westminster86

Need a free text editor to begin a new php document. Any suggestions?

Is there an alternative to using the header to redirect, as I am getting the follwoing warning message. Cannot modify header information - headers already sent

I forgot to mention that im appending the product Id of the item added to the cart to the end of the url. So it looks something like this, http://www.collections.streamlinenettrial.co.uk/cgi-bin/showCart.php?new=1. So below, the user is going to be redirected to the checkout page only if the item with ID 1 is added to the cart. I have 193 products. if ($_POST['from'] == 'http://www.collections.streamlinenettrial.co.uk/cgi-bin/showCart.php?new=1') { header ('Location: http://collections.streamlinenettrial.co.uk/cgi-bin/checkout.php'); } else { header ('Location: http://collections.streamlinenettrial.co.uk/cgi-bin/myaccount.php'); }

How do I extract the hidden field's value on the page that process's the login form?

so does the hidden field have the value "http://collections.streamlinenettrial.co.uk/cgi-bin/checkout.php" ?

Ill try that.

I echoed $_SERVER['HTTP_REFERER'] and I got, http://www.collections.streamlinenettrial.co.uk/cgi-bin/login.php

Im not all that familiar with $_SERVER['HTTP_REFERER'] so I dont know if im using it right.

I have a login / register link on the header of a page. If the users email address and password matches the values in the database, the user is redirected to the myaccount.php page. The showCart.php is a page displaying the items added to the shopping cart. I have a button, 'checkout', taking the user to the checkout.php page. At the start of the page I use the isset function to check the $_SESSION['user_fname'] isset. If not the user is redirected to the login.php. The problem im having is, if the user has come to the login.php page via clicking the checkout button, id like the user to be taken to the checkout.php page. At the moment its taking the user to the myaccount.php page regardless. $query = "select * from customers where emailaddress='$email'"; $result = mysql_query($query, $db); $num_results = mysql_num_rows($result); if ($num_results>0) { $row = mysql_fetch_assoc($result); $encrypt = $row['password']; if (crypt($password, $encrypt)==$encrypt) { $_SESSION['user_id'] = $row['customerid']; $_SESSION['user_fname'] = $row['firstname']; if ($_SERVER['HTTP_REFERER'] == 'http://www.collections.streamlinenettrial.co.uk/cgi-bin/checkout.php') { header ('Location: http://collections.streamlinenettrial.co.uk/cgi-bin/checkout.php'); } else { header ('Location: http://collections.streamlinenettrial.co.uk/cgi-bin/myaccount.php'); } } else { echo 'Sorry, we could not log you in with that password. <a href="login.php">Please go back and try again.</a>'; } } else { echo 'Sorry, we could not recognise that email address. <a href="login.php">Please go back and try again.</a>'; }

Its in fact the line below that is causing the problem. I added an else statment to the if and its the else statment its echoing. if (checkCreditCard ($_POST['CardNumber'], $_POST['CardType'], $ccerror, $ccerrortext)) { }

