Location: PHPKode > projects > eCanteen > ecanteen/user/processorder.php
<?
//eCanteen file
//Copyright David Byrne 2007
//All rights reserved
?>
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<Title>Processing</Title>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<? 
list($iYear,$iMonth,$iDay)=explode("-",$_GET["date"]);
list($Nowdate,$NowTime)=explode(" ",date("Y-m-d"));
//echo date("Y-m-d");
//echo "<br>";
//echo "<br>";
//echo $Nowdate;
//echo "<br>";
//echo "<br>";
//break;
if (strlen($_GET["TargetVals"])>0)
{



if ($_GET["dDate"]<$Nowdate)
{

//Error for wrong date here
?>
    <script type="text/javascript">
    window.alert('Wrong Date');
    window.close();
    </script>
    <body >
    </body>
    </html> 
    <? 
}
  else
{





  // $objConnection1 is of type "ADODB.Connection"
  // $MenuList is of type "ADODB.Recordset"
  // $objRecordset1 is of type "ADODB.Recordset"
	include("../include/constants.php");    
   mysql_free_result();
	session_start();
  $objConnection1 =mysql_connect(DB_SERVER, DB_USER, DB_PASS);
  mysql_select_db(DB_NAME);
 //Some check for whether the date is active through both specialdates and open //days in site details. 
$closed=0;
if ($_GET["Repeat"]==1)
{ //check if repeating orders
$sqlstmnt = "select  `SpecialDateFrom`, `SpecialDateTo`, `Active_L2`, `~SiteID\$` from `specialdate` where `~SiteID\$`=".$_SESSION['SiteID']." and `SpecialDateFrom`>='".$_GET["dDate"]."'"; 
$SpecialDate=mysql_query($sqlstmnt);
$SpecialDatenum=mysql_numrows($SpecialDate);
//echo $SpecialDatenum."numbers";echo mysql_error();
   $i=0;
   //echo mysql_result($SpecialDate,$i,"Active_L2");
		while ($i < $SpecialDatenum) 
 	 {
      if (mysql_result($SpecialDate,$i,"Active_L2")==0)
      {
      
      list($Fromdate,$FromTime)=explode(" ",mysql_result($SpecialDate,$i,"SpecialDateFrom"));
      list($Todate,$ToTime)=explode(" ",mysql_result($SpecialDate,$i,"SpecialDateTo"));
      echo $_GET["dDate"];
      echo mysql_result($SpecialDate,$i,"SpecialDateFrom");
        if ($_GET["dDate"]>=$Fromdate&&$_GET["dDate"]<=$Todate)
        {
          $closed=1;
          //echo $closed."closed";
        }      
      } 	 
		$i++;
		}
}
// end date open check

//break;


if ($closed==0)  
{  
//This data check is for existing orders
  $sqlstmnt="SELECT transactions.`TargetDate`, transactions.`BreakID`, transactions.`MinorAccountID` FROM transactions WHERE (((transactions.`TargetDate`)='".$_GET["dDate"]." 00:00:00') AND ((transactions.`BreakID`)=".$_GET["BreakID"].") AND ((transactions.`MinorAccountID`)=".$_GET["CustID"].") AND ((transactions.`TransactionNumber`)>0));";

//echo $sqlstmnt;
//break;
$objRecordset1=mysql_query($sqlstmnt);

$objRecordset1num=mysql_numrows($objRecordset1);
//echo "<br>";
//echo "test=".$objRecordset1num;
//echo "<br>";
  if ($objRecordset1num > 0)
  {

//Error for existing record here
?>
        <script type="text/javascript">
        window.alert('Existing Order');
        window.close();
        </script>
        <body >
        </body>
        </html> 
        <? 
  }
    else
  {

    
//



//This data check is that all items are within from/to dates
		print $_GET["TargetVals"];
    $testarray=explode("*",$_GET["TargetVals"]);

		print "counttest=".count($testarray)."<BR>";
		print "0=".$testarray[0]."<BR>";
		print "1=".$testarray[1]."<BR>";
    if (strlen($testarray[1])==0)
    {

      $OrderRow=explode("/",$testarray[0]);
			print $OrderRow[0]."<BR>";
      $OrString="(((menuitem.`MenuItemID`)=".$OrderRow[0]."));";
    }
      else
    {

      $OrderRow=explode("/",$testarray[0]);
      $OrString="(((menuitem.`MenuItemID`)=".$OrderRow[0]."))";
			print $OrderRow[0]."<BR>";
      for ($x=1; $x<=count($testarray)-3; $x=$x+1)
      {
        $OrderRow=explode("/",$testarray[$x]);
        $OrString=$OrString." OR (((menuitem.`MenuItemID`)=".$OrderRow[0].")) ";
				print $OrderRow[0]."<BR>";

