194 -
Last visited
Everything posted by mac007
Need url parameter "read" so it gets embedded into a buy-link
mac007 replied to mac007's topic in Javascript Help
Ahh.. I see it's a bit different - gonna try that out tomorrow, Thanks again! -
Need url parameter "read" so it gets embedded into a buy-link
mac007 replied to mac007's topic in Javascript Help
Thanks requinix, I took a look at it and looks like it's what I need... I found this script that uses that - I tried to get the variable to show up, but somehow havent been able to do it - this is what I have, assuming the URL has a "post=xyz" parameter in it. I'm very green with JS, so havent been able to figure out what I'm missing, Thanks for your help! <script> function getUrlParameter(name) { name = name.replace(/[\[]/, '\\[').replace(/[\]]/, '\\]'); var regex = new RegExp('[\\?&]' + name + '=([^&#]*)'); var results = regex.exec(location.search); return results === null ? '' : decodeURIComponent(results[1].replace(/\+/g, ' ')); }; </script> <p id="demo"></p> <script> document.getElementById("demo").innerHTML.getUrlParameter('post'); </script> -
Hi, I need a JAVASCRIPT snippet that can "read" a specific url parameter going to a cart, and embeds it into a link and if parameter is not present then use a default value, so say something like this... This would be url-link: www.shoppingcart.com?source-code=XYZ&date=whatever&name=whatever So, when one arrives at that page, there is a buy-link, and I need javascript to embed the "source-code" url-parameter into the link like this: <a href="http://www.shoppingcart.com?add-item=shoes&source-code=XYZ"> Buy! </a> So, as you see, the "source-code" parameter gets automatically inserted into the buy-link, I've done this sort of stuff rather easily thru PHP like this: https://shoppingcart.com?add-item=shoes&source-code=<?php if(isset($_GET['source-code'])) {echo $_GET['source-code'];} else { echo "DEFAULTCODEā€¯;} ?> But I havent been able to get it working just right in javascript, does anyone have any ideas best way to accomplish this? Appreciate any help! :)
Thank you much bsmither for taking the time to reply. I will try that! I think lots of us here are not full-fledged php experts as Guru [Jacques1] would like us all to be, else we (I) wouldnt be here. This is a great forum and place to learn, and figure out stuff as we try out our skills. At any rate, I very much appreciate your feedback without having to resort to rather nasty, condescending attitude in the process... Thank you!
Hi all, I adapted this simple shopping cart into my site, but it's got 2 issues... 1) if a product is already in the cart, and I add another quantity to it, it doesnt add the quantity to the same product, it simply adds it as another item in the cart and... 2) if I click on "Remove item" from the cart, it only removes the item if there's only one item in it, if there are many items, it then doesnt do anything. Appreciate any help!! Tnanks! Here's the code: /* THIS FIRST SECTION IS THE MAIN CART SCRIPT */ require_once("Connections/dbcontroller.php"); $db_handle = new DBController(); if(!empty($_GET["action"])) { switch($_GET["action"]) { case "add": if(!empty($_POST["quantity"])) { $productByCode = $db_handle->runQuery("SELECT * FROM works WHERE ProductID='" . $_GET["code"] . "'"); $itemArray = array($productByCode[0]["ProductID"]=>array('name'=>$productByCode[0]["Description"], 'code'=>$productByCode[0]["ProductID"], 'quantity'=>$_POST["quantity"], 'price'=>$productByCode[0]["Price"])); if(!empty($_SESSION["cart_item"])) { if(in_array($productByCode[0]["ProductID"],$_SESSION["cart_item"])) { foreach($_SESSION["cart_item"] as $k => $v) { if($productByCode[0]["ProductID"] == $k) $_SESSION["cart_item"][$k]["quantity"] = $_POST["quantity"]; } } else { $_SESSION["cart_item"] = array_merge($_SESSION["cart_item"],$itemArray); } } else { $_SESSION["cart_item"] = $itemArray; } } break; case "remove": if(!empty($_SESSION["cart_item"])) { foreach($_SESSION["cart_item"] as $k => $v) { if($_GET["code"] == $k) unset($_SESSION["cart_item"][$k]); if(empty($_SESSION["cart_item"])) unset($_SESSION["cart_item"]); } } break; case "empty": unset($_SESSION["cart_item"]); break; } } /* AND THIS SECTION HERE IS THE CART-DISPLAY HTML SECTION*/ <div id="shopping-cart" align="center"> <div class="txt-heading">Shopping Cart <a id="btnEmpty" href="shopping-cart.php?action=empty">Empty Cart</a><br /> <br /> </div> <?php if(isset($_SESSION["cart_item"])){ $item_total = 0; } ?> <table width="600" border="1" align="center" cellpadding="5" cellspacing="0"> <tr> <td><strong>Name</strong></td> <td><strong>Code</strong></td> <td><strong>Quantity</strong></td> <td><strong>Price</strong></td> <td><strong>Action</strong></td> </tr> <?php foreach ($_SESSION["cart_item"] as $item){ ?> <tr> <td><strong><?php echo $item["name"]; ?></strong></td> <td><?php echo $item["code"]; ?></td> <td><?php echo $item["quantity"]; ?></td> <td align=right><?php echo "$".$item["price"]; ?></td> <td><a href="shopping-cart.php?action=remove&code=<?php echo $item["code"]; ?>" class="btnRemoveAction">Remove Item</a></td> </tr> <?php $item_total += ($item["price"]*$item["quantity"]); } ?> <tr> <td colspan="5" align=right><strong>Total:</strong> <?php echo "$".$item_total; ?></td> </tr> </table> </div>
Hi all, I have this JQUERY/JAVASCRIPT SNIPPET right now that will check if an item has a quantity selected out of a long list of product select-menus - it works fine, EXCEPT, I want it to work so it allows it to submit even if the item they may have clicked was NOT the one that had the quantity selected. In other words, not have the submit button tied to the specific item its on, but to the fact that there has been an item somewhere in the form that has a quantity selected. Right now, the way it is, person has to click any of the items that have a quantity selected. The problem is if a person goes all the way down a long list of products, I want them to simply click on any submit button from whereever they are, and not have to climb back up the page to click on the submit button of any of the products they did chose a quantity for... This is the code here: $(document).ready( function() { $('input[type="image"]').click( function() { var quantity = new Array; quantity[1] = $(this).closest('tr').find('select').val(); if(quantity[1] == 0) { alert("You have not selected a product quantity!"); return false; } }); }); THIS IS THE BASIC HTML FOR ONE OF THE PRODUCTS... ITS A LONG LIST OF LIKE 50 PRODUCTS, ONE AFTER THE OTHER... PRODUCT A (SAY I SELECT QUANTITY ONE HERE ON THIS PRODUCT) <----------------- <td width="10%" align="center" valign="middle" >Qty: <select class="qty" name="qty189" id="qty_189" > <option value="0">0</option> <option value="1">1</option> </select> <br /> <input type="hidden" name="action" value="AddCart" /> <input type="hidden" name="process_type" value="2" /> <br /> <input name="submit" type="image" value="Add To Cart" src="offer-button.gif" /> </td> NEXT PRODUCT B NEXT PRODUCT C NEXT PRODUCT D NEXT PRODUCT E (BUT PERSON CLICKS ON THIS SUBMIT BUTTON - ALLOW IT SINCE THERE'S A QUANTITY SELECTED FOR PRODUCT A) <----------------- ETC, ETC... Appreciate any help... Thanks!
when to use echo to display Functions or Definitions??
mac007 replied to mac007's topic in PHP Coding Help
wow, you mean to tell me I've been using functions all wrong? I've been using echo's in them for everything! Is that a definite "no, no"?? All, or most of the darn examples I saw on how to use them show echo being used inside them. That's a bummer! Thanks guys for your help and clarifying this deeper. Gonna have to re-study proper usage of functions all over again! -
when to use echo to display Functions or Definitions??
