bri0987

I was not sure if I made the wrong chooses, that a hacker could could in and RUN "DELETE TABLE" scripts or something like that... what do ya think? or should I not worry about it?

For the MySQL database associated with my PHP shopping cart... What is the Privileges I should set for the database user that my admin and customers use with the database? >>> Currently the user has these privileges: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, FILE, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EXECUTE (FYI: I use PhpMyAdmin) Thanks BRI

mysql_insert_id(); is what I was using when I got that bad problem with some customers getting other customer order details... because they were ordering at the same time. > Also what do you mean when you said "it's void do not put the..."

TOPIC CONTINUED AT: http://www.phpfreaks.com/forums/index.php/topic,169563.0.html

Table: "ORDERS" The Order_ID field for the table "Orders" is also the Invoice Number for the Customer and is set to auto_increment. The problem I am having: When a customer successfully completes the checkout process (in a custom made shopping cart). PHP INSERTS the customers order information into the MySQL Database table "Orders". The "Thank You Page" for the customer will need to display the Invoice (Order_ID) number to the customer for their reference and to track their order online. I was going to just use PHP and pull the last created Order_ID number and display it to the customer BUT I found that if bandwidth is low and multi customers are ordering at the same time, some customers WILL get other customer Order information... This is BAD. How can I get the Order_ID field that I am currently INSERTing into and capture the ID field and set it into a $_session so that I can display the RIGHT Order_ID to the RIGHT Customer? Any help on this topic will be useful.

Okay I figured that part out but know I have a new problem. In the THANK YOU PAGE for the customer I have to give them the Order/invoice number. I could get the most recently made ID from the database and display it to them but that would cause some BIG problems if there are a few hundred people on the web site at one time and ordering products. So my question is: How can I get the ID for the information as the same time I insert the data? (I hope I asked that right) Thanks BRI

How do I start the ORDER_ID at "100000" so that the first ORDER_ID will come out at "100001" Thanks, BRI

Okay here I go: I have a custom built shopping cart. After the customer checks out, I inserting the order information into the MySQL Database. The fields I have are: ORDER_ID >> (auto_increment filed) Orderstatus_ID (the status) Invoice_Num (THE PROBLEM!!!!) Customer_ID (Customer info) Product_ID (What they ordered) Component_ID (options for what they ordered) Order_Date >> (Time stamp) IP_Address >> (the customers IP address, just incase of a hack or something, I thought it would be good) I need the invoice number to be at least 6 digits long (at least) I tried doing auto_increment on the Invoice_Num field but MySQL says only one auto increment field for just one table, and Order ID is already set to use the auto increment I dont care how many digits is in the Invoice number but I wanted to stay away from random numbers just because there is a small chance of getting the same random number. How can I auto increment the Invoice_Num field in this table or use some sneaky php code to get around it: Thanks for reading BRI

I need to "x" out part of a credit card... So if the credit card is: 1111555567891234 I need it to echo: xxxx-xxxx-xxxx-1234 Anyone know how to do this. Thanks, BRI

ok... You know of any easy to use encryption and decryption functions by any chance?

You forgot the single quotes... see below $build_array[ ' $value['config_name'] ' ] = $value['config_value'];

How can I change these two numbers into phone numbers? 5551231234 9009876789 echo INTO: (555) 123-1234 (900) 987-6789 Thanks, BRI

Then how can I get the info to the other page... (I do not want to store the info into a database... I think that would be a BIG mistake). What else can I do?

Is passing information from one page to another page using $_SESSION okay and secure. Like First name, last name, address, social security number. ... or is there a more secure way of passing the information? Thanks, BRI

You have to clear out your Cashe files Try that and also click refresh a time or 2 once you clear out your cookies and what not...