Fix

2025-12-17 20:42:54 +03:00
parent f4f57bd153
commit 07289608e5
8 changed files with 7058 additions and 6395 deletions
--- a/public/api/process_order.php
+++ b/public/api/process_order.php
@@ -1,17 +1,18 @@
 <?php
+header('Content-Type: application/json; charset=utf-8');

 session_start();
 require_once __DIR__ . '/../config/database.php';

 if (!isset($_SESSION['isLoggedIn']) || $_SESSION['isLoggedIn'] !== true) {
-    header('Location: login.php?error=auth_required');
+    echo json_encode(['success' => false, 'message' => 'Требуется авторизация']);
    exit();
 }

 $user_id = $_SESSION['user_id'] ?? 0;

 if ($user_id == 0) {
-    header('Location: login.php?error=user_not_found');
+    echo json_encode(['success' => false, 'message' => 'Пользователь не найден']);
    exit();
 }

@@ -26,8 +27,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $customer_phone = $_POST['phone'] ?? '';
        $delivery_address = $_POST['address'] ?? '';
        $region = $_POST['region'] ?? '';
+        $postal_code = $_POST['postal_code'] ?? '';
        $payment_method = $_POST['payment'] ?? 'card';
        $delivery_method = $_POST['delivery'] ?? 'courier';
+        $promo_code = $_POST['promo_code'] ?? '';
        $notes = $_POST['notes'] ?? '';
        $discount_amount = floatval($_POST['discount'] ?? 0);
        $delivery_cost = floatval($_POST['delivery_price'] ?? 2000);
@@ -63,17 +66,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            INSERT INTO orders (
                user_id, order_number, subtotal, discount_amount,
                delivery_price, final_amount, status, payment_method,
-                delivery_method, delivery_address, customer_name,
-                customer_email, customer_phone, notes
-            ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+                delivery_method, delivery_address, delivery_region, 
+                postal_code, promo_code, customer_name, customer_email, 
+                customer_phone, notes
+            ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
            RETURNING order_id
        ");

        $orderStmt->execute([
            $user_id, $order_number, $total_amount, $discount_amount,
            $delivery_cost, $final_amount, 'pending', $payment_method,
-            $delivery_method, $delivery_address, $customer_name,
-            $customer_email, $customer_phone, $notes
+            $delivery_method, $delivery_address, $region, $postal_code,
+            $promo_code, $customer_name, $customer_email, $customer_phone, $notes
        ]);

        $order_id = $orderStmt->fetchColumn();
@@ -109,16 +113,24 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {

        $db->commit();

-        header('Location: order_success.php?id=' . $order_id);
+        echo json_encode([
+            'success' => true,
+            'order_id' => $order_id,
+            'order_number' => $order_number,
+            'message' => 'Заказ успешно оформлен'
+        ]);
        exit();

    } catch (Exception $e) {
        $db->rollBack();
-        header('Location: checkout.php?error=' . urlencode($e->getMessage()));
+        echo json_encode([
+            'success' => false,
+            'message' => $e->getMessage()
+        ]);
        exit();
    }
 } else {
-    header('Location: checkout.php');
+    echo json_encode(['success' => false, 'message' => 'Неверный метод запроса']);
    exit();
 }
 ?>