File manager - Edit - /var/www/order.cmtc.ac.th/user/upload_slip_org.php
Back
<?php include('../config/db.php'); if($_SERVER['REQUEST_METHOD'] == 'POST'){ // รับค่าจากฟอร์ม $fullname = mysqli_real_escape_string($conn, $_POST['fullname']); $phone = mysqli_real_escape_string($conn, $_POST['phone']); $address = mysqli_real_escape_string($conn, $_POST['address']); $zipcode = mysqli_real_escape_string($conn, $_POST['zipcode']); $receive_method = mysqli_real_escape_string($conn, $_POST['receive_method']); $total = floatval($_POST['total']); // ✅ อัปโหลดสลิป $slipFile = ""; if(isset($_FILES['slip']['name']) && $_FILES['slip']['name'] != ''){ $ext = pathinfo($_FILES['slip']['name'], PATHINFO_EXTENSION); $safe_name = preg_replace("/[^a-zA-Z0-9_\-\.]/", "", $_FILES['slip']['name']); $slipFile = time() . '_' . $safe_name; move_uploaded_file($_FILES['slip']['tmp_name'], "../uploads/slip/" . $slipFile); } // ✅ ตรวจสอบสินค้า Free Order // ✅ ตรวจสอบสินค้า Free Order $has_free = false; $product_status_list = []; // เก็บสถานะของแต่ละสินค้า if(isset($_POST['product_name'])){ for($i = 0; $i < count($_POST['product_name']); $i++){ $pname = mysqli_real_escape_string($conn, $_POST['product_name'][$i]); $check = $conn->query("SELECT id, stock FROM products WHERE name='$pname' LIMIT 1"); if($check && $check->num_rows > 0){ $pinfo = $check->fetch_assoc(); $pid = $pinfo['id']; $stock = $pinfo['stock']; if($stock <= 0){ $has_free = true; $product_status_list[$pid] = "Free Order"; } else { $product_status_list[$pid] = "ปกติ"; } } } } // ✅ กำหนดสถานะรวมของใบสั่งซื้อ if($has_free){ $status_text = 'Free Order (รอสินค้า)'; $order_type = 'Free Order'; } else { $status_text = 'รอการตรวจสอบ'; $order_type = 'ปกติ'; } // ✅ บันทึกใบสั่งซื้อหลัก $sql = "INSERT INTO orders (fullname, phone, address, zipcode, receive_method, total, status, order_type, slip, created_at) VALUES ('$fullname', '$phone', '$address', '$zipcode', '$receive_method', '$total', '$status_text', '$order_type', '$slipFile', NOW())"; $conn->query($sql); $oid = $conn->insert_id; // ✅ บันทึกรายการสินค้า if(isset($_POST['product_name'])){ for($i = 0; $i < count($_POST['product_name']); $i++){ $pname = mysqli_real_escape_string($conn, $_POST['product_name'][$i]); $qty = intval($_POST['qty'][$i]); $price = floatval($_POST['price'][$i]); $pid = 0; $res = $conn->query("SELECT id FROM products WHERE name='$pname' LIMIT 1"); if($res && $res->num_rows > 0){ $pid = $res->fetch_assoc()['id']; } // กำหนดสถานะสินค้าในแต่ละรายการ $item_status = isset($product_status_list[$pid]) ? $product_status_list[$pid] : "ปกติ"; $conn->query("INSERT INTO order_items (order_id, product_id, qty, price, item_status) VALUES ($oid, $pid, $qty, $price, '$item_status')"); } } echo "<script> alert('ส่งข้อมูลเรียบร้อย!\\nสถานะใบสั่งซื้อ: $status_text'); window.location='check_status.php'; </script>"; } ?>
| ver. 1.4 |
Github
|
.
| PHP 7.4.33 | Generation time: 0.43 |
proxy
|
phpinfo
|
Settings