ok
Direktori : /proc/self/root/home2/selectio/www/ramali.in/dashboard/api-firebase/ |
Current File : //proc/self/root/home2/selectio/www/ramali.in/dashboard/api-firebase/order-process.php |
<?php header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization'); include_once('send-email.php'); include_once('../includes/crud.php'); include_once('../includes/custom-functions.php'); include_once('../includes/variables.php'); include_once('verify-token.php'); $db = new Database(); $db->connect(); $db->sql("SET NAMES utf8"); $function = new custom_functions(); $settings = $function->get_settings('system_timezone', true); $app_name = $settings['app_name']; $support_email = $settings['support_email']; $pickup = $settings['local-pickup']; date_default_timezone_set('Asia/Kolkata'); $config = $function->get_configurations(); $time_zone = $function->set_timezone($config); if (!$time_zone) { $response['error'] = true; $response['message'] = "Time Zone is not set."; print_r(json_encode($response)); return false; exit(); } /* ------------------------------------------- APIs for eCart ------------------------------------------- 1. place_order 2. get_orders 3. update_order_item_status 4. update_order_status 5. get_reorder_data 6. get_settings 7. update_order_total_payable 8. add_transaction 9. delete_order 10.upload_bank_transfers_attachment 11.delete_bank_transfers_attachment 12.get_order_invoice ------------------------------------------- ------------------------------------------- */ $generate_otp = $config['generate-otp']; $response = array(); $cancel_order_from = ""; if (isset($_POST['ajaxCall']) && !empty($_POST['ajaxCall'])) { $accesskey = "90336"; $cancel_order_from = "admin"; } else { if (isset($_POST['accesskey']) && !empty($_POST['accesskey'])) { $accesskey = $db->escapeString($function->xss_clean($_POST['accesskey'])); } else { $response['error'] = true; $response['message'] = "accesskey required"; print_r(json_encode($response)); return false; } } if ($access_key != $accesskey) { $response['error'] = true; $response['message'] = "invalid accesskey"; print_r(json_encode($response)); return false; } if (isset($_POST['place_order']) && isset($_POST['user_id']) && !empty($_POST['product_variant_id'])) { /* 1.place_order accesskey:90336 place_order:1 user_id:32 mobile:0123456789 product_variant_id:["551","550"] quantity:["3","1"] delivery_charge:50 total:500 final_total:550 address:bhuj latitude:44.456321 longitude:12.456987 payment_method:Paypal / Payumoney / COD / PAYTM / razorpay / bank transfer discount:10 // {optional} tax_percentage:20 // {optional} tax_amount:30 // {optional} area_id:1 // {optional} order_note:home // {optional} wallet_balance:450 // {optional} promo_code:NEW20 // {optional} promo_discount:40 // {optional} order_from:test // {optional} local_pickup:0/1 // {optional} wallet_used:true/false // {optional} status:awaiting_payment // {optional} delivery_time:Today - Evening (4:00pm to 7:00pm) // {optional} */ if (!verify_token()) { return false; } $user_id = $db->escapeString($function->xss_clean($_POST['user_id'])); $mobile = $db->escapeString($function->xss_clean($_POST['mobile'])); $order_note = (isset($_POST['order_note']) && !empty($_POST['order_note'])) ? $db->escapeString($function->xss_clean($_POST['order_note'])) : ""; $wallet_balance = (isset($_POST['wallet_balance']) && is_numeric($_POST['wallet_balance'])) ? $db->escapeString($function->xss_clean($_POST['wallet_balance'])) : 0; $wallet_used = (isset($_POST['wallet_used']) && $function->xss_clean($_POST['wallet_used']) == 'true') ? 'true' : 'false'; $items = $function->xss_clean($_POST['product_variant_id']); $total = $db->escapeString($function->xss_clean($_POST['total'])); $delivery_charge = $db->escapeString($function->xss_clean($_POST['delivery_charge'])); $final_total = $db->escapeString($function->xss_clean($_POST['final_total'])); $discount = (isset($_POST['discount'])) ? $db->escapeString($function->xss_clean($_POST['discount'])) : 0; $tax_percentage = (isset($_POST['tax_percentage']) && is_numeric($_POST['tax_percentage'])) ? $db->escapeString($function->xss_clean($_POST['tax_percentage'])) : 0; $tax_amount = (isset($_POST['tax_amount']) && is_numeric($_POST['tax_amount'])) ? $db->escapeString($function->xss_clean($_POST['tax_amount'])) : 0; $payment_method = $db->escapeString($function->xss_clean($_POST['payment_method'])); $address = $db->escapeString($function->xss_clean($_POST['address'])); $delivery_time = (isset($_POST['delivery_time'])) ? $db->escapeString($function->xss_clean($_POST['delivery_time'])) : ""; $latitude = $db->escapeString($function->xss_clean($_POST['latitude'])); $longitude = $db->escapeString($function->xss_clean($_POST['longitude'])); $promo_code = (isset($_POST['promo_code']) && !empty($_POST['promo_code'])) ? $db->escapeString($_POST['promo_code']) : ""; $promo_discount = (isset($_POST['promo_discount']) && !empty($_POST['promo_discount'])) ? $db->escapeString($function->xss_clean($_POST['promo_discount'])) : 0; $active_status = (isset($_POST['status']) && !empty($_POST['status'])) ? $db->escapeString($function->xss_clean($_POST['status'])) : 'received'; $order_from = (isset($_POST['order_from']) && !empty($_POST['order_from'])) ? $db->escapeString($function->xss_clean($_POST['order_from'])) : 0; $local_pickup = (isset($_POST['local_pickup']) && !empty($_POST['local_pickup'])) ? $db->escapeString($function->xss_clean($_POST['local_pickup'])) : 0; // area wise delivery-charge if ($pickup == 1 && $local_pickup == 1) { $d_charge = 0; } else { if ($settings['area-wise-delivery-charge'] == 0) { $min_amount = $config['min_amount']; $delivery_charge = $config['delivery_charge']; } else { if (isset($_POST['area_id']) && !empty($_POST['area_id'])) { $area_id = $db->escapeString($function->xss_clean($_POST['area_id'])); $area = $function->get_data(['delivery_charges', 'minimum_free_delivery_order_amount'], 'id=' . $area_id, 'area'); if (isset($area[0]['minimum_free_delivery_order_amount'])) { $min_amount = $area[0]['minimum_free_delivery_order_amount']; $delivery_charge = $area[0]['delivery_charges']; } } else { $min_amount = $config['min_amount']; $delivery_charge = $config['delivery_charge']; } } if ($total <= $min_amount || $total == 0) { $d_charge = $delivery_charge; } else { $d_charge = 0; } } $delivery_charge = $d_charge; if ($payment_method == 'bank transfer' && $payment_method == 'midtrans' && $payment_method == 'Midtrans') { $active_status = "awaiting_payment"; } if (isset($pickup)) { if ($pickup == 0 && $local_pickup == 1) { $response['error'] = true; $response['message'] = 'You cannot select Local pickup because this is disable'; echo json_encode($response); return false; } else { $local_pickup = (isset($_POST['local_pickup']) && !empty($_POST['local_pickup'])) ? $db->escapeString($function->xss_clean($_POST['local_pickup'])) : 0; } } $status[] = array($active_status, date("d-m-Y h:i:sa")); $item_details = $function->get_product_by_variant_id($items); for ($i = 0; $i < count($item_details); $i++) { if ($payment_method == 'cod' && $item_details[$i]['is_cod_allowed'] == 0) { $response['error'] = true; $response['message'] = 'COD Payment is not allowed for ' . $item_details[$i]['product_id'] . ' Product'; echo json_encode($response); return false; } } $total_amount = $total + $delivery_charge + $tax_amount - $discount; $quantity = $function->xss_clean($_POST['quantity']); $quantity_arr = json_decode($quantity, 1); $otp_number = 0; if ($generate_otp == 1) { $otp_number = mt_rand(100000, 999999); } else { $otp_number = 0; } $sql = "SELECT * FROM users where id = $user_id"; $db->sql($sql); $res1 = $db->getResult(); if ($res1[0]['status'] == 0) { $response['error'] = true; $response['message'] = 'Your Account is De-active ask on Customer Support!'; echo json_encode($response); return false; } /* validate promo code if applied */ if (isset($_POST['promo_code']) && $_POST['promo_code'] != '') { $promo_code = $db->escapeString($function->xss_clean($_POST['promo_code'])); $response1 = $function->validate_promo_code($user_id, $promo_code, $total); if ($response1['error'] == true) { echo json_encode($response1); exit(); } } if ($wallet_used == 'true') { $user_wallet_balance = $function->get_wallet_balance($user_id); if ($user_wallet_balance < $wallet_balance) { $response['error'] = "true"; $response['message'] = "Insufficient wallet balance."; echo json_encode($response); return false; } } $walletvalue = ($wallet_used) ? $wallet_balance : 0; $order_status = $db->escapeString(json_encode($status)); $sql = "INSERT INTO `orders`(`user_id`,`otp`, `mobile`,`order_note`, `total`, `delivery_charge`, `tax_amount`, `tax_percentage`, `wallet_balance`, `discount`, `promo_code`, `promo_discount`, `final_total`, `payment_method`, `address`, `latitude`, `longitude`, `delivery_time`, `status`, `active_status`,`order_from`,`local_pickup`, `date_added`) VALUES ('$user_id','$otp_number','$mobile','$order_note','$total','$delivery_charge','$tax_amount','$tax_percentage','$walletvalue','$discount','$promo_code','$promo_discount','$final_total','$payment_method','$address','$latitude','$longitude','$delivery_time','$order_status','$active_status','$order_from','$local_pickup','" . date("Y-m-d H:i:s") . "')"; $db->sql($sql); $sql = "SELECT id FROM orders where user_id=$user_id and active_status = '$active_status' order by id desc limit 1"; $db->sql($sql); $res_order_id = $db->getResult(); $order_id = $res_order_id[0]['id']; /* process wallet balance */ $user_wallet_balance = $function->get_wallet_balance($user_id); if ($wallet_used == 'true') { /* deduct the balance & set the wallet transaction */ $new_balance = $user_wallet_balance < $wallet_balance ? 0 : $user_wallet_balance - $wallet_balance; $function->update_wallet_balance($new_balance, $user_id); $wallet_txn_id = $function->add_wallet_transaction($order_id, $user_id, 'debit', $wallet_balance, 'Used against Order Placement'); } for ($i = 0; $i < count($item_details); $i++) { $product_id = $item_details[$i]['product_id']; $measurement = $item_details[$i]['measurement']; $product_variant_id = $item_details[$i]['id']; $measurement_unit_id = $item_details[$i]['measurement_unit_id']; $stock_unit_id = $item_details[$i]['stock_unit_id']; $sql_result = "SELECT * FROM flash_sales_products WHERE status = 1 AND product_id = " . $product_id . " AND product_variant_id = " . $product_variant_id . " "; $db->sql($sql_result); $res1 = $db->getResult(); $price = (empty($res1) || $res1[0]['status'] == 0) ? $item_details[$i]['price'] : $res1[0]['price']; $discounted_price = (empty($res1) || $res1[0]['status'] == 0) ? $item_details[$i]['discounted_price'] : $res1[0]['discounted_price']; $type = $item_details[$i]['type']; $total_stock = $item_details[$i]['stock']; $quantity = $quantity_arr[$i]; $tax_title = $item_details[$i]['tax_title']; $tax_percentage = $item_details[$i]['tax_percentage']; $tax_amt = $discounted_price != 0 ? (($tax_percentage / 100) * $discounted_price) : (($tax_percentage / 100) * $price); $sub_total = $discounted_price != 0 ? ($discounted_price + ($tax_percentage / 100) * $discounted_price) * $quantity : ($price + ($tax_percentage / 100) * $price) * $quantity; $res_product = $function->get_data($columns = ['name'], 'id=' . $product_id, 'products'); $res_variant = $function->get_data($columns = ['measurement', 'measurement_unit_id'], 'id=' . $product_variant_id, 'product_variant'); $res_unit = $function->get_data($columns = ['short_code'], 'id=' . $res_variant[0]['measurement_unit_id'], 'unit'); $product_name = $db->escapeString($function->xss_clean($res_product[0]['name'])); $variant_name = $res_variant[0]['measurement'] . " " . $res_unit[0]['short_code']; $neworder_id = $db->escapeString($order_id); $product_variant_id = $db->escapeString($product_variant_id); $quantity = $db->escapeString($quantity); $order_price = $db->escapeString($price); $discounteds_price = $db->escapeString($discounted_price); $tax_amount = $db->escapeString($tax_amt); $tax_percentage = (empty($tax_percentage) || $tax_percentage == "") ? 0 : $db->escapeString($tax_percentage); $order_sub_total = $db->escapeString($sub_total); $order_item_status = $db->escapeString(json_encode($status)); $sql = "INSERT INTO `order_items`(`user_id`, `order_id`, `product_variant_id`, `quantity`, `price`, `discounted_price`,`tax_amount`,`tax_percentage`, `discount`, `sub_total`, `status`, `active_status`,`product_name`,`variant_name`,`product_id`) VALUES ('$user_id','$neworder_id','$product_variant_id','$quantity','$order_price','$discounteds_price','$tax_amount', $tax_percentage ,'$discount','$order_sub_total','$order_item_status','$active_status','$product_name','$variant_name','$product_id')"; $db->sql($sql); $res = $db->getResult(); $balance = $final_total / 10; if ($type == 'packet') { $stock = $total_stock - $quantity; $sql = "update product_variant set stock = $stock where id = $product_variant_id"; $db->sql($sql); $res = $db->getResult(); $db->select("product_variant", "stock", null, "id='" . $product_variant_id . "'"); $variant_qty = $db->getResult(); if ($variant_qty[0]['stock'] <= 0) { $data = array( "serve_for" => "Sold Out", ); $db->update("product_variant", $data, "id=$product_variant_id"); $res = $db->getResult(); } } elseif ($type == 'loose') { if ($measurement_unit_id == $stock_unit_id) { $stock = $quantity * $measurement; } else { $db->select('unit', '*', null, 'id=' . $measurement_unit_id); $unit = $db->getResult(); $stock = $function->convert_to_parent(($measurement * $quantity), $unit[0]['id']); } $sql = "update product_variant set stock = stock - $stock where product_id = $product_id AND type='loose'"; $db->sql($sql); $res = $db->getResult(); $sql = "select stock from product_variant where product_id=" . $product_id; $db->sql($sql); $res_stck = $db->getResult(); if ($res_stck[0]['stock'] <= 0) { $sql = "update product_variant set serve_for='Sold Out' where product_id=" . $product_id; $db->sql($sql); } } } $data = array( 'final_total' => $final_total ); if ($db->update('orders', $data, 'id=' . $order_id)) { $res = $db->getResult(); $response['error'] = false; $response['message'] = "Order placed successfully."; $response['order_id'] = $order_id; /* send email notification for the order received */ if ($active_status == "received") { $sql = "select name, email, mobile, country_code from users where id=" . $user_id; $db->sql($sql); $res = $db->getResult(); $to = $res[0]['email']; $mobile = $res[0]['mobile']; $country_code = $res[0]['country_code']; $subject = "Order received successfully"; $message = "Hello, Dear " . ucwords($res[0]['name']) . ", We have received your order successfully. Your order summaries are as followed:<br><br>"; $user_msg = "Hello, Dear " . ucwords($res[0]['name']) . ", We have received your order successfully. Your order summaries are as followed:<br><br>"; $otp_msg = "Here is your OTP. Please, give it to delivery boy only while getting your order."; $message .