diff --git a/server.js b/server.js
index de22771078f35c43ac1bbeabaa40ed4c8be9a618..7d13e109e67d1b1d27a23fd7cfafc210b98a0608 100644
--- a/server.js
+++ b/server.js
@@ -38,6 +38,8 @@ app.use(express.urlencoded({ extended: true }));
// Middleware เช็ค Session
app.use((req, res, next) => {
console.log("Session Middleware Checked");
+ console.log("🔹 Session ID:", req.sessionID);
+ console.log("🔹 Session Data:", req.session);
next();
});
diff --git a/shop-routes/order.js b/shop-routes/order.js
index 0fd9e268ba334a525f1f6c02f977825bea0395b0..0fa0b2a440fa06044c1c1ac374dfefe8d88f515a 100644
--- a/shop-routes/order.js
+++ b/shop-routes/order.js
@@ -11,42 +11,54 @@ function isAuthenticated(req, res, next) {
}
}
+router.use((req, res, next) => {
+ console.log("🔹 Session ID:", req.session.id);
+ console.log("🔹 Session Data:", req.session);
+ next();
+});
// แสดงประวัติออเดอร์ (เฉพาะผู้ที่ Login)
router.get('/history', isAuthenticated, async (req, res) => {
- try {
- const [orders] = await pool.query(
- `SELECT
- orders.id,
- orders.total_amount,
- orders.status,
- orders.shipping_address,
- orders.created_at,
- GROUP_CONCAT(
- CONCAT(
- products.name, ' x ', order_items.quantity, ' (฿', order_items.price, ')'
- ) SEPARATOR ', '
- ) as items_detail
- FROM orders
- JOIN order_items ON orders.id = order_items.order_id
- JOIN products ON order_items.product_id = products.id
- WHERE orders.session_id = ?
- GROUP BY orders.id
- ORDER BY orders.created_at DESC`,
- [req.session.id]
- );
-
- res.render('order-history', { orders });
- } catch (error) {
- console.error(error);
- res.status(500).send('Error fetching order history');
- }
-});
+ if (!req.session.id) {
+ return res.status(400).json({ message: "Session ID not found. Please login again." });
+ }
+
+ try {
+ const [orders] = await pool.query(
+ `SELECT
+ orders.id,
+ orders.total_amount,
+ orders.status,
+ orders.shipping_address,
+ orders.created_at,
+ GROUP_CONCAT(
+ CONCAT(products.name, ' x ', order_items.quantity, ' (฿', order_items.price, ')')
+ SEPARATOR ', '
+ ) as items_detail
+ FROM orders
+ JOIN order_items ON orders.id = order_items.order_id
+ JOIN products ON order_items.product_id = products.id
+ WHERE orders.session_id = ?
+ GROUP BY orders.id
+ ORDER BY orders.created_at DESC`,
+ [req.session.id]
+ );
+
+ res.render('order-history', { orders });
+ } catch (error) {
+ console.error(error);
+ res.status(500).send('Error fetching order history');
+ }
+ });
// แสดงรายละเอียดออเดอร์ (เฉพาะผู้ที่ Login)
router.get('/detail/:orderId', isAuthenticated, async (req, res) => {
try {
+ if (!req.session.id) {
+ return res.status(400).json({ message: "Session ID not found. Please login again." });
+ }
+
const { orderId } = req.params;
- console.log(`Fetching order details for order ID: ${orderId}, Session ID: ${req.session.id}`);
+ console.log(`🔹 Fetching order ID: ${orderId}, Session ID: ${req.session.id}`);
const [orderResults] = await pool.query(
`SELECT id, total_amount, status, shipping_address, created_at
@@ -55,23 +67,14 @@ router.get('/detail/:orderId', isAuthenticated, async (req, res) => {
);
if (orderResults.length === 0) {
- console.log("Order not found or user has no permission.");
+ console.log("Order not found or no permission.");
return res.status(404).json({ message: "ไม่พบคำสั่งซื้อ หรือไม่มีสิทธิ์เข้าถึง" });
}
- const order = orderResults[0];
-
- const [items] = await pool.query(
- `SELECT products.name, products.image_url, order_items.quantity, order_items.price
- FROM order_items
