-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathorder_details.php
134 lines (123 loc) · 5.1 KB
/
order_details.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
// Check existence of id parameter before processing further
if(isset($_GET["id"]) && !empty(trim($_GET["id"]))){
// Include config file
require_once 'config.php';
// Prepare a select statement
$sql = "SELECT * FROM orders WHERE order_id = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Set parameters
$param_id = trim($_GET["id"]);
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
$result = mysqli_stmt_get_result($stmt);
if(mysqli_num_rows($result) == 1){
/* Fetch result row as an associative array. Since the result set contains only one row, we don't need to use while loop */
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
// Retrieve individual field value
$order_id = $row["order_id"];
$price = $row["price"];
$status = $row["status"];
$trasaction_id = $row["transaction_id"];
$username = $row["username"];
} else{
// URL doesn't contain valid id parameter. Redirect to error page
header("location: error.php");
exit();
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
// Close connection
//mysqli_close($link);
} else{
// URL doesn't contain id parameter. Redirect to error page
header("location: error.php");
exit();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>View Record</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css">
<style type="text/css">
.wrapper{
width: 500px;
margin: 0 auto;
}
</style>
<link href="..//css/bootstrap.css" rel="stylesheet" type="text/css">
</head>
<body>
<?php include 'header.php'?>
<div class="wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<div class="page-header">
<h1>View Record</h1>
</div>
<div class="form-group">
<label>Order Id</label>
<p class="form-control-static"><?php echo $order_id; ?></p>
</div>
<div class="form-group">
<label>User</label>
<p class="form-control-static"><?php echo $username; ?></p>
</div>
<div class="form-group">
<label>Price</label>
<p class="form-control-static"><?php echo $price; ?></p>
</div>
<div class="form-group">
<label>Transaction Id</label>
<p class="form-control-static"><?php echo $trasaction_id; ?></p>
</div>
<div class="form-group">
<label>Status</label>
<p class="form-control-static"><?php echo $status; ?></p>
</div>
<?php
$sql = "SELECT * FROM orders_all INNER JOIN item_list ON orders_all.food_id=item_list.food_id where order_id=$order_id";
if($result = mysqli_query($link, $sql)){
if(mysqli_num_rows($result) > 0){
echo "<table class='table table-bordered table-striped'>";
echo "<thead>";
echo "<tr>";
echo "<th>Order Id</th>";
echo "<th>Food Name</th>";
echo "<th>Food Price</th>";
echo "<th>Food Detail</th>";
echo "</tr>";
echo "</thead>";
echo "<tbody>";
while($row = mysqli_fetch_array($result)){
echo "<td>" . $row['order_id'] . "</td>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . $row['detail'] . "</td>";
echo "</tr>";
}
echo "</tbody>";
echo "</table>";
mysqli_free_result($result);
} else{
echo "<p class='lead'><em>No records were found.</em></p>";
}
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}?>
<p><a href="orders.php" class="btn btn-primary">Back</a></p>
</div>
</div>
</div>
</div>
</body>
</html>