + $images) . '> </td>
<td align = center>
<input type = hidden name = save value = true>
<input type = image src = "images/save-changes.gif"
border = 0 alt = "Save Changes">
</td>
<td> </td>
</tr>';
}
echo '</form></table>';
}
function display_cart($cart, $change = true, $images = 1)
{
echo "<table border = \"0\" width=\"100%\" cellspacing=\"0\">\n <form action=\"show_cart.php\" method=\"post\">\n <tr><th colspan=\"" . (1 + $images) . "\" bgcolor=\"#cccccc\">Product</th>\n <th bgcolor=\"#cccccc\">Price</th>\n <th bgcolor=\"#cccccc\">Amount</th>\n <th bgcolor=\"#cccccc\">All</th>\n </tr>";
foreach ($cart as $isbn => $qty) {
$book = get_book_details($isbn);
echo "<tr>";
if ($images == true) {
echo "<td align=\"left\">";
if (file_exists("images/" . $isbn . ".jpg")) {
$size = GetImageSize("images/" . $isbn . ".jpg");
if ($size[0] > 0 && $size[1] > 0) {
echo "<img src=\"images/" . $isbn . ".jpg\"\n style=\"border: 1px solid black\"\n width=\"" . $size[0] / 3 . "\"\n height=\"" . $size[1] / 3 . "\"/>";
}
} else {
echo " ";
}
echo "</td>";
}
echo "<td align=\"left\">" . "<a href=\"show_book.php?isbn=" . $isbn . "\">" . $book['title'] . "</a>" . ", author " . $book['author'] . "</td>" . "<td align=\"center\">\$" . number_format($book['price'], 2) . "</td>" . "<td align=\"center\">";
if ($change == true) {
echo "<input type=\"text\" name=\"{$isbn}\" value=\"{$qty}\" size=\"3\">";
} else {
echo $qty;
}
echo "</td>\n <td align=\"center\">\$" . number_format($book['price'] * $qty, 2) . "</td>\n </tr>\n";
}
echo "<tr>\n <th colspan=\"" . (2 + $images) . "\" bgcolor=\"#cccccc\"> </td>\n <th align=\"center\" bgcolor=\"#cccccc\">" . $_SESSION['items'] . "</th>\n <th align=\"center\" bgcolor=\"#cccccc\">\n \$" . number_format($_SESSION['total_price'], 2) . "\n </th>\n </tr>";
if ($change == true) {
echo "<tr>\n <td colspan=\"" . (2 + $images) . "\"> </td>\n <td align=\"center\">\n <input type=\"hidden\" name=\"save\" value=\"true\" />\n <input type=\"image\" src=\"images/save-changes.gif\"\n border=\"0\" alt=\"Save Changes\" />\n </td>\n <td> </td>\n </tr>";
}
echo "</form></table>";
}
function insert_order()
{
extract($_SESSION['POST']);
if (!$ship_name && !$ship_address && !$ship_city && !$ship_state && !$ship_zip && !$ship_country) {
$ship_name = $name;
$ship_address = $address;
$ship_city = $city;
$ship_state = $state;
$ship_zip = $zip;
$ship_country = $country;
}
db_connect();
$sql = "select customerid from customers where\n\t\t\tname='{$name}' and address='{$address}' and\n\t\t\tcity = '{$city}' and state='{$state}' and\n\t\t\tzip='{$zip}' and country='{$country}'";
$kq = mysql_query($sql);
// Nếu khách hàng đã có thì lấy customerid của khách hàng đó
if (mysql_num_rows($kq) > 0) {
$customer = mysql_fetch_row($kq);
$customerid = $customer[0];
} else {
/*echo*/
$sql = "insert into customers values('','{$name}','{$address}','{$city}','{$state}','{$zip}','{$country}')";
$kq = mysql_query($sql);
if (!$kq) {
echo "1";
return false;
}
$customerid = mysql_insert_id();
}
$date = date('y-m-d');
/*echo*/
$sql = "insert into orders values('',{$customerid}," . $_SESSION['total_price'] . ",'{$date}','PARTIAL','{$ship_name}','{$ship_address}','{$ship_city}','{$ship_state}','{$ship_zip}','{$ship_country}')";
// PARTIAL chưa giao hàng
$kq = mysql_query($sql);
if (!$kq) {
/*{ echo "2";*/
return false;
}
echo $orderid = mysql_insert_id();
// Ghi vào bảng order_items các chi tiết ĐDH(Đơn Đặt Hàng)
//Có thì xóa ghi cái cái mới
foreach ($_SESSION['cart'] as $isbn => $quantity) {
$detail = get_book_details($isbn);
$sql = "delete from order_items where orderid ='{$orderid}' and isbn='{$isbn}'";
$kq = mysql_query($sql);
/*echo*/
$sql = "insert into order_items values('{$orderid}','{$isbn}'," . $detail['price'] . ",{$quantity})";
$kq = mysql_query($sql);
if (!$kq) {
/*{ echo "2";*/
return false;
}
}
return $orderid;
}
<?php
// include function files for this application
require_once 'book_sc_fns.php';
session_start();
do_html_header('Edit book details');
if (check_admin_user()) {
if ($book = get_book_details($HTTP_GET_VARS['isbn'])) {
display_book_form($book);
} else {
echo 'Could not retrieve book details.<br />';
}
do_html_url('admin.php', 'Back to administration menu');
} else {
echo 'You are not authorized to enter the administration area.';
}
do_html_footer();
<?php
// include function files for this application
require_once 'book_sc_fns.php';
session_start();
do_html_header("Edit book details");
if (check_admin_user()) {
if ($book = get_book_details($_GET['isbn'])) {
display_book_form($book);
