Using data entered in text field to redirect page

[nerotic]

Hello,

 

I'm really new to PHP and am trying to get a something rather simple set up but finding little success.

 

In a nutshell. I have a OSCommerce set up, actually three stores.  From the informational website I have a Store Region select page before redirecting to the store. The first two stores have USDollar and Euro pricing.

 

The 3rd store is brand new and has special pricing.

 

What I want to do on the Store Selector page is to add a a simple text form field. I will be issuing special discount codes (multiple and varied, but they will all redirect to the same place).

 

So I need a way to verify the code which means storing them on the server so I need to understand how to secure that file, or am I better off using a DB since I already have MySQL running with OSC.

 

In the event the code is wrong I'd like to implement a simple AJAX error message that displays right on the page. If it's correct then I simply want to redirect them to that store.

 

I've already set up a robots.txt on the server so that the page doesn't get indexed, at least by legit search engines. The idea being that there is only one entry point to these special prices.

 

Can anyone please give me some guidance as to how to best accomplish this?

 

Thanks in advance.

[Garethp]

jQuery AJAX (Simple way to implement AJAX) - http://articles.sitepoint.com/article/ajax-jquery

MySQL - http://www.w3schools.com/PHP/php_mysql_intro.asp

PHP Post - http://www.w3schools.com/PHP/php_post.asp

Remember to sanatize your inputs - http://www.google.com/search?hl=en&ei=N6V3S6SKIIrk7AOOm9SfBg&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CA4QBSgA&q=php+input+sanitization&spell=1

 

And yes, MySQL is generally the best way to do it.

[Garethp]

Oh yeah, and to redirect to a page using Javascript

 

window.location = 'http://site.com';

[nerotic]

Hi Gareth,

 

Thanks for shining a light on the path   For now I'm not going to worry about AJAX, I want to get this working first and to understand exactly what goes on.

 

I'm having problems but I'm sure this has to do with my syntax, the damn error tells me so  . Here is the code that is giving me problems, it resides in a file called storeentry.php:

 

<?php
if ($storentry="test1" or $storentry="test2" or $storentry="test3") {
	window.location 'shop.php?page=store3'; 
}
elseif ($storentry="test4" or $storentry="test5" or $storentry="test6") {
	window.location 'shop.php?page=store4'; 
}
else window.location 'shop.php?page=wrongcode';
)
?>

 

 

This is the error that I'm getting:

Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in D:\Nero\Works\A.U.X\Web2.0\storeentry.php on line 5

 

I have a page called shop_page_content.inc where I have snippets that look like this:

 

       

case 'store3':
	echo "http://www.auxout.com/oscomm3/";
	break; 
case 'store4':
	echo "http://www.auxout.com/oscomm4/";
	break; 
case 'wrongcode':
	echo "storeerror.php";
	break;
default:  
	echo "select.php";  
	break; 

 

 

The form on the php page looks like this:

<form action="storeentry.php" method="post">
If you have a code please enter it here: <input type="text" size="15" maxlength="10" class="input" name="storeentry" /> 
<input type="submit" value="SUBMIT" class="button" />
</form>

 

 

Being new to php, I'm not sure if this is possible but I've decided to bypass using the DB at all. We're only going to have 4-6 codes and it's rarely going to update. Should this work just using the POST ... wait a sec...I think I know what the problem is...need to use GET_POST maybe?  Anyway, I'm going to post this but keep on testing.

 

I've googled non-stop. I don't see much choice but to ask you whether you prefer milk, dark, or filled chocolates

[nerotic]

I've updated storeentry.php so it now looks like the following (it now has the switch statement:

 

 

<?php switch($_POST['storeentry']) {
if ($storentry="test1" or $storentry="test2" or $storentry="test3") {
	window.location = 'shop.php?page=store3'; 
}
elseif ($storentry="test4" or $storentry="test5" or $storentry="test6") {
	window.location = 'shop.php?page=store4'; 
}
else window.location = 'shop.php?page=wrongcode';
)
}
?>

 

And now I'm getting this error:

Parse error: syntax error, unexpected T_IF, expecting T_CASE or T_DEFAULT or '}' in D:\Web2.0\storeentry.php on line 3

 

Line 3 begins with "if"

[jl5501]

A case statement removes the need for an if-else ladder

 

<?php 
switch($storeentry) 
{
     case 'test1': 
     case 'test2':
     case 'test3':
          window.location = 'shop.php?page=store3'; 
          break;
     case 'test4':
     case 'test5':
     case 'test6':     
           window.location = 'shop.php?page=store4'; 
           break;
    default:
           window.location = 'shop.php?page=wrongcode';
}
?>

[wildteen88]

PHP does not see

window.location = 'shop.php?page=store3'; 

As JavaScript. You'll need to echo the above line out in script tags for it to work. Eg

echo '<script type="text/javascript">window.location = \'shop.php?page=store3\';</script>';

 

However personally I'd use header to redirect users. You cannot always assume all users will have javascript enabled. If you're going the JavaScript route you may also want to have a 'Plan B' by displaying a short message saying where the user is being redirected to, just in case the redirect does not occur for some reason.

