261 lines
8.5 KiB
PHP
261 lines
8.5 KiB
PHP
<?php
|
|
/**
|
|
* Copyright seit 2024 Webshop System
|
|
*
|
|
* Frontend-Checkout-Controller für das Webshop-System
|
|
*
|
|
* @author Webshop System
|
|
* @license GPL v3
|
|
*/
|
|
|
|
namespace App\Front\Controllers;
|
|
|
|
use Doctrine\DBAL\DriverManager;
|
|
use Doctrine\DBAL\Exception;
|
|
|
|
class CheckoutController
|
|
{
|
|
public function index()
|
|
{
|
|
// Session starten
|
|
session_start();
|
|
|
|
// Warenkorb prüfen
|
|
$cart = $_SESSION['cart'] ?? [];
|
|
|
|
if (empty($cart)) {
|
|
header('Location: /cart');
|
|
exit;
|
|
}
|
|
|
|
// DB-Verbindung herstellen
|
|
$connectionParams = [
|
|
'dbname' => getenv('DB_DATABASE') ?: 'freeshop',
|
|
'user' => getenv('DB_USERNAME') ?: 'freeshop_user',
|
|
'password' => getenv('DB_PASSWORD') ?: 'freeshop_password',
|
|
'host' => getenv('DB_HOST') ?: 'db',
|
|
'driver' => 'pdo_mysql',
|
|
'port' => getenv('DB_PORT') ?: 3306,
|
|
'charset' => 'utf8mb4',
|
|
];
|
|
|
|
try {
|
|
$conn = DriverManager::getConnection($connectionParams);
|
|
|
|
// Produkte aus Warenkorb laden
|
|
$cartItems = [];
|
|
$total = 0;
|
|
|
|
foreach ($cart as $productId => $quantity) {
|
|
$stmt = $conn->prepare('SELECT * FROM ws_product WHERE id = ?');
|
|
$stmt->execute([$productId]);
|
|
$product = $stmt->fetchAssociative();
|
|
|
|
if ($product) {
|
|
$product['quantity'] = $quantity;
|
|
$product['subtotal'] = $product['price'] * $quantity;
|
|
$cartItems[] = $product;
|
|
$total += $product['subtotal'];
|
|
}
|
|
}
|
|
|
|
$this->render('front/checkout/index.html.twig', [
|
|
'title' => 'Checkout - Webshop',
|
|
'cart_items' => $cartItems,
|
|
'total' => $total
|
|
]);
|
|
|
|
} catch (Exception $e) {
|
|
$this->render('front/checkout/index.html.twig', [
|
|
'title' => 'Checkout - Webshop',
|
|
'cart_items' => [],
|
|
'total' => 0,
|
|
'error' => 'Datenbankfehler: ' . $e->getMessage()
|
|
]);
|
|
}
|
|
}
|
|
|
|
public function process()
|
|
{
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header('Location: /checkout');
|
|
exit;
|
|
}
|
|
|
|
// Session starten
|
|
session_start();
|
|
|
|
// Warenkorb prüfen
|
|
$cart = $_SESSION['cart'] ?? [];
|
|
|
|
if (empty($cart)) {
|
|
header('Location: /cart');
|
|
exit;
|
|
}
|
|
|
|
// Formulardaten validieren
|
|
$email = $_POST['email'] ?? '';
|
|
$firstname = $_POST['firstname'] ?? '';
|
|
$lastname = $_POST['lastname'] ?? '';
|
|
$address = $_POST['address'] ?? '';
|
|
$city = $_POST['city'] ?? '';
|
|
$postcode = $_POST['postcode'] ?? '';
|
|
$country = $_POST['country'] ?? '';
|
|
|
|
if (empty($email) || empty($firstname) || empty($lastname) || empty($address) || empty($city) || empty($postcode)) {
|
|
header('Location: /checkout?error=Bitte füllen Sie alle Pflichtfelder aus');
|
|
exit;
|
|
}
|
|
|
|
// DB-Verbindung herstellen
|
|
$connectionParams = [
|
|
'dbname' => getenv('DB_DATABASE') ?: 'freeshop',
|
|
'user' => getenv('DB_USERNAME') ?: 'freeshop_user',
|
|
'password' => getenv('DB_PASSWORD') ?: 'freeshop_password',
|
|
'host' => getenv('DB_HOST') ?: 'db',
|
|
'driver' => 'pdo_mysql',
|
|
'port' => getenv('DB_PORT') ?: 3306,
|
|
'charset' => 'utf8mb4',
|
|
];
|
|
|
|
try {
|
|
$conn = DriverManager::getConnection($connectionParams);
|
|
|
|
// Kunde erstellen oder finden
|
|
$stmt = $conn->prepare('SELECT id FROM ws_user WHERE email = ?');
|
|
$stmt->execute([$email]);
|
|
$existingUser = $stmt->fetchAssociative();
|
|
|
|
if ($existingUser) {
|
|
$userId = $existingUser['id'];
|
|