mac007 replied to mac007's topic in PHP Coding Help
Looks like this... function categories() { echo '<table style="margin:20px;" width="100%">'; echo '<tr>'; echo '<td>'; $categories = mysql_query('select * from categories'); while ($rowCategory = mysql_fetch_array($categories)) { echo "<a style='line-height:20px;' href='?category=" . $rowCategory['category_id'] . "'>" . $rowCategory['category_name'] . '</a><br>'; } echo '</td>'; echo '</tr>'; echo '</table>'; mysql_free_result($categories); } -
Hello, all: I have been having these odd display stuff when I'm either trying to display or call functions or definitions. Seems like they work best when ALWAYS using echo to call them, though they also work without it?? So, what gives? when or how should I use them??? Should Definitions or Functions always be used along with ECHO?? as you can see slightly confused... EXAMPLE: // Why does this line work??? note, see here I'm using echo several times in order to display right) <?php if(RIGHT_COLUMN_WIDTH != '0') { echo "<td valign='top' width='" . RIGHT_COLUMN_WIDTH . "px'>"; echo categories(); echo "</td>";} ?> // But this one doesnt display just right?? Note: see echo not used when categories() function is called, but isnt it still being called by first echo?? <?php if(RIGHT_COLUMN_WIDTH != '0') { echo "<td valign='top' width='" . RIGHT_COLUMN_WIDTH . "px'>" . categories() . "</td>";} ?>
Best way to SELECT info belonging only to specific logged-in user...??
mac007 replied to mac007's topic in PHP Coding Help
thanks joel... I see what you are saying. So, if I was using the username as the $_SESSION['username'], then I should at least make sure this field is defined as "unique" or also primary in the db by default. Or then again, as you say, I could just simply use the primary user id field to set the $_SESSION. Thanks! -
Hi, All: I'm trying to figure out what way it's the best way to pull info belonging to a specific user based on whether he's a logged-in "member", and want to make sure he's not able to access any other member's details... would the best way be to try to match the user's "username" stored in a $_SESSION when fetching his info, something like this: <?php // Assume the login combo is this: $username = $_POST['username']; $password = $_POST['password']; // Assume he has already logged in: $_SESSION['username'] = $username; //EXAMPLE 1: SELECTING user info simply from actual DB username/password match: if ($_SESSION['username']) { $userRecords = mysql_query("SELECT * FROM users WHERE username = '$username' AND password = '$password'"); $userInfo = mysql_fetch_array($userRecords); echo $userInfo['id'] . $userInfo['username'] . $userInfo['first-name'] . $userInfo['last-name'] . $userInfo['date-register']; } // EXAMPLE 2: or SELECTING user info based on $_SESSION['username'] value: if ($_SESSION['username']) { $userRecords = mysql_query("SELECT * FROM users WHERE username = . $_SESSION['username'] . AND password = '$password'"); $userInfo = mysql_fetch_array($userRecords); echo $userInfo['id'] . $userInfo['username'] . $userInfo['first-name'] . $userInfo['last-name'] . $userInfo['date-register']; } ?> So, my question is, are this actually working differently? is one better than the other as far as security, preventing other users from hacking either on purpose or accidenally into other user's details? thank! Appreciate any feedback...
hi, there... I'm a newbie myself.. but just wanted to comment that most often I find SESSIONS being used most commonly to track users, specially as it refers to login kind of stuff. Maybe you might want to look into that too...
I mean, as in my original question regarding NOT having to use single-quotes to echo variables if the string is enclosed within double quotes... like so: echo "First Name: $firstName and Last Name: $lastName"; was simply wandering why I dont see echoing being done this way more commonly, especially when sometimes one has to echo bunch of variables within a string and having to concactenate darn variables like crazy. Seems like it's so much easier this way...
Sorry, what meant to say was: I wander why i dont see the double quoting of strings DONE MORE OFTEN PROGRAMMING-WISE when echoing strings, since it seems woudl make life a hell of a lot easier no having to concactenate and doing all that quoting back and forth to echo the variables... could it be a security issue? not having them quoted?
thanks Zurev/Thorpe... thanks for clearing up the double-quoting on the echo statements, I didnt know that and hadnt realized it was because string being echoed was enclosed in double-quotes. That solves that mystery for me. On the sql, I thought I had seen that somewhere... maybe was looking at wrong thing... I wander why i dont see the double quoting of strings when echoing them, since it seems woudl make life a hell of a lot easier no having to concactenate and doing all that quoting back and forth to echo the variables... could it be a security issue? not having them quoted?
