Hugging Face's logo

Spaces:
huggingfacejs
/
static-variables
Running

App Files Community
5
static-variables / jweb /ac1 /src /api /purchase-product.php
fellybikush's picture
fellybikush
Upload 99 files
0dff816 verified
raw
history blame
4.2 kB
 <?php
session_start();
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
header('HTTP/1.1 403 Forbidden');
echo json_encode(['success' => false, 'message' => 'Not authenticated']);
exit;
}
// Include database configuration
require_once '../../db.php';
// Get user data from session
$user_id = $_SESSION['user_id'] ?? null;
$current_balance = $_SESSION['balance'];
if (!$user_id) {
echo json_encode(['success' => false, 'message' => 'User not identified']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$product_id = filter_input(INPUT_POST, 'product_id', FILTER_SANITIZE_NUMBER_INT);
try {
// Start transaction
$pdo->beginTransaction();
// Get product details
$stmt = $pdo->prepare("SELECT * FROM products WHERE id = ? AND is_active = TRUE");
$stmt->execute([$product_id]);
$product = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$product) {
throw new Exception("Product not available.");
}
// Check if user has sufficient balance
if ($current_balance < $product['price']) {
throw new Exception("Insufficient balance to purchase this product. You need KES " .
number_format($product['price'] - $current_balance, 2) . " more.");
}
// Deduct product price from user's balance
$new_balance = $current_balance - $product['price'];
$stmt = $pdo->prepare("UPDATE users SET balance = ? WHERE id = ?");
$stmt->execute([$new_balance, $user_id]);
// Record the transaction
$stmt = $pdo->prepare("INSERT INTO transactions (user_id, type, amount, description, balance_after) VALUES (?, 'product_purchase', ?, ?, ?)");
$stmt->execute([
$user_id,
$product['price'],
"Purchased: " . $product['name'],
$new_balance
]);
// Add to user's products
$stmt = $pdo->prepare("INSERT INTO user_products (user_id, product_id, purchase_price, cashback_received) VALUES (?, ?, ?, ?)");
$stmt->execute([$user_id, $product_id, $product['price'], $product['cashback_amount']]);
// If there's cashback, process it
if ($product['cashback_amount'] > 0) {
$cashback_balance = $new_balance + $product['cashback_amount'];
$stmt = $pdo->prepare("UPDATE users SET balance = ?, rewards = rewards + ? WHERE id = ?");
$stmt->execute([$cashback_balance, $product['cashback_amount'], $user_id]);
// Record cashback transaction
$stmt = $pdo->prepare("INSERT INTO transactions (user_id, type, amount, description, balance_after) VALUES (?, 'cashback', ?, ?, ?)");
$stmt->execute([
$user_id,
$product['cashback_amount'],
"Cashback for: " . $product['name'],
$cashback_balance
]);
$new_balance = $cashback_balance;
}
// Update user package if this is a package product
if (stripos($product['name'], 'package') !== false || stripos($product['name'], 'bundle') !== false) {
$stmt = $pdo->prepare("UPDATE users SET package = ? WHERE id = ?");
$stmt->execute([$product['name'], $user_id]);
// Update session data
$_SESSION['package'] = $product['name'];
}
// Update session balance
$_SESSION['balance'] = $new_balance;
// Commit transaction
$pdo->commit();
// Return success response
echo json_encode([
'success' => true,
'message' => 'Product purchased successfully!',
'new_balance' => $new_balance,
'product_name' => $product['name'],
'redirect_url' => 'package-' . strtolower(str_replace(' ', '-', $product['name'])) . '.php'
]);
} catch (Exception $e) {
$pdo->rollBack();
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
}
exit;
}
?>