Jump to content

Shopping cart checkout process

JCS1988

By JCS1988
in PHP Coding Help

 Share

Recommended Posts

JCS1988 Member

JCS1988

Posted
Posted

So I have another problem and decided to come back here since everyone is always so helpful. I have a database setup with all my products, users, and orders. You can browse the products and add them to a cart, everything works fine on that part. But I am not sure how to complete the actual check out process. I have a user account system where users can register, then login. Certain pages require a visitor to be logged in, so when the users logs in a session is created. I believe the session is storing 'customer_id', which is located in the customers table under each customers unique ID. The script is below, i'm not sure what exactly is being stored.

 

If you click checkout on this page http://jcs5325.aisites.com/cart.php it will take you to a submit order form that I got from my text book files. The lesson didn't involve user accounts, it just explained how to setup the cart and then type in the info at the last minute. I want this submit order page to use the stored customer_id and access the customer info (first_name, last_name, email, etc) and display it along with the items and total, just like any other confirmation page you would see. In other words I want to completely do away with that form that asks for the information and have the page get the users info that's already in the database.

 

 

This is the code from my text book, the page can be seen from the link above.

<?php
session_start();
require("opendbo.php");
require("displaycartfunction.php");
$today = Date("Y-m-d", time());

if ((isset($HTTP_COOKIE_VARS)) || (isset($HTTP_SESSION_VARS)) || (isset($HTTP_GET_VARS))) {
extract  ($HTTP_COOKIE_VARS);
extract  ($HTTP_SESSION_VARS);
extract  ($HTTP_GET_VARS);
extract  ($HTTP_POST_VARS);
extract  ($HTTP_SERVER_VARS);
}

reset ($HTTP_COOKIE_VARS);
reset ($HTTP_SESSION_VARS);
reset ($HTTP_GET_VARS);
reset ($HTTP_POST_VARS);
reset ($HTTP_SERVER_VARS);

if (!@$submitconfirm) {
  print ("Please give information for ordering or confirm information present.<br>");
  print ("<form action=\"$PHP_SELF\" method=post><br>");
  $ofname=""; $olname=""; $obilling=""; $oemail="";
  if (@$currentcustomer)
   {$query="SELECT * from customers where customer_id=$currentcustomer";
    $result=mysql_db_query($DBname,$query,$link);
   $Num_past = mysql_num_rows($result);
   if ($Num_past>0) {
    $obilling=mysql_result($result,0,"billing");
    $ofname=mysql_result($result,0,"fname");
    $olname=mysql_result($result,0,"lname");
    $oemail=mysql_result($result,0,"emailaddress");
    print ("<input type=hidden name=oldcustomer value=TRUE>");
    print("<br>INFO OKAY <input type=\"radio\" name=\"choices\" value=\"OKAY\" CHECKED >");
    print ("<br>CHANGE MY INFO <input type=\"radio\" name=\"choices\" value=\"CHANGE\" >");
    print ("<br>NEW CUSTOMER <input type=\"radio\" name=\"choices\" value=\"NC\"><br>");
   }
   }
  print ("First Name <input type=text name='fname' value='".$ofname."'><br>");
  print ("Last Name <input type=text name='lname' value='".$olname."'><br>");
  print ("Billing information <input type=text name='billing' value='".$obilling."'><br>");
  print ("E mail address <input type=text name='email' value='".$oemail."'><br>");
  print ("<input type=hidden name='submitconfirm' value=TRUE>");
  print ("<input type=submit name='submit' value='SUBMIT/CONFIRM INFORMATION'>");
  print ("</form>");
}
else {
if (!@$oldcustomer) {
    $query="INSERT INTO customers VALUES ('0','".$fname;
    $query=$query."','".$lname."','".$billing."','".$email."','X')" ;  // X for pass now
    $result=mysql_db_query($DBname, $query,$link); //need error handling. 
    $currentcustomer=mysql_insert_id();
    setcookie("currentcustomer",$currentcustomer); //sets permanent cookie
    } //end if not old customer--need to insert into db and create cookie
else {  // old customer.  Update db just in case changes were made
    if (@$choices=='CHANGE') {    
       $query="UPDATE customers set fname='".$fname ;
       $query = $query . "', lname='".$lname."', billing='".$billing;
       $query = $query . "', emailaddress='".$email ."' where id=$currentcustomer";
       mysql_db_query($DBname,$query,$link);
     }
  else if (@$choices=='NC') {
    $query="INSERT INTO customers VALUES ('0','".$fname;
    $query=$query."','".$lname."','".$billing."','".$email."','X')" ;  // X for pass now
    $result=mysql_db_query($DBname, $query,$link); //need error handling. 
    $currentcustomer=mysql_insert_id();
    $duration = 90 * 24 * 60* 60;  //90 days
    setcookie("currentcustomer",$currentcustomer, time()+$duration); //sets long term 
    } //end if changed to new customer

  }
print("Welcome, $fname <br>");
print ("Today is $today <br>\n");
print ("Here is your order.<hr>");
displaycart();
print ("<hr> We are billing it using the following information: <br> $billing<br>");
$query = "INSERT INTO orders VALUES ('0', '";
$query = $query . $currentcustomer."', '".$today."',  'set',".$totalprice.")";
mysql_db_query($DBname, $query, $link);
$orderid=mysql_insert_id();
foreach ($cart as $key=>$value) {
   $product_id = substr($key, 1);
    $query="INSERT INTO ordereditems VALUES ('".$orderid."','".$product_id."',".$value.")";
    mysql_db_query($DBname,$query,$link);
  }  //ends the foreach
/*
// uncomment this section to troubleshoot modifications
  echo "<pre>";
  print_r($HTTP_SESSION_VARS);
  print_r($HTTP_SESSION_VARS['cart']);
  echo "</pre>";
*/
//session_unregister('cart');
  unset($HTTP_SESSION_VARS['cart']);  
  unset($HTTP_SESSION_VARS['items']);  
  unset($HTTP_SESSION_VARS['totalprice']);  
  //session_unregister('totalprice');
  //session_unregister('items');
  unset($cart); 
  unset($items);
  unset($totalprice);
  session_destroy();
}  //ends handling of form -- the else clause on if submitconfirm
?>
</body> </html>

 

 

This is the page that confirms the users login information, and stores it in a session for access to the private pages. I assume that whatever information this script stores can be used to pull up the customer information during the checkout.

<?php
//Start session
session_start();

//Connect to mysql server
$link=mysql_connect("data.jcs5325.aisites.com","jcs5325aii_pho","203633");
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db=mysql_select_db("jcs5325aii_photography");
if(!$db) {
	die("Unable to select database");
}

//Sanitize the value received from login field
//to prevent SQL Injection
if(!get_magic_quotes_gpc()) {
	$username=mysql_real_escape_string($_POST['username']);
}else {
	$username=$_POST['username'];
}

//Create query
$qry="SELECT customer_id FROM users WHERE username='$username' AND password='$password'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
	if(mysql_num_rows($result)>0) {
		//Login Successful
		session_regenerate_id();
		$member=mysql_fetch_assoc($result);
		$_SESSION['SESS_CUSTOMER_ID']=$member['customer_id'];
		session_write_close();
		header("location: member-index.php");
		exit();
	}else {
		//Login failed
		header("location: login-failed.php");
		exit();
	}
}else {
	die("Query failed");
}
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.