File: /home/durgeshpandey215/www/zeeroprice.skilladders.com/addtocart-bk.php
<? require_once "application_top.php";
require "protect.php";
//add item in shopping cart
//request coming from product.php page form and ajax_showprice.php form
if(isset($_POST["type"]) && $_POST["type"]=='add')
{
$pid = filter_var(decode($_POST["pid"]), FILTER_SANITIZE_NUMBER_INT); //product pid
if(isset($_POST["qty"])){
$qty = 1; //product qty
}else{
$qty=1;
}
$return_url = isset($_POST["return_url"])? decode($_POST["return_url"]):""; //return url
//if customer has clicked zeeroprice special discounted buttton
$orderid = isset($_POST['orderid'])? $_POST['orderid']:"";
//Get details of item from db using product pid
$db->where('pid',$pid);
$db->where('isSold',0);
$db->where('istatus',1);
$rowp = $db->getOne('products');
if($rowp){ //we have the product info
if(($rowp['qty']< $qty)||(!$qty)){
if($rowp['qty']){
$_SESSION['msg'] = "Could not added. Total quantity available is ".$rowp['qty'];
}else{
$_SESSION['msg'] = "Could not added selected item. It's out of stock. ".$rowp['qty'];
}
header('location:'.$_SERVER['HTTP_REFERER']);exit;
}
//customer cost check
//if customer has clicked default MRP rate button
$customercost = $rowp['mrp'];
if($orderid){ //check in temporder table
$db->where('userid',$_SESSION['useridsess']);
$db->where('orderid',$orderid);
$rowtmpod = $db->getOne('temporders');
if($rowtmpod){
$customercost = $rowtmpod['customercost'];
//delete this record when testing done
//$db->where('orderid',$orderid);
//$db->delete('temporders');
}else{
$_SESSION['msg'] = "Invalid access";
header('location:'.$_SERVER['HTTP_REFERER']); exit;
}
}else{
//this is when "Order @ original price" button
//check if already ordered
$db->where('userid',$_SESSION['useridsess']);
$db->where('pid',$pid);
$rowexist = $db->getOne('orders_detail');
if($rowexist){
$_SESSION['msg'] = "Already ordered. Note: You can order it by using Gold points";
header('location:'.$_SERVER['HTTP_REFERER']); exit;
}
$orderid = $rowp['sellerid'].date('YHis');
}
//Get user details
$db->where('userid',$_SESSION['useridsess']);
$rowu = $db->getOne('register');
//if free coins user then show message only
if(!$rowu['isPaid']){
$_SESSION['msg'] = "To Order Products, you need to Purchase ZeeroPrice Points.";
header('location:'.$_SERVER['HTTP_REFERER']); exit;
}
//gold coin user here after
//check user balance
$usersgoldCoin = $rowu['points'];
if($usersgoldCoin < $customercost ){
$_SESSION['msg'] = "You have insufficient 'Zeeroprice Gold Coins' to complete the transaction. Please buy coins and try again.";
header('location:wallet.php'); exit;
}
//get seller details
$db->where('userid',$rowp['sellerid']);
$rowseller = $db->getOne('register');
$insertdata = array('orderid'=>$orderid,
'userid'=>$_SESSION['useridsess'],
'sellerid'=>$rowp['sellerid'],
'ititle'=>$rowp['ititle'],
'pid'=>$pid,
'qty'=>$qty,
'mrp'=>$rowp['mrp'],
'minprice'=>$rowp['minprice'],
'collectedprice'=>$rowp['collectedprice'],
'customercost'=>$customercost,
'postedon'=>CURDATETIME,
);
$db->insert('orders_detail',$insertdata);
$toemailid = $rowseller['emailid'];
$subjecttosend = "Customer response received";
$sendtoname = $rowseller['emailid'];
$messagetosent = "Dear Seller.<br/>
Customer interest received (on ".CURDATETIME.") for one of your products <br/>. <br/>
Product Name: <b>".$rowp['ititle']."</b><br/>
Selling price: <b>".currSign($rowp['currency']). $rowp['mrp']."</b><br/>
Customer Cost: <b>".currSign($rowp['currency']). $customercost."</b><br/>
<br/>
<a href='".HTTP_SERVER."emaillogin.php?'>Click here to get in to your account </a>
" ;
if($toemailid){
sendemail($toemailid,$subjecttosend,$messagetosent,$sendtoname,$successmesage="");
$_SESSION['msg'] = "Notification to the seller has been sent.. Once approved by the seller, you can view the Seller's number to communicate about the order.";
}//echo $_SESSION['msg'];exit;
}else{
$_SESSION['msg'] = "Product is not available.";
}
header('Location:myorders.php');
exit;
}
header('location:'.$_SERVER['HTTP_REFERER']); exit;
?>