<? require "application_top.php";
require "protect.php";
$id = (isset($_REQUEST['id']) && ($_REQUEST['id']))? decode($_REQUEST['id']) : 0;

if($id){
	//get order details
	$db->where('orderid',$id);
	$db->where('isSold',0);
	$rowOD = $db->getOne('orders_detail');
	
	//check if correct seller
	if(!($rowOD) || ($rowOD['sellerid'] != $useridsess)){
		$_SESSION['msg'] = "Invalid access";
		header('location:index.php');exit;
	}
	
	$pid = $rowOD['pid'];
	//Check if product still available
	$db->where('pid',$pid);
	$db->where('isSold',0);
	$db->where('istatus',1);
	$rowprd = $db->getOne("products");
	if(!$rowprd){
		$_SESSION['msg'] = "Product is not available";
		header('location:index.php');exit;
	}
	//generate delivery code
	$otp = rand(00001,99999);
	//order status to change
	$updateArr = array('otp'=> $otp,'isapproved'=>1);
	$db->where('orderid',$id);
	$db->update('orders_detail',$updateArr);
	$_SESSION['msg'] = "Order Status changed successfully!";
	
	//change isSold to 1 where pid = this
	$updateArr = array('isSold'=> 1);
	$db->where('pid',$pid);
	$db->update('orders_detail',$updateArr);
	
	//get user email	
	$db->where('userid',$rowOD['userid']);
	$rowu = $db->getOne('register');
	$toemailid = $rowu['emailid'];
	$subjecttosend = "Your order is approved";
	$sendtoname = $rowu['emailid'];
	$messagetosent = "Your order is approved by the seller.<br/>
	Your delivery code is <b>".$otp."</b>. <br/>
	You must provide this code to delivery person when you receive the product." ;
	if($toemailid){
	sendemail($toemailid,$subjecttosend,$messagetosent,$sendtoname,$successmesage="");
	}//echo $_SESSION['msg'];exit;
	header('location:approvedResponses.php');exit;
}
?>