iolovolio/api/order_add.php

<?php
session_start();
session_id(trim($_GET['sid']));
setlocale(LC_MONETARY, 'it_IT.UTF-8');

include_once './config.php';
include_once './database.php';
include_once './send_mail.php';

header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");

$databaseService = new DatabaseService();
$conn = $databaseService->getConnection();


$data = json_decode(file_get_contents("php://input"));
$shipping = array(
  "full_name" => $data->profile->first_name." ".$data->profile->last_name,
  "address" => $data->profile->address,
  "city" => $data->profile->city,
  "zip_code" => $data->profile->zip_code,
  "province" => $data->profile->province
);

$query = "INSERT INTO `orders`
          (`id`, `uid`, `date`, `items`, `total`, `status`, `token`, `shipping`, `traking`)
          VALUES (NULL, ".intval($data->uid).", NOW(), '".json_encode($data->cart)."', ".floatval($data->total).",
          '".($data->paid ? 'PAID' : 'CREATED')."',
          '".trim($data->token)."',
          '".json_encode($shipping)."', '')";

$stmt = $conn->prepare($query);

if($stmt->execute()) {

  $order_id = $conn->lastInsertId();
  $toEmail = $data->profile->email;
  $toName = $data->profile->first_name." ".$data->profile->last_name;
  $subject = 'Ordine n. '.$order_id;
  $body = emailHeader();

  $body .= "<tr><td colspan=\"4\" style=\"padding: 10px 20px\">Ciao ".$data->profile->first_name.",<br>
            siamo contenti che tu abbia acquistato il nostro olio, speriamo sia protagonista di tanti momenti conviviali.<br><br>
            Ecco i dati riassuntivi del tuo ordine:<br><br>
            <span style=\"color: #92704F\">CODICE IDENTIFICATIVO ORDINE:</span><br>
            <b>$order_id</b><br><br>
            <span style=\"color: #92704F\">TEMPI DI CONSEGNA:</span><br>
            La consegna avverrà in circa 5 giorni lavorativi<br><br>
            <span style=\"color: #92704F\">INDIRIZZO DI CONSEGNA:</span><br>".
            $data->profile->first_name." ".$data->profile->last_name."<br>".
            $data->profile->address."<br>".
            $data->profile->city." - ".
            $data->profile->zip_code." - ".
            $data->profile->city."<br>".
            "Contatto telefonico: <br>".
            $data->profile->phone."<br><br>
            <span style=\"color: #92704F\">PRODOTTI ORDINATI:</span><br>
            </td></tr>";

  $body .= '<tr style="margin: 0; padding: 10px 20px">
            <td style="font-weight: bold">Prodotto</td>
            <td style="font-weight: bold">Prezzo</td>
            <td style="font-weight: bold">Quantità</td>
            <td style="font-weight: bold">Totale</td>
          </tr>';

  foreach($data->cart as $item) {
    $qp = "SELECT * FROM products WHERE id=".$item->pid;
    $stmtp = $conn->prepare($qp);
    $stmtp->execute();
    $p = $stmtp->fetch(PDO::FETCH_ASSOC);

    $body .= '<tr style="margin: 0; padding: 10px 20px">
                <td style="border-bottom: 1px solid #323232;"><b style="color: #92704F; font-style: italic">'.$p['name'].'</b><br>
                <span style="font-size: 10px">'.$p['type'].'</span> </td>
                <td style="border-bottom: 1px solid #323232; width: 90px">'.money_format('%.2n', $item->price).' </td>
                <td style="border-bottom: 1px solid #323232; width: 90px">'.$item->qty.' </td>
                <td style="border-bottom: 1px solid #323232; width: 90px">'.money_format('%.2n', $item->price * $item->qty).' </td>
              </tr>';
  }

  $body .= "<tr><td colspan=\"4\" style=\"padding: 10px 20px\"><br>Ci auguriamo che non ci siano problemi con i prodotti acquistati. In caso contrario puoi contattarci in qualsiasi momento all'indirizzo ordini@iolovolio.com<br><br>
            Grazie,<br>il team Iolovolio<br><br></td></tr>";

  $body .= emailFooter();

  $sent = sendEmail($toEmail, $toName, $subject, $body);
  if($sent === true) {
    http_response_code(200);
    echo json_encode(
      array(
        "status" => 200,
        "id" => $conn->lastInsertId(),
        "mail" => $sent
      ));
  } else {
    http_response_code(400);
    echo json_encode(
    array(
      "status" => 400,
      "message" => $sent,
      "query" => $query
    ));
  }
} else {
  http_response_code(400);
  echo json_encode(
    array(
      "status" => 400,
      "message" => "Error inserting new order",
      "query" => $query
    ));
}

?>
save order 4 years ago			`<?php`
			`session_start();`
admin orders list 4 years ago			`session_id(trim($_GET['sid']));`
add account 4 years ago			`setlocale(LC_MONETARY, 'it_IT.UTF-8');`

save order 4 years ago			`include_once './config.php';`
			`include_once './database.php';`
add account 4 years ago			`include_once './send_mail.php';`
save order 4 years ago
			`header("Access-Control-Allow-Origin: *");`
			`header("Content-Type: application/json; charset=UTF-8");`
			`header("Access-Control-Allow-Methods: POST");`
			`header("Access-Control-Max-Age: 3600");`
			`header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");`

