function add_order($card_type, $card_number, $card_cvv, $card_expires)
{
global $db;
$customer_id = $_SESSION['user']['customerID'];
$billing_id = $_SESSION['user']['billingAddressID'];
$shipping_id = $_SESSION['user']['shipAddressID'];
$shipping_cost = shipping_cost();
$tax = tax_amount(cart_subtotal());
$order_date = date("Y-m-d H:i:s");
$query = '
INSERT INTO orders (customerID, orderDate, shipAmount, taxAmount,
shipAddressID, cardType, cardNumber,
cardExpires, billingAddressID)
VALUES (:customer_id, :order_date, :ship_amount, :tax_amount,
:shipping_id, :card_type, :card_number,
:card_expires, :billing_id)';
$statement = $db->prepare($query);
$statement->bindValue(':customer_id', $customer_id);
$statement->bindValue(':order_date', $order_date);
$statement->bindValue(':ship_amount', $shipping_cost);
$statement->bindValue(':tax_amount', $tax);
$statement->bindValue(':shipping_id', $shipping_id);
$statement->bindValue(':card_type', $card_type);
$statement->bindValue(':card_number', $card_number);
$statement->bindValue(':card_expires', $card_expires);
$statement->bindValue(':billing_id', $billing_id);
$statement->execute();
$order_id = $db->lastInsertId();
$statement->closeCursor();
return $order_id;
}
function add_order($card_type, $card_number, $card_cvv, $card_expires)
{
global $db;
$customer_id = $_SESSION['user']['idkhachhang'];
$billing_id = $_SESSION['user']['iddiachithanhtoan'];
$shipping_id = $_SESSION['user']['iddiachigiaohang'];
$shipping_cost = shipping_cost();
$tax = tax_amount(cart_subtotal());
$order_date = date("Y-m-d H:i:s");
$query = '
INSERT INTO donhang (idkhachhang, ngaydathang, phigiaohang, thue,
iddiachigiaohang, loaithe, mathe,
hansudungthe, iddiachithanhtoan)
VALUES (:idkhachhang, :ngaydathang, :phigiaohang, :thue,
:iddiachigiaohang, :loaithe, :mathe,
:hansudungthe, :iddiachithanhtoan)';
$statement = $db->prepare($query);
$statement->bindValue(':idkhachhang', $customer_id);
$statement->bindValue(':ngaydathang', $order_date);
$statement->bindValue(':phigiaohang', $shipping_cost);
$statement->bindValue(':thue', $tax);
$statement->bindValue(':iddiachigiaohang', $shipping_id);
$statement->bindValue(':loaithe', $card_type);
$statement->bindValue(':mathe', $card_number);
$statement->bindValue(':hansudungthe', $card_expires);
$statement->bindValue(':iddiachithanhtoan', $billing_id);
$statement->execute();
$order_id = $db->lastInsertId();
$statement->closeCursor();
return $order_id;
}
$action = 'confirm';
}
}
switch ($action) {
case 'confirm':
$cart = cart_get_items();
if (cart_product_count() == 0) {
redirect('../cart');
}
$subtotal = cart_subtotal();
$item_count = cart_item_count();
$item_shipping = 5;
$shipping_cost = shipping_cost();
$shipping_address = get_address($_SESSION['user']['shipAddressID']);
$state = $shipping_address['state'];
$tax = tax_amount($subtotal);
// function from order_db.php file
$total = $subtotal + $tax + $shipping_cost;
include 'checkout_confirm.php';
break;
case 'payment':
if (cart_product_count() == 0) {
redirect($app_path . 'cart');
}
$card_number = '';
$card_cvv = '';
$card_expires = '';
$cc_number_message = '';
$cc_ccv_message = '';
$cc_expiration_message = '';
$billing_address = get_address($_SESSION['user']['billingAddressID']);
