<?php
require_once("vis-config.php");
require_once("functions.php");
$response['code'] = 0;
$response['message'] = "کمبود منابع...!";
$response['id'] = 0;
if (
	!isset($_POST["visitor_token"]) || !isset($_POST["visitor_id"]) || !isset($_POST["token"]) ||
	!isset($_POST["order_header"]) || !isset($_POST["order_detail"])
) {
	$response['code'] = 10;
	$response['message'] = "کمبود منابع...!";
	echo json_encode($response);
	return;
}

$visitor_token = $_POST["visitor_token"];
$visitor_id = $_POST["visitor_id"];
$token = $_POST["token"];
if ($token != $VIS_TOKEN) {
	$response['code'] = 20;
	$response['message'] = "خطای اعتبارسنجی...!";
	echo json_encode($response);
	return;
}
$connect = @mysqli_connect($hostname, $username, $password, $database);
if (!$connect) {
	$response['code'] = 110;
	$response['message'] = "خطای اتصال به پایگاه داده...!";
	echo json_encode($response);
	return;
}
@mysqli_query($connect, "SET CHARACTER SET utf8;");
//auth visitor
$query = "SELECT * FROM $tbl_sessions WHERE uid = '$visitor_id' AND token = '$visitor_token' AND type = 'V' LIMIT 1";
$result = @mysqli_query($connect, $query);
if (!$result) {
	$response['code'] = 120;
	$response['message'] = "خطای پایگاه داده: " . @mysqli_error($connect);
	echo json_encode($response);
	return;
}
if (@mysqli_num_rows($result) < 1) {
	$response['code'] = 130;
	$response['message'] = "سیشن شما پیدا نشد.\nاحتمالا اکانت شما در دستگاه دیگری لاگین کرده است.\nدوباره وارد شوید.";
	echo json_encode($response);
	return;
}
$temp = $_POST["order_header"];
$order_header = json_decode($temp, true);

if($order_header['total'] - $order_header['off'] < $minbuy){
    $response['code'] = 1350;
	$response['message'] = "نمیتوانید زیر $minbuy هزار تومان سفارش ثبت کنید";
	echo json_encode($response);
	return;
}


if(strpos($order_header['desc'], 'شنبه' ) === false && strpos($order_header['desc'], 'جمعه') === false) {
    $response['code'] = 1360;
	$response['message'] = "لطفا روز تحویل را در توضیحات بنویسید" ;
	echo json_encode($response);
	return;
}

$temp = $_POST["order_detail"];
$order_detail = json_decode($temp, true);
$date = jdate('Y/m/d');
$order_date = jdate('Y/m/d') . " - " . date("H:i");
$sent_date = "";
if ($isSend) {
	$sent_date = getSendDate($order_header['cus_id'], $hostname, $username, $password, $database);
}
//insert header
$query = "INSERT INTO $tbl_orders (date,V_id,C_id,Price,off,endprice,comment,emergency,orderLat,orderLng,SendTime)";
$query .= " VALUES (";
$query .= " '" . $order_date . "',";
$query .= " '" . $order_header['vis_id'] . "',";
$query .= " '" . $order_header['cus_id'] . "',";
$query .= " '" . $order_header['total'] . "',";
$query .= " '" . $order_header['off'] . "',";
$query .= " '" . ($order_header['total'] - $order_header['off']) . "',";
$query .= " '" . $order_header['desc'] . "',";
$query .= " '1',";
$query .= " '" . $order_header['lat'] . "',";
$query .= " '" . $order_header['lng'] . "',";
$query .= " '$sent_date'";
$query .= ")";

$result = @mysqli_query($connect, $query);
if (!$result) {
	$response['code'] = 140;
	$response['message'] = "خطای پایگاه داده: " . @mysqli_error($connect). '140';
	echo json_encode($response);
	return;
}
//insert detail
$order_id = @mysqli_insert_id($connect);
$response['id'] = $order_id;
for ($i = 0; $i < sizeof($order_detail); $i++) {
	$query = "INSERT INTO $tbl_orderdtl (O_id,P_id,count,price,off,total,comment)";
	$query .= " VALUES (";
	$query .= " '" . $order_id . "',";
	$query .= " '" . $order_detail[$i]['id'] . "',";
	$query .= " '" . $order_detail[$i]['some'] . "',";
	$query .= " '" . $order_detail[$i]['price'] . "',";
	$query .= " '" . $order_detail[$i]['off'] . "',";
	$query .= " '" . ($order_detail[$i]['some'] * ($order_detail[$i]['price'] - $order_detail[$i]['off'])) . "',";
	$query .= " '" . $order_detail[$i]['desc'] . "'";
	$query .= ")";
	$result = @mysqli_query($connect, $query);
	if (!$result) {
		$response['code'] = 150;
		$response['message'] = "خطای پایگاه داده: " . @mysqli_error($connect) ;
		echo json_encode($response);
		return;
	}
	$query = "SELECT Stack FROM $tbl_products WHERE id ='" . $order_detail[$i]["id"] . "'";
	$temp_result = @mysqli_query($connect, $query);
	if ($temp_result) {
		while ($row = @mysqli_fetch_assoc($temp_result)) {
			$stack = $row['Stack'];
			$stack = $stack - $order_detail[$i]["some"];
			@mysqli_query($connect, "UPDATE $tbl_products SET Stack = '$stack' WHERE id ='" . $order_detail[$i]["id"] . "'");
		}
	}
}
$locing = "";
if($setLastLoc){
	$query = "SELECT lat,lng FROM $tbl_customer WHERE id = '" . $order_header['cus_id'] . "' LIMIT 1";
	$result = @mysqli_query($connect, $query);
	if($result){
		if(@mysqli_num_rows($result)>0){
			$row = @mysqli_fetch_assoc($result);
			if(($row['lat'] == 0 && $row['lng'] == 0) || ($row['lat'] == 35.714514 && $row['lng'] == 51.392205))
				$locing = ',lat = '.$order_header['lat'].' ,lng = '.$order_header['lng'];
		}
	}

}
$query = "UPDATE $tbl_customer SET last_order = '$date',last_visit = '$date' $locing WHERE id ='" . $order_header['cus_id'] . "'";
@mysqli_query($connect, $query);
$query = "INSERT INTO tbl_notifications (message,type) VALUES ('SEFARESH','A')";
@mysqli_query($connect, $query);

InsertTourData(
	$order_header['vis_id'],
	$order_header['cus_id'],
	$order_header['start_time'],
	$order_header['end_time'],
	$order_header['lat'],
	$order_header['lng'],
	" سفارش به مبلغ  " . number_format($order_header['total'] - $order_header['off']) . " ثبت شد. ",
	$date,
	$hostname,
	$username,
	$password,
	$database
);

$response['code'] = 200;
$response['message'] = "سفارش با شماره $order_id ثبت شد.";
echo json_encode($response);
return;
?>