473,473 Members | 2,126 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Problem with $_POST variables.

AaronL
99 New Member
Hello,

I'm working very hard on an e-commerce package and having severe frustration with it. Something is going wrong with posting variables. I know this is a lot of code but if anyone could help me. The review function and the shipinfo function do not work correctly.

Expand|Select|Wrap|Line Numbers
  1.   // Process functions passed to the cart.
  2.   switch ($function)
  3.   {
  4.     // Submit shipping information and review the order before checking out.
  5.     case "review":
  6.       if ($_SESSION["ordernumber"]!='')
  7.       {
  8.         // Mame sure country is populated.
  9.         if ($country=='')
  10.         { $country = "United States"; }
  11.         if ($shipcountry=='')
  12.         { $shipcountry = "United States"; }
  13.  
  14.         // Lets see if the same as billing address checkbox was checked.
  15.         // if so, populate the shipping address with the billing address
  16.         // information.
  17.         if ($sameasbilling=='on')
  18.         {
  19.           $shipfirstname = $firstname;
  20.           $shiplastname = $lastname;
  21.           $shipbusinessname = $businessname;
  22.           $shipaddress1 = $address1;
  23.           $shipaddress2 = $address2;
  24.           $shipcity = $city;
  25.           $shipstate = $state;
  26.           $shipzip = $zip;
  27.           $shipcountry = $country;
  28.           $shipprovince = $province;
  29.         }
  30.  
  31.         // Ok, now that we have all of the fields that we need for processing, we
  32.         // need to check all of the required fields to make sure they are not blank,
  33.         // if they are, the user will be redirected back to the shipping information
  34.         // screen with message "Requried fields were left blank."
  35.         if ($firstname=='')
  36.         { $rfblank = true; }
  37.         if ($lastname=='')
  38.         { $rfblank = true; }
  39.         if ($address1=='')
  40.         { $rfblank = true; }
  41.         if ($city=='')
  42.         { $rfblank = true; }
  43.         if (strtolower($country)=='united states' and $state=='')
  44.         { $rfblank = true; }
  45.         if (strtolower($country)=='united states' and $zip=='')
  46.         { $rfblank = true; }
  47.         if ($shipfirstname=='')
  48.         { $rfblank = true; }
  49.         if ($shiplastname=='')
  50.         { $rfblank = true; }
  51.         if ($shipaddress1=='')
  52.         { $rfblank = true; }
  53.         if ($shipcity=='')
  54.         { $rfblank = true; }
  55.         if (strtolower($shipcountry)=='united states' and $shipstate=='')
  56.         { $rfblank = true; }
  57.         if (strtolower($shipcountry)=='united states' and $shipzip=='')
  58.         { $rfblank = true; }
  59.         if ($rfblank)
  60.         { 
  61.           $_SESSION["message"] = 'Required fields were left blank!';
  62.           header('Location: cart.php?fct=shipinfo'); 
  63.         }
  64.         else
  65.         {
  66.           // Now we check to see if this is an international order, if it is, then
  67.           // we set the order total to intnernational order total and remove items from
  68.           // the order that are ineligible for international shipping.
  69.           if (strtolower($shipcountry)!='united states')
  70.           { 
  71.             if ($storeopts['enableintshipping']!=0)
  72.             {
  73.               // Set the order total to the international order total.
  74.               $ordertotal = $intordertotal;
  75.  
  76.               $totalship = $totalintship;
  77.  
  78.               // If there are any items on the order that are ineligible for international
  79.               // shipping, then let's remove them from the order.
  80.               mysql_query("DELETE FROM orderitems WHERE internationalshipping='0' and ordernumber='" . $_SESSION["ordernumber"] . "'");
  81.             }
  82.             else
  83.             {
  84.               // If international shipping is disabled, then cancel the order.  This shouldn't happen 
  85.               // because country, should be disabled on the shipping screen as well, but just in case
  86.               // some freak accident happens to where they get to this page, this will fix it.
  87.               header('Location: cart.php?fct=co');
  88.             } 
  89.           }
  90.  
  91.           // Update the order with the customer and shipping information
  92.           $buildsql = mysql_query("UPDATE orders SET firstname='" . $firstname . "', lastname='" . $lastname . "', businessname='" . $businessname . "', address1='" . $address1 . "', 
  93.           address2='" . $address2 . "', city='" . $city . "', state='" . $state . "', zip='" . $zip . "', country='" . $country . "', province='" . $province . "', phone='" 
  94.           . $phone . "', email='" . $email . "', shipfirstname='" . $shipfirstname . "', shiplastname='" . $shiplastname . "', shipbusinessname='" 
  95.           . $shipbusinessname . "', shipaddress1='" . $shipaddress1 . "', shipaddress2='" . $shipaddress2 . "', shipcity='" . $shipcity . "', shipstate='" . $shipstate . "', 
  96.           shipzip='" . $shipzip . "', shipcountry='" . $shipcountry . "', shipprovince='" . $shipprovince . "', subtotal='" . $subtotal . "', tax='" . $tax . "', 
  97.           shipping='" . $totalship . "', ordertotal='" . $ordertotal . "', orderstatus='I' WHERE ordernumber='" 
  98.           . $_SESSION["ordernumber"] . "'");
  99.  