- JOIN products ON order_items.product_id = products.id
- WHERE order_items.order_id = ?`,
- [orderId]
- );
-
- res.render('order-detail', { order, items });
+ console.log("Order found:", orderResults[0]);
+ res.json(orderResults[0]);
} catch (error) {
- console.error("ERROR fetching order details:", error); // ดู Error Log
+ console.error("Error fetching order:", error);
res.status(500).json({ message: "Something went wrong.", error: error.message });
}
});
@@ -132,53 +135,59 @@ router.get('/checkout', isAuthenticated, async (req, res) => {
// บันทึกออเดอร์
router.post('/create', isAuthenticated, async (req, res) => {
- const { address } = req.body;
- const conn = await pool.getConnection();
- try {
- await conn.beginTransaction();
-
- const [cartItems] = await conn.query(
- `SELECT cart_items.*, products.price
- FROM cart_items
- JOIN products ON cart_items.product_id = products.id
- WHERE cart_items.session_id = ?`,
- [req.session.id]
- );
-
- if (cartItems.length === 0) {
- return res.status(400).send('Cart is empty');
+ if (!req.session.id) {
+ return res.status(400).json({ message: "Session ID not found. Please login again." });
}
-
- const total = cartItems.reduce((sum, item) => sum + (item.price * item.quantity), 0);
-
- const [order] = await conn.query(
- 'INSERT INTO orders (session_id, total_amount, status, shipping_address) VALUES (?, ?, ?, ?)',
- [req.session.id, total, 'pending', address]
- );
-
- for (const item of cartItems) {
- await conn.query(
- 'INSERT INTO order_items (order_id, product_id, quantity, price) VALUES (?, ?, ?, ?)',
- [order.insertId, item.product_id, item.quantity, item.price]
+
+ console.log("🔹 Creating order with Session ID:", req.session.id);
+
+ const { address } = req.body;
+ const conn = await pool.getConnection();
+ try {
+ await conn.beginTransaction();
+
+ const [cartItems] = await conn.query(
+ `SELECT cart_items.*, products.price
+ FROM cart_items
+ JOIN products ON cart_items.product_id = products.id
+ WHERE cart_items.session_id = ?`,
+ [req.session.id]
);
- await conn.query(
- 'UPDATE products SET stock = stock - ? WHERE id = ?',
- [item.quantity, item.product_id]
+
+ if (cartItems.length === 0) {
+ return res.status(400).send('Cart is empty');
+ }
+
+ const total = cartItems.reduce((sum, item) => sum + (item.price * item.quantity), 0);
+
+ const [order] = await conn.query(
+ 'INSERT INTO orders (session_id, total_amount, status, shipping_address) VALUES (?, ?, ?, ?)',
+ [req.session.id, total, 'pending', address]
);
+
+ for (const item of cartItems) {
+ await conn.query(
+ 'INSERT INTO order_items (order_id, product_id, quantity, price) VALUES (?, ?, ?, ?)',
+ [order.insertId, item.product_id, item.quantity, item.price]
+ );
+ await conn.query(
+ 'UPDATE products SET stock = stock - ? WHERE id = ?',
+ [item.quantity, item.product_id]
+ );
+ }
+
+ await conn.query('DELETE FROM cart_items WHERE session_id = ?', [req.session.id]);
+
+ await conn.commit();
+ res.redirect('/order/confirmation');
+ } catch (error) {
+ await conn.rollback();
+ console.error(error);
+ res.status(500).send('Error creating order');
+ } finally {
+ conn.release();
}
-
- await conn.query('DELETE FROM cart_items WHERE session_id = ?', [req.session.id]);
-
- await conn.commit();
- res.redirect('/order/confirmation');
- } catch (error) {
- await conn.rollback();
- console.error(error);
- res.status(500).send('Error creating order');
- } finally {
- conn.release();
- }
-});
+ });
router.get('/confirmation', (req, res) => {
res.render('confirmation');