-
Notifications
You must be signed in to change notification settings - Fork 8
/
payment.php
60 lines (51 loc) · 2.23 KB
/
payment.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// Include your database connection code here (e.g., using mysqli or PDO)
$host = "localhost"; // Your database host
$username = "root"; // Your database username
$password = ""; // Your database password
$database = "restaurant"; // Your database name
$port = 3307;
// Create a mysqli connection
$your_db_connection = new mysqli($host, $username, $password, $database, $port);
// Check for connection errors
if ($your_db_connection->connect_error) {
die("Connection failed: " . $your_db_connection->connect_error);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$randomId = mt_rand(100000, 999999);
$email = $_POST["email"];
$address = $_POST["address"];
$district = $_POST["district"];
$state = $_POST["state"];
$pincode = $_POST["pincode"];
$cname = $_POST["cname"];
$cnum = $_POST["cnum"];
$expiry = $_POST["expiry"];
$cvv = $_POST["cvv"];
// Insert user data into the database
$sql = "INSERT INTO payment (email, address, district, state, pincode, cname, cnum, expiry, cvv, randomId) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
// Execute the SQL statement (make sure to establish a database connection first)
// You should use prepared statements to prevent SQL injection
// Replace 'your_db_connection' with your database connection code
$stmt = $your_db_connection->prepare($sql);
if ($stmt) {
$stmt->bind_param("ssssssssii", $email, $address, $district, $state, $pincode, $cname, $cnum, $expiry, $cvv, $randomId);
if ($stmt->execute()) {
// Registration successful, display an alert and redirect
echo '<script type="text/javascript">alert("Payment successful!");</script>';
echo '<script type="text/javascript">window.location = "index.html";</script>';
header("Location: index.html?order_id=$randomId");
exit;
} else {
echo "Error: " . $stmt->error;
}
$stmt->close();
} else {
echo "Error in preparing the SQL statement: " . $your_db_connection->error;
}
// Close your database connection here
$your_db_connection->close();
}
?>