			`$databaseService = new DatabaseService();`
			`$conn = $databaseService->getConnection();`

add account 4 years ago
save order 4 years ago			`$data = json_decode(file_get_contents("php://input"));`
			`$shipping = array(`
			`"full_name" => $data->profile->first_name." ".$data->profile->last_name,`
add admin 4 years ago			`"address" => $data->profile->address,`
			`"city" => $data->profile->city,`
			`"zip_code" => $data->profile->zip_code,`
			`"province" => $data->profile->province`
save order 4 years ago			`);`

			$query = "INSERT INTO `orders`
			(`id`, `uid`, `date`, `items`, `total`, `status`, `token`, `shipping`, `traking`)
			`VALUES (NULL, ".intval($data->uid).", NOW(), '".json_encode($data->cart)."', ".floatval($data->total).",`
add account 4 years ago			`'".($data->paid ? 'PAID' : 'CREATED')."',`
save order 4 years ago			`'".trim($data->token)."',`
			`'".json_encode($shipping)."', '')";`

			`$stmt = $conn->prepare($query);`

			`if($stmt->execute()) {`
add account 4 years ago
updates 4 years ago			`$order_id = $conn->lastInsertId();`
add account 4 years ago			`$toEmail = $data->profile->email;`
			`$toName = $data->profile->first_name." ".$data->profile->last_name;`
updates 4 years ago			`$subject = 'Ordine n. '.$order_id;`
add account 4 years ago			`$body = emailHeader();`

production 4 years ago			`$body .= "<tr><td colspan=\"4\" style=\"padding: 10px 20px\">Ciao ".$data->profile->first_name.",<br>`
			`siamo contenti che tu abbia acquistato il nostro olio, speriamo sia protagonista di tanti momenti conviviali.<br><br>`
updates 4 years ago			`Ecco i dati riassuntivi del tuo ordine:<br><br>`
			`<span style=\"color: #92704F\">CODICE IDENTIFICATIVO ORDINE:</span><br>`
			`<b>$order_id</b><br><br>`
			`<span style=\"color: #92704F\">TEMPI DI CONSEGNA:</span><br>`
production 4 years ago			`La consegna avverrà in circa 5 giorni lavorativi<br><br>`
updates 4 years ago			`<span style=\"color: #92704F\">INDIRIZZO DI CONSEGNA:</span><br>".`
			`$data->profile->first_name." ".$data->profile->last_name."<br>".`
			`$data->profile->address."<br>".`
			`$data->profile->city." - ".`
			`$data->profile->zip_code." - ".`
production 4 years ago			`$data->profile->city."<br>".`
			`"Contatto telefonico: <br>".`
updates 4 years ago			`$data->profile->phone."<br><br>`
			`<span style=\"color: #92704F\">PRODOTTI ORDINATI:</span><br>`
			`</td></tr>";`

production 4 years ago			`$body .= '<tr style="margin: 0; padding: 10px 20px">`
updates 4 years ago			`<td style="font-weight: bold">Prodotto</td>`
			`<td style="font-weight: bold">Prezzo</td>`
			`<td style="font-weight: bold">Quantità</td>`
			`<td style="font-weight: bold">Totale</td>`
add account 4 years ago			`</tr>';`

			`foreach($data->cart as $item) {`
updates 4 years ago			`$qp = "SELECT * FROM products WHERE id=".$item->pid;`
			`$stmtp = $conn->prepare($qp);`
			`$stmtp->execute();`
			`$p = $stmtp->fetch(PDO::FETCH_ASSOC);`

production 4 years ago			`$body .= '<tr style="margin: 0; padding: 10px 20px">`
			`<td style="border-bottom: 1px solid #323232;"><b style="color: #92704F; font-style: italic">'.$p['name'].'</b><br>`
			`<span style="font-size: 10px">'.$p['type'].'</span> </td>`
updates 4 years ago			`<td style="border-bottom: 1px solid #323232; width: 90px">'.money_format('%.2n', $item->price).' </td>`
			`<td style="border-bottom: 1px solid #323232; width: 90px">'.$item->qty.' </td>`
			`<td style="border-bottom: 1px solid #323232; width: 90px">'.money_format('%.2n', $item->price * $item->qty).' </td>`
add account 4 years ago			`</tr>';`
			`}`

production 4 years ago			`$body .= "<tr><td colspan=\"4\" style=\"padding: 10px 20px\"><br>Ci auguriamo che non ci siano problemi con i prodotti acquistati. In caso contrario puoi contattarci in qualsiasi momento all'indirizzo ordini@iolovolio.com<br><br>`
			`Grazie,<br>il team Iolovolio<br><br></td></tr>";`
updates 4 years ago
add account 4 years ago			`$body .= emailFooter();`

			`$sent = sendEmail($toEmail, $toName, $subject, $body);`
			`if($sent === true) {`
			`http_response_code(200);`
			`echo json_encode(`
			`array(`
			`"status" => 200,`
			`"id" => $conn->lastInsertId(),`
			`"mail" => $sent`
			`));`
			`} else {`
			`http_response_code(400);`
			`echo json_encode(`
save order 4 years ago			`array(`
add account 4 years ago			`"status" => 400,`
			`"message" => $sent,`
			`"query" => $query`
save order 4 years ago			`));`
add account 4 years ago			`}`
save order 4 years ago			`} else {`
			`http_response_code(400);`
			`echo json_encode(`
			`array(`
			`"status" => 400,`
add account 4 years ago			`"message" => "Error inserting new order",`
			`"query" => $query`
save order 4 years ago			`));`
			`}`

			`?>`