getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Produkte aus Warenkorb laden $cartItems = []; $total = 0; foreach ($cart as $productId => $quantity) { $stmt = $conn->prepare('SELECT * FROM ws_product WHERE id = ?'); $stmt->execute([$productId]); $product = $stmt->fetchAssociative(); if ($product) { $product['quantity'] = $quantity; $product['subtotal'] = $product['price'] * $quantity; $cartItems[] = $product; $total += $product['subtotal']; } } $this->render('front/checkout/index.html.twig', [ 'title' => 'Checkout - Webshop', 'cart_items' => $cartItems, 'total' => $total ]); } catch (Exception $e) { $this->render('front/checkout/index.html.twig', [ 'title' => 'Checkout - Webshop', 'cart_items' => [], 'total' => 0, 'error' => 'Datenbankfehler: ' . $e->getMessage() ]); } } public function process() { if ($_SERVER['REQUEST_METHOD'] !== 'POST') { header('Location: /checkout'); exit; } // Session starten session_start(); // Warenkorb prüfen $cart = $_SESSION['cart'] ?? []; if (empty($cart)) { header('Location: /cart'); exit; } // Formulardaten validieren $email = $_POST['email'] ?? ''; $firstname = $_POST['firstname'] ?? ''; $lastname = $_POST['lastname'] ?? ''; $address = $_POST['address'] ?? ''; $city = $_POST['city'] ?? ''; $postcode = $_POST['postcode'] ?? ''; $country = $_POST['country'] ?? ''; if (empty($email) || empty($firstname) || empty($lastname) || empty($address) || empty($city) || empty($postcode)) { header('Location: /checkout?error=Bitte füllen Sie alle Pflichtfelder aus'); exit; } // DB-Verbindung herstellen $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Kunde erstellen oder finden $stmt = $conn->prepare('SELECT id FROM ws_user WHERE email = ?'); $stmt->execute([$email]); $existingUser = $stmt->fetchAssociative(); if ($existingUser) { $userId = $existingUser['id']; } else { // Neuen Kunden erstellen $stmt = $conn->prepare(' INSERT INTO ws_user (email, firstname, lastname, is_admin) VALUES (?, ?, ?, 0) '); $stmt->execute([$email, $firstname, $lastname]); $userId = $conn->lastInsertId(); } // Bestellung erstellen $total = 0; foreach ($cart as $productId => $quantity) { $stmt = $conn->prepare('SELECT price FROM ws_product WHERE id = ?'); $stmt->execute([$productId]); $product = $stmt->fetchAssociative(); if ($product) { $total += $product['price'] * $quantity; } } $stmt = $conn->prepare(' INSERT INTO ws_order (user_id, total, status) VALUES (?, ?, "pending") '); $stmt->execute([$userId, $total]); $orderId = $conn->lastInsertId(); // Bestellpositionen erstellen foreach ($cart as $productId => $quantity) { $stmt = $conn->prepare('SELECT price FROM ws_product WHERE id = ?'); $stmt->execute([$productId]); $product = $stmt->fetchAssociative(); if ($product) { $stmt = $conn->prepare(' INSERT INTO ws_order_product (order_id, product_id, quantity, price) VALUES (?, ?, ?, ?) '); $stmt->execute([$orderId, $productId, $quantity, $product['price']]); } } // Warenkorb leeren $_SESSION['cart'] = []; // Zur Bestellbestätigung weiterleiten header('Location: /checkout/success?order_id=' . $orderId); exit; } catch (Exception $e) { header('Location: /checkout?error=Datenbankfehler: ' . $e->getMessage()); exit; } } public function success() { $orderId = $_GET['order_id'] ?? 0; if (!$orderId) { header('Location: /'); exit; } // DB-Verbindung herstellen $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Bestellung laden $stmt = $conn->prepare(' SELECT o.*, u.firstname, u.lastname, u.email FROM ws_order o LEFT JOIN ws_user u ON o.user_id = u.id WHERE o.id = ? '); $stmt->execute([$orderId]); $order = $stmt->fetchAssociative(); if (!$order) { header('Location: /'); exit; } // Bestellpositionen laden $stmt = $conn->prepare(' SELECT op.*, p.name FROM ws_order_product op LEFT JOIN ws_product p ON op.product_id = p.id WHERE op.order_id = ? '); $stmt->execute([$orderId]); $orderItems = []; while ($row = $stmt->fetchAssociative()) { $orderItems[] = $row; } $this->render('front/checkout/success.html.twig', [ 'title' => 'Bestellbestätigung - Webshop', 'order' => $order, 'order_items' => $orderItems ]); } catch (Exception $e) { $this->render('front/checkout/success.html.twig', [ 'title' => 'Bestellbestätigung - Webshop', 'order' => ['id' => $orderId], 'order_items' => [], 'error' => 'Datenbankfehler: ' . $e->getMessage() ]); } } protected function render($template, $data = []) { // Einfache Template-Engine (später durch Twig ersetzen) extract($data); include __DIR__ . '/../../templates/' . $template; } }