  100.           // Now start building the review order page before checking out.
  101.           echo $htmlheader;
  102.           echo '<body bgcolor="#E0E0E0">
  103.           <center><img src="http://www.ecommphppro.com/' . $companycode . '/images/company/companyheader.jpg" width="800" /></center>
  104.           <table border="0" align="center" width="800" bgcolor="#C0C0C0">
  105.           <tr>
  106.             <td colspan="5" align="left" bgcolor="#FFFFFF">
  107.               <center><img src="http://www.ecommphppro.com/' . $companycode . '/images/system/orderreviewheader.jpg" /></center>
  108.             </td>
  109.           </tr>
  110.           <tr>
  111.             <td width="100" bgcolor="#C0C0C0"><b>Item Number</b></td>
  112.             <td width="375" bgcolor="#C0C0C0"><b>Product Name</b></td>
  113.             <td width="125" bgcolor="#C0C0C0"><b>Quantity</b></td>
  114.             <td width="100" bgcolor="#C0C0C0"><b>Price</b></td>
  115.             <td width="100" bgcolor="#C0C0C0"><b>Shipping</b></td>
  116.           </tr>';
  117.  
  118.           // Now we retrieve all of the order items and display them in review order.
  119.           $buildsql = mysql_query("SELECT * FROM orderitems WHERE ordernumber='" . $_SESSION["ordernumber"] . "'");
  120.           if (mysql_num_rows($buildsql)>0)
  121.           {
  122.             while ($orderitems = mysql_fetch_array($buildsql))
  123.             {
  124.               echo '<tr>
  125.               <td bgcolor="#FFFFFF">
  126.               ' . $orderitems['itemnumber'] . '
  127.               </td>
  128.               <td bgcolor="#FFFFFF">
  129.               ' . $orderitems['productname'] . '
  130.               </td>
  131.               <td bgcolor="#FFFFFF">
  132.               ' . $orderitems['quantity'] . '
  133.               </td>
  134.               <td bgcolor="#FFFFFF">
  135.               ' . $orderitems['price'] . '
  136.               </td>
  137.               <td bgcolor="#FFFFFF">';
  138.               if (strtolower($shipcountry)!="united states")
  139.               { echo $orderitems['internationalshipping']; }
  140.               else
  141.               { echo $orderitems['shipping']; }
  142.               echo '</td>
  143.               </tr>';
  144.             }
  145.           }
  146.           $buildsql = mysql_query("SELECT * FROM orders WHERE ordernumber='" . $_SESSION["ordernumber"] . "' LIMIT 1");
  147.           $orderrec = mysql_fetch_array($buildsql);
  148.           echo '<tr>
  149.             <td colspan="4" bgcolor="#FFFFFF" align="right">
  150.               <br />
  151.               <b>Subtotal:</b>
  152.             </td>
  153.             <td bgcolor="#FFFFFF">
  154.               <br />
  155.               $' . $orderrec['subtotal'] . '
  156.             </td>
  157.           </tr>
  158.           <tr>
  159.             <td colspan="4" bgcolor="#FFFFFF" align="right">
  160.               <b>Tax:</b>
  161.             </td>
  162.             <td bgcolor="#FFFFFF">
  163.               $' . $orderrec['tax'] . '
  164.             </td>
  165.           </tr>
  166.           <tr>
  167.             <td colspan="4" bgcolor="#FFFFFF" align="right">
  168.               <b>Shipping and Handling:</b>
  169.             </td>
  170.             <td bgcolor="#FFFFFF">
  171.               $' . $orderrec['shipping'] . '
  172.             </td>
  173.           </tr>
  174.           <tr>
  175.             <td colspan="4" bgcolor="#FFFFFF" align="right">
  176.               <b><font color="#0000FF">Order Total:</font></b>
  177.             </td>
  178.             <td bgcolor="#FFFFFF">
  179.               <b>$' . $orderrec['ordertotal'] . '
  180.             </td>
  181.           </tr>
  182.           <tr>
  183.             <td colspan="5" bgcolor="#FFFFFF" align="center">
  184.               <br />
  185.               <table bgcolor="#C0C0C0">
  186.               <tr>
  187.                 <td align="center" colspan="2" width="350">
  188.                   <b>Billing Information</b>
  189.                 </td>
  190.                 <td align="center" colspan="2" width="350">
  191.                   <b>Shipping Information<b>
  192.                 </td>
  193.               </tr>
  194.               <tr>
  195.                 <td bgcolor="#FFFFFF" align="right" width="125">
  196.                   <b>Name:</b>
  197.                 </td>
  198.                 <td bgcolor="#FFFFFF">
  199.                 ' . $orderrec['firstname'] . ', ' . $orderrec['lastname'] . '
  200.                 </td>
  201.                 <td bgcolor="#FFFFFF" align="right" width="125">
  202.                   <b>Name:</b>
  203.                 </td>
  204.                 <td bgcolor="#FFFFFF">
  205.                 ' . $orderrec['shipfirstname'] . ', ' . $orderrec['lastname'] . '
  206.                 </td>
  207.               </tr>
  208.               <tr>
  209.                 <td bgcolor="#FFFFFF" align="right" width="125">
  210.                   <b>Business Name:</b>
