ldy/RoamEase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
RoamEase/indexes/user/process/order.php
ldy 66cd489ea8 Initial Commit
2025-06-06 17:31:03 +08:00

174 lines
11 KiB
PHP
Raw Blame History

<?php
include "../../ConnectDB.php";
// Start the session
session_start();
// Escape the username and user type for security
$u_id = mysqli_real_escape_string($conn, $_SESSION['uid']);
// Retrieve the total price
$total_price = $_POST['total'];
// If buyer do not have enough balance
$sql_check_balance = "SELECT balance FROM user_buyer WHERE u_id = '$u_id'";
$res = mysqli_query($conn, $sql_check_balance);
$balance = mysqli_fetch_array($res);
if($balance['balance'] < $total_price){
echo "<script type='text/javascript'>
window.location.href = './interfaces/failed.php?why=Insufficient Balance';
</script>";
exit();
}
$new_receipt_query = "INSERT INTO `receipt` (`u_id`, `total_price`) VALUES ('$u_id', '$total_price')";
$new_receipt_set = mysqli_query($conn, $new_receipt_query);
$receipt_id = mysqli_insert_id($conn);
// Update information
$sql_cart_bookings = "SELECT * FROM cart_bookings WHERE u_id='$u_id' AND choose = '1'";
$result_cart_bookings = mysqli_query($conn, $sql_cart_bookings);
$num_rows = mysqli_num_rows($result_cart_bookings);
while ($cartBooking = mysqli_fetch_assoc($result_cart_bookings)) {
$booking_id = $cartBooking['booking_id'];
$booking_type_id = $cartBooking['booking_type_id'];
$subtotal_price = $cartBooking['subtotal_price'];
// Use a switch statement for different booking types
switch ($booking_type_id) {
case '1':
$bookingQuery = "UPDATE `hotel_booking` SET payment_status = '1' WHERE booking_id = " . $booking_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
$sellerQuery = "SELECT hotel_booking.quantity, seller_id FROM hotel_booking JOIN hotel_room ON (hotel_room.hotel_room_id = hotel_booking.hotel_room_id) JOIN hotel ON (hotel.hotel_id = hotel_room.hotel_id) WHERE booking_id = " . $booking_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$sellerResult = mysqli_fetch_assoc($sellerResult);
$seller_id = $sellerResult['seller_id'];
$quantity = $sellerResult['quantity'];
$sub_price = $quantity * $subtotal_price;
$sellerQuery = "UPDATE `user_seller` SET balance = balance + '$sub_price' WHERE u_id = " . $seller_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$receiptQuery = "INSERT INTO `receipt_bookings`(`receipt_id`, `booking_id`, `booking_type_id`, `booking_status`, `subtotal_price`, `quantity`, `seller_id`) VALUES ('$receipt_id','$booking_id','1','Unused','$subtotal_price', '$quantity', '$seller_id')";
$receiptResult = mysqli_query($conn, $receiptQuery);
break;
case '2':
$bookingQuery = "UPDATE `restaurant_booking` SET payment_status = '1' WHERE booking_id = " . $booking_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
$sellerQuery = "SELECT restaurant_booking.quantity, seller_id FROM restaurant_booking JOIN restaurant ON (restaurant_booking.restaurant_id = restaurant.restaurant_id) WHERE booking_id = " . $booking_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$sellerResult = mysqli_fetch_assoc($sellerResult);
$seller_id = $sellerResult['seller_id'];
$quantity = $sellerResult['quantity'];
$sub_price = $quantity * $subtotal_price;
$sellerQuery = "UPDATE `user_seller` SET balance = balance + '$sub_price' WHERE u_id = " . $seller_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$receiptQuery = "INSERT INTO `receipt_bookings`(`receipt_id`, `booking_id`, `booking_type_id`, `booking_status`, `subtotal_price`, `quantity`, `seller_id`) VALUES ('$receipt_id','$booking_id','2','Unused','$subtotal_price', '$quantity', '$seller_id')";
$receiptResult = mysqli_query($conn, $receiptQuery);
break;
case '3':
$bookingQuery = "UPDATE `attraction_booking` SET payment_status = '1' WHERE booking_id = " . $booking_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
$sellerQuery = "SELECT attraction_booking.quantity, seller_id FROM attraction_booking JOIN attraction ON (attraction_booking.attraction_id = attraction.attraction_id) WHERE booking_id = " . $booking_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$sellerResult = mysqli_fetch_assoc($sellerResult);
$seller_id = $sellerResult['seller_id'];
$quantity = $sellerResult['quantity'];
$sub_price = $quantity * $subtotal_price;