Hi, all... have a basic question here as a newbie that I am... Many times, in some scripts I see (I think, if not mistaken), places where within a echo sentence I see variables echoed like this with no quotes: echo "First Name: $firstName and Last Name: $lastName"; as opposed to like one would expect: echo "First Name: " . $firstName . " and Last Name: " . $lastName"; Sometimes I see that also when variables are used in select/update statements I think.. like this: $query = mysql_query("SELECT FROM table WHERE column = $columnname"); Instead of like this within quotes: $query = mysql_query("SELECT FROM table WHERE column = '$columnname'"); Is it because some of these values may be numbers (numeric) as opposed to "strings"?? Not sure if I make sense... appreciate teh feedback, Thanks!
Thanks Anti... helpful link! Yeah, I had done some testing on these settings... and when I used the 644 on my includes folder (which had config.php, some mysql-recordset functions), my page woudl give me error; like it wasnt being allowed to process the queries. But it would allow it to run queries if under setting 755. Thanks!
WOW, Anti... the IndexIgnore * was a great suggestion! That was what I kind of looking for, simple, quick hiding of files. On the chmod setting of 644, I guess that woudl work OK for non-executing folders like "images" folders, but not for directories where files like config.php resides, right? From the testing I just did looks like these would need to have at least a chmod of 755?? is that correct? Thanks a lof for your feedback, was very helpful to this newbie!
thanks Bud, night... I see, those are great tips. So, to close this topic... is the fact that they can "see" directory files, coudl they be able to somehow open/view them in any kind way?? I wander how then programs like zen-cart or cre-loaded are able to protect them... cause I believe they are just on root dir... maybe with a htacces...
Hi All: I have general question on php... if I have an "includes" folder, and on IE somebody goes directly to it, like: http://www.site.com/includes on IE, they can see the folder-tree- directory. So, files like config.php, or mysql.php could be visible. My question is, is this safe?? couldnt people then just drag-copy the file over into their system? or somehow open it, view its contents? I dragged-copied a .php file into my desktop, but nothing shows up when I open in in notepad. As opposed to opening another file that was also .php but which only had javascript code in it, and the javascipt did show up. So, I take it, it should be ok?? as it seems like it works as if the .php page actually had been loaded on a web-browser... doesnt show the php code... well, appreciate comments, feedback on this... what woudl be the best way to protect files like this? htaccess-protect? or is this not something to be overly concerned about?? From what I can tell looks like a lot of site are setup this way... so must be ok... ha? Thanks!
Hi, all: I borrowed this small ajax sample from a site and it does work in IE but for some reason just doesnt work in Firefox. Appreciate any help, feedback on this... This is the code: THIS IS FIRST FILE, CALL IT "index.php" that has ajax bit, and the form-submit: <html> <head> <script type="text/javascript"> function showUser(str) { if (str=="") { document.getElementById("txtHint").innerHTML=""; return; } if (window.XMLHttpRequest) {// code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp=new XMLHttpRequest(); } else {// code for IE6, IE5 xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { document.getElementById("txtHint").innerHTML=xmlhttp.responseText; } } xmlhttp.open("GET","getuser.php?q="+str,true); xmlhttp.send(); } </script> </head> <body> <form> <select name="users" onChange="showUser(this.value)"> <option value="">Select a person:</option> <option value="1">Peter Griffin</option> <option value="2">Lois Griffin</option> <option value="3">Glenn Quagmire</option> <option value="4">Joseph Swanson</option> </select> </form> <br /> <div id="txtHint"><b>Person info will be listed here.</b></div> </body> </html> THIS IS SECOND FILE, CALL IT "getuser.php", that gets called by the ajax from the index.php page: <?php $q=$_GET["q"]; $con = mysql_connect('host', 'user', 'password'); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("database", $con); $sql="SELECT * FROM items WHERE id = '".$q."'"; $result = mysql_query($sql); echo "<table id='itemDisplay' border='0'>"; while($row = mysql_fetch_array($result)) { echo "<tr>"; echo "<td><span style='font-family:times;font-size:18pt;color:993300'><strong>" . $row['id'] . " - " . $row['title'] . "</strong></span><br>" .$row['description'] . "<br><strong>Price: $" . $row['price'] ." / Shipping: $" . $row['shipping'] . "</strong></td>"; echo "<td><img height='150' src='" . $row['imagesmall'] . "'/></td>"; echo "</tr>"; } echo "</table>"; mysql_close($con); ?>