Bobby
asked on
Use a function in a different Symfony controller to confirm input?
I have ReturnRequestController.ph p, which allows a customer to return a product on an order. I pass the variables order_number and sku to the controller via an API call (URL with values embedded in it). As long as the values passed aren't 0, then I return a JSON response saying success. All of that works fine.
btw, the API URL looks like this:
What I need... I need to make sure the order number and the sku actually belong together (the sku is on the order) and the order belongs to the customer ID who submitted the request (I do have the customer ID available to me already in the ReturnRequestController.ph p).
There is a public function called GetCustomerOrder outside of ReturnRequestController.ph p, in a file called DbAzure.php. That function is shown below, and the function in ReturnRequestController.ph p is shown below that. Is there a way to use function GetCustomerOrder from DbAzure.php inside another function (index) in a different file (ReturnRequestController.p hp) which will check to make sure the order number coming in via the API URL is an order that customer placed, AND that the sku in the API URL is on that order?
In DbAzure.php:
In ReturnRequestController.ph p
btw, the API URL looks like this:
https://dev.mysite.com/account/return_request/?order_number=27652&qm_sku=24&options=chartreuse&qty=3&email=billy@gibbons.com
What I need... I need to make sure the order number and the sku actually belong together (the sku is on the order) and the order belongs to the customer ID who submitted the request (I do have the customer ID available to me already in the ReturnRequestController.ph
There is a public function called GetCustomerOrder outside of ReturnRequestController.ph
In DbAzure.php:
public function getCustomerOrder($om_customer_id, $order_number) {
$query = "SELECT o.OrderNumber,
o.SourceOrderNumber,
o.OrderDate,
o.BalanceDue,
o.Name,
o.Company,
o.Email,
o.Address,
o.Address2,
o.City,
o.State,
o.Zip,
o.Country,
o.Phone,
o.ShipName,
o.ShipCompany,
o.ShipAddress,
o.ShipAddress2,
o.ShipCity,
o.ShipState,
o.ShipZip,
o.ShipCountry,
o.ShipPhone,
o.ShipOn,
o.Approved,
o.Cancelled,
o.FinalProductTotal,
o.FinalTaxTotal,
o.FinalShippingTotal,
o.FinalGrandTotal,
o.NumItems,
sc.Label AS OrderStatus
FROM dbo.Orders o
LEFT JOIN dbo.Order_Profile p ON p.OrderNumber = o.OrderNumber
LEFT JOIN dbo.Order_Status_Codes sc ON sc.Code = p.Order_Status_Code
WHERE o.CustomerID = ".intval($om_customer_id)." AND o.OrderNumber = ".intval($order_number);
$result = $this->doSelectOne($query);
$order = array('OrderNumber' => $result['OrderNumber'],
'WebOrderID' => $result['SourceOrderNumber'],
'OrderDate' => $result['OrderDate'],
'ProcessedDate' => "", //????????
'OrderStatus' => $result['OrderStatus'],
'ShippingMethod' => "", //???
'OrderTotal' => $result['FinalGrandTotal'],
'PONumber' => "",
'Approved' => false, //????????????????????????
'Cancelled' => ($result['Cancelled'] == 1),
'Tracking' => false,
'HasInvoice' => false,
'total_qty' => $result['NumItems'],
'HasOrderConfirmation' => false,
'order_details' => array()
);
$shipping_address = array('name' => $result['ShipName'],
'company_name' => $result['ShipCompany'],
'address1' => $result['ShipAddress'],
'address2' => $result['ShipAddress2'],
'city' => $result['ShipCity'],
'state' => $result['ShipState'],
'postal_code' => $result['ShipZip'],
'country_name' => $result['ShipCountry']);
$order['shipping_address'] = $shipping_address;
$query = "SELECT OrderNumber,
SKU,
Product,
PricePerUnit AS Price,
QuantityOrdered AS qty,
DateShipped,
Returnable,
ItemNumber
FROM dbo.[Order Details]
WHERE OrderNumber = ".intval($order_number)." AND Adjustment = 0 AND (type <> 'P' OR type IS NULL)
ORDER BY ItemNumber";
$results = $this->doSelect($query);
foreach($results AS $row) {
$order['order_details'][$row['ItemNumber']] = $row;
}
return $order;
}
In ReturnRequestController.ph
public function indexAction()
{
$request_result = array('success' => false);
if($this->container->get('security.context')->isGranted('IS_AUTHENTICATED_FULLY')){
$user = $this->container->get('security.context')->getToken()->getUser();
$em = $this->getDoctrine()->getEntityManager();
$dbAzure = new DbAzure();
$request = $this->getRequest();
$om_customer_id = $user->getCustomer()->getOmCustomerId();
$order_number = $request->get('order_number');
$qm_sku = intval($request->get('qm_sku'));
$options = $request->get('options');
$qty = intval($request->get('qty'));
$email = $request->get('email');
$id = intval($request->get('id'));
if($om_customer_id <= 0 || $order_number <=0 || $qm_sku <=0 || $qty <=0) {
$ret = array('success' => false,
'error' => "Input not valid");
$code = 500;
return new JsonResponse( $ret, $code );
} else {
$success = $dbAzure->submitReturnRequest($order_number, $qm_sku, $options, $qty);
$fullname = $user->getFirstName()." ".$user->getLastName();
$subject = "Return Request for OM Order Number ".$order_number."";
$message = \Swift_Message::newInstance()
->setSubject($subject)
->setFrom(array($email => $fullname))
->setTo(array("me@me.com"))
->setContentType( 'text/html' )
->setBody(
$this->renderView(
'QuickMedicalMyAccountBundle:ReturnRequest:emailRequestProductReturn.html.twig',
array('fullname' => $fullname,
'om_customer_id' => $om_customer_id,
'qm_sku' => $qm_sku,
'email' => $email)
)
);
$this->get('mailer')->send($message);
}
$ret = array('success' => true,
'id' => $success);
$code = 200;
} else {
$ret = array('success' => false,
'error' => "Not logged in");
$code = 500;
}
return new JsonResponse( $ret, $code );
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Solution is above.
I am here to help you with your open question. Do you still need help? I have the ability to alert more experts if you still need help.
If you solved the problem on your own, would you please post the solution here in case others have the same problem?
If you need me to delete this question just say "Delete."
Thank you for using Experts Exchange.
Regards,
Kyle Santos
Customer Relations