shopping/cartoperation.php at master · i-jay/shopping · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?php
include './assets/dbconnect.php';
session_start();

if(isset($_SESSION['loggedin']) && $_SESSION['loggedin']== true){
    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['addproduct'])){
        $pid = $_POST['pid'];
        $user_id = $_SESSION['userid'];
        $quantity = 1;
        $price = $_POST['price'];

        $sql = "SELECT * FROM `cart` WHERE `Product_id` = $pid AND `user_id` = $user_id";
        $result = mysqli_query($conn, $sql);
        $num = mysqli_num_rows($result);

        if($num == 0){
            $sql2 = "INSERT INTO `cart` (`user_id`, `product_id`, `product_quantity`, `product_price`, `total_price`) VALUES (' $user_id', '$pid', ' $quantity', '$price', '$price')";
            $result2 = mysqli_query($conn, $sql2);

            if($result2){
                header('location:index.php');
            }
        }
        else{
            session_start();
            $_SESSION['productadded'] = true;
            header('location:mycart.php');
        }

    }

    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['deleteproduct'])){
        $pid = $_POST['pid'];
        $user_id = $_SESSION['userid'];

        $sql = "DELETE FROM `cart` WHERE `Product_id` = $pid AND `user_id` = $user_id";
        $result = mysqli_query($conn, $sql);

        if($result){
            header('location:mycart.php');
        }
    }

    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['emptycart'])){
        $user_id = $_SESSION['userid'];

        $sql = "DELETE FROM `cart` WHERE `user_id` = $user_id";
        $result = mysqli_query($conn, $sql);

        if($result){
            header('location:mycart.php');
        }
    }

    if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['quantity'])){
        $user_id = $_SESSION['userid'];
        $quantity = $_POST['quantity'];
        $pid = $_POST['pid'];
        $product_price = $_POST['product_price'];
        $total_price = $product_price * $quantity;


        $sql = "UPDATE `cart` SET `product_quantity` = '$quantity', `total_price` = '$total_price' WHERE `Product_id` = $pid AND `user_id` = $user_id";
        $result = mysqli_query($conn, $sql);

        if($result){
            header('location:mycart.php');
        }
    }

}
else{
    header('location:login.php');
}


?>