  211.                 </td>
  212.                 <td bgcolor="#FFFFFF">
  213.                 ' . $orderrec['businessname'] . '
  214.                 </td>
  215.                 <td bgcolor="#FFFFFF" align="right" width="125">
  216.                   <b>Business Name:</b>
  217.                 </td>
  218.                 <td bgcolor="#FFFFFF">
  219.                 ' . $orderrec['shipbusinessname'] . '
  220.                 </td>
  221.               </tr>
  222.               <tr>
  223.                 <td bgcolor="#FFFFFF" align="right" width="125">
  224.                   <b>Address:</b>
  225.                 </td>
  226.                 <td bgcolor="#FFFFFF">
  227.                 ' . $orderrec['address1'] . '
  228.                 </td>
  229.                 <td bgcolor="#FFFFFF" align="right" width="125">
  230.                   <b>Address:</b>
  231.                 </td>
  232.                 <td bgcolor="#FFFFFF">
  233.                 ' . $orderrec['shipaddress1'] . '
  234.                 </td>
  235.               </tr>
  236.               <tr>
  237.                 <td bgcolor="#FFFFFF" align="right" width="125">
  238.                   <b>Address 2:</b>
  239.                 </td>
  240.                 <td bgcolor="#FFFFFF">
  241.                 ' . $orderrec['address2'] . '
  242.                 </td>
  243.                 <td bgcolor="#FFFFFF" align="right" width="125">
  244.                   <b>Address 2:</b>
  245.                 </td>
  246.                 <td bgcolor="#FFFFFF">
  247.                 ' . $orderrec['shipaddress2'] . '
  248.                 </td>
  249.               </tr>
  250.               <tr>
  251.                 <td bgcolor="#FFFFFF" align="right" width="125">
  252.                   <b>City/State/Zip:</b>
  253.                 </td>
  254.                 <td bgcolor="#FFFFFF">
  255.                 ' . $orderrec['city'] . ', ' . $orderrec['state'] . ' ' . $orderrec['zip'] . '
  256.                 </td>
  257.                 <td bgcolor="#FFFFFF" align="right" width="125">
  258.                   <b>City/State/Zip:</b>
  259.                 </td>
  260.                 <td bgcolor="#FFFFFF">
  261.                 ' . $orderrec['shipcity'] . ', ' . $orderrec['shipstate'] . ' ' . $orderrec['shipzip'] . '
  262.                 </td>
  263.               </tr>
  264.               <tr>
  265.                 <td bgcolor="#FFFFFF" align="right" width="125">
  266.                   <b>Country:</b>
  267.                 </td>
  268.                 <td bgcolor="#FFFFFF">
  269.                 ' . $orderrec['country'] . '
  270.                 </td>
  271.                 <td bgcolor="#FFFFFF" align="right" width="125">
  272.                   <b>Country:</b>
  273.                 </td>
  274.                 <td bgcolor="#FFFFFF">
  275.                 ' . $orderrec['shipcountry'] . '
  276.                 </td>
  277.               </tr>
  278.               <tr>
  279.                 <td bgcolor="#FFFFFF" align="right" width="125">
  280.                   <b>Province:</b>
  281.                 </td>
  282.                 <td bgcolor="#FFFFFF">
  283.                 ' . $orderrec['province'] . '
  284.                 </td>
  285.                 <td bgcolor="#FFFFFF" align="right" width="125">
  286.                   <b>Province:</b>
  287.                 </td>
  288.                 <td bgcolor="#FFFFFF">
  289.                 ' . $orderrec['shipprovince'] . '
  290.                 </td>
  291.               </tr>
  292.               <tr>
  293.                 <td bgcolor="#FFFFFF" align="right" width="125">
  294.                   <b>Phone:</b>
  295.                 </td>
  296.                 <td bgcolor="#FFFFFF" colspan="3">
  297.                 ' . $orderrec['phone'] . '
  298.                 </td>
  299.               </tr>
  300.               <tr>
  301.                 <td bgcolor="#FFFFFF" align="right" width="125">
  302.                   <b>E-Mail:</b>
  303.                 </td>
  304.                 <td bgcolor="#FFFFFF" colspan="3">
  305.                 ' . $orderrec['email'] . '
  306.                 </td>
  307.               </tr>                                
  308.               </table>
  309.               <br />
  310.             </td>
  311.           </tr>
  312.           <tr>
  313.             <td colspan="2" align="left">
  314.               <a href="http://www.ecommphppro.com/' . $companycode . '/cart.php">
  315.                 <img src="http://www.ecommphppro.com/' . $companycode . '/images/system/backtocart.jpg" border="0" alt="Back to Cart" />
  316.               </a>
  317.             </td>
  318.             <td colspan="3" align="right">
  319.               <a href="' . $storeurl . '"><img src="http://www.ecommphppro.com/' . $companycode . '/images/system/continueshopping.jpg" border="0" alt="Back to Store" /></a>
  320.             </td>
  321.           </tr>
  322.           </table></body></html>';
  323.       }
  324.     }
  325.     break; // End of review order.
