iolovolio/api/order_add.php

<?php
session_start();
session_id(trim($_GET['sid']));
setlocale(LC_MONETARY, 'it_IT.UTF-8');

include_once './config.php';
include_once './database.php';
include_once './send_mail.php';

header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");

$databaseService = new DatabaseService();
$conn = $databaseService->getConnection();


$data = json_decode(file_get_contents("php://input"));
$shipping = array(
  "full_name" => $data->profile->first_name." ".$data->profile->last_name,
  "address" => $data->profile->address,
  "city" => $data->profile->city,
  "zip_code" => $data->profile->zip_code,
  "province" => $data->profile->province
);

$query = "INSERT INTO `orders`
          (`id`, `uid`, `date`, `items`, `total`, `status`, `token`, `shipping`, `traking`)
          VALUES (NULL, ".intval($data->uid).", NOW(), '".json_encode($data->cart)."', ".floatval($data->total).",
          '".($data->paid ? 'PAID' : 'CREATED')."',
          '".trim($data->token)."',
          '".json_encode($shipping)."', '')";

$stmt = $conn->prepare($query);

if($stmt->execute()) {

  $order_id = $conn->lastInsertId();
  $toEmail = $data->profile->email;
  $toName = $data->profile->first_name." ".$data->profile->last_name;
  $subject = 'Ordine n. '.$order_id;
  $body = emailHeader();

  $body .= "<tr><td colspan=\"4\" style=\"padding: 10px 20px\">Ciao ".$data->profile->first_name."<br><br>
            Siamo contenti che tu abbia acquistato il nostro olio, speriamo sia protagonista di tanti momenti conviviali.<br><br>
            Ecco i dati riassuntivi del tuo ordine:<br><br>
            <span style=\"color: #92704F\">CODICE IDENTIFICATIVO ORDINE:</span><br>
            <b>$order_id</b><br><br>
            <span style=\"color: #92704F\">TEMPI DI CONSEGNA:</span><br>
            La consegna avverrà in circa xx giorni lavorativi<br><br>
            <span style=\"color: #92704F\">INDIRIZZO DI CONSEGNA:</span><br>".
            $data->profile->first_name." ".$data->profile->last_name."<br>".
            $data->profile->address."<br>".
            $data->profile->city." - ".
            $data->profile->zip_code." - ".
            $data->profile->city."<br>
            Telefono contatto: <br>".
            $data->profile->phone."<br><br>
            <span style=\"color: #92704F\">PRODOTTI ORDINATI:</span><br>
            </td></tr>";

  $body .= '<tr style="margin: 0; padding: 10px">
            <td style="font-weight: bold">Prodotto</td>
            <td style="font-weight: bold">Prezzo</td>
            <td style="font-weight: bold">Quantità</td>
            <td style="font-weight: bold">Totale</td>
          </tr>';

  foreach($data->cart as $item) {
    $qp = "SELECT * FROM products WHERE id=".$item->pid;
    $stmtp = $conn->prepare($qp);
    $stmtp->execute();
    $p = $stmtp->fetch(PDO::FETCH_ASSOC);

    $body .= '<tr style="margin: 0; padding: 10px">
                <td style="border-bottom: 1px solid #323232;">'.$p['type'].' - '.$p['name'].' </td>
                <td style="border-bottom: 1px solid #323232; width: 90px">'.money_format('%.2n', $item->price).' </td>
                <td style="border-bottom: 1px solid #323232; width: 90px">'.$item->qty.' </td>
                <td style="border-bottom: 1px solid #323232; width: 90px">'.money_format('%.2n', $item->price * $item->qty).' </td>
              </tr>';
  }

  $body .= "<tr><td colspan=\"4\"><br>Ci auguriamo che non ci siano problemi con i prodotti acquistati. In caso contrario puoi effettuare un reso in base a quanto previsto dalle nostre politiche di reso, consultabili cliccando su questo link<br><br>
            Grazie,<br>Servizio Clienti Iolovolio<br><br></td></tr>";

  $body .= emailFooter();

  $sent = sendEmail($toEmail, $toName, $subject, $body);
  if($sent === true) {
    http_response_code(200);
    echo json_encode(
      array(
        "status" => 200,
        "id" => $conn->lastInsertId(),
        "mail" => $sent
      ));
  } else {
    http_response_code(400);
    echo json_encode(
    array(
      "status" => 400,
      "message" => $sent,
      "query" => $query
    ));
  }
} else {
  http_response_code(400);
  echo json_encode(
    array(
      "status" => 400,
      "message" => "Error inserting new order",
      "query" => $query
    ));
}

?>