} else {
echo "<p>Could not retrieve book details.</p>";
}
do_html_url("admin.php", "Back to administration menu");
} else {
echo "<p>You are not authorized to enter the administration area.</p>";
}
do_html_footer();
function display_cart($cart, $change = true, $images = 1)
{
// display items in shopping cart
// optionally allow changes (true or false)
// optionally include images (1 - yes, 0 - no)
echo "<table border=\"0\" width=\"100%\" cellspacing=\"0\">\r\n <form action=\"show_cart.php\" method=\"post\">\r\n <tr><th colspan=\"" . (1 + $images) . "\" bgcolor=\"#cccccc\">Item</th>\r\n <th bgcolor=\"#cccccc\">Price</th>\r\n <th bgcolor=\"#cccccc\">Quantity</th>\r\n <th bgcolor=\"#cccccc\">Total</th>\r\n </tr>";
//display each item as a table row
foreach ($cart as $isbn => $qty) {
$book = get_book_details($isbn);
echo "<tr>";
if ($images == true) {
echo "<td align=\"left\">";
if (file_exists("images/" . $isbn . ".jpg")) {
$size = GetImageSize("images/" . $isbn . ".jpg");
if ($size[0] > 0 && $size[1] > 0) {
echo "<img src=\"images/" . $isbn . ".jpg\"\r\n style=\"border: 1px solid black\"\r\n width=\"" . $size[0] / 3 . "\"\r\n height=\"" . $size[1] / 3 . "\"/>";
}
} else {
echo " ";
}
echo "</td>";
}
echo "<td align=\"left\">\r\n <a href=\"show_book.php?isbn=" . $isbn . "\">" . $book['title'] . "</a>\r\n by " . $book['author'] . "</td>\r\n <td align=\"center\">\$" . number_format($book['price'], 2) . "</td>\r\n <td align=\"center\">";
// if we allow changes, quantities are in text boxes
if ($change == true) {
echo "<input type=\"text\" name=\"" . $isbn . "\" value=\"" . $qty . "\" size=\"3\">";
} else {
echo $qty;
}
echo "</td><td align=\"center\">\$" . number_format($book['price'] * $qty, 2) . "</td></tr>\n";
}
// display total row
echo "<tr>\r\n <th colspan=\"" . (2 + $images) . "\" bgcolor=\"#cccccc\"> </td>\r\n <th align=\"center\" bgcolor=\"#cccccc\">" . $_SESSION['items'] . "</th>\r\n <th align=\"center\" bgcolor=\"#cccccc\">\r\n \$" . number_format($_SESSION['total_price'], 2) . "\r\n </th>\r\n </tr>";
// display save change button
if ($change == true) {
echo "<tr>\r\n <td colspan=\"" . (2 + $images) . "\"> </td>\r\n <td align=\"center\">\r\n <input type=\"hidden\" name=\"save\" value=\"true\"/>\r\n <input type=\"image\" src=\"images/save-changes.gif\"\r\n border=\"0\" alt=\"Save Changes\"/>\r\n </td>\r\n <td> </td>\r\n </tr>";
}
echo "</form></table>";
}
function insert_order($order_details)
{
extract($order_details);
if (!$ship_name && !$ship_address && !$ship_city && !$ship_state && !$ship_zip && !$ship_country) {
$ship_name = $name;
$ship_address = $address;
$ship_city = $city;
$ship_state = $state;
$ship_zip = $zip;
$ship_country = $country;
}
$db = db_connect();
$db->autocommit(false);
$query = "select customerid from customers where name='" . $name . "' and address='" . $address . "' and city='" . $city . "'\n and state='" . $state . "' and zip='" . $zip . "' and country='" . $country . "'";
$result = $db->query($query);
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$customerid = $row['customerid'];
} else {
$query = "insert into customers values('','" . $name . "','" . $address . "','" . $city . "','" . $state . "','" . $zip . "','" . $country . "')";
$result = $db->query($query);
if (!$result) {
echo "插入用户表失败";
exit;
return false;
}
$customerid = $db->insert_id;
}
$date = date("Y-m-d");
$query = "insert into orders values('','" . $customerid . "','" . $_SESSION['total_price'] . "','" . $date . "','UNPAYED','" . $ship_name . "',\n '" . $ship_address . "','" . $ship_city . "','" . $ship_state . "','" . $ship_zip . "','" . $ship_country . "')";
$result = $db->query($query);
if (!$result) {
print_r($customerid);
print_r($_SESSION['total_price']);
print_r($date);
print_r($ship_address);
print_r($ship_city);
print_r($ship_state);
print_r($ship_zip);
print_r($ship_country);
echo "插入订单表失败";
exit;
return false;
}
$orderid = $db->insert_id;
foreach ($_SESSION['cart'] as $isbn => $qty) {
$book_details = get_book_details($isbn);
$query = "delete from order_items where orderid='" . $orderid . "' and isbn='" . $isbn . "'";
$result = $db->query($query);
if (!$result) {
echo "删除订单商品表失败";
exit;
return false;
}
$query = "insert into order_items values('" . $orderid . "','" . $isbn . "','" . $book_details['price'] . "','" . $qty . "')";
$result = $db->query($query);
if (!$result) {
print_r($orderid);
echo "插入订单商品表失败";
exit;
return false;
}
}
$db->commit();
$db->autocommit(true);
$order_info = array($customerid, $orderid);
return $order_info;
}