  326.  
  327.  
  328.  
  329.  
  330.  
  331.     // Enter shipping information.
  332.     case "shipinfo":
  333.       if ($_SESSION["ordernumber"]!='')
  334.       {
  335.  
  336.         // If the user had already entered in shipping information, let's get that back
  337.         // for them instead of having them enter the same information in again (I hate that)
  338.         $buildsql = mysql_query("SELECT * FROM orders WHERE ordernumber='" . $_SESSION["ordernumber"] . "' LIMIT 1");
  339.         $orderrec = mysql_fetch_array($buildsql);
  340.  
  341.         echo $htmlheader;
  342.  
  343.         echo '<body bgcolor="#E0E0E0">
  344.         <center><img src="http://www.ecommphppro.com/' . $companycode . '/images/company/companyheader.jpg" width="800" /></center>
  345.         <form action="http://www.ecommphppro.com/'. $companycode .  '/cart.php?fct=review" method="post">
  346.         <input type="hidden" name="subtotal" value="' . $subtotal . '" />
  347.         <input type="hidden" name="totalship" value="' . $totalship . '" />
  348.         <input type="hidden" name="tax" value="' . $tax . '" />
  349.         <input type="hidden" name="totalintship" value="' . $totalintship . '" />
  350.         <input type="hidden" name="ordertotal" value="' . $ordertotal . '" />
  351.         <input type="hidden" name="intordertotal" value="' . $intordertotal . '" />
  352.         <table border="0" align="center" width="800" bgcolor="#C0C0C0">
  353.         <tr>
  354.           <td colspan="2" align="left" bgcolor="#FFFFFF">
  355.             <center><img src="http://www.ecommphppro.com/' . $companycode . '/images/system/shipinfoheader.jpg" /></center>
  356.           </td>
  357.         </tr>
  358.         <tr>
  359.           <td bgcolor="#FFFFFF" colspan="2">
  360.             <br />
  361.             <b>' . $companyinfo['companyname'] . ' - Order: ' . $_SESSION["ordernumber"] . '</b><br /><br />';
  362.             if (isset($_SESSION["message"]))
  363.             { 
  364.               echo '<center><font color="#FF0000"><h3><i>' . $_SESSION["message"] . '</i></h3></font></center>'; 
  365.               unset($_SESSION["message"]);
  366.             }
  367.             echo '<table align="center" bgcolor="#C0C0C0" border="0">
  368.             <tr>
  369.               <td bgcolor="#FFFFFF" align="right" colspan="6">
  370.                 <i>Required fields marked with: **</i>
  371.               </td>
  372.             </tr>
  373.             <tr>
  374.               <td align="center" colspan="6">
  375.                 <b>Billing Address</b>
  376.               </td>
  377.             </tr>
  378.             <tr>
  379.               <td bgcolor="#FFFFFF" align="right">
  380.                 <b>First Name</b>*:
  381.               </td>
  382.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  383.                 <input type="text" name="firstname" size="45" value="' . $orderrec['firstname'] . '" />
  384.               </td>
  385.             </tr>
  386.             <tr>
  387.               <td bgcolor="#FFFFFF" align="right">
  388.                 <b>Last Name</b>*:
  389.               </td>
  390.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  391.                 <input type="text" name="lastname" size="45" value="' . $orderrec['lastname'] . '" />
  392.               </td>
  393.             </tr>
  394.             <tr>
  395.               <td bgcolor="#FFFFFF" align="right">
  396.                 <b>Business Name</b>:
  397.               </td>
  398.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  399.                 <input type="text" name="businessname" size="45" value="' . $orderrec['businessname'] . '" />
  400.               </td>
  401.             </tr>
  402.             <tr>
  403.               <td bgcolor="#FFFFFF" align="right">
  404.                 <b>Address</b>*:
  405.               </td>
  406.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  407.                 <input type="text" name="address1" size="45" value="' . $orderrec['address1'] . '" />
  408.               </td>
  409.             </tr>
  410.             <tr>
  411.               <td bgcolor="#FFFFFF" align="right">
  412.                 <b>Address 2</b>:
  413.               </td>
  414.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  415.                 <input type="text" name="address2" size="45" value="' . $orderrec['address2'] . '" />
  416.               </td>
  417.             </tr>
  418.             <tr>
  419.               <td bgcolor="#FFFFFF" align="right">
  420.                 <b>City</b>*:
  421.               </td>
  422.               <td bgcolor="#FFFFFF" align="left">
  423.                 <input type="text" name="city" size="15" value="' . $orderrec['city'] . '" />
  424.               </td>
  425.               <td bgcolor="#FFFFFF" align="right">
  426.                 <b>State</b>*:
  427.               </td>
  428.               <td bgcolor="#FFFFFF" align="left">
  429.                 <select name="state">
  430.                 <option value="" selected></option>';
  431.  
