netrunnr Posted August 10, 2007 Share Posted August 10, 2007 Hello there peeps! I'm new here, go easy. Below is my php file which contains the error... All I am trying to do is delete from a table. When I click Delete, it just looks like it refreshes the page....? Can anyone help please? ??? Cheers you lot - Netrunnr ------CODE BELOW------- <?php $currencies = new currencies(); if ($delete) { tep_db_query("delete from " . TABLE_HOLDING_ORDERS . " where orders_id = " . $delete . ""); tep_db_query("delete from " . TABLE_HOLDING_ORDERS_PRODUCTS . " where orders_id = " . $delete . ""); tep_db_query("delete from " . TABLE_HOLDING_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = " . $delete . ""); tep_db_query("delete from " . TABLE_HOLDING_ORDERS_TOTAL . " where orders_id = " . $delete . ""); } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <link rel="stylesheet" type="text/css" href="includes/stylesheet.css"> <script language="javascript"> function really(){ if(confirm("Really Delete This Order In Holding?")){ return true; } else { return false; } } </script> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF"> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td width="400px" valign="top"><table border="0" width="400px" cellspacing="1" cellpadding="1" class="columnLeft"> <!-- left_navigation //--> <?php require('includes/column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <td width="100%" valign="top"><table width="100%" cellpadding="5"> <tr> <td class="main"><p class="pageHeading">Copies of Orders in Orders Holding...<br><font size="2">In case your customer fails to return after Paypal or 2Checkout...</font></p> <p>These orders may or may not have been completed! This module logs all orders before the customer is passed to payment processing. The process is seamless and doesn't interfere with the regular checkout process.</p> <p>Please note that EVERY TIME a customer returns to the Order Confirmation Page, the order is stored in holding! Some orders may be saved several times! Use the last one of any such set of orders!</p> <p>You can view or delete the orders with a click of the appropriate icon!</p> </td></tr> <tr> <td align="center"><table cellpadding="2" width="90%" class="smallText"> <tr class="dataTableHeadingRow"> <th>Customer</th> <th>Telephone</th> <th>Order Date & Time</th> <th>Total Order</th> <th>Payment Method</th> <th>Actions</th> </tr> <?php $holding_orders = tep_db_query("select orders_id, customers_id, customers_name, customers_email_address, customers_telephone, payment_method, date_purchased from " . TABLE_HOLDING_ORDERS . " order by date_purchased desc"); while ($row = mysql_fetch_array ($holding_orders)) { $total=tep_db_query("SELECT text FROM ".TABLE_HOLDING_ORDERS_TOTAL ." WHERE orders_id = '".$row['orders_id']."' AND class = 'ot_total'"); $thistotal= mysql_fetch_array ($total); $thisone=$thistotal[text]; ?> <tr<?php if ($flag == 'no') echo ' class="dataTableRowSelected"'?>;> <td><a href="mailto:<?php echo $row['customers_email_address'];?>"><?php echo $row['customers_name']; ?></a></td> <td><?php echo $row['customers_telephone']; ?></td> <td><?php echo $row['date_purchased']; ?></td> <td align="right"><?php echo $thisone; ?></td> <td><?php echo $row['payment_method']; ?></td> <td align="center"><a href="ordersheld.php?oID=<? echo $row['orders_id']; ?>">View</a> <a href="ordersholding.php?delete=<? echo $row['orders_id']; ?>" onclick="return really();">Delete</a></td> </tr> <?php } ?> </table></td></tr> </table> </td> </tr> </table> </body> </html> Quote Link to comment Share on other sites More sharing options...
netrunnr Posted August 10, 2007 Author Share Posted August 10, 2007 please? :-\ Quote Link to comment Share on other sites More sharing options...
