<?php 
    // ôóíêöèè
	include_once($_SERVER['DOCUMENT_ROOT']."/account/func/func.php");
	include_once($_SERVER['DOCUMENT_ROOT']."/account/func/func.eMailing.php");
    
    // Ïðîâåðêà email 
    function checkEmail($email) {
    
        if(preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email)) {
            return true;
        }
        
        return false;
    }

    // Ïðîâåðêà ìîáèëüíîãî
    function checkPhone() {
    
    //    if( !preg_match("/^(\+380)[0-9]+$/i",$data['order_phonemob']) ){
    //        return FALSE;
     //   }

    }
	//print_r($_SESSION);
if(isset($_GET['deleteID']) && $_GET['deleteID']>0){
	foreach($_SESSION['basket'] as $key=>$value){
		if($value==$_GET['deleteID'])unset($_SESSION['basket'][$key]);
	}
	foreach($_SESSION['shopcart'] as $key=>$value){
		if($value['code']==$_GET['deleteID'])unset($_SESSION['shopcart'][$key]);
	}	
}	
    
if(isset($_POST['upload_order'],$_POST['proructs_count'])){
$objCatalogs->BasketUpload($_SESSION['basket'],$_POST['proructs_count']);

} elseif (isset($_POST['send_order'])) {
     $objCatalogs->trim($_POST);
     
        if (!isset($_POST['form']['no_account'])) {
        
            if (checkEmail($_POST['order_email']) == false) { $objCatalogs->error[]='Îøèáêà ââîäà ïîëÿ Email'; $bad=1;}
         
        }
        
        if ($objCatalogs->valid($_POST)) {$bad=1;} 
        
        if(!isset($bad)) {
        
            if (!isset($_SESSION['user']['id'])) { 

                // Àâòîðåãèñòðàöèÿ
                include($_SERVER['DOCUMENT_ROOT']."/account/auto_registration.php"); 

            } else { 
            
                $_SESSION['user']['order_account']=$_SESSION['user']['id'];
                
                // ìåíÿåì äàííûå ïîëüçîâàòåëÿ
                $sql = sprintf("UPDATE zlo_users SET username=%s, tel=%s, tel2=%s, city=%s, address=%s  WHERE id='".$_SESSION['user']['id']."' ",
                                GetSQLValueString($_POST['order_name'], "text"),
                                GetSQLValueString($_POST['order_phone'], "text"),
                                GetSQLValueString($_POST['order_phone2'], "text"),
                                GetSQLValueString($_POST['order_city'], "text"),
                                GetSQLValueString($_POST['order_adress'], "text"));
                $result = mysql_query($sql) or die(mysql_error());
            
            }
            
            $date=mktime();
            
			//  ===== Óçíàåì user ID 
			$sql = "SELECT * FROM zlo_users WHERE id='".$_SESSION['user']['order_account']."' ";
			$result = mysql_query($sql) or die(mysql_error());
			if (mysql_affected_rows()!=0) {
				$user=mysql_fetch_assoc($result);
			}
            
            // =========[ Îòîáðàæåíèå èòîãà êîðçèíû ]=========

                $sum=0;
                if (isset($_SESSION['shopcart'])) {
                    foreach ($_SESSION['shopcart'] as $key => $cart) {
                        $sum=$sum+$cart['total'];
                    }
                } //print_r($_SESSION['shopcart']); exit;

			//  ===== Çàïèñóåì äàííûå î çàêàçå ======
            //$_POST['delivery']=2;
			if (isset($_SESSION['shopcart']) && count($_SESSION['shopcart'])>0) {
            
			$sql = sprintf("INSERT INTO `catalogs_orders` (	`mktime`, total, user_id, name, email, phone, phonemob, city, adress, delivery, comment, `status`, `payment`) VALUES ( '$date', %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
					 