      }

      $OrderRow=explode("/",$testarray[count($testarray)-2]);
      $OrString=$OrString." OR (((menuitem.`MenuItemID`)=".$OrderRow[0]."));";
			print $OrderRow[0]."<BR>";

    } 

    $sqlstmnt="SELECT menuitem.`MenuItemID`, menuitem.`FromDate`, menuitem.`ToDate` FROM menuitem WHERE ".$OrString;
//response.write sqlstmnt&"<br>"
    $objRecordset1=mysql_query($sqlstmnt);
		$i=0;
		$objRecordset1num=mysql_numrows($objRecordset1);
    $Continue=true;
    if (!($objRecordset1num==0))
    {

      while($i < $objRecordset1num)
      {

        if (mysql_result($objRecordset1,$i,"FromDate")<=$_GET["dDate"] || mysql_result($objRecordset1,$i,"ToDate")>=$_GET["dDate"])
        {

        }
          else
        {
          $Continue=false;
        } 

        $i++;

      } 
    } 

    

    if (!$Continue)
    {

//Error for out of date range for order item here
?>
            <script type="text/javascript">
            window.alert('Order Item not available on this date');
            window.close();
            </script>
            <body >
            </body>
            </html> 
            <? 
    }
      else
    {
	
session_start();
      $sqlstmt="SELECT break.`BreakID`, break.`Break`, break.`BreakShortName`, break.`SortOrder`, break.`OrderCloseTime`, break.`Minutes`, break.`~SiteID$` FROM break WHERE (((break.`BreakID`)=".$_GET["BreakID"].") AND ((break.`~SiteID$`)=".$_SESSION['SiteID'].")) ORDER BY break.`SortOrder`;";
		print $sqlstmt."<br>";
		//break;
      
		$SiteBreaks=mysql_query($sqlstmt);

		$SiteBreaksnum=mysql_numrows($SiteBreaks);
;//response.write timevalue(cstr(time)) > SiteBreaks.fields("OrderCloseTime") and datevalue(Request.QueryString("dDate")) = datevalue(datestr)&"<br>"  
//response.end
			//mysql_result($SiteBreaks,$i,"OrderCloseTime");
			//list($Nowdate,$NowTime)=explode(" ",date());
			list($sbdate,$sbTime)=explode(" ",mysql_result($SiteBreaks,0,"OrderCloseTime"));
      if (time()>strtotime($sbTime) && $_GET["dDate"]==$Nowdate)
      {

//Error for out of time range here
      }
        else
      {

//response.write timevalue(cstr(time)) > (SiteBreaks.fields("OrderCloseTime"))
        $sqlstmt="SELECT minorcustomer.`CustomerID`, minorcustomer.`MajorCustomerExtract$`, minorcustomer.`Active_L2`, majorcustomer.`Credit_L2` FROM majorcustomer INNER JOIN minorcustomer ON majorcustomer.`CustomerID` = minorcustomer.`MajorCustomerExtract$` WHERE (((minorcustomer.`CustomerID`)=".$_GET["CustID"]."));";
        $CheckMajor=mysql_query($sqlstmt);
        //echo $sqlstmt;
       // break;
				
        if (mysql_result($CheckMajor,0,"MajorCustomerExtract$")!=$_SESSION['CustomerID'])
        {

//Error for not your kid here
?>
                    <script type="text/javascript">
                    window.alert('This is not your account');
                    window.close();
                    </script>
                    <body >
                    </body>
                    </html> 
                    <? 

        }
          else
        {

//testarray=split(request.QueryString("TargetVals"),"*")
//MatchArray=split(request.QueryString("TargetVals"),"*")
//response.write request.QueryString("TargetVals")&"<br>"
//response.End

//response.write OrString&"<BR>"&"<BR>"


          $sqlstmnt="SELECT menuitem.`Abbreviation`, menuitem.`Cost`, menuitem.`MenuItemID` FROM menuitem WHERE ".$OrString;
					print $sqlstmnt;
          $TotalCost=0;

          $objRecordset1=mysql_query($sqlstmnt);
					$i=0;
					$objRecordset1num=mysql_numrows($objRecordset1);
          while($i < $objRecordset1num)
          {

//response.write "<BR>"&objRecordset1.fields("MenuItemID")&"<BR>"
            for ($x=0; $x<=count($testarray); $x=$x+1)
            {
						//echo "testlen=".strlen($testarray[$x])."<br>";
							if (strlen($testarray[$x])>0)
							{
              $OrderRow=explode("/",$testarray[$x]);
              if (intval($OrderRow[0])==mysql_result($objRecordset1,$i,"MenuItemID"))
              {

