-
Notifications
You must be signed in to change notification settings - Fork 0
/
add_order.php
executable file
·93 lines (80 loc) · 3.54 KB
/
add_order.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
require 'connection.php';
$method = $_SERVER['REQUEST_METHOD'];
if ($method !== 'POST') {
http_response_code(400);
$response = array('status' => 'failure', 'message' => "$method not allowed");
echo json_encode($response, true);
return;
}
$request_data = validateRequestData();
// add data to db
add_data($request_data);
function add_data($request_data) {
$response = array();
try {
global $conn;
$sql = "Insert into Orders (order_amount,store_name,product_id,email,created_date) VALUES (" . $request_data['order_amt'] . ",'" . $request_data['store_name'] . "'," . $request_data['product_id'] . ",'" . $request_data['email'] . "','" . date('Y-m-d') . "')";
if ($conn->query($sql) === TRUE) {
$response = array('status' => 'Success', 'message' => 'Order Inserted Successfully', 'order_id' => $conn->insert_id);
} else {
$response = array('status' => 'failure', 'message' => 'Order Insertion Failed');
}
} catch (Exception $e) {
http_response_code($e->getCode());
$response = array('status' => 'failure', 'message' => "Internal Server Error");
}
ob_start();
$conn->close();
echo json_encode($response);
header("Content-Type: application/json");
header('Content-Length: ' . ob_get_length());
header("Connection: close");
ob_end_flush();
ob_flush();
flush();
sleep(10);
if ($response['status'] === 'Success') {
require './orders_mail.php';
send_mail(array('id' => $response['order_id'], 'order_amount' => $request_data['order_amt'], 'email' => $request_data['email']));
}
return;
}
function validateRequestData() {
$request_data = json_decode(file_get_contents('php://input'), true);
if (empty($request_data) || is_null($request_data)) {
http_response_code(400);
$response = array('status' => 'failure', 'message' => 'JSON is not properly formed.');
echo json_encode($response, true);
return;
}
$response = array();
if (!isset($request_data['store_name']) || empty($request_data['store_name']) || !check_input($request_data['store_name'], 'alphanumeric')) {
$response = array('status' => 'failure', 'message' => 'store_name is invalid');
} else if (!isset($request_data['order_amt']) || empty($request_data['order_amt']) || !is_numeric($request_data['order_amt'])) {
$response = array('status' => 'failure', 'message' => 'order_amt is invalid');
} else if (!isset($request_data['product_id']) || empty($request_data['product_id']) || !is_numeric($request_data['product_id'])) {
$response = array('status' => 'failure', 'message' => 'product_id is invalid');
} else if (!isset($request_data['email']) || empty($request_data['email']) || !check_input($request_data['email'], 'email')) {
$response = array('status' => 'failure', 'message' => 'email is invalid');
}
if (!empty($response)) {
http_response_code(400);
echo json_encode($response, true);
return;
}
return $request_data;
}
function check_input($value, $type = 'alphanumeric') {
$regex = array('alphanumeric' => '^[a-z\d\-_\s]+$', 'email' => '^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$');
if (!array_key_exists($type, $regex)) {
return false;
}
$key = "/" . $regex[$type] . "/i";
return preg_match($key, $value);
}