psychowolvesbane Posted April 21, 2008 Share Posted April 21, 2008 Hi if you could take a few minutes of your time to just check to see if there are no errors (glaring or otherwise) in this page I would be grateful. It's not the kinda script I want to test blindly and ruin a lot of test data already in the ShopCart table. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <?php session_start(); include "admin/connect_details.php"; if($_POST['CheckoutButton'] == "Checkout") { $OrderID = rand(100000,999999); $conn = mysql_connect($Host,$Username,$Password) or die(mysql_error()); $db = mysql_select_db($Dbname, $conn); while($OkOrderID == false) { $sql1 = "SELECT OrderID FROM SalesOrder WHERE OrderID='$OrderID'"; $rs1 = mysql_query($sql1,$conn) or die('Problem with query: ' . $sql1 . '<br />' . mysql_error()); if(mysql_num_rows($rs1)==1) { $OkOrderID = false; $OrderID = rand(100000,999999); } else { $OkOrderID = true; } } $Campus = $_POST['Campus']; $TotalCost = $_POST['TotalCost']; $sql2 = "SELECT CampusID FROM Campus WHERE Campus='$Campus'"; $rs2 = mysql_query($sql2,$conn) or die('Problem with query: ' . $sql2 . '<br />' . mysql_error()); $row = mysql_fetch_array($rs2); $CampusID = $row['CampusID']; $CollectionID = rand(1000000000,9999999999); while($OkCollectID == false) { $sql3 = "SELECT CollectionID FROM SalesOrder WHERE CollectionID='$CollectionID'"; $rs3 = mysql_query($sql3,$conn) or die('Problem with query: ' . $sql3 . '<br />' . mysql_error()); if(mysql_num_rows($rs3)==1) { $OkCollectID = false; $CollectionID = rand(1000000000,9999999999); } else { $OkCollectID = true; } } $OrderDate = date(d/m/y); $sqlAdd1 = "INSERT INTO SalesOrder (OrderID, CampusID, CollectionID, OrderDate, TotalCost, Paid, DatePaid, OrderSent, DateSent, OrderReceived, DateReceived, OrderCollected, DateCollected, ValidOrder, OrderComplete) VALUES ('$OrderID', '$CampusID', '$CollectionID', '$OrderDate', '$TotalCost','0','','0','','0','','0','','0','0')"; $rsAdd1 = mysql_query($sqlAdd1,$conn); $sql4 = "SELECT * FROM ShopCart WHERE CustID='$_SESSION['User_UserID']'"; $rs4 = mysql_query($sql4,$conn); while($row2 = mysql_fetch_array($rs4)) { $sqlAdd2 = "INSERT INTO OrderDetails (OrderID) VALUES ('$OrderID')"; $rsAdd2 = mysql_query($sqlAdd2,$conn); if($row2['NUSDiscount'] == 1) { $NUSDiscount = "Price"; } else { $NUSDiscount = "NUSPrice"; } $sql5= "SELECT Description,$NUSDiscount,Quantity WHERE ProductID='$row2['ProductID']'"; $rs5 = mysql_query($sql5,$conn); $row3 = mysql_fetch_array($rs5); $sqlAdd3 = "UPDATE OrderDetails SET OrderID='$OrderID' CustID='$row2['CustID']', ProductID='$row2['ProductID']', NUSDiscount='$row2['NUSDiscount']', ProdTitle='$row3['Description']', ProdPrice='$row3['$NUSDiscount']', ProdQuantity='$row3['Quantity']'"; $rsAdd3 = mysql_query($sqlAdd3,$conn); $sqlDel = "DELETE FROM ShopCart WHERE CustID='$_SESSION['User_UserID']'"; $rsDel = mysql_query($sqlDel,$conn); } mysql_close($conn); } ?> <html> <head> <title>Clothing Line</title> <link href="admin/stylesheetCL.css" rel="stylesheet"> <?php require('admin/jscript.inc')?> </head> <body> <?php require('admin/header.inc'); require('menu.inc') ?> <div class="DivMain"> <?php if($_POST['CheckoutButton'] == "Checkout") { $sqlDis = "SELECT * FROM OrderDetails WHERE OrderID='$OrderID'"; $rsDis = mysql_query($sqDis,$conn); ?> <span class="head1">Sales Order</span><br><br> <span class="head4">Order No. </span><?php echo $OrderID?><br> <span class="head4">Date: </span><?php echo date('d/m/y')?><br> <table border="0"> <tr> <th>Item Number</th> <th>Title</th> <th>Size</th> <th>Colour</th> <th>Quantity</th> <th>Price</th> <th>Amount</th> </tr> <?php while($rowDis = mysql_fetch_array($rsDis)) { $OrderItem = $row1['ProductID']; $sqlProdDetails= "SELECT Description, Price, NUSPrice, Quantity, Colour, Size, CollegeLogo, FrontText, FTextColour, BackText, BTextColour FROM Products WHERE ProductID ='$OrderItem'"; $rsProdDetails = mysql_query($sqlProdDetails,$conn); $row2 = mysql_fetch_array($rsProdDetails); $OrderTitle = $row2['Description']; $OrderPrice1 = $row2['Price']; $OrderPrice2 = $row2['NUSPrice']; $OrderQuantity = $row2['Quantity']; $OrderColour = $row2['Colour']; $OrderSize = $row2['Size']; $CollegeLogo = $row2['CollegeLogo']; if($CollegeLogo == 0) { $CollegeLogo = "N"; } else { $CollegeLogo = "Y"; } $sqlDiscount = "SELECT NUSDiscount From ShopCart WHERE CustID = '$CustID'"; $rsDiscount = mysql_query($sqlDiscount,$conn); $row3 = mysql_fetch_array($rsDiscount); $NUSDiscount = $row3['NUSDiscount']; $Discount = false; if($NUSDiscount == 1) { $Discount = true; } echo "<tr> <td>$OrderItem </td> <td>$OrderTitle</td> <td>$OrderSize</td> <td><img src='/images/colours/$OrderColour.gif' align=right title='$OrderColour'/></td> <td><input type=\"text\" name=\"Q$OrderItem\" size=\"2\" class=\"qtybox\" value=\"$OrderQuantity\"></td>"; if($Discount==true) { $OrderAmount = $OrderPrice2*$OrderQuantity; echo"<td style=\"text-align:right\">£$OrderPrice2</td> <td style=\"text-align:right\">£$OrderAmount</td></tr>"; } else { $OrderAmount = $OrderPrice1*$OrderQuantity; echo"<td style=\"text-align:right\">£$OrderPrice1</td> <td style=\"text-align:right\">£$OrderAmount</td></tr>"; } $OrderTotal = $_POST['TotalCost']; } mysql_close($conn); ?> <tr><th colspan="6" style="text-align:right">Order Total </th> <td style="border-style:solid"><b>£<?php echo number_format($OrderTotal,2) ?></b></td></tr> </table> <?php } else { ?> <span class="head4">You do not belong here!</span> <?php } ?> </div> </body> </html> Link to comment https://forums.phpfreaks.com/topic/102168-script-checking/ Share on other sites More sharing options...
Northern Flame Posted April 22, 2008 Share Posted April 22, 2008 well i dont see any errors but you're gonna have to run the script and check it out for yourself to really find out. Link to comment https://forums.phpfreaks.com/topic/102168-script-checking/#findComment-523697 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.