                //print $CCur[$TotalCost]."<br/>";
                //print $CCur[("Cost")]."<br/>";
                //print intval($OrderRow[1])."<br/>";
                //print $CCur[("Cost")]*$OrderRow[1];                $TotalCost;
//response.end

                $TotalCost=(mysql_result($objRecordset1,$i,"Cost")*$OrderRow[1])+$TotalCost;

//response.write objRecordset1.fields("Cost")*OrderRow(1)
                $TransactionDescr=$TransactionDescr.mysql_result($objRecordset1,$i,"Abbreviation")."(".$OrderRow[1].")"."$".mysql_result($objRecordset1,$i,"cost")."/".mysql_result($objRecordset1,$i,"MenuItemID")."*";
							}
              } 


            }

            $i++;

          } 
					//echo "total=".$TotalCost."<br>";
					//echo "total=".mysql_result($CheckMajor,0,"Credit_L2")."<br>";
//response.end
//response.write "*** "&TotalCost&" ***"
//response.end
//sqlstmnt="DELETE CustomersAndOrders.* FROM CustomersAndOrders WHERE (((CustomersAndOrders.[MinorCustomerC$])="&Request.QueryString("CustID")&") AND ((CustomersAndOrders.[Break$])="&Request.QueryString("BreakID")&") AND ((CustomersAndOrders.OrderDate)=#"&Request.QueryString("dDate")&"#));"
//objConnection1.execute(sqlstmnt)
          if ($TotalCost>mysql_result($CheckMajor,0,"Credit_L2"))
          {

//Error for no money here
?>
                        <script type="text/javascript">
                        window.alert('Insufficient Funds');
                        window.close();
                        </script>
                        <body >
                        </body>
                        </html> 
            <? 

          }
            else
          {
						//echo "These are the Customer Orders ".count($testarray)."<br>";
            for ($x=0; $x<=count($testarray)-2; $x=$x+1)
            {
							//echo $x." X value <br>";
              $OrderRow=explode("/",$testarray[$x]);
							
              $sqlstmnt="INSERT INTO customersandorders (`MinorCustomerC$`, `MenuItem$`, `Break$`, `Quantity`, `OrderDate`, `Active_L2` ) ";
							
              $sqlstmnt2=$sqlstmnt." VALUES(".$_GET["CustID"].", ".$OrderRow[0].", ".$_GET["BreakID"].", ".$OrderRow[1].",'".$_GET["dDate"]."', 1 )";
							
							

              mysql_query(($sqlstmnt2),$objConnection1);
            }
						;



            $sqlstmnt="UPDATE majorcustomer INNER JOIN minorcustomer ON majorcustomer.`CustomerID` = minorcustomer.`MajorCustomerExtract$` SET majorcustomer.`Credit_L2` = `Credit_L2`-".$TotalCost." WHERE (((minorcustomer.`CustomerID`)=".$_GET["CustID"]."));";
//response.write sqlstmnt
//response.End
            mysql_query(($sqlstmnt),$objConnection1);            
						$_SESSION['credit']=$_SESSION['credit']-$TotalCost;

            $sqlstmnt="INSERT INTO transactions (`TransactionNumber`,`TargetDate` ,`TransactionDate`, `TransactionDescription`, `AdminID`, `MajorAccountID`, `MinorAccountID`, `BreakID`, `WithdrawalAmount`, `DepositAmount`,`~SiteID\$`) ";
//
            $sqlstmnt=$sqlstmnt." VALUES(1, '".$_GET["dDate"]."','".$Nowdate."', '".$TransactionDescr."',0, ".$_SESSION['CustomerID'].",".$_GET["CustID"].", ".$_GET["BreakID"].", ".$TotalCost.", 0 ,".$_SESSION['SiteID'].") ";
//echo "<br>";
//echo "<br>";
//echo $sqlstmnt;
            mysql_query(($sqlstmnt),$objConnection1);
//response.end
          } 

          mysql_close($objConnection1);
          $objConnection1=null;

          $objRecordset1=null;


        } 

      } 

    } 

  } 



}else{
?>
                        <script type="text/javascript">
                        window.alert('Canteen Closed');
                        window.close();
                        </script>
                        <body >
                        </body>
                        </html> 
            <? 

}
} 
}
?>
<img src="../Figures/processing.gif">

<?
//print "<script>";
//echo "test=".$_GET["Repeat"];

if ($_GET["Repeat"]!=1)
{
?>
<script>
xc=window.opener.location.href='usercalendar-sdates3.php?minor=<?echo $_GET["CustID"];?>&date=<?echo $_GET["dDate"];?>&minorname=<?echo $_GET["minorname"];?>';
window.close();
</script>
<?}else{?>
<script>
window.close();
</script>
<?}?>

<body >


</body>
</html>

Return current item: eCanteen