File manager - Edit - /var/www/order.cmtc.ac.th/user/upload_slip_3.php
Back
<?php include('../config/db.php'); if($_SERVER['REQUEST_METHOD'] == 'POST'){ // รับค่าจากฟอร์ม $fullname = mysqli_real_escape_string($conn, $_POST['fullname']); $phone = mysqli_real_escape_string($conn, $_POST['phone']); $address = mysqli_real_escape_string($conn, $_POST['address']); $zipcode = mysqli_real_escape_string($conn, $_POST['zipcode']); $receive_method = mysqli_real_escape_string($conn, $_POST['receive_method']); $total = floatval($_POST['total']); // จัดการอัปโหลดไฟล์สลิป $slipFile = ""; if(isset($_FILES['slip']['name']) && $_FILES['slip']['name'] != ''){ $ext = pathinfo($_FILES['slip']['name'], PATHINFO_EXTENSION); $safe_name = preg_replace("/[^a-zA-Z0-9_\-\.]/", "", $_FILES['slip']['name']); $slipFile = time() . '_' . $safe_name; move_uploaded_file($_FILES['slip']['tmp_name'], "../uploads/slip/" . $slipFile); } // 🔍 ตรวจสอบว่าสินค้าในออเดอร์มีตัวใดสต๊อกหมดหรือไม่ $has_free = false; if(isset($_POST['product'])){ foreach($_POST['product'] as $pid => $qty){ $pid = intval($pid); $check = $conn->query("SELECT stock FROM products WHERE id=$pid"); if($check && $check->num_rows > 0){ $stock = $check->fetch_assoc()['stock']; if($stock <= 0){ $has_free = true; break; } } } } // 🔸 กำหนดสถานะออเดอร์ตามสต๊อกสินค้า if($has_free){ $status_text = 'Free Order (รอสินค้า)'; } else { $status_text = 'รอการตรวจสอบ'; } // ✅ บันทึกออเดอร์ $sql = "INSERT INTO orders (fullname, phone, address, zipcode, receive_method, total, status, slip, created_at) VALUES ('$fullname', '$phone', '$address', '$zipcode', '$receive_method', '$total', '$status_text', '$slipFile', NOW())"; $conn->query($sql); $oid = $conn->insert_id; // ✅ บันทึกรายการสินค้าในออเดอร์ if(isset($_POST['product_name'])){ for($i=0; $i<count($_POST['product_name']); $i++){ $pname = mysqli_real_escape_string($conn, $_POST['product_name'][$i]); $qty = intval($_POST['qty'][$i]); $price = floatval($_POST['price'][$i]); $pid = 0; $res = $conn->query("SELECT id FROM products WHERE name='$pname' LIMIT 1"); if($res && $res->num_rows > 0){ $pid = $res->fetch_assoc()['id']; } $conn->query("INSERT INTO order_items (order_id, product_id, qty, price) VALUES ($oid, $pid, $qty, $price)"); } } echo "<script>alert('ส่งข้อมูลเรียบร้อย! สถานะ: $status_text');window.location='check_status.php';</script>"; } ?>
| ver. 1.4 |
Github
|
.
| PHP 7.4.33 | Generation time: 0.41 |
proxy
|
phpinfo
|
Settings