  432.               // Get available states
  433.               $buildsql = mysql_query("SELECT * FROM states WHERE enabled='1' ORDER BY stateid");
  434.               while ($states = mysql_fetch_array($buildsql))
  435.               { 
  436.                 if ($orderrec['state']==$states['abbreviation'])
  437.                 { echo '<option value="' . $states['abbreviation'] . '" selected>' . $states['abbreviation'] . '</option>' . chr(13); }
  438.                 else
  439.                 { echo '<option value="' . $states['abbreviation'] . '">' . $states['abbreviation'] . '</option>' . chr(13); } 
  440.               }
  441.  
  442.               echo '</select>
  443.               </td>
  444.               <td bgcolor="#FFFFFF" align="right">
  445.                 <b>Zip</b>*:
  446.               </td>
  447.               <td bgcolor="#FFFFFF" align="left">
  448.                 <input type="text" name="zip" size="5" value="' . $orderrec['zip'] . '" />
  449.               </td>
  450.             </tr>';
  451.             if ($storeopts['enableintshipping']!=0)
  452.             {
  453.             echo '<tr>
  454.               <td bgcolor="#FFFFFF" align="right">
  455.                 <b>Country</b>:
  456.               </td>
  457.               <td bgcolor="#FFFFFF" align="left">
  458.               <select name="country">';
  459.  
  460.               // Get available countries
  461.               $buildsql = mysql_query("SELECT * FROM countries WHERE enabled='1' ORDER BY countryid");
  462.               while ($countries = mysql_fetch_array($buildsql))
  463.               { 
  464.                 if ($orderrec['country']==$country['countryname'])
  465.                 { echo '<option value="' . $countries['countryname'] . '" selected>' . $countries['countryname'] . '</option>' . chr(13); }
  466.                 else
  467.                 { echo '<option value="' . $countries['countryname'] . '">' . $countries['countryname'] . '</option>' . chr(13); }               
  468.               }
  469.  
  470.               echo '</select>
  471.               </td>
  472.               <td bgcolor="#FFFFFF" align="right" colspan="2">
  473.                 <b>Province</b>:
  474.               </td>
  475.               <td bgcolor="#FFFFFF" align="left" colspan="2">
  476.                 <input type="text" size="9" name="province" value="' . $orderrec['province'] . '" />
  477.               </td>
  478.             </tr>';
  479.             }         
  480.             echo '<tr>
  481.               <td bgcolor="#FFFFFF" align="right">
  482.                 <b>Phone</b>:
  483.               </td>
  484.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  485.                 <input type="text" name="phone" size="45" value="' . $orderrec['phone'] . '" />
  486.               </td>
  487.             </tr>
  488.             <tr>
  489.               <td bgcolor="#FFFFFF" align="right">
  490.                 <b>E-Mail</b>:
  491.               </td>
  492.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  493.                 <input type="text" name="email" size="45" value="' . $orderrec['email'] . '" />
  494.               </td>
  495.             </tr>
  496.             <tr>
  497.               <td align="center" colspan="6">
  498.                 <b>Shipping Address</b><br />
  499.                 <input type="checkbox" name="sameasbilling"><b>Same as Billing Address.</b></input>
  500.               </td>
  501.             </tr>
  502.             <tr>
  503.               <td bgcolor="#FFFFFF" align="right">
  504.                 <b>First Name</b>*:
  505.               </td>
  506.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  507.                 <input type="text" name="shipfirstname" size="45" value="' . $orderrec['shipfirstname'] . '" />
  508.               </td>
  509.             </tr>
  510.             <tr>
  511.               <td bgcolor="#FFFFFF" align="right">
  512.                 <b>Last Name</b>*:
  513.               </td>
  514.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  515.                 <input type="text" name="shiplastname" size="45" value="' . $orderrec['shiplastname'] . '" />
  516.               </td>
  517.             </tr>
  518.             <tr>
  519.               <td bgcolor="#FFFFFF" align="right">
  520.                 <b>Business Name</b>:
  521.               </td>
  522.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  523.                 <input type="text" name="shipbusinessname" size="45" value="' . $orderrec['shipbusinessname'] . '" />
  524.               </td>
  525.             </tr>
  526.             <tr>
  527.               <td bgcolor="#FFFFFF" align="right">