gurroa Posted August 10, 2007 Share Posted August 10, 2007 Try this if (isset($_GET['delete']) && is_numeric($_GET['delete'])) { // you should always control what users send you via your variables. // someone "clever" could open [url]ordersholding.php?delete=1 or (1 = 1)[/url] and delete your whole database $delete = $_GET['delete']*1; tep_db_query("delete from " . TABLE_HOLDING_ORDERS . " where orders_id = " . $delete . ""); tep_db_query("delete from " . TABLE_HOLDING_ORDERS_PRODUCTS . " where orders_id = " . $delete . ""); tep_db_query("delete from " . TABLE_HOLDING_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = " . $delete . ""); tep_db_query("delete from " . TABLE_HOLDING_ORDERS_TOTAL . " where orders_id = " . $delete . ""); } Quote Link to comment Share on other sites More sharing options...
netrunnr Posted August 10, 2007 Author Share Posted August 10, 2007 Cheers very much gurroa. Worked a treat once i changed "delete" to "del". I have another problem displaying data from the databases. Ill place the code here and if you help....... /me would be well happy! Tell me... why is OSCommerce such hassle? :-) <?php require('includes/application_top.php'); require(DIR_WS_CLASSES . 'currencies.php'); $currencies = new currencies(); $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); if (($action == 'edit') && isset($HTTP_GET_VARS['oID'])) { $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); $orders_query = tep_db_query("select orders_id from holding_orders where orders_id = '" . (int)$oID . "'"); $order_exists = true; if (!tep_db_num_rows($orders_query)) { $order_exists = false; $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error'); } } include(DIR_WS_CLASSES . 'orderheld.php'); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <link rel="stylesheet" type="text/css" href="includes/stylesheet.css"> <script language="javascript" src="includes/general.js"></script> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <?php $order = new order($oID); ?> <tr> <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td> <td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link('ordersholding.php', '') . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td> </tr> </table></td> </tr> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td colspan="3"><?php echo tep_draw_separator(); ?></td> </tr> <tr> <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main" valign="top"><b><?php echo ENTRY_CUSTOMER; ?></b></td> <td class="main"><?php echo tep_address_format($order->customer['format_id'], $order->customer, 1, '', '<br>'); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_TELEPHONE_NUMBER; ?></b></td> <td class="main"><?php echo $order->customer['customers_telephone']; ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td> <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '"><u>' . $order->customer['email_address'] . '</u></a>'; ?></td> </tr> </table></td> <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main" valign="top"><b><?php echo ENTRY_SHIPPING_ADDRESS; ?></b></td> <td class="main"><?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br>'); ?></td> </tr> </table></td> <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main" valign="top"><b><?php echo ENTRY_BILLING_ADDRESS; ?></b></td> <td class="main"><?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, '', '<br>'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo ENTRY_PAYMENT_METHOD; ?></b></td> <td class="main"><?php echo $order->info['payment_method']; ?></td> </tr> <?php if (tep_not_null($order->info['cc_type']) || tep_not_null($order->info['cc_owner']) || tep_not_null($order->info['cc_number'])) { ?> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td> <td class="main"><?php echo $order->info['cc_type']; ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td> <td class="main"><?php echo $order->info['cc_owner']; ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td> <td class="main"><?php echo $order->info['cc_number']; ?></td> </tr> <tr> <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td> <td class="main"><?php echo $order->info['cc_expires']; ?></td> </tr> <?php } ?> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr class="dataTableHeadingRow"> <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td> <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td> </tr> <?php for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { echo ' <tr class="dataTableRow">' . "\n" . ' <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . ' x</td>' . "\n" . ' <td class="dataTableContent" valign="top">' . $order->products[$i]['name']; if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) { for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) { echo '<br><nobr><small> <i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value']; if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')'; echo '</i></small></nobr>'; } } echo ' </td>' . "\n" . ' <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" . ' <td class="dataTableContent" align="right" valign="top">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" . ' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" . ' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" . ' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" . ' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n"; echo ' </tr>' . "\n"; } ?> <tr> <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2"> <?php for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) { echo ' <tr>' . "\n" . ' <td align="right" class="smallText">' . $order->totals[$i]['title'] . '</td>' . "\n" . ' <td align="right" class="smallText">' . $order->totals[$i]['text'] . '</td>' . "\n" . ' </tr>' . "\n"; } ?> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td> </tr> </table></td> <!-- body_text_eof //--> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Quote Link to comment Share on other sites More sharing options...