                                GetSQLValueString($sum, "text"),				
                                GetSQLValueString($user['id'], "int"),
                                GetSQLValueString($user['username'], "text"),
                                GetSQLValueString($_POST['order_email'], "text"),
                                GetSQLValueString($_POST['order_phone'], "text"),
                                GetSQLValueString($_POST['order_phone2'], "text"),
                                GetSQLValueString($_POST['order_city'], "text"),
                                GetSQLValueString($_POST['order_adress'], "text"),
                                GetSQLValueString($_POST['delivery'], "int"),
                                GetSQLValueString($_POST['order_comment'], "text"),
								1,
								GetSQLValueString($_POST['payment'], "text"));
								
					
			$result = mysql_query($sql) or die(mysql_error());
		
   
			//  ===== Óçíà¸ì íîìåð çàêàçà
            if(mysql_affected_rows($result)!=1) { 
                
                    $order['id']= mysql_insert_id();
            
                $sql = "SELECT `id` FROM `catalogs_orders` WHERE `user_id`='".$user['id']."' AND mktime='".$date."'";
                $result = mysql_query($sql) or die(mysql_error());
                $order=mysql_fetch_assoc($result);
                             
                //  ===== Ñîõðàíÿåì êóïëåíûå òîâàðû	
					$url_products = '';
                foreach ($_SESSION['shopcart'] as $i => $item) {
                            
                           $sql = sprintf("INSERT INTO `catalogs_orders_products` (`order_id`, product_id, code, product_cine_id, `count`) VALUES ( %s, %s, %s, %s, %s )",
                                   GetSQLValueString($order['id'], "int"),
                                   GetSQLValueString($item['code'], "text"),
								   GetSQLValueString($item['code_txt'], "text"),
                                   GetSQLValueString($item['price'], "text"),
                                   GetSQLValueString($item['count'], "int"));

                            
							$result = mysql_query($sql) or die(mysql_error());
							$url_products .= "product[]={$item['code']}-{$item['count']}-{$item['price']}&";	
                        }

                
                eMailing('order-new', $_SESSION['user']['order_account'], $order['id']);          
     
                unset($_SESSION['shopcart']);
                unset($_SESSION['user']['order_account']);
                unset($_SESSION['basket']);
                unset($_SESSION['cart']);
                
                if (!isset($_POST['form']['mailing'])) {$_POST['form']['mailing']=0;}
                if (isset($_SESSION['user']['id'])){$_POST['form']['mailing']=1;}
                
                // Äëÿ øåðïîèíòà
                // $objCatalogs->sendOrder($_POST);
                // $objCatalogs->saveOrder($_POST,	$_SESSION['user']['order_account']); 
                
                //header("location:".URL.'catalogs/basket/?send=ok');
				header("location:".URL.'?send=ok&orderID='.$order['id'].'&total='.$sum.'&'.$url_products);
//				echo "<script language=\"JavaScript\">{ location.href=\"/?modAction=basket&send=ok&mailing=".$_POST['form']['mailing']."\"; self.focus(); } </script>";
            
            } else {
            
                $mail='user_id'.$user['id']."<br> âðåìÿ: ".$date."<br>";
            
                //  ===== Ñîõðàíÿåì êóïëåíûå òîâàðû			 
                foreach ($_SESSION['shopcart'] as $i => $item) {
                           
                    $mail.= $item['code']." ".$item['price']." x ".$item['count']."<br>";

                }
                
                //sendMail ('zlodeyev@yahoo.com', 'zlodeyev', 'extremstyle@ua', 'extremstyle.ua', 'áàðàõëÿò çàêàçû', $mail);
            
            } }else{print"<script>alert('Âàø çàêàç íå ñîõðàíåí, òàê êàê â íåì íåò òîâàðîâ!');</script>";}
            
            }
        }

 
IF(isset($_GET['send']) && $_GET['send']=="ok"){

	$objCatalogs->displayProductBasketSend();
	
}ELSE{
 if(isset($_SESSION['basket']))$objCatalogs->viewBasketProducts($_SESSION['basket'],$curs,$objCatalogs->getUserDiscount($userID));
 $objCatalogs->viewUser($userID);
 $objCatalogs->displayProductBasket();
}
?>