  528.                 <b>Address</b>*:
  529.               </td>
  530.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  531.                 <input type="text" name="shipaddress1" size="45" value="' . $orderrec['shipaddress1'] . '" />
  532.               </td>
  533.             </tr>
  534.             <tr>
  535.               <td bgcolor="#FFFFFF" align="right">
  536.                 <b>Address 2</b>:
  537.               </td>
  538.               <td bgcolor="#FFFFFF" align="left" colspan="5">
  539.                 <input type="text" name="shipaddress2" size="45" value="' . $orderrec['shipaddress2'] . '" />
  540.               </td>
  541.             </tr>
  542.             <tr>
  543.               <td bgcolor="#FFFFFF" align="right">
  544.                 <b>City</b>*:
  545.               </td>
  546.               <td bgcolor="#FFFFFF" align="left">
  547.                 <input type="text" name="shipcity" size="15" value="' . $orderrec['shipcity'] . '" />
  548.               </td>
  549.               <td bgcolor="#FFFFFF" align="right">
  550.                 <b>State</b>*:
  551.               </td>
  552.               <td bgcolor="#FFFFFF" align="left">
  553.                 <select name="shipstate" />
  554.                 <option value="" selected></option>';
  555.  
  556.               // Get available states
  557.               $buildsql = mysql_query("SELECT * FROM states WHERE enabled='1' ORDER BY stateid");
  558.               while ($states = mysql_fetch_array($buildsql))
  559.               { 
  560.                 if ($orderrec['shipstate']==$states['abbreviation'])
  561.                 { echo '<option value="' . $states['abbreviation'] . '" selected>' . $states['abbreviation'] . '</option>' . chr(13); }
  562.                 else
  563.                 { echo '<option value="' . $states['abbreviation'] . '">' . $states['abbreviation'] . '</option>' . chr(13); } 
  564.               }
  565.  
  566.               echo '</select>
  567.               </td>
  568.               <td bgcolor="#FFFFFF" align="right">
  569.                 <b>Zip</b>*:
  570.               </td>
  571.               <td bgcolor="#FFFFFF" align="left">
  572.                 <input type="text" name="shipzip" size="5" value="' . $orderrec['shipzip'] . '" />
  573.               </td>
  574.             </tr>';
  575.             if ($storeopts['enableintshipping']!=0)
  576.             {
  577.               echo '<tr>
  578.               <td bgcolor="#FFFFFF" align="right">
  579.                 <b>Country</b>:
  580.               </td>
  581.               <td bgcolor="#FFFFFF" align="left">
  582.               <select name="shipcountry">';
  583.  
  584.               // Get available countries
  585.               $buildsql = mysql_query("SELECT * FROM countries WHERE enabled='1' ORDER BY countryid");
  586.               while ($countries = mysql_fetch_array($buildsql))
  587.               { 
  588.                 if ($orderrec['shipcountry']==$country['countryname'])
  589.                 { echo '<option value="' . $countries['countryname'] . '" selected>' . $countries['countryname'] . '</option>' . chr(13); }
  590.                 else
  591.                 { echo '<option value="' . $countries['countryname'] . '">' . $countries['countryname'] . '</option>' . chr(13); } 
  592.               }
  593.  
  594.               echo '</select>
  595.               </td>
  596.               <td bgcolor="#FFFFFF" align="right" colspan="2">
  597.                 <b>Province</b>:
  598.               </td>
  599.               <td bgcolor="#FFFFFF" align="left" colspan="2">
  600.                 <input type="text" size="9" name="shipprovince" value="' . $orderrec['shipprovince'] . '" />
  601.               </td>
  602.             </tr>';
  603.             }                         
  604.             echo '</table>
  605.             <br /><br />
  606.           </td>
  607.         </tr>
  608.         <tr>
  609.           <td align="left" bgcolor="#C0C0C0">
  610.             <a href="http://www.ecommphppro.com/' . $companycode . '/cart.php"><img src="http://www.ecommphppro.com/' 
  611.             . $companycode . '/images/system/backtocart.jpg" border="0" alt="Back to Cart"/></a>
  612.           </td>
  613.           <td align="right" bgcolor="#C0C0C0">
  614.             <a href="' . $storeurl . '"><img src="http://www.ecommphppro.com/' . $companycode . '/images/system/continueshopping.jpg" border="0" /></a>
  615.             <input type="image" src="http://www.ecommphppro.com/' . $companycode . '/images/system/nextbutton.jpg" name="submit" alt="Next" />
  616.           </td>
  617.         </tr>  
  618.         </table></form></body></html>';
  619.  
