complete_order.php

完善的PHP/MySQL电子商务方案

<?
/* complete_order.php (c) 2000 Ying Zhang (ying@zippydesign.com)
 *
 * TERMS OF USAGE:
 * This file was written and developed by Ying Zhang (ying@zippydesign.com)
 * for educational and demonstration purposes only.  You are hereby granted the 
 * rights to use, modify, and redistribute this file as you like.  The only
 * requirement is that you must retain this notice, without modifications, at
 * the top of your source code.  No warranties or guarantees are expressed or
 * implied. DO NOT use this code in a production environment without
 * understanding the limitations and weaknesses pretaining to or caused by the
 * use of these scripts, directly or indirectly. USE AT YOUR OWN RISK!
 */

/******************************************************************************
 * MAIN
 *****************************************************************************/

include("../application.php");
require_login();

/* this page will do the CC authentication, so we want to try to prevent
 * people from entering here causually */
$cart_is_empty = $SESSION["cart"]->itemcount() == 0;
$order = load_orderinfo();
if ($cart_is_empty || ! $order) {
	header("Location: $CFG->wwwroot");
	die;
}

/* we will create the order in our database, then try to authorize the
 * payment.  if all was successful, the user's order will have been
 * completed.
 */
$orderid = create_order($order);
$transaction_ok = authorize_payment($status, $status_details);
update_orderstatus($orderid, $status, $status_details);

if ($transaction_ok) {
	$DOC_TITLE = "Order Completed Successfully";
	$template_to_show = "templates/complete_order_success.php";	
	$cart_total = $SESSION["cart"]->total;

	/* clear out the shopping cart, so the user doesn't accidentally re-submit
	 * and purchase twice!! */
	$SESSION["cart"]->init();
	clear_orderinfo();

} else {
	$DOC_TITLE = "Unable to Complete Order";
	$template_to_show = "templates/complete_order_failed.php";	
}

include("$CFG->templatedir/header.php");
include($template_to_show);
include("$CFG->templatedir/footer.php");

/******************************************************************************
 * FUNCTIONS
 *****************************************************************************/

function create_order(&$order) {
/* this function saves this order info the database, it will make one entry
 * in the orders table for the order, and then save the shopping cart
 * contents into the order_items table */

	global $SESSION;

	/* build the custinfo string */
	$custinfo =
		  "Customer   : $order->customer\n"
		. "Contact    : $order->contact\n"
		. "Address    : $order->address\n"
		. "Credit Card: " . chop_ccnum($order->creditcard) . " expiry $order->expiry\n";

	/* save order information first */
	$qid = db_query("
	INSERT INTO orders (
		username, o_timestamp, status, custinfo, comments, amount
	) VALUES (
		 '{$SESSION["user"]["username"]}'
		,now()
		,1
		,'$custinfo'
		,'$order->comments'
		,'{$SESSION["cart"]->total}'
	)");

	$orderid = db_insert_id();

	/* now add the shopping cart items into the order_items table */
	$qid = get_cart_items();
	while ($item = db_fetch_object($qid)) {
		db_query("
		INSERT INTO order_items (
			order_id, product_id, price, qty
		) VALUES (
			 '$orderid'
			,'$item->id'
			,'$item->price'
			,'{$SESSION["cart"]->items["$item->id"]}'
		)");
	}

	return $orderid;
}

function update_orderstatus($orderid, $status, $status_details) {
/* this function is used to update the order status after we find out if
 * the transaction was approved or not */

	db_query("
	UPDATE orders SET
		 status = '$status'
		,status_details = '$status_details'
		,a_timestamp = now()
	WHERE id = '$orderid'
	");
}

function authorize_payment(&$status, &$status_details) {
/* this function will be the one that contacts the payment authorization
 * company to verify the credit card information and to do the payment
 * processing.  this function should set $status to whatever the payment
 * status is, and should return true if every went well, or false otherwise */

	/* uncomment one of these blocks to play with the results */

	$status = 1;
	$status_details = "Order completed successfully";
	return true;

	/*
	$status = -1;
	$status_details = "Credit Card number is invalid";
	return false;
	*/
}

?>