= "<b>Order ID :</b> #" . $response['order_id'] . "<br><br>Ordered Items : <br>"; $items = $db->escapeString($_POST['product_variant_id']); $quantity_arr = json_decode($_POST['quantity'], 1); $item_details = $function->get_product_by_variant_id($items); $subtotal = $item_data1 = array(); for ($i = 0; $i < count($item_details); $i++) { $product_id = $item_details[$i]['product_id']; $measurement = $item_details[$i]['measurement']; $product_variant_id = $item_details[$i]['id']; $measurement_unit_id = $item_details[$i]['measurement_unit_id']; $stock_unit_id = $item_details[$i]['stock_unit_id']; $price = $item_details[$i]['price']; $discounted_price = $item_details[$i]['discounted_price']; $type = $item_details[$i]['type']; $total_stock = $item_details[$i]['stock']; $quantity = $quantity_arr[$i]; $price = $item_details[$i]['discounted_price'] == 0 ? $item_details[$i]['price'] : $item_details[$i]['discounted_price']; $message .= "<b>Name : </b>" . $item_details[$i]['name'] . "<b> Unit :</b>" . $item_details[$i]['measurement'] . " " . $item_details[$i]['measurement_unit_name'] . "<b> QTY :</b>" . $quantity . "<b> Subtotal :</b>" . $price * $quantity . "<br>"; $item_data1[] = array('name' => $item_details[$i]['name'], 'tax_amount' => $tax_amt, 'tax_percentage' => $tax_percentage, 'tax_title' => $item_details[$i]['tax_title'], 'unit' => $item_details[$i]['measurement'] . " " . $item_details[$i]['measurement_unit_name'], 'qty' => $quantity, 'subtotal' => ($price * $quantity)); } $message .= "<b>OTP : </b>" . $otp_number . "<b>Total Amount : </b>" . $total . " <b>Delivery Charge : </b>" . $delivery_charge . " <b>Tax Amount : </b>" . $tax_amount . " <b>Discount : </b>" . $discount . " <b>Wallet Used : </b>" . $wallet_balance . " <b>Final Total :</b>" . $final_total; $message .= "<br>Payment Method : " . $payment_method; $order_data = array('total_amount' => $total, 'delivery_charge' => $delivery_charge, 'discount' => $discount, 'wallet_used' => $wallet_balance, 'final_total' => $final_total, 'payment_method' => $payment_method, 'address' => $address, 'user_msg' => $user_msg, 'otp_msg' => $otp_msg, 'otp' => $otp_number); $message .= "<br><br>Thank you for placing an order with us!<br><br>You will receive future updates on your order via Email!"; send_smtp_mail($to, $subject, $item_data1, $order_data); $subject = "New order placed for $app_name"; $message = "New order ID : #" . $response['order_id'] . " received please take note of it and proceed further"; $function->send_notification_to_admin("New Order Arrived.", $message, "admin_notification", $response['order_id']); send_email($support_email, $subject, $message); $function->send_order_update_notification($user_id, "Your order has been received", $message, 'order', $response['order_id']); } print_r(json_encode($response)); } else { $response['error'] = "true"; $response['message'] = "Could not place order. Try again!"; $response['order_id'] = 0; print_r(json_encode($response)); } } elseif (isset($_POST['place_order']) && isset($_POST['user_id']) && empty(json_decode($_POST['product_variant_id']))) { $response['error'] = "true"; $response['message'] = "Order without items in cart can not be placed!"; $response['order_id'] = 0; print_r(json_encode($response)); } if (isset($_POST['get_orders']) && isset($_POST['user_id'])) { if (!verify_token()) { return false; } $where = ''; $user_id = $db->escapeString($function->xss_clean($_POST['user_id'])); $order_id = (isset($_POST['order_id']) && !empty($_POST['order_id']) && is_numeric($_POST['order_id'])) ? $db->escapeString($function->xss_clean($_POST['order_id'])) : ""; $status = (isset($_POST['status']) && !empty($_POST['status'])) ? $db->escapeString($function->xss_clean($_POST['status'])) : ""; $limit = (isset($_POST['limit']) && !empty($_POST['limit']) && is_numeric($_POST['limit'])) ? $db->escapeString($function->xss_clean($_POST['limit'])) : 10; $offset = (isset($_POST['offset']) && !empty($_POST['offset']) && is_numeric($_POST['offset'])) ? $db->escapeString($function->xss_clean($_POST['offset'])) : 0; if (isset($_POST['pickup'])) { $where = $_POST['pickup'] == 1 ? " AND o.local_pickup = 1 " : " WHERE o.local_pickup = 0 "; } $where .= !empty($order_id) ? " AND o.id = " . $order_id : ""; $where .= !empty($status) ? " AND active_status = '$status'" : ""; $sql = "select count(o.id) as total from orders o where user_id=" . $user_id . $where; $db->sql($sql); $res = $db->getResult(); $total = $res[0]['total']; $sql = "select o.*,obt.attachment,count(obt.attachment) as total_attachment ,obt.message as bank_transfer_message,obt.status as bank_transfer_status,(select name from users u where u.id=o.user_id) as user_name from orders o LEFT JOIN order_bank_transfers obt ON obt.order_id=o.id where user_id=" . $user_id . $where . " GROUP BY id ORDER BY date_added DESC LIMIT $offset,$limit"; $db->sql($sql); $res = $db->getResult(); $i = 0; $j = 0; foreach ($res as $row) { if ($row['discount'] > 0) { $discounted_amount = $row['total'] * $row['discount'] / 100; $final_total = $row['total'] - $discounted_amount; $discount_in_rupees = $row['total'] - $final_total; } else { $discount_in_rupees = 0; } $res[$i]['discount_rupees'] = "$discount_in_rupees"; $sql_query = "SELECT id,attachment FROM order_bank_transfers WHERE order_id = " . $row['id']; $db->sql($sql_query); $res_attac = $db->getResult(); $myData = array(); foreach ($res_attac as $item) { array_push($myData, ['id' => $item['id'], 'image' => DOMAIN_URL . $item['attachment']]); } $body1 = json_encode($myData); $body = json_decode($body1); $res[$i]['attachment'] = $body; $res[$i]['user_name'] = !empty($res[$i]['user_name']) ? $res[$i]['user_name'] : ""; $res[$i]['delivery_boy_id'] = !empty($res[$i]['delivery_boy_id']) ? $res[$i]['delivery_boy_id'] : ""; $res[$i]['otp'] = !empty($res[$i]['otp']) ? $res[$i]['otp'] : ""; $res[$i]['order_note'] = !empty($res[$i]['order_note']) ? $res[$i]['order_note'] : ""; $res[$i]['bank_transfer_message'] = !empty($res[$i]['bank_transfer_message']) ? $res[$i]['bank_transfer_message'] : ""; $res[$i]['bank_transfer_status'] = !empty($res[$i]['bank_transfer_status']) ? $res[$i]['bank_transfer_status'] : "0"; $res[$i]['seller_notes'] = !empty($res[$i]['seller_notes']) ? $res[$i]['seller_notes'] : ""; $res[$i]['pickup_time'] = !empty($res[$i]['pickup_time']) ? $res[$i]['pickup_time'] : ""; if($res[$i]['total'] == 0){ $final_totals = "0"; } else{ $final_totals = $res[$i]['total'] + $res[$i]['delivery_charge'] - $res[$i]['discount_rupees'] - $res[$i]['promo_discount']; } $final_total = ceil($final_totals); $res[$i]['final_total'] = "$final_total"; $res[$i]['date_added'] = date('d-m-Y h:i:sa', strtotime($res[$i]['date_added'])); $res[$i]['order_time'] = date('Y-m-d H:m:s', strtotime($res[$i]['date_added'])); $res[$i]['status'] = json_decode($res[$i]['status']); if (in_array('awaiting_payment', array_column($res[$i]['status'], '0'))) { $temp_array = array_column($res[$i]['status'], '0'); $index = array_search("awaiting_payment", $temp_array); unset($res[$i]['status'][$index]); $res[$i]['status'] = array_values($res[$i]['status']); } $status = $res[$i]['status']; $item1 = array_map('reset', $status); $item2 = array_map('end', $status); $res[$i]['status_name'] = !empty($item1) ? $item1 : array(); $res[$i]['status_time'] = !empty($item2) ? $item2 : array(); $sql = "select oi.