shopping/buynowoperation.php at master · i-jay/shopping · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
include './assets/dbconnect.php';
session_start();

if(isset($_SESSION['loggedin']) && $_SESSION['loggedin']== true){
    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['buynow'])){
        $pid = $_POST['pid'];
        $user_id = $_SESSION['userid'];
        $quantity = 1;
        $price = $_POST['price'];

        $del = "DELETE FROM `buynow` WHERE `user_id` = $user_id";
        $del_result = mysqli_query($conn, $del);

        $sql2 = "INSERT INTO `buynow` (`user_id`, `product_id`, `product_quantity`, `product_price`, `total_price`) VALUES (' $user_id', '$pid', ' $quantity', '$price', '$price')";
        $result2 = mysqli_query($conn, $sql2);
        if($result2){
            header('location:buynow.php');
        }

    }

    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['placeorder'])){

        $user_id = $_SESSION['userid'];

        $del = "DELETE FROM `buynow` WHERE `user_id` = $user_id";
        $del_result = mysqli_query($conn, $del);

        $pid = $_POST['pid'];
        $quantity = $_POST['quantity'];
        $price = $_POST['price'];
        $pid_length = count($pid);
        for($x=0; $x<$pid_length ; $x++){

            $product_id = $pid[$x];
            $product_quantity = $quantity[$x];
            $product_price = $price[$x];
            $total_price = $product_quantity *  $product_price ;

            $sql2 = "INSERT INTO `buynow` (`user_id`, `product_id`, `product_quantity`, `product_price`, `total_price`) VALUES (' $user_id', '$product_id', ' $product_quantity', '$product_price', '$total_price')";
            $result2 = mysqli_query($conn, $sql2);
        }
        header('location:buynow.php');

    }


    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['quantity'])){
        $user_id = $_SESSION['userid'];
        $quantity = $_POST['quantity'];
        $pid = $_POST['pid'];
        $product_price = $_POST['product_price'];
        $total_price = $product_price * $quantity;


        $sql = "UPDATE `buynow` SET `product_quantity` = '$quantity', `total_price` = '$total_price' WHERE `Product_id` = $pid AND `user_id` = $user_id";
        $result = mysqli_query($conn, $sql);

        if($result){
            header('location:buynow.php');
        }
    }

}
else{
    header('location:login.php');
}


?>