roldahayes Posted January 11, 2013 Share Posted January 11, 2013 (edited) I know that this is quite a vague question but would appreciate some help with this. I have just moved a working shopping basket that uses Barclays EPDQ for payments, to a new server. Now that it has moved I am having problems with it. The orders are sending to the database, and we are receiving the customers money, but we are not getting any orders emailed to us (nor is the customer...) and they are just getting the error message that there has been a problem. It appears that the UserID isnt returning back to this page and then knowing where to send the email confimrations back to. Could this have been caused just by moving to the new server? The only difference that I can see between the Cookie / Session set up on the server is that Session.use_only_cookies is now set to "On" with the new server. <?php error_reporting(E_ALL); ini_set('display_errors', '1'); //include header code //include_once("head.php"); //include header code include_once("func_lib.php"); // use the user_connection include file's connectDB function include_once("usr_conn.php"); if(!connectDB()) { echo "<p>Unable To Connect To Database</p>"; return; } // assign variables $currency = "£"; //get confirmation or customerID etc $userID = stripslashes(($_COOKIE['userID'] ? $_COOKIE['userID'] : str_replace("BR_", "", $_GET["oid"]))); $shopperID = stripslashes(substr($userID, 0, 6)); $token = md5(uniqid(rand(),1)); setcookie("userID", $token, time() + 3600, "/"); setcookie("userID", $token, time() + 3600, "/upload/"); //get the user details $result = mysql_query("SELECT * FROM shopper WHERE User_ID='$userID'"); $UserDetails = mysql_fetch_assoc($result); $custdetails = explode("\n",$UserDetails["Customer_Address"]); foreach($custdetails as $value) { if(strpos($value,"Customer_Email") !== false) { $Customer_Email = str_replace("Customer_Email = ", "", $value); } } //check that the order has not alerady been sent if (isset ($_COOKIE['order'])) { $message = "Your order has already been processed"; $blnSet = "1"; } ?> <?php //get info from shopper table $sqlquery = "SELECT * FROM shopper WHERE user_ID = '" . $userID . "'"; $result = mysql_query($sqlquery); echo '<!--'.mysql_error() .'-->'; $rowCount = mysql_num_rows($result); echo'<!--test-->'; // if no matches then nothing to checkout if ($rowCount == 0) { echo'<!--in-->'; echo ("<p><font class=error>Your basket was empty. You have come to this page in error!!<br>Please return to the main site</font></p>"); return; } else { //store shopper details $shoprow = mysql_fetch_assoc($result); $Basket_total = number_format(htmlspecialchars($shoprow['Basket_total']), 2); $Post_type = htmlspecialchars($shoprow['Postage']); //echo "tot: " . $Basket_total; $Postage = htmlspecialchars($shoprow['Postage']); //get basket details $sqlquery = "SELECT * FROM basket WHERE userID = '" . $userID . "'"; $result = mysql_query($sqlquery); $rowCount = mysql_num_rows($result); if ($rowCount == 0) { echo "<font class=error><p>Error: Your basket was empty.</p></font>"; return; } else { // select the userID's basket query and the Product Reference relating to each of the basket's productID's $sqlquery = "SELECT * FROM basket INNER JOIN products ON basket.productID = products.Prod_ID WHERE ((basket.userID) = '" . $userID . "')"; //echo $sqlquery; $baskresult = mysql_query($sqlquery); $rowCount = mysql_num_rows($baskresult); //set counter to name each hidden form element for the product details $frmCount = 1; while ($row = mysql_fetch_assoc($baskresult)) { //cut the prod_type variable //get the length of the variable $strLength = strlen ($row["Prod_Type"]); //assign first 2 characters of variable $strPrefix = substr($row["Prod_Type"], 0, 2); //debug //echo "\n prefix :" . $strPrefix; //assign remaining characters of variable $strSuffix = substr($row["Prod_Type"], 2, $strLength); //debug //echo "\n suffix :" . $strSuffix; //set product header image depending on the Prod_Type Code //start the table row $strProdType = prodType ($strPrefix); echo("<tr class=stdtable><td align=center> " . htmlspecialchars($row['Car_Make']) . " " . "</td>"); echo("<td align=center> " . $strProdType . " " . "</td>"); echo("<td align=center> " . htmlspecialchars($row['Prod_Make']) . "<br>" . htmlspecialchars($row['Product_Desc']) . "</td>"); echo("<td align=center> " . htmlspecialchars($row['Prod_REF']) . " " . "</td>"); echo("<td align=center>". htmlspecialchars($row['quantity']) ."</td></tr>"); //create hidden form names and values containing product details echo "<input type=hidden name=Product".$frmCount."_Make value=\"". htmlspecialchars($row['Prod_Make']) ."\">"; echo "<input type=hidden name=Product".$frmCount."_Model value=\"". htmlspecialchars($row['Prod_Model']) ."\">"; echo "<input type=hidden name=Product".$frmCount."_Type value=\"". $strProdType ."\">"; echo "<input type=hidden name=Product".$frmCount."_REF value=\"". $row['Prod_REF'] ."\">"; echo "<input type=hidden name=Product".$frmCount."_Quantity value=\"". htmlspecialchars($row['quantity']) ."\">"; //incrementcount by 1 $frmCount ++; }//end while echo("<tr class=stdtable><td colspan=3> </td><td align=center><b>TOTAL</b></td><td align=center>" . $currency . $Basket_total . "</td></tr>"); }//end else }//end else ?> <td height="32" colspan="2" align="center" class="header">Order Number = <?php echo $shopperID; ?> </td> </tr> <tr> <td height="80" colspan="2" align="center" class=std> <?php //create messsage based on whether mail was sent or not if ($UserDetails["Success"] == 1) echo ("Your order has been placed successfully. We will email or call you shortly confirming your details. <br><br>"); else echo ("Unfortunately there has been an error sending your order. Please try again, or email us <br>"); echo $message; ?> <?php //include footer code if ($UserDetails["Success"] == 1){ //finally send out a confirmation email to the customer, including their ShopperID include_once("customer_mail_new.php"); include_once("client_mail_new.php"); } ?> <?php $blnSet = ""; ?> Edited January 11, 2013 by roldahayes Quote Link to comment Share on other sites More sharing options...
Christian F. Posted January 11, 2013 Share Posted January 11, 2013 You're not using sessions in that code, at least not in the code that you posted, so it's not that. Though, you're not actually sending an e-mail either. Again, not from what I can see in the code you posted. What you need to do is to go through the code in a debugger, and check the code line-by-line until you figure out exactly where the problem occurs. Turn on error reporting on your (development) server as well, or at the very least check the error logs on the production server (if you can't reproduce the problem). Also, your script seems to be quite out of date, as it relies upon the magic_quotes setting. Nowadays you do not want to use stripslashes () on user-submitted data, as it can actually cause a security risk seeing as magic_quotes is turned off by default. Lastly I recommend reading up on setcookie () as well. It got some new parameters, which might help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.