<?php
session_start();
$page = 'ordering.php';
mysql_connect('localhost','root','') or die(mysql_error());
mysql_select_db ('cart') or die (mysql_error());
if (isset($_GET['add'])) {
$quantity = mysql_query('SELECT id, quantity FROM dishes WHERE id='.mysql_real_escape_string((int)$_GET['add']));
while ($quantity_row = mysql_fetch_assoc($quantity)){
if ($quantity_row['quantity']!=$_SESSION['cart_'.(int)$_GET['add']]){
$_SESSION["cart_".(int)$_GET['add']]+='1';
}
}
header('Location: '.$page) ;
}
if (isset($_GET['remove'])) {
$_SESSION['cart_'.(int)$_GET ['remove']]--;
header('Location: '.$page) ;
}
if (isset($_GET['delete'])) {
$_SESSION['cart_'.(int)$_GET ['delete']]='0';
header('Location: '.$page) ;
}
function dishes(){
$get = mysql_query('SELECT id, name, description, price FROM dishes WHERE quantity > 0 ORDER BY id DESC');
if (mysql_num_rows($get)==0) {
echo "There are no dishes to display!";
}
else {
while ($get_row = mysql_fetch_assoc($get)) {
echo '<p>'.$get_row['name'].'<br />'.$get_row['description'].'<br />€'.number_format($get_row['price'], 2).' <a href="cart.php?add='.$get_row['id'].'"> Add</a></p>';
}
}
}
function cart() {
$total = 0;
foreach($_SESSION as $name => $value) {
if ($value>0) {
if (substr ($name, 0, 5)=='cart_'){
$id = substr($name, 5, strlen ($name)-5);
$get = mysql_query('SELECT id, name, price FROM dishes WHERE id='.mysql_real_escape_string((int)$id)) ;
while ($get_row = mysql_fetch_assoc($get)) {
$sub = $get_row['price']*$value;
echo $get_row['name'].' x '.$value.' @ €'.number_format($get_row['price'], 2). ' = €'.number_format($sub, 2).' <a href="cart.php?remove='.$id.'">[-]</a> <a href="cart.php?add='.$id.'">[+]</a> <a href="cart.php?delete='.$id.'">[Delete]</a><br />';
}
}
$total += $sub;
}
}
if ($total == 0) {
echo "no items.";
}
else {
echo 'Total: €'.number_format($total, 2).'</p>';
?>
<html>
<p>
<form action='viewcart.php' method='POST'>
<input type='submit' name='view' value='Confirm'>
</p>
<?php
}
}
?>