/**
* @url GET useremail/{userId}
*/
protected function getUserEmail($userId)
{
if (\TTO::getRole() == 'admin') {
$response = new \stdClass();
return \TTO::getUserEmail($userId);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url PUT {orderId}
*/
protected function postApproveOrder($orderId)
{
if (\TTO::getRole() == 'admin') {
$statement = 'UPDATE `order` SET status = :status WHERE orderId = :orderId';
$bind = array('orderId' => $orderId, 'status' => 'approve');
$count = \Db::execute($statement, $bind);
\TTOMail::createAndSendAdmin('Admin approved an order', json_encode($bind));
\TTOMail::createAndSend(ADMINEMAIL, \TTO::getUserEmail($userId), 'Admin have approved your order', 'Please check on the system');
if ($count > 0) {
$statement = 'SELECT coin + bonus FROM `order` WHERE orderId = :orderId';
$bind = array('orderId' => $orderId);
$coin = \Db::getValue($statement, $bind);
$statement = 'UPDATE user SET coin = coin + :coin WHERE userId = :userId';
$bind = array('userId' => $userId, 'coin' => $coin);
$count = \Db::execute($statement, $bind);
} else {
throw new RestException(500, 'Approve Error !!!');
}
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
