-
Notifications
You must be signed in to change notification settings - Fork 0
/
cart.php
253 lines (237 loc) · 10.2 KB
/
cart.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
<?
/*****************************************************
Developer: macdonaldgeek
Email: [email protected]
Phone: +255-657-567401/+254-717-667201/+44-744-0579061
Twitter: @macdonaldgeek
COPYRIGHT ©2014 RESTAURANT SCRIPT. ALL RIGHTS RESERVED
******************************************************/
?>
<?php
require_once('auth.php');
require_once('admin/locale.php');
?>
<?PHP
//check if the starting row variable was passed in the URL or not
if (!isset($_GET['startrow']) or !is_numeric($_GET['startrow'])) {
//we give the value of the starting row to 0 because nothing was found in URL
$startrow = 0;
//otherwise we take the value from the URL
} else {
$startrow = (int)$_GET['startrow'];
}
?>
<?php
//checking connection and connecting to a database
require_once('connection/config.php');
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
//define default values for flag_0
$flag_0 = 0;
//get member_id from session
$member_id = $_SESSION['SESS_MEMBER_ID'];
//selecting particular records from the food_details and cart_details tables. Return an error if there are no records in the tables
$result=mysql_query("SELECT food_name,food_description,food_price,food_photo,cart_id,quantity_value,total,flag,category_name FROM food_details,cart_details,categories,quantities WHERE cart_details.member_id='$member_id' AND cart_details.flag='$flag_0' AND cart_details.food_id=food_details.food_id AND food_details.food_category=categories.category_id AND cart_details.quantity_id=quantities.quantity_id LIMIT $startrow, 5")
or die("A problem has occured ... \n" . "Our team is working on it at the moment ... \n" . "Please check back after few hours.");
?>
<?php
if(isset($_POST['Submit'])){
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//get category id
$id = clean($_POST['category']);
//selecting all records from the food_details table based on category id. Return an error if there are no records in the table
$result=mysql_query("SELECT * FROM food_details WHERE food_category='$id'")
or die("A problem has occured ... \n" . "Our team is working on it at the moment ... \n" . "Please check back after few hours.");
}
?>
<?php
//retrieving quantities from the quantities table
$quantities=mysql_query("SELECT * FROM quantities")
or die("Something is wrong ... \n" . mysql_error());
?>
<?php
//retrieving cart ids from the cart_details table
//define a default value for flag_0
$flag_0 = 0;
$items=mysql_query("SELECT * FROM cart_details WHERE member_id='$member_id' AND flag='$flag_0'")
or die("Something is wrong ... \n" . mysql_error());
?>
<?php
//retrive a currency from the currencies table
//define a default value for flag_1
$flag_1 = 1;
$currencies=mysql_query("SELECT * FROM currencies WHERE flag='$flag_1'")
or die("A problem has occured ... \n" . "Our team is working on it at the moment ... \n" . "Please check back after few hours.");
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title><?php echo $name ?>:Shopping Cart</title>
<script type="text/javascript" src="swf/swfobject.js"></script>
<link href="stylesheets/user_styles.css" rel="stylesheet" type="text/css">
<script language="JavaScript" src="validation/user.js">
</script>
</head>
<body>
<div id="page">
<div id="menu"><ul>
<li><a href="index.php">Home</a></li>
<li><a href="foodzone.php">Food Zone</a></li>
<li><a href="specialdeals.php">Special Deals</a></li>
<li><a href="member-index.php">My Account</a></li>
<li><a href="contactus.php">Contact Us</a></li>
</ul>
</div>
<div id="header">
<div id="logo"> <a href="index.php" class="blockLink"></a></div>
<div id="company_name"><?php echo $name ?></div>
</div>
<div id="center">
<h1>MY SHOPPING CART</h1>
<hr>
<h3><a href="foodzone.php">Continue Shopping!</a></h3>
