email query results

I am trying to find a 'checkout' handling routine, but I couldn't find one. I also tried to find a name, address, zip, etc. prompt. So the user, somewhere in the form, because it is not clear what the user enters in the form (where do you prompt for his name, address, etc?) enters his email adress. Then at what point do you want the email to be send?

Ronald :cool:

There's no checkout routine code written. It just display the results. The script before this allows the user to select for the cart, and when update is submitted by the user it passes the cart items to the script written above (phpCart_basket .php). Thanks

Can you influence the form on which the order is actually made, i.e. the form that launches this form. If so, can the order form also request an email address from the user, so it can be transferred either in a POST or GET array or via the $_SESSION array? Or do you have to prompt the user from this form??

Let me know and we'll work out the format and content of the email to send.

Ronald :cool:

Thanks so much for helping out. I'm trying to set this for a non-profit I volunteer with. The program is based on four scripts:

phpCart_shop.ph p is where you select your items

phpCart_basket. php displays the results

functions_cart. php is the middle man

phpCart_manage is a middle man but I'm not sure what it does?

Here is the code for each one, in order

[PHP]<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitl ed Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>

<td width="306"><a href="phpCart_b asket.php">View Avionics Stack</a></td>
<?
include "functions_cart .php";
db_connect();
$sel_products = mysql_query("SE LECT * FROM $mysql_tablenam e ORDER BY id");
?>
<table width="100%" border="1" cellspacing="0" cellpadding="5" >
<tr><td>&nbsp ;</td>
<td><strong>Pro duct</strong></td>
<td><strong>Pic url</strong></td>
<td><strong>Pri ce</strong></td>
</tr>
<?
while ($item = mysql_fetch_arr ay($sel_product s)) {
echo "<tr>";
echo "<td><a href=phpCart_ma nage.php?act=ad d&pid=".$item["id"].">Add</a></td>";
echo "<td>".$ite m["product"]."</td>";
echo '<td><img src="'.$item["picurl"].'" width="auto" height="auto" alt="' . $item["product"] . ' Image"></td>';
echo "<td>".$ite m["price"]."</td>";
echo "</tr>";
}
?>
</table>
</body>
</html>[/PHP]

[PHP]<?
ob_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>phpCar t</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="phpCart_s tyle.css" rel="stylesheet " type="text/css">

</head>

<body>
<form name="update" method="post" action="phpCart _manage.php">
<table width="50%" border="0" cellspacing="10 " cellpadding="0" >
<tr bgcolor="#EEEEE E">
<td width="10%" class="bottomli ne">&nbsp;</td>
<td width="5%" class="bottomli ne"><strong>Qty </strong></td>
<td width="5%" class="bottomli ne"><strong>LCo de</strong></td>
<td width="50%" class="bottomli ne"><strong>Pro duct</strong></td>
<td width="10%" class="bottomli ne"><strong>Ima ge</strong></td>
<td width="10%" class="bottomli ne"><strong>Pri ce</strong></td>
<td width="10%" class="bottomli ne"><strong>Lin e Total </strong></td>
</tr>
<?
include "functions_cart .php";
$totalvalue = 0;

session_start() ;
// If no sessions has been started $_SESSION["cart"] equals null, thus showing the message no items.
if (!isset($_SESSI ON["cart"])) {
$_SESSION["cart"] = NULL;
}

if (validate() == TRUE && $_SESSION["cart"] != NULL) {

foreach ($_SESSION["cart"] as $key => $session_data) {

list($ses_id, $ses_quan) = $session_data;

// call database connect function
db_connect();
$sel_products = mysql_query("SE LECT * FROM $mysql_tablenam e WHERE id=".$ses_id."" );
$item = mysql_fetch_arr ay($sel_product s);

$totalvalue = $totalvalue + ($item["price"]*$ses_quan);
$subtotal = ($item["price"]*$ses_quan);

?>
<tr>
<td class="dividing border"><a href="<? echo "phpCart_manage .php?act=del&pi d=".$ses_id; ?>"><img src="img/icon_del.gif" width="13" height="13" border="0"></a></td>
<td class="dividing border"><input name="newquan[]" type="text" id="newquan[]4" value="<? echo $ses_quan; ?>" size="5" maxlength="4">
<input name="eid[]" type="hidden" id="eid[]" value="<? echo $ses_id; ?>"></td>
<td class="dividing border"><? echo $item["code"]; ?></td>
<td class="dividing border"><? echo $item["product"]; ?></td>
<td class="dividing border"><? echo '<img src="'.$item["picurl"].'" width="auto" height="auto" alt="' . $item["product"] . ' Image"'; ?></td>

<td class="dividing border"><? echo $cur_symbol."". number_format($ item["price"], 2, '.', ''); ?></td>
<td class="dividing border"><? echo $cur_symbol."". number_format($ subtotal, 2, '.', ''); ?></td>
</tr>
<?
} // end foreach loop

} elseif ($_SESSION["cart"] == NULL) {

echo "<td colspan=\"5\">< center><p>Your basket is currently empty.</p></center></td>";

} else {

echo "<td colspan=\"5\">< center><p>Unkno wn Error.</p></center></td>";

