Buddski Posted September 30, 2011 Share Posted September 30, 2011 Well its 2pm here and Im on holidays so I should be around, but other people can help as well. The code is just a basic form, how you handle this form on the POST side will determine how secure the code will be. Do not take anything that the person has posted as gospel, you will need to ensure that they ARE paying the correct amount and all the other fun stuff. Basically revalidate everything that is posted because if somebody does change a value that is posted, you could be in for a world of hurt. Quote Link to comment Share on other sites More sharing options...
Drummin Posted September 30, 2011 Share Posted September 30, 2011 See PM for message regarding this topic. Thanks. Quote Link to comment Share on other sites More sharing options...
doubledee Posted October 1, 2011 Author Share Posted October 1, 2011 Buddski, <td class="col5"><input type="submit" name="row[3]" value="Add to Cart" /></td> Does this code basically say... row[3] = "Add to Cart" That is, the array row in the 4th position row[3] holds the value "Add to Cart" Debbie Quote Link to comment Share on other sites More sharing options...
doubledee Posted October 1, 2011 Author Share Posted October 1, 2011 Buddski, $selected = key($_POST['row']); And can you explain your own words what this line of code does? Debbie Quote Link to comment Share on other sites More sharing options...
Drummin Posted October 1, 2011 Share Posted October 1, 2011 Hi Debbie, Could you possibly read the PM I sent you and reply? Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 1, 2011 Share Posted October 1, 2011 row[3] = "Add to Cart" That is, the array row in the 4th position row[3] holds the value "Add to Cart" That is almost correct, that means that on the PHP side that $_POST['row'][3'] = Add to Cart, the array on the form starts at 0 so it is the third position of the $_POST['row'] array; What this, $selected = key($_POST['row']); does is it gets the KEY of the current position of the $_POST['row']. The $_POST['row'] contains all the submit buttons and because only one is being passed across, it will always grab the first array key, so if somebody clicks on the third Add to Cart button, <input type="submit" name="row[3]" value="Add to Cart" /> $selected will be 3. Quote Link to comment Share on other sites More sharing options...
doubledee Posted October 1, 2011 Author Share Posted October 1, 2011 Hi Debbie, Could you possibly read the PM I sent you and reply? I don't want to give out my e-mail, but welcome help here... Debbie Quote Link to comment Share on other sites More sharing options...
Drummin Posted October 1, 2011 Share Posted October 1, 2011 Ah well, I have a complete package made for you. After configuring the file access.php file the database will be created and tables will be added automatically. If "admin" member isn't present you're directed to create an account. The Admin can add events, edit events, and view personal orders and orders from others using various menus links. New features of the “add events” and “edit events” are the “total tickets”, i.e. 3000 and the “ticket limit” for each order. As orders are processed or events edited, the number of tickets that are left is calculated. This is reflected on the order selection page, so If only three tickets are left that is all they can order. Status is changed to “Sold Out” when it reaches zero. Event descriptions are also part of the Create, Edit and View sections of the page. From the user’s point of view, they see events listed when they come to the page. If they select an event, they then choose the number of tickets they want and place the order. The “Log in” or “Create Account” links are then shown directing them to either of these forms. Once logged in, we check for personal info, i.e. name, email etc. Once these are added they are directed to the credit card form. BTW all forms have validation checks made and on the Credit Card form after all variables pass, there is one more “Look it over and confirm” to set info to DB. Once CC info is added they are shown an order confirmation page with “confirm” or “edit” buttons. Once confirmed, we show a big “thank you” and return the event list view. They also have a view orders link to view status of their order. Any logged in user that already has personal and credit card info added to their account are automatically taken to the order confirmation page when they place an order. Anyway, I enjoyed making this. Quote Link to comment Share on other sites More sharing options...
doubledee Posted October 1, 2011 Author Share Posted October 1, 2011 Anyway, I enjoyed making this. Sounds like a fancy set of code, but I want to build what I want and I want to learn how to do it myself. Any help or advice here - if it pertains to my immediate requirements - is always welcome. Thanks, Debbie Quote Link to comment Share on other sites More sharing options...
doubledee Posted October 2, 2011 Author Share Posted October 2, 2011 Buddski, Why are you using a hidden field? <td class="col2">$20<input type="hidden" id="row1_cost" name="cost[1]" value="20" /></td> Debbie Quote Link to comment Share on other sites More sharing options...
Drummin Posted October 2, 2011 Share Posted October 2, 2011 As I understood it, you only wanted to pass event id and the number of tickets to hold in session until after credit info is gathered, then query DB for actual price. If so, having hidden field for price isn't needed. Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 2, 2011 Share Posted October 2, 2011 I added that in for the demo, to further clarify how you can extract the information. And to make the JavaScript easier to write If the form is generated based on database records, you can change the 1,2,3 array keys in the HTML array to the Event ID from the query results. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.