*,p.id as product_id,v.id as variant_id, pr.rate,pr.review,pr.status as review_status,p.name,p.image,p.manufacturer,p.made_in,p.return_status,p.cancelable_status,p.till_status,v.measurement,(select short_code from unit u where u.id=v.measurement_unit_id) as unit from order_items oi left join product_variant v on oi.product_variant_id=v.id left join products p on p.id=v.product_id left join product_reviews pr on p.id=pr.product_id where order_id=" . $row['id'] . " GROUP BY oi.id"; $db->sql($sql); $res[$i]['items'] = $db->getResult(); for ($j = 0; $j < count($res[$i]['items']); $j++) { $res[$i]['items'][$j]['status'] = (!empty($res[$i]['items'][$j]['status'])) ? json_decode($res[$i]['items'][$j]['status']) : array(); if (in_array('awaiting_payment', array_column($res[$i]['items'][$j]['status'], '0'))) { $temp_array = array_column($res[$i]['items'][$j]['status'], '0'); $index = array_search("awaiting_payment", $temp_array); unset($res[$i]['items'][$j]['status'][$index]); $res[$i]['items'][$j]['status'] = array_values($res[$i]['items'][$j]['status']); } $res[$i]['items'][$j]['image'] = DOMAIN_URL . $res[$i]['items'][$j]['image']; // $total = $res[$i]['items'][$j]['price'] + $res[$i]['items'][$j]['tax_amount']; // $res[$i]['items'][$j]['price'] = "$total"; $res[$i]['items'][$j]['deliver_by'] = !empty($res[$i]['items'][$j]['deliver_by']) ? $res[$i]['items'][$j]['deliver_by'] : ""; $res[$i]['items'][$j]['rate'] = !empty($res[$i]['items'][$j]['rate']) ? $res[$i]['items'][$j]['rate'] : ""; $res[$i]['items'][$j]['review'] = !empty($res[$i]['items'][$j]['review']) ? $res[$i]['items'][$j]['review'] : ""; $res[$i]['items'][$j]['manufacturer'] = !empty($res[$i]['items'][$j]['manufacturer']) ? $res[$i]['items'][$j]['manufacturer'] : ""; $res[$i]['items'][$j]['made_in'] = !empty($res[$i]['items'][$j]['made_in']) ? $res[$i]['items'][$j]['made_in'] : ""; $res[$i]['items'][$j]['return_status'] = !empty($res[$i]['items'][$j]['return_status']) ? $res[$i]['items'][$j]['return_status'] : ""; $res[$i]['items'][$j]['cancelable_status'] = !empty($res[$i]['items'][$j]['cancelable_status']) ? $res[$i]['items'][$j]['cancelable_status'] : ""; $res[$i]['items'][$j]['till_status'] = !empty($res[$i]['items'][$j]['till_status']) ? $res[$i]['items'][$j]['till_status'] : ""; $res[$i]['items'][$j]['review_status'] = (!empty($res[$i]['items'][$j]['review_status']) && ($res[$i]['items'][$j]['review_status'] == 1)) ? $res[$i]['items'][$j]['review_status'] == TRUE : FALSE; $sql = "SELECT id from return_requests where product_variant_id = " . $res[$i]['items'][$j]['variant_id'] . " AND user_id = " . $user_id; $db->sql($sql); $return_request = $db->getResult(); if (empty($return_request)) { $res[$i]['items'][$j]['applied_for_return'] = false; } else { $res[$i]['items'][$j]['applied_for_return'] = true; } } $i++; } $orders = $order = array(); if (!empty($res)) { $orders['error'] = false; $orders['total'] = $total; $orders['data'] = array_values($res); print_r(json_encode($orders)); } else { $res['error'] = true; $res['message'] = "No orders found!"; print_r(json_encode($res)); } } if (isset($_POST['update_order_item_status']) && isset($_POST['order_item_id'])) { // if (!verify_token()) { // return false; // } $order_item_id = $db->escapeString($function->xss_clean($_POST['order_item_id'])); $order_id = $db->escapeString($function->xss_clean($_POST['order_id'])); $postStatus = $db->escapeString($function->xss_clean($_POST['status'])); $store_pickup = $function->is_lockup($order_id); $sql = "SELECT COUNT(id) as cancelled FROM `order_items` WHERE id=" . $order_item_id . " && status LIKE '%$postStatus%'"; $db->sql($sql); $res_cancelled = $db->getResult(); if ($res_cancelled[0]['cancelled'] == 'awaiting_payment' && ($postStatus == 'returned' || $postStatus == 'delivered' || $postStatus == 'shipped' || $postStatus == 'processed' || $postStatus == 'ready_to_pickup')) { $response['error'] = true; $response['message'] = "Order item can not $postStatus. Because it is on awaiting status."; print_r(json_encode($response)); return false; } if ($res_cancelled[0]['cancelled'] > 0) { $response['error'] = true; $response['message'] = 'Could not update order status. Item is already ' . ucwords($postStatus) . '!'; print_r(json_encode($response)); return false; } $sql = "SELECT user_id,status,sub_total FROM order_items WHERE id =" . $order_item_id; $db->sql($sql); $result = $db->getResult(); if (!empty($result)) { $status = json_decode($result[0]['status']); if ($postStatus == 'cancelled') { if ($cancel_order_from == "") { $response = $function->is_product_cancellable($order_item_id); if ($response["error"] == 1) { print_r(json_encode($response)); return false; } } $sql = 'SELECT final_total,total,user_id,payment_method,wallet_balance,delivery_charge,tax_amount,status FROM orders WHERE id=' . $order_id; $db->sql($sql); $res_order = $db->getResult(); $sql = 'SELECT oi.*,oi.`product_variant_id`,oi.`quantity`,oi.`discounted_price`,oi.`price`,pv.`product_id`,pv.`type`,pv.`stock`,pv.`stock_unit_id`,pv.`measurement`,pv.`measurement_unit_id` FROM `order_items` oi left join `product_variant` pv on pv.id = oi.product_variant_id WHERE oi.`id`=' . $order_item_id; $db->sql($sql); $res_oi = $db->getResult(); $price = ($res_oi[0]['discounted_price'] == 0) ? ($res_oi[0]['price'] * $res_oi[0]['quantity']) + $res_oi[0]['tax_amount'] : $res_oi[0]['discounted_price'] * $res_oi[0]['quantity'] + $res_oi[0]['tax_amount']; $total = $res_order[0]['total']; $final_total = $res_order[0]['final_total']; $delivery_charge = $res_order[0]['delivery_charge']; if ($total - $price >= 0) { $sql_total = "update orders set total=$total-$price where id=" . $order_id; $db->sql($sql_total); } $sql = "select total from orders where id=" . $order_id; $db->sql($sql); $res_total = $db->getResult(); $total = $res_total[0]['total']; if ($total < $config['min_amount']) { if ($delivery_charge == 0) { $dchrg = $config['delivery_charge']; $sql_delivery_chrg = "update orders set delivery_charge=$dchrg where id=" . $order_id; $db->sql($sql_delivery_chrg); $sql_final_total = "update orders set final_total=$final_total-$price+$dchrg where id=" . $order_id; } else { $sql_final_total = "update orders set final_total=$final_total-$price where id=" . $order_id; } $db->sql($sql_final_total); } else { $sql_final_total = "update orders set final_total=$final_total-$price where id=" . $order_id; } $db->sql($sql_final_total); if ($total <= 0) { $sql = "update orders set delivery_charge=0,tax_amount=0,tax_percentage=0,final_total=0 where id=" . $order_id; $db->sql($sql); } if ($res_oi[0]['type'] == 'packet') { $sql = "UPDATE product_variant SET stock = stock + " . $res_oi[0]['quantity'] . " WHERE id='" . $res_oi[0]['product_variant_id'] . "'"; $db->sql($sql); $sql = "select stock from product_variant where id=" . $res_oi[0]['product_variant_id']; $db->sql($sql); $res_stock = $db->getResult(); if (!empty($res_stock)) { if ($res_stock[0]['stock'] > 0) { $sql = "UPDATE product_variant set serve_for='Available' WHERE id='" . $res_oi[0]['product_variant_id'] . "'"; $db->sql($sql); } } } else { /* When product type is loose */ if (!empty($res_oi[0]['product_id'])) { if ($res_oi[0]['measurement_unit_id'] != $res_oi[0]['stock_unit_id']) { $stock = $function->convert_to_parent($res_oi[0]['measurement'], $res_oi[0]['measurement_unit_id']); $stock = $stock * $res_oi[0]['quantity']; $sql = "UPDATE product_variant SET stock = stock + " . $stock . " WHERE product_id='" . $res_oi[0]['product_id'] . "'" . " AND id='" . $res_oi[0]['product_variant_id'] . "'"; $db->sql($sql); } else { $stock = $res_oi[0]['measurement'] * $res_oi[0]['quantity']; $sql = "UPDATE product_variant SET stock = stock + " . $stock . " WHERE product_id='" . $res_oi[0]['product_id'] . "'" . " AND id='" . $res_oi[0]['product_variant_id'] . "'"; $db->sql($sql); } $sql = "select stock from product_variant where product_id=" . $res_oi[0]['product_id']; $db->sql($sql); $res_stck = $db->getResult(); if ($res_stck[0]['stock'] > 0) { $sql = "UPDATE product_variant SET stock = stock + " . $stock . " WHERE product_id='" . $res_oi[0]['product_id'] . "'" . " AND id='" . $res_oi[0]['product_variant_id'] . "'"; $db->sql($sql); } } } $status[] = array($postStatus, date("d-m-Y h:i:sa")); $currentStatus = $postStatus; $oi_status = $db->escapeString(json_encode($status)); $sql = "UPDATE order_items SET `status` = '" . $oi_status . "',active_status = '" . $currentStatus . "' WHERE id=" . $order_item_id; $db->sql($sql); $sql = "SELECT id FROM order_items WHERE order_id=" . $order_id; $db->sql($sql); $total = $db->numRows(); $sql = "SELECT id FROM `order_items` WHERE order_id=" . $order_id . " && (`active_status` LIKE '%cancelled%' OR `active_status` LIKE '%returned%' )"; $db->sql($sql); $cancelled = $db->numRows(); if ($cancelled == $total) { if (strtolower($res_order[0]['payment_method']) != 'cod') { /* update user's wallet */ $user_id = $res_order[0]['user_id']; // $total_amount = $res_order[0]['total'] + $res_order[0]['delivery_charge'] + $res_order[0]['tax_amount']; $total_amount = $final_total + $res_order[0]['delivery_charge'] + $res_order[0]['tax_amount']; $user_wallet_balance = $function->get_wallet_balance($user_id); $new_balance = $user_wallet_balance + $total_amount; $function->update_wallet_balance($new_balance, $user_id); $wallet_txn_id = $function->add_wallet_transaction($order_id, $user_id, 'credit', $total_amount, 'Balance credited against item cancellation...'); } else { if ($res_order[0]['wallet_balance'] != 0) { $user_id = $res_order[0]['user_id']; $user_wallet_balance = $function->get_wallet_balance($user_id); $new_balance = ($user_wallet_balance + $res_order[0]['wallet_balance']); $function->update_wallet_balance($new_balance, $user_id); $wallet_txn_id = $function->add_wallet_transaction($order_id, $user_id, 'credit', $res_order[0]['wallet_balance'], 'Balance credited against item cancellation!!'); } } $data_order = array( 'status' => $db->escapeString(json_encode($status)), 'active_status' => $currentStatus ); $db->update('orders', $data_order, 'id=' . $order_id); } else { if (strtolower($res_order[0]['payment_method']) != 'cod') { /* update user's wallet */ $user_id = $res_order[0]['user_id']; $total_amount = $result[0]['sub_total']; $user_wallet_balance = $function->get_wallet_balance($user_id); $new_balance = $user_wallet_balance + $total_amount; $function->update_wallet_balance($new_balance, $user_id); $wallet_txn_id = $function->add_wallet_transaction($order_id, $user_id, 'credit', $total_amount, 'Balance credited against item cancellation...'); } else { if ($res_order[0]['wallet_balance'] != 0) { $user_id = $res_order[0]['user_id']; $user_wallet_balance = $function->get_wallet_balance($user_id); $new_balance = ($user_wallet_balance + $res_order[0]['wallet_balance']); $function->update_wallet_balance($new_balance, $user_id); $wallet_txn_id = $function->add_wallet_transaction($order_id, $user_id, 'credit', $res_order[0]['wallet_balance'], 'Balance credited against item cancellation!!'); } } } $response['error'] = false; $response['message'] = 'Order item cancelled successfully!'; $response['subtotal'] = $result[0]['sub_total']; print_r(json_encode($response)); return false; } if ($postStatus == 'returned') { // checking for product is returnable or not $response = $function->is_product_returnable($order_item_id); if ($response["error"] == 1) { print_r(json_encode($response)); return false; } $is_item_delivered = 0; foreach ($status as $each_status) { if (in_array('delivered', $each_status)) { $is_item_delivered = 1; $config['max-product-return-days']; $now = time(); // or your date as well $status_date = strtotime($each_status[1]); $datediff = $now - $status_date; $no_of_days = round($datediff / (60 * 60 * 24)); if ($no_of_days > $config['max-product-return-days']) { $response['error'] = true; $response['message'] = 'Oops! Sorry you cannot return the item now. You have crossed product\'s maximum return period'; print_r(json_encode($response)); return false; } } } if (!$is_item_delivered) { $response['error'] = true; $response['message'] = 'Cannot return item unless it is delivered!'; print_r(json_encode($response)); return false; } if ($function->is_return_request_exists($result[0]['user_id'], $order_item_id)) { $response['error'] = true; $response['message'] = 'Already applied for return'; print_r(json_encode($response)); return false; } /* store return request */ $function->store_return_request($result[0]['user_id'], $order_id, $order_item_id); $response['error'] = false; $response['message'] = 'Order item returned request received successfully! Please wait for approval.'; $response['subtotal'] = $result[0]['sub_total']; print_r(json_encode($response)); return false; } } else { $response['error'] = true; $response['message'] = 'Order item not found!'; print_r(json_encode($response)); return false; } } if (isset($_POST['update_order_status']) && isset($_POST['id'])) { $id = $db->escapeString($function->xss_clean($_POST['id'])); $postStatus = $db->escapeString($function->xss_clean($_POST['status'])); $store_pickup = $function->is_lockup($id); if (isset($_POST['status'])) { $sql = "UPDATE orders SET `status`='" . $postStatus . "'WHERE id=" . $id; $db->sql($sql); $response['error'] = true; $response['message'] = 'Status Updated Success'; print_r(json_encode($response)); } else { $response['error'] = true; $response['message'] = 'Could not update order status try again!'; print_r(json_encode($response)); } } if (isset($_POST['get_reorder_data'])) { if (!verify_token()) { return false; } $id = $db->escapeString($function->xss_clean($_POST['id'])); $sql = "select * from `orders` where id=$id"; $db->sql($sql); $res = $db->getResult(); if (empty($res)) { $response['error'] = true; $response['message'] = "Sorry Invalid order ID"; print_r(json_encode($response)); } else { $sql = "select * from `order_items` where order_id=$id"; $db->sql($sql); $order_items = $db->getResult(); $items = $temp = []; foreach ($order_items as $item) { $temp['product_variant_id'] = $item['product_variant_id']; $temp['quantity'] = $item['quantity']; $items[] = $temp; } $res[0]['status'] = json_decode($res[0]['status']); $res[0]['items'] = $items; $response['error'] = false; $response['message'] = "Order data retrived successfully"; $response['data'] = $res[0]; print_r(json_encode($response)); } } if (isset($_POST['get_settings'])) { if (!verify_token()) { return false; } $sql = "select value from `settings` where variable='system_timezone'"; $db->sql($sql); $res = $db->getResult(); $sql = "select value from `settings` where variable='currency'"; $db->sql($sql); $res_currency = $db->getResult(); if (!empty($res)) { $response['error'] = false; $response['settings'] = json_decode($res[0]['value'], 1); $response['settings']['currency'] = $res_currency[0]['value']; $response['settings']['delivery_charge'] = empty($response['settings']['delivery_charge']) ? "0" : $response['settings']['delivery_charge']; $response['settings']['min-refer-earn-order-amount'] = empty($response['settings']['min-refer-earn-order-amount']) ? "0" : $response['settings']['min-refer-earn-order-amount']; $response['settings']['min_amount'] = empty($response['settings']['min_amount']) ? "0" : $response['settings']['min_amount']; $response['settings']['max-refer-earn-amount'] = empty($response['settings']['max-refer-earn-amount']) ? "0" : $response['settings']['max-refer-earn-amount']; $response['settings']['minimum-withdrawal-amount'] = empty($response['settings']['minimum-withdrawal-amount']) ? "0" : $response['settings']['minimum-withdrawal-amount']; $response['settings']['refer-earn-bonus'] = empty($response['settings']['refer-earn-bonus']) ? "0" : $response['settings']['refer-earn-bonus']; $response['settings']['current_version'] = empty($response['settings']['current_version']) ? "0" : $response['settings']['current_version']; $response['settings']['minimum_version_required'] = empty($response['settings']['minimum_version_required']) ? "0" : $response['settings']['minimum_version_required']; $response['settings']['user-wallet-refill-limit'] = (!isset($response['settings']['user-wallet-refill-limit']) || empty($response['settings']['user-wallet-refill-limit'])) ? 0 : $response['settings']['user-wallet-refill-limit']; $response['settings']['area-wise-delivery-charge'] = (!isset($response['settings']['area-wise-delivery-charge']) || empty($response['settings']['area-wise-delivery-charge'])) ? 0 : $response['settings']['area-wise-delivery-charge']; $response['settings']['area-wise-delivery'] = (!isset($response['settings']['area-wise-delivery']) || empty($response['settings']['area-wise-delivery'])) ? 0 : $response['settings']['area-wise-delivery']; $response['settings']['generate-otp'] = (!isset($response['settings']['generate-otp']) || empty($response['settings']['generate-otp'])) ? 1 : $response['settings']['generate-otp']; // $response['settings']['tax'] = empty($response['settings']['delivery_charge']) ? "0" : $response['settings']['delivery_charge']; print_r(json_encode($response)); } else { $response['error'] = true; $response['settings'] = "No settings found!"; $response['message'] = "Something went wrong!"; print_r(json_encode($response)); } } if (isset($_POST['update_order_total_payable']) && isset($_POST['id'])) { $id = $db->escapeString($function->xss_clean($_POST['id'])); $discount = $db->escapeString($function->xss_clean($_POST['discount'])); $deliver_by = $db->escapeString($function->xss_clean($_POST['deliver_by'])); $total_payble = $db->escapeString($function->xss_clean($_POST['total_payble'])); $total_payble = round($total_payble, 2); $data = array( 'discount' => $discount, 'deliver_by' => $deliver_by, ); $data1 = array( 'discount' => $discount, 'final_total' => $total_payble, ); if ($discount >= 0) { $db->update('order_items', $data, 'order_id=' . $id); $db->update('orders', $data1, 'id=' . $id); $res = $db->getResult(); if (!empty($res)) { $response['error'] = false; $response['message'] = "Order updated successfully."; print_r(json_encode($response)); } else { $response['error'] = true; $response['message'] = "Could not update order. Try again!"; print_r(json_encode($response)); } } } if (isset($_POST['add_transaction']) && $_POST['add_transaction'] == true) { if (!verify_token()) { return false; } /*add data to transaction table*/ $user_id = $db->escapeString($function->xss_clean($_POST['user_id'])); $order_id = $db->escapeString($function->xss_clean($_POST['order_id'])); $type = $db->escapeString($function->xss_clean($_POST['type'])); $txn_id = $db->escapeString($function->xss_clean($_POST['txn_id'])); $amount = $db->escapeString($function->xss_clean($_POST['amount'])); $status = $db->escapeString($function->xss_clean($_POST['status'])); $message = $db->escapeString($function->xss_clean($_POST['message'])); $transaction_date = (isset($_POST['addedon']) && !empty($_POST['addedon'])) ? $db->escapeString($function->xss_clean($_POST['addedon'])) : date('Y-m-d H:i:s'); $data = array( 'user_id' => $user_id, 'order_id' => $order_id, 'type' => $type, 'txn_id' => $txn_id, 'amount' => $amount, 'status' => $status, 'message' => $message, 'transaction_date' => $transaction_date ); $db->insert('transactions', $data); $res = $db->getResult(); $response['error'] = false; $response['transaction_id'] = $res[0]; $response['message'] = "Transaction added successfully!"; echo json_encode($response); } if (isset($_POST['delete_order']) && $_POST['delete_order'] == true) { /* accesskey:90336 delete_order:1 order_id:73 */ if (!verify_token()) { return false; } /*add data to transaction table*/ $order_id = $db->escapeString($function->xss_clean($_POST['order_id'])); // delete data from pemesanan table $sql_query = "DELETE FROM orders WHERE ID =" . $order_id; if ($db->sql($sql_query)) { $sql = "DELETE FROM order_items WHERE order_id =" . $order_id; $db->sql($sql); $response['error'] = false; $response['message'] = "Order deleted successfully!"; } else { $response['error'] = true; $response['message'] = "Order does not deleted!"; } echo json_encode($response); } if (isset($_POST['upload_bank_transfers_attachment']) && $_POST['upload_bank_transfers_attachment'] == 1) { /* upload_bank_transfers_attachment accesskey:90336 upload_bank_transfers_attachment:1 order_id:1 image[]:FILE */ if (empty($_POST['order_id']) || empty($_FILES['image'])) { $response['error'] = true; $response['message'] = "Please pass all fields!"; print_r(json_encode($response)); return false; } $error['image'] = ''; $order_id = $db->escapeString($function->xss_clean($_POST['order_id'])); if (isset($_FILES["image"]) && $_FILES["image"]["error"] == 0) { for ($i = 0; $i < count($_FILES["image"]["name"]); $i++) { if ($_FILES["image"]["error"][$i] > 0) { $response['error'] = true; $response['message'] = "Images not uploaded!"; print_r(json_encode($response)); return false; } else { $result = $function->validate_other_images($_FILES["image"]["tmp_name"][$i], $_FILES["image"]["type"][$i]); if ($result) { $response['error'] = true; $response['message'] = "image type must jpg, jpeg, gif, or png!"; print_r(json_encode($response)); return false; } } } } if (isset($_FILES['image']) && ($_FILES['image']['size'][0] > 0)) { $file_data = array(); $target_path = '../upload/attachments/'; if (!is_dir($target_path)) { mkdir($target_path, 0777, true); } $target_path1 = 'upload/attachments/'; for ($i = 0; $i < count($_FILES["image"]["name"]); $i++) { $filename = $_FILES["image"]["name"][$i]; $temp = explode('.', $filename); $filename = microtime(true) . '-' . rand(100, 999) . '.' . end($temp); $file_data[] = $target_path1 . '' . $filename; if (!move_uploaded_file($_FILES["image"]["tmp_name"][$i], $target_path . '' . $filename)) { $response['error'] = true; $response['message'] = "Images not uploaded!"; print_r(json_encode($response)); return false; } } for ($i = 0; $i < count($file_data); $i++) { $data = array( 'order_id' => $order_id, 'attachment' => $file_data[$i], ); $db->insert('order_bank_transfers', $data); } $result = $db->getResult(); } $sql = "select o.