  620.       }
  621.     break;  // End of enter shipping information
  622.  
If you'd like to see what it is doing, go to www.ecommphppro.com/bobspancakes/store.php Add an item to the cart, enter your shipping information, and when you get to the review order, click on the back to store item, add another item to the cart, click next and it should go back to the shipping information screen with all of the info. Then, click next to review the order, you'll get a message that said required fields aren't filled out, go ahead and click next again and it will take you to the review order screen with 0.00 in order totals *AHHHRRRRRRRGGH*. I know this is a lot but I could use the help, my brain is tired, I'm broke, and this is my only hope of any future income...
Jul 15 '10 #1
17 1528
TheServant
1,168 Recognized Expert Top Contributor
Can I recommend adding some code at the top of all your pages to display the $_SESSION and $_POST variables you're expecting to exist, so that you can trace which page is losing your data.

If you are not getting any errors (besides the messages you program) then it's not syntax and you will really need to narrow down where there might be a problem.

If you can locate the page where the data is lost, then echo those variables out at different check points in the code of that page. Doing this you can pinpoint the code block causing the issue and it should be clear how to fix it, or if not: post and we can help.

Also, "only hope of future income" might be a bit over the top. "Only hope of a future income doing something you like", may be closer to the mark. We all gotta start at the bottom.
Jul 16 '10 #2
AaronL
99 New Member
Haha, yeah unfortunatly this is my only hope, there isn't really any jobs around here.
Jul 16 '10 #3
TheServant
1,168 Recognized Expert Top Contributor
@AaronL
No worries, well let us know if you manage to pinpoint where the data loss is occurring.
Jul 16 '10 #4
AaronL
99 New Member
The weird thing is, sometimes the variables post fine and sometimes it doesn't I echoed the variables out even before any data manipulation happens to them and this happens intermittently. I'm wondering if there is some kind of weird bug with $_POST method that's causing it. My code looks fine. I'm wondering if I should just use session variables for everything here...
Jul 16 '10 #5
AaronL
99 New Member
I found this:

http://bytes.com/topic/php/answers/5...es-php-4-4-2-a

I think I'm going to give it a try, I'll let you know.
Jul 16 '10 #6
AaronL
99 New Member
Yeah that didn't fix it either, weird, yeah, some kind of bug I checked my code everywhere. There isn't anything in the code causing problem, I'm just using a standard form on the shipping information page, and it just intermittently posts blank values, I'm wondering if it has something to do with browser cache data or something... Here is my code that gets the posted values...

Expand|Select|Wrap|Line Numbers
  1.   // Function to clean malicious posted values for security.
  2.   // Syntax: cleanposted('postedvariable', 'maximum character length');
  3.   function cleanposted($postvalue, $maxlength)
  4.   {
  5.     // Strip HTML tags from the posted value
  6.     $cleanvalue = strip_tags($postvalue);
  7.  
  8.     // Remove malicious commands and characters from the posted value.
  9.     $cleanvalue = str_ireplace("select", "", $cleanvalue);
  10.     $cleanvalue = str_ireplace("update", "", $cleanvalue);
  11.     $cleanvalue = str_ireplace("delete", "", $cleanvalue);
  12.     $cleanvalue = str_ireplace("insert", "", $cleanvalue);
  13.     $cleanvalue = str_ireplace("drop", "", $cleanvalue);
  14.     $cleanvalue = str_ireplace("<", "", $cleanvalue);
  15.     $cleanvalue = str_ireplace(">", "", $cleanvalue);
  16.     $cleanvalue = str_ireplace("+", "", $cleanvalue);
  17.     $cleanvalue = str_ireplace("*", "", $cleanvalue);
  18.     $cleanvalue = str_ireplace("%", "", $cleanvalue);
  19.     $cleanvalue = str_ireplace("\"", "", $cleanvalue);
  20.     $cleanvalue = str_ireplace("=", "", $cleanvalue);
  21.     $cleanvalue = str_ireplace("`", "", $cleanvalue);
  22.  
  23.     // Cut the posted value down to the maximum length specified.
  24.     $cleanvalue = substr($cleanvalue, 0, $maxlength);
  25.  
  26.     // Return the clean posted value free of exploits!
  27.     return trim($cleanvalue);
  28.   }
  29.  
  30.   // Get passed variables.
  31.   //$_GET variables
  32.   $function = cleanposted($_GET["fct"], 32);
  33.   $itemnumber = cleanposted($_GET["inum"], 16);
  34.   $quantity = cleanposted($_GET["qty"], 16);
  35.  
