<?php
    $sql = 'SELECT * FROM rooms';
    $sth = $dbh->prepare($sql, [PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY]);
    $sth->execute([]);
    $redRoom = $sth->fetchAll();

    $sql = 'SELECT * FROM payments';
    $sth = $dbh->prepare($sql, [PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY]);
    $sth->execute([]);
    $redPayment = $sth->fetchAll();

    if(!empty($_POST['ord'])){
        $sql = 'INSERT INTO `orders`(`room_id`, `prefer_start_time`, `payment_id`, `user_id`)
        VALUES (:rid, :time, :pay, :uid)';
        $sth = $dbh->prepare($sql, [PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY]);
        $sth->execute([
            "rid"=> $_POST['room'],
            "time"=>$_POST['prefer_start_time'],
            "pay"=>$_POST['payment'],
            "uid"=>$_COOKIE['id']
        ]);
        header('Location: profile.php');
    }
?>