$row = mysql_fetch_assoc($results);
return composePaymentMethod($row['card_company'], $card_number);
}
function placeOrder()
{
// TODO: Do not die, display some useful links.
$books = $_COOKIE['books'];
if ($_SERVER['REQUEST_METHOD'] != 'POST' || empty($books)) {
echo "<p class='center'>There is no order to place.</p>";
return;
}
$connection = connect();
if (!updateInventory($connection, $books)) {
return;
}
$order_id = insertOrder($connection, $books);
if (empty($order_id)) {
return;
}
clearCart();
// NOTE: this has to be called prior to any output.
$payment_method = getPaymentMethodFromCardNumber($connection, $_POST['card_number']);
$total_price_string = $_POST['total_price_string'];
echo "\n <p class='center'>Your credit card\n <em><strong>{$payment_method}</strong></em>\n is charged <em><strong>\${$total_price_string}</strong></em>.</p>\n <p class='center'>\n <a href='show_order.php?order_id={$order_id}'>\n <em><strong>Order {$order_id}</strong></em></a>\n is placed successfully.</p>";
echo "<h2>Order Details</h2>";
showOrderFromOrderId($connection, $order_id);
mysql_close($connection);
}
showHeader('Place Order');
placeOrder();
showFooter();
}
}
/** Grabs orderId from placeOrder() as session
* @return bool
*/
function orderItem()
{
$items = getCartItems($_SESSION['customerId']);
global $DB;
try {
$stmt = $DB->prepare("INSERT INTO sales_order_item (sales_order_entity_id,name,price,qty)\nVALUES (:orderId,:itemName,:itemPrice,:itemQty)");
foreach ($items as $item) {
$stmt->bindParam(':orderId', $_SESSION['orderId']);
$stmt->bindParam(':itemName', $item['name']);
$stmt->bindParam(':itemPrice', $item['price']);
$stmt->bindParam(':itemQty', $item['qty']);
$bool = $stmt->execute();
}
return $bool;
} catch (Exception $e) {
}
}
if (placeOrder()) {
if (orderItem()) {
header("location:index.php");
exit;
}
}
?>
$cart_action = htmlspecialchars($_POST["cart_action"]);
$token = preg_replace('/\\s+/', '', $_SESSION['authtoken']);
switch ($cart_action) {
case "addTocart":
$pet_id = htmlspecialchars($_POST["pet_id"]);
$pet_price = htmlspecialchars($_POST["pet_price"]);
$pet_image = htmlspecialchars($_POST["pet_image"]);
addToCart($pet_id, $pet_price, $pet_image);
break;
case "removeFromcart":
$pet_id = htmlspecialchars($_POST["pet_id"]);
$cart = $_SESSION['cart'];
removeFromCart($pet_id, $cart);
break;
case "placeOrder":
$url = 'http://' . TRANSACTION_SERVICE . ':' . TRANSACTION_SERVICE_PORT . '/transaction/';
$cart = $_SESSION['cart'];
$cart_ids = array();
foreach ($cart as $json) {
array_push($cart_ids, $json['id']);
}
$card_number = htmlspecialchars($_POST["card_number"]);
$card_holder_name = htmlspecialchars($_POST["card_holder_name"]);
$card_cvc = htmlspecialchars($_POST["card_cvc"]);
$cart_total = $_SESSION['carttotal'];
$data = array("pets" => $cart_ids, 'total' => $cart_total, 'creditCard' => array("number" => $card_number, "name" => $card_holder_name, "cvc" => $card_cvc));
placeOrder($url, $token, json_encode($data));
break;
default:
echo "Invalid API call";
}
}
//De neste linjene funker med loop for dato.
$dateStart = date('Y-m-d', strtotime($date));
$dateEnd = date('Y-m-d', strtotime($end_date));
date_default_timezone_set('Europe/Oslo');
if ($dateStart >= date('Y-m-d')) {
if ($dateStart < $dateEnd) {
while ($dateStart < $dateEnd) {
if (busy($id, $dateStart)) {
$errors[] = "Koien er opptatt " . date("d-m-Y", strtotime($dateStart));
$available = 0;
}
$dateStart = date('Y-m-d', strtotime($dateStart . ' + 1 days'));
}
if ($available) {
$orderId = placeOrder($id, $userId, $date, $end_date);
$dateStart = date('Y-m-d', strtotime($date));
$dateEnd = date('Y-m-d', strtotime($end_date));
while ($dateStart < $dateEnd) {
updateBusyDates($orderId, $id, $dateStart);
$dateStart = date('Y-m-d', strtotime($dateStart . ' + 1 days'));
}
echo "<div class='alert alert-success' role='alert'><p></p>\n <ul><li>Bestillingen er gjennomført</li></ul></div>";
}
} else {
$errors[] = "Ankomstdato må være tidligere enn avreisedato";
}
} else {
$errors[] = "Bestilling må være etter dagens dato";
}
} else {
