59 lines
2.2 KiB
PHP
59 lines
2.2 KiB
PHP
<?php
|
|
session_start();
|
|
include '../config.php';
|
|
|
|
if (!isset($_SESSION['status_login']) || !$_SESSION['status_login']) {
|
|
echo "<script>alert('Harap login terlebih dahulu.');window.location='/login';</script>";
|
|
exit;
|
|
}
|
|
|
|
$id_pembeli = $_SESSION['id_pembeli'];
|
|
$id_order = $_POST['id_order'];
|
|
$rating = intval($_POST['rating']);
|
|
$deskripsi = mysqli_real_escape_string($conn, $_POST['deskripsi']);
|
|
|
|
$gambar_nama = null;
|
|
|
|
// Proses upload gambar jika ada
|
|
if (isset($_FILES['gambar_testimoni']) && $_FILES['gambar_testimoni']['error'] === 0) {
|
|
$folder_upload = '../assets/img/testimoni/';
|
|
if (!is_dir($folder_upload)) {
|
|
mkdir($folder_upload, 0777, true); // Buat folder jika belum ada
|
|
}
|
|
|
|
$nama_file = $_FILES['gambar_testimoni']['name'];
|
|
$tmp_file = $_FILES['gambar_testimoni']['tmp_name'];
|
|
$ext = pathinfo($nama_file, PATHINFO_EXTENSION);
|
|
$gambar_nama = uniqid('testi_') . '.' . strtolower($ext);
|
|
$path_gambar = $folder_upload . $gambar_nama;
|
|
|
|
$allowed_ext = ['jpg', 'jpeg', 'png', 'webp'];
|
|
if (!in_array(strtolower($ext), $allowed_ext)) {
|
|
echo "<script>alert('Format gambar tidak valid. Gunakan JPG, PNG, atau WEBP.');window.history.back();</script>";
|
|
exit;
|
|
}
|
|
|
|
if (!move_uploaded_file($tmp_file, $path_gambar)) {
|
|
echo "<script>alert('Gagal mengupload gambar.');window.history.back();</script>";
|
|
exit;
|
|
}
|
|
}
|
|
|
|
// Cek apakah pesanan sudah diberi testimoni
|
|
$query_check_testimoni = mysqli_query($conn, "SELECT * FROM testimoni WHERE id_order = '$id_order'");
|
|
if (mysqli_num_rows($query_check_testimoni) > 0) {
|
|
echo "<script>alert('Anda sudah memberikan testimoni untuk pesanan ini.');window.location='../index.php';</script>";
|
|
exit;
|
|
}
|
|
|
|
// Simpan testimoni
|
|
$query_insert = "INSERT INTO testimoni (id_pembeli, id_order, rating, deskripsi, gambar)
|
|
VALUES ('$id_pembeli', '$id_order', '$rating', '$deskripsi', " . ($gambar_nama ? "'$gambar_nama'" : "NULL") . ")";
|
|
|
|
if (mysqli_query($conn, $query_insert)) {
|
|
echo "<script>alert('Testimoni berhasil dikirim!');window.location='../index.php';</script>";
|
|
} else {
|
|
echo "<script>alert('Gagal mengirim testimoni.');window.history.back();</script>";
|
|
}
|
|
?>
|