wc_vue_php/addOrder.php

<?php
    
    // Allow from any origin
    if (isset($_SERVER['HTTP_ORIGIN'])) {
        // Decide if the origin in $_SERVER['HTTP_ORIGIN'] is one
        // you want to allow, and if so:
        header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 86400');    // cache for 1 day
    }
    
    // Access-Control headers are received during OPTIONS requests
    if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
        
        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
            // may also be using PUT, PATCH, HEAD etc
            header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
        
        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
            header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
    
        exit(0);
    }

    include 'db_connection.php';
    session_start();
    $conn = openCon();
        mysqli_set_charset($conn, "utf8");
        $data = json_decode(file_get_contents("php://input"),true);
        $q = "INSERT INTO `order` (`client_id`, `login_id`, `type`, `start`, `end`, `street`, `adNumber`, `city`, `zipcode`, `post`, `person`, `email`, `phone`)" . sprintf(
            "VALUES (\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\")", 
            $data["clientId"],
            $_SESSION["id"],
            $data["type"],
            $data["startDate"],
            $data["endDate"],
            $data["street"],
            $data["adNumber"],
            $data["city"],
            $data["zipcode"],
            $data["post"],
            $data["person"],
            $data["email"],
            $data["phone"]
        );
        mysqli_query($conn, $q);
        $orderId = mysqli_insert_id($conn);
        
        foreach($data["products"] as $product){
            $q = "INSERT INTO order_product (`order_id`, `product_id`, `prNumber`, `offerPrice`, `maintenance`, `extra`, `lock`, `risk`)" . sprintf(
            "VALUES (\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\")",
            $orderId,
            $product["productId"],
            $product["prNumber"],
            $product["offerPrice"],
            $product["maintenance"],
            $product["extra"],
            $product["lock"],
            $product["risk"]
            );
            mysqli_query($conn, $q);
        }
        echo json_encode($orderId);
    closeCon($conn);
?>