public function checkOut($deliveryDate, $orderDiscount, $deliAddr, $custNo, $distNo)
{
include_once "Order.php";
if (addOrder(date("Y-m-d"), $deliveryDate, $orderDiscount, $deliAddr, $custNo, $distNo, $this->_product)) {
$this->clear();
return true;
}
return false;
}
header('Location: ../user/sign_in.php');
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$order = $_REQUEST['order'];
try {
if ($order['payment_method'] == 'credit_card') {
// Make a payment using credit card.
$user = getUser(getSignedInUser());
$payment = makePaymentUsingCC($user['creditcard_id'], $order['amount'], 'USD', $order['description']);
$orderId = addOrder(getSignedInUser(), $payment->getId(), $payment->getState(), $order['amount'], $order['description']);
$message = "Your order has been placed successfully. Your Order id is <b>{$orderId}</b>";
$messageType = "success";
} else {
if ($order['payment_method'] == 'paypal') {
$orderId = addOrder(getSignedInUser(), NULL, NULL, $order['amount'], $order['description']);
// Create the payment and redirect buyer to paypal for payment approval.
$baseUrl = getBaseUrl() . "/order_completion.php?orderId={$orderId}";
$payment = makePaymentUsingPayPal($order['amount'], 'USD', $order['description'], "{$baseUrl}&success=true", "{$baseUrl}&success=false");
updateOrder($orderId, $payment->getState(), $payment->getId());
header("Location: " . getLink($payment->getLinks(), "approval_url"));
exit;
}
}
} catch (\PayPal\Exception\PPConnectionException $ex) {
$message = parseApiError($ex->getData());
$messageType = "error";
} catch (Exception $ex) {
$message = $ex->getMessage();
$messageType = "error";
}
return $result;
}
}
/**
* ===================================================
* Code to make calls with help of the Bl3pApi class
* ===================================================
**/
$url = "https://api.bl3p.eu/1/";
$pubkey = "YOUR_PUBLIC_API_KEY";
$privkey = "YOUR_PRIVATE_API_KEY";
//Init Bl3pAPi class
$api = new Bl3pApi($url, $pubkey, $privkey);
try {
//Add an buy order for 0.01 @400 euro
$result = addOrder('bid', 1000000, 40000000);
echo '<tt><pre>' . var_export($result, true) . '</pre></tt>';
} catch (Exception $ex) {
echo '<tt><pre>' . var_export($ex, true) . '</pre></tt>';
}
/**
* Add order to your account.
* @method addOrder
* @param string $order_type 'bid' or 'ask'
* @param int $order_amount Amount to order *1e8
* @param int $order_price Price of order *1e5
* @return array Result of the add order call
*/
function addOrder($order_type, $order_amount, $order_price)
{
global $api;
<?php
ini_set('display_errors', 1);
include 'connection.php';
if ($_POST['method'] == "getOrders") {
getOrders($_POST['json']);
//call getOrders method
} elseif ($_POST['method'] == "addOrder") {
addOrder($_POST['json']);
} elseif ($_POST['method'] == "searchItems") {
searchItems($_POST['json']);
}
function getOrders($json)
{
global $mysqli;
//get params from json object
$jsonObj = json_decode($json);
$date = $jsonObj->{'date'};
$style = $jsonObj->{'style'};
$undate = strtotime($date);
$year = date('Y', $undate);
$month = date('m', $undate);
$day = date('d', $undate);
if ($style === "YEAR") {
$strQuery = "SELECT * FROM orders WHERE (DATE Like '" . $year . "-%')";
getSalesByQuery($strQuery);
} elseif ($style === "MONTH") {
$strQuery = "SELECT * FROM orders WHERE (DATE Like '" . $year . "-" . $month . "-%')";
getSalesByQuery($strQuery);
} elseif ($style === "DAY") {
$strQuery = "SELECT * FROM orders WHERE (DATE = '" . $date . "' )";
