<span class="st_email_large" displayText="Email"></span> </div> <div class="col-md-7"> <h2><?php echo $product["name"]; ?> </h2> <h3 class="pull-right <?php echo $product["stock"] != 0 ? "text-success" : "text-danger"; ?> "><?php echo $product["stock"] != 0 ? "Skladem" : "Není skladem"; ?> </h3> <h3><?php echo __format(__add_vat($product["price"])); ?> Kč <small>(<?php echo __format($product["price"]); ?> Kč bez DPH)</small></h3> <hr> <div class="description"> <?php echo $parsedown->text($product["description"]); ?> </div> </div> <div class="col-md-2"> <form action="?cart-add=1" method="post" autocomplete="off">
function __order_new(&$session) { global $link; $total = 0; $DI = array(); foreach ($session["items"] as $item) { $itemData = __get_ex_product($item["id"]); if (empty($itemData)) { continue; } $itemData = $itemData[0]; $uid = ""; foreach (array_keys($item["fields"]) as $fKey) { $uid .= $fKey . $item["fields"][$fKey] . ";"; $fieldData = __get_field_data($fKey); if ($fieldData != null) { foreach ($fieldData as $dt) { if ($dt["id"] == $item["fields"][$fKey]) { if ($dt["price_diff"] != 0) { $itemData["price"] += $dt["price_diff"]; } break; } } } } $uid = __khash($uid); $DI[$uid] = $itemData; $total += $item["quantity"] * $DI[$uid]["price"]; } $total = __add_vat($total); $cuponData = null; if ($session["cupon"] != null) { $cuponData = __get_cupon($session["cupon"]); if ($cuponData != null) { $cuponData = $cuponData[0]; } $type = intval($cuponData["type"]); $value = floatval($cuponData["value"]); $total -= $type == "0" ? $value : $total / 100 * $value; if ($total < 0) { $total = 0; } } $fees = 0; switch ($session["data"]["payment"]) { case 0: $fees += 20; break; case 1: $fees += 0; break; case 2: $fees += 75; break; case 3: $fees += 90; break; } switch ($session["data"]["shipment"]) { case 0: $fees += 25; break; case 1: $fees += 320; break; case 2: $fees += 35; break; } $total += $fees; $D = array("name" => $link->real_escape_string($session["data"]["name"]), "surname" => $link->real_escape_string($session["data"]["surname"]), "email" => $link->real_escape_string($session["data"]["email"]), "phone" => $link->real_escape_string($session["data"]["phone"]), "company" => $link->real_escape_string($session["data"]["company"]), "address" => $link->real_escape_string($session["data"]["address"]), "city" => $link->real_escape_string($session["data"]["city"]), "zip" => $link->real_escape_string($session["data"]["zip"]), "country" => $link->real_escape_string($session["data"]["country"]), "state" => $link->real_escape_string($session["data"]["state"]), "news" => $link->real_escape_string($session["data"]["news"]), "vat" => $link->real_escape_string(ESHOP_VAT), "total" => $link->real_escape_string($total), "payment" => $link->real_escape_string($session["data"]["payment"]), "shipment" => $link->real_escape_string($session["data"]["shipment"])); $sql_order = "INSERT INTO `" . MySQL_PREFIX . "order`(`vat`, `total`, `payment`, `shipment`, `ip`) VALUES('" . $D["vat"] . "', '" . $D["total"] . "', '" . $D["payment"] . "', '" . $D["shipment"] . "', '" . $_SERVER["REMOTE_ADDR"] . "');"; if (!$link->query($sql_order)) { return false; } $order = $link->insert_id; if ($order < 1) { return false; } $sql_order_contact_info = "INSERT INTO `" . MySQL_PREFIX . "order_contact_info`(`_order`, `name`, `surname`, `email`, `phone`, `company`, `address`, `city`, `zip`, `country`, `state`, `news`) VALUES('" . $order . "', '" . $D["name"] . "', '" . $D["surname"] . "', '" . $D["email"] . "', '" . $D["phone"] . "', '" . $D["company"] . "', '" . $D["address"] . "', '" . $D["city"] . "', '" . $D["zip"] . "', '" . $D["country"] . "', '" . $D["state"] . "', '" . $D["news"] . "');"; if (!$link->query($sql_order_contact_info)) { return false; } foreach ($session["items"] as $_item) { $uid = ""; foreach (array_keys($_item["fields"]) as $fKey) { $uid .= $fKey . $_item["fields"][$fKey] . ";"; } $uid = __khash($uid); if (empty($DI[$uid])) { continue; } $item =& $DI[$uid]; $sql_order_item = "INSERT INTO `" . MySQL_PREFIX . "order_item`(`_order`, `product`, `uid`, `quantity`, `price`) VALUES('" . $order . "', '" . $item["id"] . "', '" . $uid . "', '" . $_item["quantity"] . "', '" . $item["price"] . "');"; if (!$link->query($sql_order_item)) { return false; } $order_item = $link->insert_id; if ($order_item < 1) { return false; } if ($_item["fields"] == null) { continue; } foreach (array_keys($_item["fields"]) as $fKey) { $field = $link->real_escape_string($fKey); $data = $link->real_escape_string($_item["fields"][$fKey]); $sql_order_item_field = "INSERT INTO `" . MySQL_PREFIX . "order_item_field`(`item`, `field`, `field_data`) VALUES(" . $order_item . ", '" . $field . "', '" . $data . "');"; if (!$link->query($sql_order_item_field)) { return false; } } } if ($cuponData != null) { $sql_order_cupon = "INSERT INTO `" . MySQL_PREFIX . "order_cupon`(`_order`, `cupon`) VALUES('" . $order . "', '" . $cuponData["id"] . "');"; if (!$link->query($sql_order_cupon)) { return false; } $sql_cupon = "UPDATE `" . MySQL_PREFIX . "cupon` SET `used`=`used`+1 WHERE `id`='" . $cuponData["id"] . "';"; if (!$link->query($sql_cupon)) { return false; } } $mail = __forge_new_order_mail($order, $session, $total, $D["country"] == "CZ" ? "CZK" : "EUR"); if (!__send_mail($mail["to"], $mail["subject"], $mail["message"], $mail["headers"])) { return false; } $session = array("order" => $order, "mail" => $mail, "payment" => array("type" => intval($D["payment"]), "total" => floatval($D["total"]), "curre" => $D["country"] == "CZ" ? "CZK" : "EUR")); return true; }