gurroa Posted August 10, 2007 Share Posted August 10, 2007 Ok Can you describe what is wrong with your script? (I don't know background objects so it is hard to say) Quote Link to comment Share on other sites More sharing options...
netrunnr Posted August 10, 2007 Author Share Posted August 10, 2007 ok basically, i have a table.. with headings: Customer, Telephone, Order Date & Time, Total Order, Payment Method, actions I want to go into the database and pick every product the customer has ordered and display them in a table :-) in theory quite easy :-/ There is an include you may need to look at as well: <?php /* $Id: order.php,v 1.7 2003/06/20 16:23:08 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ class order { var $info, $totals, $products, $customer, $delivery; function order($order_id) { $this->info = array(); $this->totals = array(); $this->products = array(); $this->customer = array(); $this->delivery = array(); $this->query($order_id); } function query($order_id) { $order_query = tep_db_query("select customers_name, customers_street_address, customers_suburb, customers_city, customers_postcode, customers_state, customers_country, customers_telephone, customers_email_address, customers_address_format_id, delivery_name, delivery_street_address, delivery_suburb, delivery_city, delivery_postcode, delivery_state, delivery_country, delivery_address_format_id, payment_method, cc_type, cc_owner, cc_number, cc_expires, currency, currency_value, date_purchased, orders_status, last_modified from " . TABLE_HOLDING_ORDERS . " where orders_id = '" . (int)$order_id . "'"); $order = tep_db_fetch_array($order_query); $totals_query = tep_db_query("select title, text from " . TABLE_HOLDING_ORDERS_TOTAL . " where orders_id = '" . (int)$order_id . "' order by sort_order"); while ($totals = tep_db_fetch_array($totals_query)) { $this->totals[] = array('title' => $totals['title'], 'text' => $totals['text']); } $this->info = array('currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'date_purchased' => $order['date_purchased'], 'orders_status' => $order['orders_status'], 'last_modified' => $order['last_modified']); $this->customer = array('name' => $order['customers_name'], 'company' => $order['customers_company'], 'street_address' => $order['customers_street_address'], 'suburb' => $order['customers_suburb'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address']); $this->delivery = array('name' => $order['delivery_name'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'suburb' => $order['delivery_suburb'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id']); $this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'suburb' => $order['billing_suburb'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id']); $index = 0; $orders_products_query = tep_db_query("select orders_products_id, products_id, products_name, products_model, products_price, products_tax, products_quantity, final_price from " . TABLE_HOLDING_ORDERS_PRODUCTS . " where orders_id = '" . (int)$order_id . "'"); while ($orders_products = tep_db_fetch_array($orders_products_query)) { $this->products[$index] = array('qty' => $orders_products['products_quantity'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'final_price' => $orders_products['final_price']); $subindex = 0; $attributes_query = tep_db_query("select products_options, products_options_values, options_values_price, price_prefix from " . TABLE_HOLDING_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . (int)$order_id . "' and orders_products_id = '" . (int)$orders_products['products_id'] . "'"); if (tep_db_num_rows($attributes_query)) { while ($attributes = tep_db_fetch_array($attributes_query)) { $this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']); $subindex++; } } $index++; } } } ?> Quote Link to comment Share on other sites More sharing options...
netrunnr Posted August 10, 2007 Author Share Posted August 10, 2007 purrr lease?? ??? Quote Link to comment Share on other sites More sharing options...
SnowControl Posted August 12, 2007 Share Posted August 12, 2007 $customerID=$_POST['customerID']; // Change to wherever you're getting the customer id from. $query="SELECT * FROM orders WHERE customerid='$customerid' "; $result=mysql_query($query) $num=mysql_num_rows($result); echo "<table>" for ($i=0; $num > $i ; $i++) { $itemname=mysql_result($result,$i,"itemname"); //repeat with all the info you need to publish echo "<tr><td>$itemname</td></tr>"; } echo "</table>"; ************************* On another note, you're making this far to complicated. Go to tizag and learn this from scratch, instead of working on other peoples codes. You learn and understand so much more then. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.