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$itemname = clrStr($_POST[itemname]);
$itemprice = clrInt($_POST[itemprice]);
$quantity = clrInt($_POST[cost]);
$img = clrStr($_POST[image]);
if ($quantity > 0) {
order(BASKET, $itemname, $itemprice, $img, $quantity);
} else {
header("Refresh:3; url=../index.php#price");
echo "<h2> Неверное количество Товаров!</h2>";
}
}
$q = qtItem(BASKET);
if ($q > 0) {
echo "<h2>У Вас в корзине {$q} товаров!</h2>";
addOrder();
} else {
echo "<h2>Ваша корзина пуста!</h2>";
}
?>
<DOCTYPE html>
<html>
<head>
<title>Корзина покупок - Магазин подгузников</title>
<meta Charset="UTF-8"/>
<link
rel="stylesheet"
href="style/style.css"
/>
<SCRIPT type="text/javascript">
<!--
if ($act == "register") {
$mes = register();
} elseif ($act == "login") {
$mes = login();
} elseif ($act == "userOut") {
$mes = userOut();
} elseif ($act == "changePwd") {
$mes = changePwd();
} elseif ($act == "addPackage") {
$mes = addPackage();
} elseif ($act == "addRecipients") {
$mes = addRecipients();
} elseif ($act == "delRecipients") {
$mes = delRecipients($recipients_id, $user_id);
} elseif ($act == "addOrder") {
$mes = addOrder();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Welcome</title>
</head>
<body>
<?php
if ($mes) {
echo $mes;
}
?>
function actionAddOrder($mysqli)
{
return addOrder($mysqli);
}
$APPLICATION->SetTitle("Оформление заказов");?>
<?php
if (CModule::IncludeModule("sale") and isset($_GET['ORDER_ID'])) foreach(GetModuleEvents("sale", "OnBasketOrder", true) as $arEvent) {
if ($arEvent['TO_MODULE_ID'] == 'platina.conveadtracker') ExecuteModuleEventEx($arEvent, array($_GET['ORDER_ID'])); }
?>
<?
$rsUser = CUser::GetByID($USER->GetID());
$arUser = $rsUser->Fetch();
if ($_REQUEST["ORDER_ID"]):
$ORDER_ID = htmlspecialchars($_REQUEST["ORDER_ID"]);
include($_SERVER["DOCUMENT_ROOT"]."/personal/order/make/confirm.php");
elseif (!getBasketOrder()):
LocalRedirect('/personal/cart/');
elseif ($_POST["step"] == "" && !$USER->isAuthorized() || $USER->isAuthorized() && empty($arUser['PERSONAL_PHONE'])):
include($_SERVER["DOCUMENT_ROOT"]."/personal/order/make/step1.php");
elseif (strlen($_POST["ORDER_CONFIRM_BUTTON"]) > 0 && $USER->isAuthorized()):
$ORDER_ID = addOrder($_POST);
if ($ORDER_ID > 0):
LocalRedirect('/personal/order/make/?ORDER_ID='.$ORDER_ID);
else:
LocalRedirect('/personal/order/make/');
endif;
elseif ($_POST["step"] == 3 && $USER->isAuthorized()):
include($_SERVER["DOCUMENT_ROOT"]."/personal/order/make/step3.php");
elseif ($_POST["step"] == 2 || $USER->isAuthorized()):
include($_SERVER["DOCUMENT_ROOT"]."/personal/order/make/step2.php");
endif;
?>
<?require($_SERVER["DOCUMENT_ROOT"]."/bitrix/footer.php");?>
$time_order = $_POST['time_order'];
$detail_order = $_POST['detail_order'];
//ส่งข้อมูล หน่วยสินค้า มาหน้านี้
$products = $_SESSION["product"];
$countCode = countCode($idshop);
$num = $countCode["CountCode"];
$code_order = $num + 1;
echo $code_order;
//สิ้นสุดกลุ่มรับค่า
//
//กลุ่มคำสั่งทำอะไร
//if (!checkcode($productCode)) {
//echo checkDuplicateProduct($productName, $factoryID);
if (isset($_SESSION["product"])) {
//ถามว่า$_SESSION["unit"]ถูกสร้างหรือยัง
$idorder = addOrder($code_order, $idshop, $date_order, $time_order, $detail_order);
//idproductของระบบ
echo "idorder=" . $idorder;
if ($idorder > 0) {
//$idUnit[1] = addUnit($idproduct, 0, $units[1]['AmountPerUnit'], $units[1]['NameUnit'], $units[1]['price'], $units[1]['type']);