*,obt.attachment,count(obt.attachment) as total_attachment ,obt.message as bank_transfer_message,obt.status as bank_transfer_status,(select name from users u where u.id=o.user_id) as user_name from orders o LEFT JOIN order_bank_transfers obt ON obt.order_id=o.id where o.id = '" . $order_id . "' "; $db->sql($sql); $res = $db->getResult(); $i = 0; $j = 0; foreach ($res as $row) { if ($row['discount'] > 0) { $discounted_amount = $row['total'] * $row['discount'] / 100; $final_total = $row['total'] - $discounted_amount; $discount_in_rupees = $row['total'] - $final_total; } else { $discount_in_rupees = 0; } $res[$i]['discount_rupees'] = "$discount_in_rupees"; $sql_query = "SELECT id,attachment FROM order_bank_transfers WHERE order_id = " . $row['id']; $db->sql($sql_query); $res_attac = $db->getResult(); $myData = array(); foreach ($res_attac as $item) { array_push($myData, ['id' => $item['id'], 'image' => DOMAIN_URL . $item['attachment']]); } $body1 = json_encode($myData); $body = json_decode($body1); $res[$i]['attachment'] = $body; $res[$i]['user_name'] = !empty($res[$i]['user_name']) ? $res[$i]['user_name'] : ""; $res[$i]['delivery_boy_id'] = !empty($res[$i]['delivery_boy_id']) ? $res[$i]['delivery_boy_id'] : ""; $res[$i]['otp'] = !empty($res[$i]['otp']) ? $res[$i]['otp'] : ""; $res[$i]['order_note'] = !empty($res[$i]['order_note']) ? $res[$i]['order_note'] : ""; $res[$i]['bank_transfer_message'] = !empty($res[$i]['bank_transfer_message']) ? $res[$i]['bank_transfer_message'] : ""; $res[$i]['bank_transfer_status'] = !empty($res[$i]['bank_transfer_status']) ? $res[$i]['bank_transfer_status'] : "0"; $final_totals = $res[$i]['total'] + $res[$i]['delivery_charge'] - $res[$i]['discount_rupees'] - $res[$i]['promo_discount'] - $res[$i]['wallet_balance']; $final_total = ceil($final_totals); $res[$i]['final_total'] = "$final_total"; $res[$i]['date_added'] = date('d-m-Y h:i:sa', strtotime($res[$i]['date_added'])); $res[$i]['status'] = json_decode($res[$i]['status']); if (in_array('awaiting_payment', array_column($res[$i]['status'], '0'))) { $temp_array = array_column($res[$i]['status'], '0'); $index = array_search("awaiting_payment", $temp_array); unset($res[$i]['status'][$index]); $res[$i]['status'] = array_values($res[$i]['status']); } $status = $res[$i]['status']; $item1 = array_map('reset', $status); $item2 = array_map('end', $status); $res[$i]['status_name'] = $item1; $res[$i]['status_time'] = $item2; $sql = "select oi.*,p.id as product_id,v.id as variant_id, pr.rate,pr.review,pr.status as review_status,p.name,p.image,p.manufacturer,p.made_in,p.return_status,p.cancelable_status,p.till_status,v.measurement,(select short_code from unit u where u.id=v.measurement_unit_id) as unit from order_items oi left join product_variant v on oi.product_variant_id=v.id left join products p on p.id=v.product_id left join product_reviews pr on p.id=pr.product_id where order_id=" . $row['id'] . " GROUP BY oi.id"; $db->sql($sql); $res[$i]['items'] = $db->getResult(); for ($j = 0; $j < count($res[$i]['items']); $j++) { $res[$i]['items'][$j]['status'] = (!empty($res[$i]['items'][$j]['status'])) ? json_decode($res[$i]['items'][$j]['status']) : array(); if (in_array('awaiting_payment', array_column($res[$i]['items'][$j]['status'], '0'))) { $temp_array = array_column($res[$i]['items'][$j]['status'], '0'); $index = array_search("awaiting_payment", $temp_array); unset($res[$i]['items'][$j]['status'][$index]); $res[$i]['items'][$j]['status'] = array_values($res[$i]['items'][$j]['status']); } $res[$i]['items'][$j]['image'] = DOMAIN_URL . $res[$i]['items'][$j]['image']; $res[$i]['items'][$j]['deliver_by'] = !empty($res[$i]['items'][$j]['deliver_by']) ? $res[$i]['items'][$j]['deliver_by'] : ""; $res[$i]['items'][$j]['rate'] = !empty($res[$i]['items'][$j]['rate']) ? $res[$i]['items'][$j]['rate'] : ""; $res[$i]['items'][$j]['review'] = !empty($res[$i]['items'][$j]['review']) ? $res[$i]['items'][$j]['review'] : ""; $res[$i]['items'][$j]['manufacturer'] = !empty($res[$i]['items'][$j]['manufacturer']) ? $res[$i]['items'][$j]['manufacturer'] : ""; $res[$i]['items'][$j]['made_in'] = !empty($res[$i]['items'][$j]['made_in']) ? $res[$i]['items'][$j]['made_in'] : ""; $res[$i]['items'][$j]['return_status'] = !empty($res[$i]['items'][$j]['return_status']) ? $res[$i]['items'][$j]['return_status'] : ""; $res[$i]['items'][$j]['cancelable_status'] = !empty($res[$i]['items'][$j]['cancelable_status']) ? $res[$i]['items'][$j]['cancelable_status'] : ""; $res[$i]['items'][$j]['till_status'] = !empty($res[$i]['items'][$j]['till_status']) ? $res[$i]['items'][$j]['till_status'] : ""; $res[$i]['items'][$j]['review_status'] = (!empty($res[$i]['items'][$j]['review_status']) && ($res[$i]['items'][$j]['review_status'] == 1)) ? $res[$i]['items'][$j]['review_status'] == TRUE : FALSE; $sql = "SELECT id from return_requests where product_variant_id = " . $res[$i]['items'][$j]['variant_id'] . " AND user_id = " . $row['user_id']; $db->sql($sql); $return_request = $db->getResult(); if (empty($return_request)) { $res[$i]['items'][$j]['applied_for_return'] = false; } else { $res[$i]['items'][$j]['applied_for_return'] = true; } } $i++; } $response['error'] = false; $response['message'] = "Images uploaded successfully!"; $response['data'] = $res; print_r(json_encode($response)); return false; } if (isset($_POST['delete_bank_transfers_attachment']) && $_POST['delete_bank_transfers_attachment'] == 1) { /* delete_bank_transfers_attachment accesskey:90336 delete_bank_transfers_attachment:1 order_id:1 id:2 */ if (empty($_POST['order_id']) || empty($_POST['id'])) { $response['error'] = true; $response['message'] = "Please pass all fields!"; print_r(json_encode($response)); return false; } $order_id = $db->escapeString($function->xss_clean($_POST['order_id'])); $id = $db->escapeString($function->xss_clean($_POST['id'])); $sql = "SELECT attachment FROM `order_bank_transfers` WHERE id = $id AND order_id = $order_id"; $db->sql($sql); $image = $db->getResult(); unlink('../' . $image[0]['attachment']); $sql1 = "DElETE FROM `order_bank_transfers` WHERE id = $id AND order_id = $order_id"; $db->sql($sql1); $res = $db->getResult(); $response['error'] = false; $response['message'] = "Image deleted successfully!"; print_r(json_encode($response)); return false; } if (isset($_POST['test']) && $_POST['test'] == true) { $res = $function->send_notification_to_admin("test", "hello", "admin_notification", 12); $res = send_email($support_email, 'test', 'testing'); print_r($res); } if (isset($_POST['get_order_invoice']) && $_POST['get_order_invoice'] == 1) { /* get_order_invoice accesskey:90336 get_order_invoice:1 order_id:1 OR invoice_id:2 */ if (!verify_token()) { return false; } $where = ''; if (empty($_POST['order_id']) && empty($_POST['invoice_id'])) { $response['error'] = true; $response['message'] = "Please pass order id or invoice id!"; print_r(json_encode($response)); return false; } $limit = (isset($_POST['limit']) && !empty($_POST['limit']) && is_numeric($_POST['limit'])) ? $db->escapeString($function->xss_clean($_POST['limit'])) : 10; $offset = (isset($_POST['offset']) && !empty($_POST['offset']) && is_numeric($_POST['offset'])) ? $db->escapeString($function->xss_clean($_POST['offset'])) : 0; $order_id = (isset($_POST['order_id']) && !empty($_POST['order_id']) && is_numeric($_POST['order_id'])) ? $db->escapeString($function->xss_clean($_POST['order_id'])) : ""; $invoice_id = (isset($_POST['invoice_id']) && !empty($_POST['invoice_id']) && is_numeric($_POST['invoice_id'])) ? $db->escapeString($function->xss_clean($_POST['invoice_id'])) : ""; if (isset($_POST['pickup'])) { $where = $_POST['pickup'] == 1 ? " AND o.local_pickup = 1 " : " WHERE o.local_pickup = 0 "; } if (!empty($order_id)) { $where .