}
?>
<tr>
<td> <img src="img/icon_del.gif" width="13" height="13"> - delete</td>
<td><? if ($_SESSION["cart"] != NULL) { echo "<input name=\"UpdateCh g\" type=\"submit\" id=\"UpdateChg\ " value=\"Update\ ">"; } ?></td>
<td><a href="phpCart_s hop.php">Add More Avionics</a></td>
<td><strong>Sta ck Total</strong></td>
<td><? echo $cur_symbol."". number_format($ totalvalue, 2, '.', ''); ?></td>
</tr>
</table>
</form>

</body>
</html>
<?
ob_end_flush();
?>

[/PHP]

[PHP]<?
$mysql_server = "localhost" ;
$mysql_username = "flying";
$mysql_pwd = "copole";
$mysql_dbname = "flying_phpcart ";
$mysql_tablenam e = "phpcart_produc ts";

$cur_symbol = "$";

// database connect function
function db_connect () {

global $mysql_server, $mysql_username , $mysql_pwd, $mysql_dbname;

$db = mysql_connect($ mysql_server, $mysql_username , $mysql_pwd, false, 128) or die("Problem connecting");
mysql_select_db ($mysql_dbname, $db) or die("Problem selecting database");

}


// generate random string for cookie and session
function setstp () {

settype($str,"s tring");

// generate random number
for ($i=0;$i<20;$i+ +) {

$str .= chr (rand (1, 255));

}

// encode string to 40 characters.
$sha = sha1 ($str);
// set cookie with value and set session with the same value.
setcookie ("SESSSEC", $sha, NULL);
$_SESSION["CookieChk"]['SESSSEC'] = $sha;

}


// add item to cart
function add_item_to_car t($id,$quantity ) {

// set cookie and store value in session
setstp();

// call database connect function
db_connect();
// get product id from database
global $mysql_tablenam e;
$sel_products = mysql_query("SE LECT * FROM $mysql_tablenam e WHERE id=".$id."");
$item = mysql_fetch_arr ay($sel_product s);
// returns the number of rows in a result, if 1 item exists if 0 item doesn't exists.
$num_rows = mysql_num_rows( $sel_products);

// if item exists then add item to cart
if ($num_rows >= 1) {

session_regener ate_id(TRUE);

$_SESSION["cart"][$id][0] = $item["id"];
$_SESSION["cart"][$id][1] = $quantity;

header ("location:".$_ SERVER['HTTP_REFERER']);

}
}


// check cookie and session and then show cart
function validate() {

if (!isset($_COOKI E['SESSSEC'])) {
$valid = FALSE;
// probable attempt at Session Fixation, you should probably log this
} elseif (!isset($_SESSI ON["CookieChk"]['SESSSEC'])) {
$valid = FALSE;
// umm, this shouldn't occur, but yeah, do whatever you want, maybe log an error or something, probably not needed except to notice bugs in your app....
} elseif ($_COOKIE["SESSSEC"] == $_SESSION["CookieChk"]['SESSSEC']) {
$valid = TRUE;
setstp();
} else {
$valid = FALSE;
// very Proably attempt at session hijacking, because while both items exist they don't match, definately log this
}
return $valid;
}


// delete item from cart
function del_item($id) {

// call database connect function
db_connect();
global $mysql_tablenam e;
$sel_products = mysql_query("SE LECT * FROM $mysql_tablenam e WHERE id=".$id."");
$item = mysql_fetch_arr ay($sel_product s);

session_start() ;

// remove item from cart
session_regener ate_id();
unset($_SESSION["cart"][$item["id"]]);

header ("location:".$_ SERVER['HTTP_REFERER']);

}


?>
[/PHP]
[PHP]<?
ob_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>phpCar t</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="phpCart_s tyle.css" rel="stylesheet " type="text/css">
<?
// UPDATE BASKET QUANTITY
if (isset($_POST["UpdateChg"])) {

session_start() ;
include "functions_cart .php";

$i = 0;
$size = count($_POST["eid"]);

for ($i = 0; $i <= $size-1; $i++) {

// call remove bad characters function
$badsymbols = array(" ","-","+","*","/",".");
$_POST["newquan"][$i] = str_replace($ba dsymbols,"", $_POST["newquan"][$i]);

if (is_numeric($_P OST["newquan"][$i])) {

// if any quantity's equal 0 then remove from cart
if ($_POST["newquan"][$i] == 0) {
unset($_SESSION["cart"][$_POST["eid"][$i]]);
}

// update quantity in cart.
if (array_key_exis ts($_POST["eid"][$i], $_SESSION["cart"])) {

add_item_to_car t($_POST["eid"][$i], $_POST["newquan"][$i]);

}

} // END IF NUMERIC

}

header ("location:".$_ SERVER['HTTP_REFERER']);

} // END BASKET QUANTITY

// TEXT LINKS
if (isset($_GET["act"])) {

// ADD ITEM!
if ($_GET["act"] == "add") {

session_start() ;
include "functions_cart .php";
//unserialize($_S ESSION["cart"]);
if (!isset($_SESSI ON["cart"])) {

// add first item
add_item_to_car t($_GET["pid"],1);

} else if (array_key_exis ts($_GET["pid"], $_SESSION["cart"])) {

// add 1 to quantity if item in cart already
add_item_to_car t($_GET["pid"],++$_SESSION["cart"][$_GET["pid"]][1]);

} else {

// add any other items after first item
add_item_to_car t($_GET["pid"],1);

}

}


// DELETE ITEM!
if ($_GET["act"] == "del") {

include "functions_cart .php";
del_item($_GET["pid"]);

}

} // END ISSET
?>
</body>
</html>
<?
ob_end_flush();
?>
[/PHP]