for ($i = 1; $i <= count($products); $i++) {
//$under_unit = $units[$i]['under_unit'];
//$underIdUnit = $idUnit[$under_unit];
if ($products[$i]['type'] === "PERCENT") {
$idproduct[$i] = addProductOrder($products[$i]['idUnit'], $idorder, $products[$i]['AmountProduct'], $products[$i]['DifferencePer'], $products[$i]['type'], $products[$i]['total_price'] / $products[$i]['AmountProduct']);
$getproduct = getIDProduct($products[$i]['idUnit']);
$idproduct2 = $getproduct['idproduct'];
$delDiff[$i] = deleteDifference($idproduct2, $idshop);
$addDiff[$i] = addDiff($idproduct2, $idshop, $products[$i]['type'], $products[$i]['DifferencePer'], $date_order);
}
if ($products[$i]['type'] === "BATH") {
$sql = "select * from telerecord where teleNum = '{$teleNum}'";
} else if(!empty($orderNum)){
$sql = "select * from telerecord where orderNum = '{$orderNum}'";
} else if(!empty($orderState)){
$sql = "select * from telerecord where orderState = '{$orderState}'";
}else{
$sql = "select * from telerecord order by orderNum desc";
}
getOrder($sql);
}
if($action == "addOrder"){
if(!empty($teleNum) && (!empty($orderNum)) && (!empty($orderState))){
$sql = "INSERT INTO telerecord
VALUES ('{$teleNum}', '{$orderNum}', '{$orderState}')";
addOrder($sql);
}
$sql2 = "select * from telerecord where orderNum = '{$orderNum}'";
getOrder($sql2);
}
if($action == "updateOrder"){
if(!empty($teleNum) && (!empty($orderNum)) && (!empty($orderState))){
$sql = "UPDATE telerecord SET teleNum='{$teleNum}', orderState='{$orderState}'
WHERE orderNum='{$orderNum}'";
}
updateOrder($sql);
$sql2 = "select * from telerecord where orderNum = '{$orderNum}'";
getOrder($sql2);
}
function home()
{
global $db, $prefix;
do_head();
OpenTable();
if (isset($_POST['submit_order_config'])) {
$sql = "UPDATE " . $prefix . "_hosting_order_config SET admin_email = '" . $_POST['admin_email'] . "', allow_nochex = '" . $_POST['allow_nochex'] . "',\r\n\t\t\tallow_paypal = '" . $_POST['allow_paypal'] . "', allow_cc = '" . $_POST['allow_cc'] . "', allow_paypal_subscriptions = '" . $_POST['allow_paypal_subscriptions'] . "', \r\n\t\t\tprorate = '" . $_POST['prorate'] . "', prorate_date = '" . $_POST['prorate_date'] . "', currency = '" . $_POST['currency'] . "', currency_code = '" . $_POST['currency_code'] . "'";
$db->sql_query($sql);
?>
<table width="100%" style="border: 1px solid;"><tr><td><b>Settings Saved!</b></td></tr></table>
<?php
}
$row = $db->sql_fetchrow($db->sql_query("SELECT * FROM " . $prefix . "_hosting_order_config"));
?>
<table width="100%">
<form method="post">
<tr>
<td colspan="2" align="center"><b>Order Configuration</b></td>
</tr><tr>
<td>Admin Email:</td>
<td><input type="text" name="admin_email" style="width: 200px;" value="<?php
echo $row['admin_email'];
?>
"></td>
</tr><tr>
<td>Allow Paypal:</td>
<td><input type="checkbox" name="allow_paypal" <?php
if ($row['allow_paypal']) {
echo "checked";
}
?>
value="1"></td>
</tr><tr>
<td>Allow NoChex:</td>
<td><input type="checkbox" name="allow_nochex" <?php
if ($row['allow_nochex']) {
echo "checked";
}
?>
value="1"></td>
</tr><tr>
<td>Allow Credit Card:</td>
<td><input type="checkbox" name="allow_cc" <?php
if ($row['allow_cc']) {
echo "checked";
}
?>
value="1"></td>
</tr><tr>
<td>Pro-Rate Payments:</td>
<td><input type="checkbox" name="prorate" <?php
if ($row['prorate']) {
echo "checked";
}
?>
value="1"></td>
</tr><tr>
<td nowrap>Use Paypal Subscriptions:</td>
<td><input type="checkbox" name="allow_paypal_subscriptions" <?php