= !empty($where) ? " AND o.id = " . $order_id : " WHERE o.id = " . $order_id; } if (!empty($invoice_id)) { $where .= !empty($where) ? " AND i.id = " . $invoice_id : " WHERE i.id = " . $invoice_id; } $sql = "select count(o.id) as total from orders o LEFT JOIN invoice i ON o.id=i.order_id " . $where; $db->sql($sql); $res = $db->getResult(); $total = $res[0]['total']; $sql = "select o.*,i.id as invoice_id,obt.attachment,count(obt.attachment) as total_attachment ,obt.message as bank_transfer_message,obt.status as bank_transfer_status,(select name from users u where u.id=o.user_id) as user_name,(select email from users u where u.id=o.user_id) as email from orders o LEFT JOIN order_bank_transfers obt ON obt.order_id=o.id LEFT JOIN invoice i ON o.id=i.order_id " . $where . " GROUP BY id ORDER BY date_added DESC LIMIT $offset,$limit"; $db->sql($sql); $res = $db->getResult(); $i = 0; $j = 0; foreach ($res as $row) { if ($row['discount'] > 0) { $discounted_amount = $row['total'] * $row['discount'] / 100; $final_total = $row['total'] - $discounted_amount; $discount_in_rupees = $row['total'] - $final_total; } else { $discount_in_rupees = 0; } $res[$i]['discount_rupees'] = "$discount_in_rupees"; $sql_query = "SELECT id,attachment FROM order_bank_transfers WHERE order_id = " . $row['id']; $db->sql($sql_query); $res_attac = $db->getResult(); $myData = array(); foreach ($res_attac as $item) { array_push($myData, ['id' => $item['id'], 'image' => DOMAIN_URL . $item['attachment']]); } $body1 = json_encode($myData); $body = json_decode($body1); $res[$i]['attachment'] = $body; $res[$i]['user_name'] = !empty($res[$i]['user_name']) ? $res[$i]['user_name'] : ""; $res[$i]['seller_notes'] = !empty($res[$i]['seller_notes']) ? $res[$i]['seller_notes'] : ""; $res[$i]['pickup_time'] = !empty($res[$i]['pickup_time']) ? $res[$i]['pickup_time'] : ""; $res[$i]['delivery_boy_id'] = !empty($res[$i]['delivery_boy_id']) ? $res[$i]['delivery_boy_id'] : ""; $res[$i]['otp'] = !empty($res[$i]['otp']) ? $res[$i]['otp'] : ""; $res[$i]['order_note'] = !empty($res[$i]['order_note']) ? $res[$i]['order_note'] : ""; $res[$i]['bank_transfer_message'] = !empty($res[$i]['bank_transfer_message']) ? $res[$i]['bank_transfer_message'] : ""; $res[$i]['bank_transfer_status'] = !empty($res[$i]['bank_transfer_status']) ? $res[$i]['bank_transfer_status'] : "0"; $final_totals = $res[$i]['total'] + $res[$i]['delivery_charge'] - $res[$i]['discount_rupees'] - $res[$i]['promo_discount'] - $res[$i]['wallet_balance']; $final_total = ceil($final_totals); $res[$i]['final_total'] = "$final_total"; $res[$i]['date_added'] = date('d-m-Y h:i:sa', strtotime($res[$i]['date_added'])); $res[$i]['status'] = json_decode($res[$i]['status']); if (in_array('awaiting_payment', array_column($res[$i]['status'], '0'))) { $temp_array = array_column($res[$i]['status'], '0'); $index = array_search("awaiting_payment", $temp_array); unset($res[$i]['status'][$index]); $res[$i]['status'] = array_values($res[$i]['status']); } $status = $res[$i]['status']; $item1 = array_map('reset', $status); $item2 = array_map('end', $status); $res[$i]['status_name'] = !empty($item1) ? $item1 : array(); $res[$i]['status_time'] = !empty($item2) ? $item2 : array(); $sql = "select oi.*,p.id as product_id,v.id as variant_id, pr.rate,pr.review,pr.status as review_status,p.name,p.image,p.manufacturer,p.made_in,p.return_status,p.cancelable_status,p.till_status,v.measurement,(select short_code from unit u where u.id=v.measurement_unit_id) as unit from order_items oi left join product_variant v on oi.product_variant_id=v.id left join products p on p.id=v.product_id left join product_reviews pr on p.id=pr.product_id where order_id=" . $row['id'] . " GROUP BY oi.id"; $db->sql($sql); $res[$i]['items'] = $db->getResult(); for ($j = 0; $j < count($res[$i]['items']); $j++) { $res[$i]['items'][$j]['status'] = (!empty($res[$i]['items'][$j]['status'])) ? json_decode($res[$i]['items'][$j]['status']) : array(); if (in_array('awaiting_payment', array_column($res[$i]['items'][$j]['status'], '0'))) { $temp_array = array_column($res[$i]['items'][$j]['status'], '0'); $index = array_search("awaiting_payment", $temp_array); unset($res[$i]['items'][$j]['status'][$index]); $res[$i]['items'][$j]['status'] = array_values($res[$i]['items'][$j]['status']); } $res[$i]['items'][$j]['image'] = DOMAIN_URL . $res[$i]['items'][$j]['image']; $res[$i]['items'][$j]['deliver_by'] = !empty($res[$i]['items'][$j]['deliver_by']) ? $res[$i]['items'][$j]['deliver_by'] : ""; $res[$i]['items'][$j]['rate'] = !empty($res[$i]['items'][$j]['rate']) ? $res[$i]['items'][$j]['rate'] : ""; $res[$i]['items'][$j]['review'] = !empty($res[$i]['items'][$j]['review']) ? $res[$i]['items'][$j]['review'] : ""; $res[$i]['items'][$j]['manufacturer'] = !empty($res[$i]['items'][$j]['manufacturer']) ? $res[$i]['items'][$j]['manufacturer'] : ""; $res[$i]['items'][$j]['made_in'] = !empty($res[$i]['items'][$j]['made_in']) ? $res[$i]['items'][$j]['made_in'] : ""; $res[$i]['items'][$j]['return_status'] = !empty($res[$i]['items'][$j]['return_status']) ? $res[$i]['items'][$j]['return_status'] : ""; $res[$i]['items'][$j]['cancelable_status'] = !empty($res[$i]['items'][$j]['cancelable_status']) ? $res[$i]['items'][$j]['cancelable_status'] : ""; $res[$i]['items'][$j]['till_status'] = !empty($res[$i]['items'][$j]['till_status']) ? $res[$i]['items'][$j]['till_status'] : ""; $res[$i]['items'][$j]['review_status'] = (!empty($res[$i]['items'][$j]['review_status']) && ($res[$i]['items'][$j]['review_status'] == 1)) ? $res[$i]['items'][$j]['review_status'] == TRUE : FALSE; $sql = "SELECT id from return_requests where product_variant_id = " . $res[$i]['items'][$j]['variant_id'] . " AND user_id = " . $user_id; $db->sql($sql); $return_request = $db->getResult(); if (empty($return_request)) { $res[$i]['items'][$j]['applied_for_return'] = false; } else { $res[$i]['items'][$j]['applied_for_return'] = true; } } $i++; } $orders = $order = array(); if (!empty($res)) { $orders['error'] = false; $orders['total'] = $total; $orders['data'] = array_values($res); print_r(json_encode($orders)); } else { $res['error'] = true; $res['message'] = "No orders found!"; print_r(json_encode($res)); } } if (isset($_POST['test']) && $_POST['test'] == true) { // $res = $function->send_notification_to_admin("test", "hello", "admin_notification", 17); $res = send_smtp_mail("test", "hello", "admin_notification", 12); print_r($res); } function findKey($array, $keySearch) { foreach ($array as $key => $item) { if ($key == $keySearch) { return true; } elseif (is_array($item) && findKey($item, $keySearch)) { return true; } } return false; }