· 7 years ago · Jul 12, 2018, 07:02 AM
1<?php
2
3$DB = new DBConfig();
4$DB -> config();
5$DB -> conn();
6
7
8
9 $order_id = $_POST['order_id'];
10 $detail = $_POST['detail'];
11 $amount = $_POST['amount'];
12 $name = $_POST['name'];
13 $email = $_POST['email'];
14 $phone = $_POST['phone'];
15 $address = $_POST['address'];
16
17
18 $product = "<table>
19 <tr>
20 <th>No.</th>
21 <th>Product Name</th>
22 <th>Quantity</th>
23 <th>Price</th>
24 </tr>
25 ";
26 if(isset($_SESSION["products"]))
27 {
28 $total = 0;
29 $totalPrice = 0;
30 $subTot = 0;
31 $grandTot = 0;
32 $productDesc = "";
33 $totalQuantity = "";
34 $cart_items = 0;
35 $no = 1;
36 foreach ($_SESSION["products"] as $cart_itm)
37 {
38 $product_name = $cart_itm["code"];
39 $product_price = $cart_itm["price"];
40 //$product_img = $cart_itm["product_img"];
41 $quantity = $cart_itm["qty"];
42 $totalQuantity = $totalQuantity + $quantity;
43 $subTot = $product_price * $quantity;
44 $grandTot = $grandTot + $subTot;
45 $amount = number_format($grandTot,2);
46 $productDesc .= "Product Name : $product_name ($quantity)<br>";
47
48
49 $product .= "
50 <tr class='rem1'>
51 <td>$no</td>
52 <td>$product_name</td>
53 <td>".$cart_itm["qty"]."</td>
54 <td>$product_price</td>
55 </tr>";
56
57 $no++;
58 }
59
60 }
61 $product .= "</table>";
62 //echo $product;
63 $productSave = mysql_real_escape_string($product);
64//value Save in DB
65$name = mysql_real_escape_string($_POST['name']);
66$phone = mysql_real_escape_string($_POST['phone']);
67$email = mysql_real_escape_string($_POST['email']);
68$address = mysql_real_escape_string($_POST['address']);
69
70
71
72$sqlInsert = "INSERT INTO transaction (fullname,email,phone,address,refNo,product,order_date,payment_status_id)
73 VALUES
74 ('$name','$email','$phone','$address','$order_id','$productSave',NOW(),'1')";
75
76
77if(mysql_query($sqlInsert)){
78
79
80$merchant_id = '890151902813230';
81$secretkey = '8572-944';
82
83 //$hashed_string = md5($secretkey.urldecode($_POST['detail']).urldecode($_POST['amount']).urldecode($_POST['order_id']));
84
85 $hashed_string = md5($secretkey.$detail.$amount.$order_id);
86 ?>
87 <form name="order" method="post" action="https://app.senangpay.my/payment/<?php echo $merchant_id; ?>" id="a">
88 <input type="text" name="detail" value="<?php echo $_POST['detail']; ?>">
89 <input type="text" name="amount" value="<?php echo $_POST['amount']; ?>">
90 <input type="text" name="order_id" value="<?php echo $_POST['order_id']; ?>">
91 <input type="text" name="name" value="<?php echo $_POST['name']; ?>">
92 <input type="text" name="email" value="<?php echo $_POST['email']; ?>">
93 <input type="text" name="phone" value="<?php echo $_POST['phone']; ?>">
94 <input type="text" name="hash" value="<?php echo $hashed_string; ?>">
95 <input style="display:none;" type="submit" class="tahoma11green" value="Confirm">
96 </form>
97 <script>
98 function myfunc () {
99 var frm = document.getElementById("a");
100 frm.submit();
101 }
102 //window.onload = myfunc;
103 </script>
104 <?php
105
106
107}else{
108 echo "Error Save to DB";
109}
110
111?>