if ($row['allow_paypal_subscriptions']) {
echo "checked";
}
?>
value="1"> (setup fee's cannot be used with subscriptions)</td>
</tr><tr>
<td>Pro-Rate Date of Month:</td>
<td><input type="text" name="prorate_date" style="width: 200px;" value="<?php
echo $row['prorate_date'];
?>
"></td>
</tr><tr>
<td>Currency Symbol:</td>
<td><input type="text" name="currency" style="width: 200px;" value="<?php
echo $row['currency'];
?>
"></td>
</tr><tr>
<td>Currency Code:</td>
<td><input type="text" name="currency_code" style="width: 200px;" value="<?php
echo $row['currency_code'];
?>
"></td>
</tr><tr>
<td colspan="2" align="center"><input type="submit" name="submit_order_config" value="Save Settings"></td>
</tr>
</form>
</table>
<?php
CloseTable();
// Display list of categories
OpenTable();
?>
<center><b><strong>· Category List ·</strong></b><br><br></center>
<table cellspacing="0" cellpadding="0" border="0">
<?php
$result = $db->sql_query("SELECT id, name FROM " . $prefix . "_hosting_order_category ORDER BY name ASC");
while ($row = $db->sql_fetchrow($result)) {
?>
<tr>
<td align="left">
· [<a href="admin.php?op=Order&action=EditCat&id=<?php
echo $row['id'];
?>
">Edit</a> |
<a href="admin.php?op=Order&action=DelCat&id=<?php
echo $row['id'];
?>
">Delete</a>] ·
<?php
echo $row['name'];
?>
</td>
</tr>
<?php
}
?>
</table><br>
<?php
CloseTable();
AddCat();
// Display list of ordering services
OpenTable();
?>
<center><b><strong>· Order List ·</strong></b><br><br></center>
<table cellspacing="0" cellpadding="0" border="0">
<?php
$sql = "SELECT description, name, id, status FROM " . $prefix . "_hosting_order ORDER BY name ASC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
?>
<tr><td align="left">· [<a href="admin.php?op=Order&action=editOrder&id=<?php
echo $row['id'];
?>
">Edit</a>] ·
<?php
echo $row['name'];
?>
</td></tr>
<?php
}
?>
</table><br>
<?php
CloseTable();
// Draw the Add Order table
addOrder();
// Show current coupons
OpenTable();
?>
<center><b><strong>· Coupon List ·</strong></b><br><br></center>
<table cellspacing="0" cellpadding="0" border="0">
<?php
$sql = "SELECT description, code, id FROM " . $prefix . "_hosting_order_coupons WHERE parent='0' ORDER BY description ASC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
?>
<tr>
<td align="left">
· [<a href="admin.php?op=Order&action=EditCoupon&id=<?php
echo $row['id'];
?>
">Edit</a>] ·
<?php
echo $row['description'] . " (" . $row['code'] . ")";
?>
</td>
</tr>
<?php
}
?>
</table><br>
<?php
CloseTable();
// Draw the Add Coupon table
AddCoupon();
include "footer.php";
}
<?php
/**
* Created by PhpStorm.
* User: Neo_
* Date: 12/29/15
* Time: 6:46 PM
*/
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
if (isset($_POST['addOrder'])) {
addOrder($_POST['username'], $_POST['password']);
} elseif (isset($_POST['remove'])) {
removeOrder($_POST['orderId']);
header('Location: http://localhost/PharmacyDB/adminpanel.php?option=3');
}
function addOrder($userName, $password)
{
if (file_exists('../mysql_connector.php')) {
require '../mysql_connector.php';
} elseif (file_exists('./php/mysql_connector.php')) {
require './php/mysql_connector.php';
}
if ($userName == $_SESSION['custName'] && $password == $_SESSION['custPassword']) {
$connection = getConnection();
$cartTotal = 0;
foreach ($_SESSION["cart_array"] as $each_medicine) {
$medicineId = $each_medicine['medicineId'];
$result = mysqli_query($connection, "SELECT * FROM fmedicine WHERE MedicineId='{$medicineId}'");
$unitPrice = 0;
