<?php
/**
*    Sample pizzaService
*
* @author Klassjan Tukker
* @author Justin Watkins
*/
include('dbconfig.php');
class pizzaService {

    var $ordertable = "amfphp_orders"; // the orders table
    var $pizzatable = "amfphp_pizzas"; // the pizzas table

    /**
     *Constructor function.
     * Contains the methodTable metadata to enable the designated methods to
     * be available via the amfphp Gateway.
     */
    function pizzaService ()
    {
        include('pizzaService.methodTable.php');
        
        $conn = mysql_connect(DB_HOST, DB_USER, DB_PASS)
            or trigger_error("Could not connect: " . mysql_error()); // don't use die (Fatal Error), return useful info to the client
        mysql_select_db(DB_NAME, $conn)
            or trigger_error("Could not connect: " . mysql_error());
    }

    /**
     * Order is the remote method that places an order
     * First argument is the name of the person who orders it
     * Second argument is an array of pizzas, like so: [{quantity:3, details:'Some really good pizza with onions and anchovies'}]
     * @access remote
     * @param string The name to place the order ad
     * @param Array A list of pizza orders
     * @returns int - The new order id.
     */
    function order ($name, $orders)
    {
        $t = time(); // grab the time stamp
        $sql = $this->_escape("INSERT INTO $this->ordertable (order_status, order_time, order_name) VALUES (1, $t, '%s')", $name); // generate the SQL statement
        $this->_queryDataSource($sql); // execute the query
        $orderid = mysql_insert_id(); // grab the new id from the auto increment key
        
        foreach ($orders as $key => $value) { // loop over each order
            $sql = $this->_escape("INSERT INTO $this->pizzatable (order_id, pizza_details, pizza_quantity) VALUES ($orderid, '%s', %d)", $value['details'], $value['quantity']); // generate the SQL
            $result = $this->_queryDataSource($sql); // execute the transaction
        }
        return $orderid; // return the new order id
    }
    
    /**
     *    cancelOrder takes an order id as it's input and then sets the order_status field to 0.
     *
     * @access remote
     * @param int The order id
     * @returns boolean - Returns true if the update was successful
     */
    function cancelOrder ($orderId)
    {
        $sql = $this->_escape("UPDATE $this->ordertable SET order_status=0 WHERE order_id=%d", $orderId);
        $result = $this->_queryDataSource($sql);
        return true;
    }
    
    /**
     * getOrderList returns a recordset of all of the orders that have an order_status of 1
     * @access remote
     * @returns RecordSet - The recordset containing the order information
     */
    function getOrderList ()
    {
        $sql = "SELECT o.order_id as orderid, o.order_status as status, o.order_name as name, p.pizza_id as pizzaid, p.pizza_details as details, p.pizza_quantity as quantity FROM $this->ordertable o, $this->pizzatable p WHERE o.order_id = p.order_id AND o.order_status=1 ORDER BY o.order_time";
        return $this->_queryDataSource($sql);
    }
    
    /**
     * listToppings returns the available toppings as an array
     * @access remote
     */
    function listToppings ()
    {
        return array("cheese", "sausage", "pepperoni", "mushrooms", "tomatoes", "onions", "peppers", "garlic");
    }
    
    /**
     *    _queryDataSource is a private method used to actually perform the sql transaction on the data source
     *
     * @param string The sql string to execute
     */
    function _queryDataSource ($sql)
    {
        $result = mysql_query($sql)
            or trigger_error("Error executing query: " . mysql_error());
        return $result; // return the mysql result resource
    }
    
    /**
     * Escape a SQL string
     */
    function _escape($sql)
    {
        $args = func_get_args();
        foreach($args as $key => $val)
        {
            $args[$key] = mysql_real_escape_string($val);
        }
        
        $args[0] = $sql;
        return call_user_func_array('sprintf', $args);
    }
}
?>