$row = mysql_fetch_assoc($results); return composePaymentMethod($row['card_company'], $card_number); } function placeOrder() { // TODO: Do not die, display some useful links. $books = $_COOKIE['books']; if ($_SERVER['REQUEST_METHOD'] != 'POST' || empty($books)) { echo "<p class='center'>There is no order to place.</p>"; return; } $connection = connect(); if (!updateInventory($connection, $books)) { return; } $order_id = insertOrder($connection, $books); if (empty($order_id)) { return; } clearCart(); // NOTE: this has to be called prior to any output. $payment_method = getPaymentMethodFromCardNumber($connection, $_POST['card_number']); $total_price_string = $_POST['total_price_string']; echo "\n <p class='center'>Your credit card\n <em><strong>{$payment_method}</strong></em>\n is charged <em><strong>\${$total_price_string}</strong></em>.</p>\n <p class='center'>\n <a href='show_order.php?order_id={$order_id}'>\n <em><strong>Order {$order_id}</strong></em></a>\n is placed successfully.</p>"; echo "<h2>Order Details</h2>"; showOrderFromOrderId($connection, $order_id); mysql_close($connection); } showHeader('Place Order'); placeOrder(); showFooter();
} } /** Grabs orderId from placeOrder() as session * @return bool */ function orderItem() { $items = getCartItems($_SESSION['customerId']); global $DB; try { $stmt = $DB->prepare("INSERT INTO sales_order_item (sales_order_entity_id,name,price,qty)\nVALUES (:orderId,:itemName,:itemPrice,:itemQty)"); foreach ($items as $item) { $stmt->bindParam(':orderId', $_SESSION['orderId']); $stmt->bindParam(':itemName', $item['name']); $stmt->bindParam(':itemPrice', $item['price']); $stmt->bindParam(':itemQty', $item['qty']); $bool = $stmt->execute(); } return $bool; } catch (Exception $e) { } } if (placeOrder()) { if (orderItem()) { header("location:index.php"); exit; } } ?>
$cart_action = htmlspecialchars($_POST["cart_action"]); $token = preg_replace('/\\s+/', '', $_SESSION['authtoken']); switch ($cart_action) { case "addTocart": $pet_id = htmlspecialchars($_POST["pet_id"]); $pet_price = htmlspecialchars($_POST["pet_price"]); $pet_image = htmlspecialchars($_POST["pet_image"]); addToCart($pet_id, $pet_price, $pet_image); break; case "removeFromcart": $pet_id = htmlspecialchars($_POST["pet_id"]); $cart = $_SESSION['cart']; removeFromCart($pet_id, $cart); break; case "placeOrder": $url = 'http://' . TRANSACTION_SERVICE . ':' . TRANSACTION_SERVICE_PORT . '/transaction/'; $cart = $_SESSION['cart']; $cart_ids = array(); foreach ($cart as $json) { array_push($cart_ids, $json['id']); } $card_number = htmlspecialchars($_POST["card_number"]); $card_holder_name = htmlspecialchars($_POST["card_holder_name"]); $card_cvc = htmlspecialchars($_POST["card_cvc"]); $cart_total = $_SESSION['carttotal']; $data = array("pets" => $cart_ids, 'total' => $cart_total, 'creditCard' => array("number" => $card_number, "name" => $card_holder_name, "cvc" => $card_cvc)); placeOrder($url, $token, json_encode($data)); break; default: echo "Invalid API call"; }
} //De neste linjene funker med loop for dato. $dateStart = date('Y-m-d', strtotime($date)); $dateEnd = date('Y-m-d', strtotime($end_date)); date_default_timezone_set('Europe/Oslo'); if ($dateStart >= date('Y-m-d')) { if ($dateStart < $dateEnd) { while ($dateStart < $dateEnd) { if (busy($id, $dateStart)) { $errors[] = "Koien er opptatt " . date("d-m-Y", strtotime($dateStart)); $available = 0; } $dateStart = date('Y-m-d', strtotime($dateStart . ' + 1 days')); } if ($available) { $orderId = placeOrder($id, $userId, $date, $end_date); $dateStart = date('Y-m-d', strtotime($date)); $dateEnd = date('Y-m-d', strtotime($end_date)); while ($dateStart < $dateEnd) { updateBusyDates($orderId, $id, $dateStart); $dateStart = date('Y-m-d', strtotime($dateStart . ' + 1 days')); } echo "<div class='alert alert-success' role='alert'><p></p>\n <ul><li>Bestillingen er gjennomført</li></ul></div>"; } } else { $errors[] = "Ankomstdato må være tidligere enn avreisedato"; } } else { $errors[] = "Bestilling må være etter dagens dato"; } } else {