<?php
session_start();
require_once("common.inc.php");
//require_once("common2.inc.php");
require_once("include/class.paypal.php");
include_once("include/function.enquiry.php");

getget();
getpost();


//include("member_error.php");
	
	if(!is_array($_SESSION['enquiry_basket']))
		header("location:shopping_cart.php?empty=1");
		
	if($command != 'payment')
		header("location:view_cart.php");

	$_SESSION['transaction_info'] = $_POST;
	

	$orderidvalue1= date("Ymd");	 
	$sql = 'select max(orderkey) as morderid from tb_order_list where orderdate = "'.date("Ymd").'" group by orderdate '; // and orderid!=Null and orderid!=""  ';
	$rs = mysql_query($sql);
	$row = $db->fetch_array($rs);
				 
    if( mysql_num_rows($rs) > 0  )	
	{
		if ( $row['morderid']=='NULL' ||  $row['morderid']==''  ) {
			$orderidvalue2= "001";
		}
		else
		{
			$orderidvalue2= $row["morderid"];
			$orderidvalue2++;
		}
	}
	else
	{	
		$orderidvalue2= 1;
		 
	}	
	if ( $orderidvalue2 < 10 )
		$orderidvalue = $orderidvalue1.'00'.$orderidvalue2;
	else		
		if (  $orderidvalue2 > 10 && $orderidvalue2 < 99 )		
			$orderidvalue = $orderidvalue1.'0'.$orderidvalue2;
		else if (  $orderidvalue2 > 99 )		
				$orderidvalue = $orderidvalue1.''.$orderidvalue2;


		$nowday  = date("d");
		$nowmonth = date("m");
		$nowyear = date("Y");
		$rekeyform ="S".substr($_SERVER['SERVER_ADDR'],5,1).$nowday.substr($_SERVER['SERVER_ADDR'],4,1).md5(rand()).$nowmonth.substr($_SERVER['SERVER_ADDR'],0,3).md5($nowyear);
		

	$sql = "INSERT INTO `tb_order_list` (
	`member_id`
	,`orderid` 
	,`orderdate` 	
	,`orderkey` 
	,`s_firstname` 
	,`s_lastname`
	,`s_company`
	,`s_comment`
	,`s_address`
	,`s_country`
	,`s_city`
	,`s_province`
	,`s_postal`
	,`s_phone`
	,`s_total_price`
	,`s_order_date`
	,`s_status`
	,`repayranid`
	) 
	VALUES (
	'".escapeit($_SESSION['dcspare_id'])."'
	, '".escapeit($orderidvalue)."'
	, '".escapeit($orderidvalue1)."'	
	, '".escapeit($orderidvalue2)."'
	, '".escapeit($s_firstname)."'
	, '".escapeit($s_lastname)."'
	, '".escapeit($s_company)."'	
	, '".escapeit($s_comment)."'	
	, '".escapeit($s_address)."'
	, '".escapeit($s_country)."'
	, '".escapeit($s_city)."'
	, '".escapeit($s_province)."'
	, '".escapeit($s_zip)."'
	, '".escapeit($s_phone)."'
	, '".escapeit($total_price)."'
	, NOW()
	, 'Pending'
	, '".$rekeyform."'
	)";


    $db->query($sql);
	
	$order_id=mysql_insert_id();
	
	$_SESSION["order_id"] = $order_id;
	$_SESSION['ppcid']=$order_id;
 
 
$paypal = new paypal();
$paypal->set_business($paypal_business);
$paypal->set_currency_code('USD');
$paypal->set_charset("UTF-8");
	
//---- Set the paypal link ---
$paypal->set_paypal_form_link($paypal_link);  
$paypal->set_paypal_return_link($paypal_success_link);
$paypal->set_paypal_cancel_link($paypal_cancel_link);
$paypal->set_paypal_notify_link($paypal_notify_link."?order_id=".$order_id);
//---- End Set the paypal link ---	  
	  
$paypal->set_custom($order_id);
   

$j=1;

$all_item_number = array();
$all_quantity = array();	
$all_item_name = array();
$all_amount = array();
$all_amount = array();

$max=count($_SESSION['enquiry_basket']);		
		
for($i=0;$i<$max;$i++){				    

	  $pid=$_SESSION['enquiry_basket'][$i]['productid'];
	  $q=$_SESSION['enquiry_basket'][$i]['qty'];
	  $currency='HKD';
	  $pname=get_product_name($pid);
	  
	 
	  $price=get_price($pid,$currency);
	  
	  //============ paypal
	  $all_item_number[$j] = $j;	  
	  $all_quantity[$j] = $q;	  
	  $all_item_name[$j] = $pname;	  
	  $all_amount[$j] = $price;
	  //============ paypal

	  $j++;	  
	  
	  
	$sql = "INSERT INTO `tb_order_item_list` (
	`order_id`
	,`product_id` 
	,`quantity`
	,`unit_price`
	,`currency`
	) 
	VALUES (
	'".escapeit($order_id)."'
	, '".escapeit($pid)."'
	, '".escapeit($q)."'
	, '".escapeit($price)."'
	, '".escapeit($currency)."'
	)";	  
	
	$db->query($sql);
	 
}

 		
//============= shipping

//============= shipping

$paypal->set_all_item_number($all_item_number);
$paypal->set_all_quantity($all_quantity);
$paypal->set_all_item_name($all_item_name);
$paypal->set_all_amount($all_amount);	  


echo $paypal->paypal_wps();
exit();	

	
	//header("Location: paypal.php?order_id=".mysql_insert_id()."&product_code=".$product_number."&product_name=".$product_name."&product_amount=".$product_price);
  
?>