Ive echoed out the two form fields and it doesnt seem to be posting the two form variables, and so is not calling the function. <html> <head> </head> <body> <table border = 0 width = '100%' cellspacing = 0> <form action = '' method = 'post'> <tr><th colspan = 2 bgcolor="#cccccc">Credit Card Details</th></tr> <tr> <td>Card Type:</td> <td><select name = 'CardType'><option><option>American Express<option>Maestro<option>MasterCard<option>Solo<option>Switch<option>Visa<option>Visa Electron</select></td> </tr> <tr> <td>Number:</td> <td><input type = 'text' name = 'CardNumber' value = "" maxlength = 19 size = 20></td> </tr> <tr> <td><input type='submit' name='submit' value='submit'></td> </tr> </form> </table> </body> </html> <?php if (isset($_POST['submit'])) { if (checkCreditCard ($_POST['CardNumber'], $_POST['CardType'], $ccerror, $ccerrortext)) { $ccerrortext = 'This card has a valid format'; } } function checkCreditCard ($cardnumber, $cardname, &$errornumber, &$errortext) { $cards = array ( array ('name' => 'American Express', 'length' => '15', 'prefixes' => '34,37', 'checkdigit' => true ), array ('name' => 'Maestro', 'length' => '16,18', 'prefixes' => '5020,6', 'checkdigit' => true ), array ('name' => 'MasterCard', 'length' => '16', 'prefixes' => '51,52,53,54,55', 'checkdigit' => true ), array ('name' => 'Solo', 'length' => '16,18,19', 'prefixes' => '6334,6767', 'checkdigit' => true ), array ('name' => 'Switch', 'length' => '16,18,19', 'prefixes' => '4903,4905,4911,4936,564182,633110,6333,6759', 'checkdigit' => true ), array ('name' => 'Visa', 'length' => '13,16', 'prefixes' => '4', 'checkdigit' => true ), array ('name' => 'Visa Electron', 'length' => '16', 'prefixes' => '417500,4917,4913', 'checkdigit' => true ) ); $ccErrorNo = 0; $ccErrors [0] = "Unknown card type"; $ccErrors [1] = "No card number provided"; $ccErrors [2] = "Credit card number has invalid format"; $ccErrors [3] = "Credit card number is invalid"; $ccErrors [4] = "Credit card number is wrong length"; // Establish card type $cardType = -1; for ($i=0; $i<sizeof($cards); $i++) { // See if it is this card (ignoring the case of the string) if (strtolower($cardname) == strtolower($cards[$i]['name'])) { $cardType = $i; break; } } // If card type not found, report an error if ($cardType == -1) { $errornumber = 0; $errortext = $ccErrors [$errornumber]; return false; } // Ensure that the user has provided a credit card number if (strlen($cardnumber) == 0) { $errornumber = 1; $errortext = $ccErrors [$errornumber]; return false; } // Remove any spaces from the credit card number $cardNo = str_replace (' ', '', $cardnumber); // Check that the number is numeric and of the right sort of length. if (!eregi('^[0-9]{13,19}$',$cardNo)) { $errornumber = 2; $errortext = $ccErrors [$errornumber]; return false; } // Now check the modulus 10 check digit - if required if ($cards[$cardType]['checkdigit']) { $checksum = 0; // running checksum total $mychar = ""; // next char to process $j = 1; // takes value of 1 or 2 // Process each digit one by one starting at the right for ($i = strlen($cardNo) - 1; $i >= 0; $i--) { // Extract the next digit and multiply by 1 or 2 on alternative digits. $calc = $cardNo{$i} * $j; // If the result is in two digits add 1 to the checksum total if ($calc > 9) { $checksum = $checksum + 1; $calc = $calc - 10; } // Add the units element to the checksum total $checksum = $checksum + $calc; // Switch the value of j if ($j ==1) {$j = 2;} else {$j = 1;}; } // All done - if checksum is divisible by 10, it is a valid modulus 10. // If not, report an error. if ($checksum % 10 != 0) { $errornumber = 3; $errortext = $ccErrors [$errornumber]; return false; } } // The following are the card-specific checks we undertake. // Load an array with the valid prefixes for this card $prefix = split(',',$cards[$cardType]['prefixes']); // Now see if any of them match what we have in the card number $PrefixValid = false; for ($i=0; $i<sizeof($prefix); $i++) { $exp = '^' . $prefix[$i]; if (ereg($exp,$cardNo)) { $PrefixValid = true; break; } } // If it isn't a valid prefix there's no point at looking at the length if (!$PrefixValid) { $errornumber = 3; $errortext = $ccErrors [$errornumber]; return false; } // See if the length is valid for this card $LengthValid = false; $lengths = split(',',$cards[$cardType]['length']); for ($j=0; $j<sizeof($lengths); $j++) { if (strlen($cardNo) == $lengths[$j]) { $LengthValid = true; break; } } // See if all is OK by seeing if the length was valid. if (!$LengthValid) { $errornumber = 4; $errortext = $ccErrors [$errornumber]; return false; }; // The credit card is in the required format. return true; } ?>

One last thing. I know its not ideal to store the these sensitive details in a database, but for my project im going to have to. Before storing the details im going to encrypt them. Ive only ever used the crypt fucntion to encrypt password fields. Would it be suitable to use this function for the credit card details? Is there a better option, is MD5 more appropriate?

So you wouldnt suggest using an algorithm of some sort but to use the preg_match instead?

The thing is im not actually selling the products. Its a project im doing for my final year. I have products that a user can to the shopping cart and when he/she goes to checkout it asks for their credit card details. I just want to validate the the users input. Can i still do this with paypal?

Im assuming uve created one or more session variables upon loggin in. Try the following if (isset($_SESSION['elementname'])) { // add to cart } else { // redirect user to login page } Check to see if the session variable is set, if not use 'header' to redirect the user to the login page.

I just came across the mod 10 algorithm for validating a credit card number, and while it seems to work, its somewhat outdated. Anyone know of any algorithms I good use to validate my credit card form.

Im having trouble inserting a telephone number into a table. For some reason its taking off the 0 at the beginning of the number. Why is this?

Im having trouble inserting a telephone number into a table. For some reason its taking off the 0 at the beginning of the number. Why is this?

I havent come across $_SERVER['REQUEST_METHOD'] before. Ill use it from now on. Thanks for that.

Im using the isset function as follows. if (isset($_POST['submit'])) { // check form fields } The problem im having is the call to the display_form_button() function doesnt have a input type, therefore the $_POST['submit'] is not set. If I were to add submit to the input type, the isset function works, but then it doesnt display the button ive created, it displays the html button. function display_form_button($image, $alt) { echo "<center><input type = image src=\"$image".".gif\" alt=\"$alt\" border=0 height=32 width=100 name=\"submit\" ></center>"; }

I have a page with several links(myaccount.php). One of which is a link that allows the user to change his/her email address and password. So, if the user clicks the link, there taken to the changeemail.php page which displays a form for the user to fill in. The forms action is set to myaccount.php page. If for instance the user fails to enter information into all the fields, and clicks the submit button, an error message is displayed on the myaccount.php page. My problem is that it is displaying the links as well as the error message. I want it to just to display the error message.

im using php 4 so i can not use the try block for my exception handling. Ive got various things to check like if the form is filled out, password lengths and so forth. What can i use instead of try?

How would i show certian things to a user depending on what page theyve just come from. So for example i have a single page and if they come from page1.php it executes some code if not, it will execute some other code. how can u distinguish which page the person has come from.

Just a quick question really. Does php 4 support the use of the crypt function?

Is there an alternative to the try block?