<?php
session_start();
include 'connection.php'; // your DB connection

if (isset($_POST['place_order'])) {
    $name = $_POST['name'];
    $email = $_POST['email'];
    $phone = $_POST['phone'];
    $company_name = $_POST['company_name'];
    $country = $_POST['country'];
    $city = $_POST['city'];
    $state = $_POST['state'];
    $zip = $_POST['zip'];
    $address = $_POST['address'];
    $total_amount = $_POST['total_amount'];
    $user_id = 1; // Replace this with actual logged-in user ID if using login

    $query = "INSERT INTO user_orders (user_id, name, email, phone, company_name, country, city, state, zip, address)
              VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
    
    $stmt = $link->prepare($query);
    $stmt->bind_param("isssssssss", $user_id, $name, $email, $phone, $company_name, $country, $city, $state, $zip, $address);

    if ($stmt->execute()) {
        // Optionally: Insert cart products into a separate order_items table (not yet created)
        unset($_SESSION['cart']); // clear cart after successful order
        header("Location: thank_you.php");
        exit;
    } else {
        echo "Order failed: " . $link->error;
    }
}
?>