-
Notifications
You must be signed in to change notification settings - Fork 0
/
shopping_cart.php
44 lines (42 loc) · 1.77 KB
/
shopping_cart.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?php
// if (empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') {
// die(http_response_code(404));
// }
include "includes/sessioncheck.php";
include_once "includes/database.php";
// productId, quantity, action - add
// productId, action - remove
if (isset($_GET["action"])) {
$userId = $_SESSION["userid"];
$action = $_GET["action"];
if ($action == "add") {
if (isset($_GET["productId"]) && isset($_GET["quantity"])) {
$productId = $_GET["productId"];
$productQuantity = $_GET["quantity"];
if ($item = mysqlidb::fetchRow("SELECT * FROM product WHERE ProductId=$productId")) {
if (intval($productQuantity) <= intval($item["ProductStock"])) {
if (mysqlidb::checkRecordExists("SELECT * FROM shopping_cart WHERE ProductId = $productId AND UserId = $userId")) {
$row = mysqlidb::fetchRow("SELECT * FROM shopping_cart WHERE ProductId = $productId AND UserId = $userId");
$newQuantity = intval($row["CartQuantity"]) + intval($productQuantity);
mysqlidb::query("UPDATE shopping_cart SET CartQuantity = $newQuantity WHERE ProductId = $productId AND UserId = $userId");
} else {
mysqlidb::query("INSERT INTO shopping_cart(UserId, ProductId, CartQuantity) VALUES($userId,$productId,$productQuantity)");
}
} else {
http_response_code(404);
}
}
} else {
http_response_code(404);
}
} else if ($action == "remove") {
if (isset($_GET["productId"])) {
$productId = mysqlidb::escape($_GET["productId"]);
mysqlidb::query("DELETE FROM shopping_cart WHERE ProductId='$productId' AND UserId=$userId");
}
} else {
http_response_code(404);
}
} else {
http_response_code(404);
}