} else {
|
|
// Neuen Kunden erstellen
|
|
$stmt = $conn->prepare('
|
|
INSERT INTO ws_user (email, firstname, lastname, is_admin)
|
|
VALUES (?, ?, ?, 0)
|
|
');
|
|
$stmt->execute([$email, $firstname, $lastname]);
|
|
$userId = $conn->lastInsertId();
|
|
}
|
|
|
|
// Bestellung erstellen
|
|
$total = 0;
|
|
foreach ($cart as $productId => $quantity) {
|
|
$stmt = $conn->prepare('SELECT price FROM ws_product WHERE id = ?');
|
|
$stmt->execute([$productId]);
|
|
$product = $stmt->fetchAssociative();
|
|
if ($product) {
|
|
$total += $product['price'] * $quantity;
|
|
}
|
|
}
|
|
|
|
$stmt = $conn->prepare('
|
|
INSERT INTO ws_order (user_id, total, status)
|
|
VALUES (?, ?, "pending")
|
|
');
|
|
$stmt->execute([$userId, $total]);
|
|
$orderId = $conn->lastInsertId();
|
|
|
|
// Bestellpositionen erstellen
|
|
foreach ($cart as $productId => $quantity) {
|
|
$stmt = $conn->prepare('SELECT price FROM ws_product WHERE id = ?');
|
|
$stmt->execute([$productId]);
|
|
$product = $stmt->fetchAssociative();
|
|
|
|
if ($product) {
|
|
$stmt = $conn->prepare('
|
|
INSERT INTO ws_order_product (order_id, product_id, quantity, price)
|
|
VALUES (?, ?, ?, ?)
|
|
');
|
|
$stmt->execute([$orderId, $productId, $quantity, $product['price']]);
|
|
}
|
|
}
|
|
|
|
// Warenkorb leeren
|
|
$_SESSION['cart'] = [];
|
|
|
|
// Zur Bestellbestätigung weiterleiten
|
|
header('Location: /checkout/success?order_id=' . $orderId);
|
|
exit;
|
|
|
|
} catch (Exception $e) {
|
|
header('Location: /checkout?error=Datenbankfehler: ' . $e->getMessage());
|
|
exit;
|
|
}
|
|
}
|
|
|
|
public function success()
|
|
{
|
|
$orderId = $_GET['order_id'] ?? 0;
|
|
|
|
if (!$orderId) {
|
|
header('Location: /');
|
|
exit;
|
|
}
|
|
|
|
// DB-Verbindung herstellen
|
|
$connectionParams = [
|
|
'dbname' => getenv('DB_DATABASE') ?: 'freeshop',
|
|
'user' => getenv('DB_USERNAME') ?: 'freeshop_user',
|
|
'password' => getenv('DB_PASSWORD') ?: 'freeshop_password',
|
|
'host' => getenv('DB_HOST') ?: 'db',
|
|
'driver' => 'pdo_mysql',
|
|
'port' => getenv('DB_PORT') ?: 3306,
|
|
'charset' => 'utf8mb4',
|
|
];
|
|
|
|
try {
|
|
$conn = DriverManager::getConnection($connectionParams);
|
|
|
|
// Bestellung laden
|
|
$stmt = $conn->prepare('
|
|
SELECT o.*, u.firstname, u.lastname, u.email
|
|
FROM ws_order o
|
|
LEFT JOIN ws_user u ON o.user_id = u.id
|
|
WHERE o.id = ?
|
|
');
|
|
$stmt->execute([$orderId]);
|
|
$order = $stmt->fetchAssociative();
|
|
|
|
if (!$order) {
|
|
header('Location: /');
|
|
exit;
|
|
}
|
|
|
|
// Bestellpositionen laden
|
|
$stmt = $conn->prepare('
|
|
SELECT op.*, p.name
|
|
FROM ws_order_product op
|
|
LEFT JOIN ws_product p ON op.product_id = p.id
|
|
WHERE op.order_id = ?
|
|
');
|
|
$stmt->execute([$orderId]);
|
|
|
|
$orderItems = [];
|
|
while ($row = $stmt->fetchAssociative()) {
|
|
$orderItems[] = $row;
|
|
}
|
|
|
|
$this->render('front/checkout/success.html.twig', [
|
|
'title' => 'Bestellbestätigung - Webshop',
|
|
'order' => $order,
|
|
'order_items' => $orderItems
|
|
]);
|
|
|
|
} catch (Exception $e) {
|
|
$this->render('front/checkout/success.html.twig', [
|
|
'title' => 'Bestellbestätigung - Webshop',
|
|
'order' => ['id' => $orderId],
|
|
'order_items' => [],
|
|
'error' => 'Datenbankfehler: ' . $e->getMessage()
|
|
]);
|
|
}
|
|
}
|
|
|
|
protected function render($template, $data = [])
|
|
{
|
|
// Einfache Template-Engine (später durch Twig ersetzen)
|
|
extract($data);
|
|
include __DIR__ . '/../../templates/' . $template;
|
|
}
|
|
}
|