$sellerQuery = "UPDATE `user_seller` SET balance = balance + '$sub_price' WHERE u_id = " . $seller_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$receiptQuery = "INSERT INTO `receipt_bookings`(`receipt_id`, `booking_id`, `booking_type_id`, `booking_status`, `subtotal_price`, `quantity`, `seller_id`) VALUES ('$receipt_id','$booking_id','3','Unused','$subtotal_price', '$quantity', '$seller_id')";
$receiptResult = mysqli_query($conn, $receiptQuery);
break;
case '4':
$bookingQuery = "UPDATE `guide_booking` SET payment_status = '1' WHERE booking_id = " . $booking_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
$sellerQuery = "SELECT guide_booking.quantity, guide_id FROM guide_booking WHERE booking_id = " . $booking_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$sellerResult = mysqli_fetch_assoc($sellerResult);
$seller_id = $sellerResult['guide_id'];
$quantity = $sellerResult['quantity'];
$sub_price = $quantity * $subtotal_price;
$sellerQuery = "UPDATE `user_guide` SET balance = balance + '$sub_price' WHERE u_id = " . $seller_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$receiptQuery = "INSERT INTO `receipt_bookings`(`receipt_id`, `booking_id`, `booking_type_id`, `booking_status`, `subtotal_price`, `quantity`, `seller_id`) VALUES ('$receipt_id','$booking_id','4','Unused','$subtotal_price', '$quantity', '$seller_id')";
$receiptResult = mysqli_query($conn, $receiptQuery);
break;
case '5':
$bookingQuery = "UPDATE `transport_flight_booking` SET payment_status = '1' WHERE booking_id = " . $booking_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
$sellerQuery = "SELECT transport_flight_booking.quantity, airline_id FROM transport_flight_booking JOIN transport_flight_class ON (transport_flight_booking.flight_class_id = transport_flight_class.flight_class_id) JOIN transport_flight ON (transport_flight.flight_id = transport_flight_class.flight_id) WHERE booking_id = " . $booking_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$sellerResult = mysqli_fetch_assoc($sellerResult);
$airline_id = $sellerResult['airline_id'];
$quantity = $sellerResult['quantity'];
$sub_price = $quantity * $subtotal_price;
$sellerQuery = "SELECT seller_id FROM transport_airline WHERE airline_id = " . $airline_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$seller_id = mysqli_fetch_assoc($sellerResult);
$seller_id = $seller_id['seller_id'];
$sellerQuery = "UPDATE `user_seller` SET balance = balance + '$sub_price' WHERE u_id = " . $seller_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$receiptQuery = "INSERT INTO `receipt_bookings`(`receipt_id`, `booking_id`, `booking_type_id`, `booking_status`, `subtotal_price`, `quantity`, `seller_id`) VALUES ('$receipt_id','$booking_id','5','Unused','$subtotal_price', '$quantity', '$seller_id')";
$receiptResult = mysqli_query($conn, $receiptQuery);
break;
case '6':
$bookingQuery = "UPDATE `transport_railway_booking` SET payment_status = '1' WHERE booking_id = " . $booking_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
$sellerQuery = "SELECT transport_railway_booking.quantity, seller_id FROM transport_railway_booking JOIN transport_railway_class ON (transport_railway_booking.railway_class_id = transport_railway_class.train_seat_id) JOIN transport_railway ON (transport_railway.train_id = transport_railway_class.train_id) WHERE booking_id = " . $booking_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$sellerResult = mysqli_fetch_assoc($sellerResult);
$seller_id = $sellerResult['seller_id'];
$quantity = $sellerResult['quantity'];
$sub_price = $quantity * $subtotal_price;
$sellerQuery = "UPDATE `user_seller` SET balance = balance + '$sub_price' WHERE u_id = " . $seller_id;
$sellerResult = mysqli_query($conn, $sellerQuery);
$receiptQuery = "INSERT INTO `receipt_bookings`(`receipt_id`, `booking_id`, `booking_type_id`, `booking_status`, `subtotal_price`, `quantity`, `seller_id`) VALUES ('$receipt_id','$booking_id','6','Unused','$subtotal_price', '$quantity', '$seller_id')";
$receiptResult = mysqli_query($conn, $receiptQuery);
break;
default:
echo "Unknown booking type";
exit();
}
}
// Update cart
$bookingQuery = "DELETE FROM `cart_bookings` WHERE u_id = '$u_id' AND choose = '1'";
$bookingResult = mysqli_query($conn, $bookingQuery);
// User balance
$bookingQuery = "UPDATE `user_buyer` SET balance = balance - '$total_price', cart_total_price = '0' WHERE u_id = " . $u_id;
$bookingResult = mysqli_query($conn, $bookingQuery);
if($bookingResult){
header('Location: ./interfaces/success.php');
}
else{
header('Location: ./interfaces/failed.php');
}
?>
Reference in New Issue View Git Blame Copy Permalink