 

[jl5501]

I must confess, I did not look at the code he was running according to the conditions.

[nerotic]

First off, thanks to the both of you for taking the time to assist me. I'm all for doing things the PHP way...doing my best to learn it

I'd rush rather make the extra effort.

 

So this is what storeentry.php looks like now:

 

<?php 
switch($storeentry) 
{
     case 'test1': 
     case 'test2':
     case 'test3':
	header('Location: shop.php?page=store3');
		break;
     case 'test4':
     case 'test5':
     case 'test6':     
        header('Location: shop.php?page=store4');
           break;
default:
        header('Location: shop.php?page=wrongcode');
}
?>

 

And the result:

Warning: Cannot modify header information - headers already sent by (output started at D:\Web2.0\storeentry.php:1) in D:\Web2.0\storeentry.php on line 15

 

Just for my own understanding wouldn't an if, elseif loop preclude php from sending multiple headers as appears to be the case here?

 

How would I go about fixing this? I've been googling but the concepts are a bit beyond my grasp, more like the wording actually 

[jl5501]

your switch will only call header() exactly once. But, if that page outputs anything (html, php echo, or even a space), before the call to header(), then you will get that mesaage

[nerotic]

Thanks JL but in practical terms I'm not sure what to look for.

 

I'm getting that error on line 15 whether I enter a correct code or not. Where would I look for which page is outputting what exactly?

[jl5501]

the error msg tells you that it was line 1

 

maybe you have some space before your <?

[jl5501]

output started at D:\Web2.0\storeentry.php:1

 

that is where the error is telling you that the output was, that stopped header() from working

[wildteen88]

Make sure you don't have anything before the opening PHP tag, such as a space or any other character. If there is nothing there than make sure you're saving file as ASCII or UTF-8 without BOM for the text encoding.

[nerotic]

The BOM-free encoding did the trick.

 

Now I get the same result no matter what code I type in. How can I "see" what PHP is doing so I can figure out where the error lies? It just keeps nesting the default selector screen.

 

http://nero.heliohost.org/aux/shop.php

[nerotic]

Ok...I managed to get rid of the nasty nesting problem.

 

Now everything seems to be working. Oh, everything expect doing what it's supposed to do when a correct code is entered and that's redirect to the correct page.

 

PHP currently looks like this:

<?php
switch($storeentry) 
{
     case 'test1': 
     case 'test2':
     case 'test3':
	header('Location: oscomm3/');
		break;
     case 'test4':
     case 'test5':
     case 'test6':     
        header('Location: oscomm4/');
           break;
default:
        header('Location: storeerror.php');
}

 

And this is the form code:

<form action="storeentry.php" method="post">
If you have a code please enter it here: <input type="text" size="15" maxlength="10" class="input" name="storeentry" />
<input type="submit" value="SUBMIT" class="button" />
</form>

[nerotic]

Could still use just a little more help

[nerotic]

I've echoed the variable

<?php echo $storyentry; ?>

in my HTML code and it's not getting passed.

 

Can anyone give me an idea is to how to find out why? Or maybe it's apparent in the code that I've posted?

[wildteen88]

You need to be using $_POST['storeentry'] not $storeentry

[nerotic]

You need to be using $_POST['storeentry'] not $storeentry

 

Thanks for responding Wildteen. My code look slike this now:

 

<?php
switch  $_POST['storeentry']
{
case 'test1':
    case 'test2':
    case 'test3':
	header('Location: oscomm3/');
break;

case 'test4':
    case 'test5':
    case 'test6':
	header('Location: oscomm4/');
    break;

default:
	header('Location: storeerror.php');
}
?>

 

And it's giving me this error:

Parse error: syntax error, unexpected T_VARIABLE, expecting '(' in D:\Nero\Works\A.U.X\Web2.0\storeentry.php on line 2

[Andy-H]

 

<?php
switch ($_POST['storeentry'])
{
   case 'test1':
    case 'test2':
    case 'test3':
      header('Location: oscomm3/');
   break;

   case 'test4':
    case 'test5':
    case 'test6':
      header('Location: oscomm4/');
    break;

   default:
      header('Location: storeerror.php');
}
?>

switch is a statement, just like if - therefore needs brackets surrounding its argument.

[nerotic]

Nevermind...I enclosed everything in parens and it worked like a charm!!

 

Thanks to everyone who offered their time and help.