134 lines
4.7 KiB
PHP
134 lines
4.7 KiB
PHP
<?php
|
||
// process_order.php
|
||
session_start();
|
||
require_once 'config/database.php';
|
||
|
||
if (!isset($_SESSION['isLoggedIn']) || $_SESSION['isLoggedIn'] !== true) {
|
||
header('Location: вход.php?error=auth_required');
|
||
exit();
|
||
}
|
||
|
||
$user_id = $_SESSION['user_id'] ?? 0;
|
||
|
||
if ($user_id == 0) {
|
||
header('Location: вход.php?error=user_not_found');
|
||
exit();
|
||
}
|
||
|
||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||
$db = Database::getInstance()->getConnection();
|
||
|
||
try {
|
||
$db->beginTransaction();
|
||
|
||
// Получаем данные из формы
|
||
$customer_name = $_POST['full_name'] ?? '';
|
||
$customer_email = $_POST['email'] ?? '';
|
||
$customer_phone = $_POST['phone'] ?? '';
|
||
$delivery_address = $_POST['address'] ?? '';
|
||
$region = $_POST['region'] ?? '';
|
||
$payment_method = $_POST['payment'] ?? 'card';
|
||
$delivery_method = $_POST['delivery'] ?? 'courier';
|
||
$notes = $_POST['notes'] ?? '';
|
||
$discount_amount = floatval($_POST['discount'] ?? 0);
|
||
$delivery_cost = floatval($_POST['delivery_price'] ?? 2000);
|
||
|
||
// Генерируем номер заказа
|
||
$order_number = 'ORD-' . date('Ymd-His') . '-' . rand(1000, 9999);
|
||
|
||
// Получаем корзину пользователя
|
||
$cartStmt = $db->prepare("
|
||
SELECT
|
||
c.product_id,
|
||
c.quantity,
|
||
p.name,
|
||
p.price,
|
||
p.stock_quantity
|
||
FROM cart c
|
||
JOIN products p ON c.product_id = p.product_id
|
||
WHERE c.user_id = ?
|
||
");
|
||
$cartStmt->execute([$user_id]);
|
||
$cart_items = $cartStmt->fetchAll();
|
||
|
||
if (empty($cart_items)) {
|
||
throw new Exception('Корзина пуста');
|
||
}
|
||
|
||
// Рассчитываем итоги
|
||
$total_amount = 0;
|
||
foreach ($cart_items as $item) {
|
||
$total_amount += $item['price'] * $item['quantity'];
|
||
}
|
||
|
||
$final_amount = $total_amount - $discount_amount + $delivery_cost;
|
||
|
||
// Создаем заказ
|
||
$orderStmt = $db->prepare("
|
||
INSERT INTO orders (
|
||
user_id, order_number, total_amount, discount_amount,
|
||
delivery_cost, final_amount, status, payment_method,
|
||
delivery_method, delivery_address, customer_name,
|
||
customer_email, customer_phone, notes
|
||
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||
RETURNING order_id
|
||
");
|
||
|
||
$orderStmt->execute([
|
||
$user_id, $order_number, $total_amount, $discount_amount,
|
||
$delivery_cost, $final_amount, 'pending', $payment_method,
|
||
$delivery_method, $delivery_address, $customer_name,
|
||
$customer_email, $customer_phone, $notes
|
||
]);
|
||
|
||
$order_id = $orderStmt->fetchColumn();
|
||
|
||
// Добавляем товары в заказ и обновляем остатки
|
||
foreach ($cart_items as $item) {
|
||
// Добавляем в order_items
|
||
$itemStmt = $db->prepare("
|
||
INSERT INTO order_items (
|
||
order_id, product_id, product_name,
|
||
quantity, unit_price, total_price
|
||
) VALUES (?, ?, ?, ?, ?, ?)
|
||
");
|
||
|
||
$item_total = $item['price'] * $item['quantity'];
|
||
$itemStmt->execute([
|
||
$order_id, $item['product_id'], $item['name'],
|
||
$item['quantity'], $item['price'], $item_total
|
||
]);
|
||
|
||
// Обновляем остатки на складе
|
||
$updateStmt = $db->prepare("
|
||
UPDATE products
|
||
SET stock_quantity = stock_quantity - ?,
|
||
updated_at = CURRENT_TIMESTAMP
|
||
WHERE product_id = ?
|
||
");
|
||
$updateStmt->execute([$item['quantity'], $item['product_id']]);
|
||
}
|
||
|
||
// Очищаем корзину
|
||
$clearCartStmt = $db->prepare("DELETE FROM cart WHERE user_id = ?");
|
||
$clearCartStmt->execute([$user_id]);
|
||
|
||
// Очищаем сессию
|
||
unset($_SESSION['cart']);
|
||
|
||
$db->commit();
|
||
|
||
// Перенаправляем на страницу успеха
|
||
header('Location: order_success.php?id=' . $order_id);
|
||
exit();
|
||
|
||
} catch (Exception $e) {
|
||
$db->rollBack();
|
||
header('Location: оформление_заказа.php?error=' . urlencode($e->getMessage()));
|
||
exit();
|
||
}
|
||
} else {
|
||
header('Location: оформление_заказа.php');
|
||
exit();
|
||
}
|
||
?>
|