<form name="quantityForm" id="quantityForm" method="post" action="update-quantity.php" onsubmit="return updateQuantity(this)">
<table width="560" border="1" align="center">
<tr>
<td>Item ID</td>
<td><select name="item" id="item">
<option value="select">- select -
<?php
//loop through cart_details table rows
while ($row=mysql_fetch_array($items)){
echo "<option value=$row[cart_id]>$row[cart_id]";
}
?>
</select>
</td>
<td>Quantity</td>
<td><select name="quantity" id="quantity">
<option value="select">- select -
<?php
//loop through quantities table rows
while ($row=mysql_fetch_assoc($quantities)){
echo "<option value=$row[quantity_id]>$row[quantity_value]";
}
?>
</select>
</td>
<td><input type="submit" name="Submit" value="Change Quantity" /></td>
</tr>
</table>
</form>
<div style="border:#bd6f2f solid 1px;padding:4px 6px 2px 6px">
<table width="900" border="1" height="auto" align="center" style="text-align:center;">
<tr>
<td colspan="9" align="right">
<?PHP
//create a "Previous" link
$prev = $startrow - 5;
//only print a "Previous" link if a "Next" was clicked
if ($prev >= 0)
echo '<a href="'.$_SERVER['PHP_SELF'].'?startrow='.$prev.'"><-Previous</a>';
if ($prev >= 0 AND $prev < 0)
//create a separator
echo ' | ';
if ($prev < 0)
//create a "Next" link
echo '<a href="'.$_SERVER['PHP_SELF'].'?startrow='.($startrow+5).'">Next-></a>';
?>
</td>
</tr>
<tr>
<th>Item ID</th>
<th>Food Photo</th>
<th>Food Name</th>
<th>Food Description</th>
<th>Food Category</th>
<th>Food Price</th>
<th>Quantity</th>
<th>Total Cost</th>
<th>Action(s)</th>
</tr>
<?php
//loop through all table rows
$symbol=mysql_fetch_assoc($currencies); //gets active currency
while ($row=mysql_fetch_array($result)){
echo "<tr>";
echo "<td>" . $row['cart_id']."</td>";
echo '<td><a href=images/'. $row['food_photo']. ' alt="click to view full image" target="_blank"><img src=images/'. $row['food_photo']. ' width="80" height="70"></a></td>';
echo "<td>" . $row['food_name']."</td>";
echo "<td>" . $row['food_description']."</td>";
echo "<td>" . $row['category_name']."</td>";
echo "<td>" . $symbol['currency_symbol']. "" . $row['food_price']."</td>";
echo "<td>" . $row['quantity_value']."</td>";
echo "<td>" . $symbol['currency_symbol']. "" . $row['total']."</td>";
/*
echo "<form>";
echo '<td><select name="quantity" id="quantity" onchange="getQuantity(this.value)">
<option value="select">- select quantity -
<?php
while ($row=mysql_fetch_assoc($quantities)){
echo "<option value=$row[quantity_id]>$row[quantity_value]";
//$_SESSION[SESS_CART_ID] = $row[cart_id];
}
?>
</select></td>';
echo "</form>";
*/
/*
echo "<form>";
echo "<td><select name='quantity' id='quantity' onclick='getQuantity(this.value)'>
<option value='1'>select
<option value='2'>1
<option value='3'>2
<option value='4'>3
</select></td>";
echo "</form>";
*/
echo '<td><a href="order-exec.php?id=' . $row['cart_id'] . '">Place Order</a></td>';
echo "</tr>";
}
mysql_free_result($result);
mysql_close($link);
?>
<tr>
<td colspan="9" align="right">
<?PHP
//create a "Previous" link
$prev = $startrow - 5;
//only print a "Previous" link if a "Next" was clicked
if ($prev >= 0)
echo '<a href="'.$_SERVER['PHP_SELF'].'?startrow='.$prev.'"><-Previous</a>';
if ($prev >= 0 AND $prev < 0)
//create a separator
echo ' | ';
if ($prev < 0)
//create a "Next" link
echo '<a href="'.$_SERVER['PHP_SELF'].'?startrow='.($startrow+5).'">Next-></a>';
?>
</td>
</tr>
</table>
</div>
</div>
<div id="footer">
<div class="bottom_menu"><a href="index.php">Home Page</a> | <a href="aboutus.php">About Us</a> | <a href="specialdeals.php">Special Deals</a> | <a href="foodzone.php">Food Zone</a> | <a href="#">Affiliate Program</a><br>
| <a href="admin/index.php" target="_blank">Administrator</a> |</div>
<div class="bottom_addr">© <?php echo date("Y") . " " . $name ?>. All Rights Reserved</div>
</div>
</div>
</body>
</html>