  36.   //$_POST variables
  37.   // Get the posted values
  38.   $subtotal = $_POST["subtotal"];
  39.   $tax = $_POST["tax"];
  40.   $totalship = $_POST["totalship"];
  41.   $totalintship = $_POST["totalintship"];
  42.   $ordertotal = $_POST["ordertotal"];
  43.   $intordertotal = $_POST["intordertotal"];
  44.   $firstname = $_POST["firstname"];
  45.   $lastname = $_POST["lastname"];
  46.   $businessname = $_POST["businessname"];
  47.   $address1 = $_POST["address1"];
  48.   $address2 = $_POST["address2"];
  49.   $city = $_POST["city"];
  50.   $state = $_POST["state"];
  51.   $zip = $_POST["zip"];
  52.   $country = $_POST["country"];
  53.   $province = $_POST["province"];
  54.   $phone = $_POST["phone"];
  55.   $email = $_POST["email"];
  56.   $sameasbilling = $_POST["sameasbilling"];
  57.   $shipfirstname = $_POST["shipfirstname"];
  58.   $shiplastname = $_POST["shiplastname"];
  59.   $shipbusinessname = $_POST["shipbusinessname"];
  60.   $shipaddress1 = $_POST["shipaddress1"];
  61.   $shipaddress2 = $_POST["shipaddress2"];
  62.   $shipcity = $_POST["shipcity"];
  63.   $shipstate = $_POST["shipstate"];
  64.   $shipzip = $_POST["shipzip"];
  65.   $shipcountry = $_POST["shipcountry"];
  66.   $shipprovince = $_POST["shipprovince"];
  67.  
  68.  
  69.   $subtotal = cleanposted($subtotal, 16);
  70.   $tax = cleanposted($tax, 16);
  71.   $totalship = cleanposted($totalship, 16);
  72.   $totalintship = cleanposted($totalintship, 16);
  73.   $ordertotal = cleanposted($ordertotal, 16);
  74.   $intordertotal = cleanposted($intordertotal, 16);
  75.   $firstname = cleanposted($firstname, 128);
  76.   $lastname = cleanposted($lastname, 128);
  77.   $businessname = cleanposted($businessname, 128);
  78.   $address1 = cleanposted($address1, 128);
  79.   $address2 = cleanposted($address2, 128);
  80.   $city = cleanposted($city, 128);
  81.   $state = cleanposted($state, 2);
  82.   $zip = cleanposted($zip, 16);
  83.   $country = cleanposted($country, 128);
  84.   $province = cleanposted($province, 128);
  85.   $phone = cleanposted($phone, 16);
  86.   $email = cleanposted($email, 128);
  87.   $sameasbilling = cleanposted($sameasbilling, 3);
  88.   $shipfirstname = cleanposted($shipfirstname, 128);
  89.   $shiplastname = cleanposted($shiplastname, 128);
  90.   $shipbusinessname = cleanposted($shipbusinessname, 128);
  91.   $shipaddress1 = cleanposted($shipaddress1, 128);
  92.   $shipaddress2 = cleanposted($shipaddress2, 128);
  93.   $shipcity = cleanposted($shipcity, 128);
  94.   $shipstate = cleanposted($shipstate, 2);
  95.   $shipzip = cleanposted($shipzip, 16);
  96.   $shipcountry = cleanposted($shipcountry, 128);
  97.   $shipprovince = cleanposted($shipprovince, 128);
  98.  
A mystery to me...
Jul 16 '10 #7
AaronL
99 New Member
Oh and let me add that I even tried taking my cleanposted function completely out of the picture, same issue... I guess the only thing left to do is not let them go back to the store and add more items by the time they get to the review order screen, but that sucks...
Jul 16 '10 #8
JKing
1,206 Recognized Expert Top Contributor
I think you have some other issues going on as well.

I added two regular pancakes to the cart. Then clicked back to store. I then added 1 medium pancake. Filled in my info and onto the review page. The medium pancake isn't in the list anymore.

My subtotal: $18.59
My tax: $1.12
Shipping and handling: $4.00
Order Total: $7.82
Jul 16 '10 #9
AaronL
99 New Member
What country did you have selected, if the item isn't eligible for international shipping, it gets removed, I probably should put a message on there for that.
Jul 16 '10 #10
AaronL
99 New Member
It's looking like you can't use $_POST variables in this way for some reason, it looks like the browser holds them in the cache and resets them the next time they are called or something. I may just have to put just a cancel order option there or something, I don't know, I'm frustrated beyond belief at this point, I spent so much time developing this software, the rest of the software is incredible and would be a great service to people, you can change your site layout on the fly etc... Too bad when I got to the very end of development I ran into this crap... :(
Jul 16 '10 #11
AaronL
99 New Member
I'm working on redesigning the review order section, I see where there are some calculation issues, but still not sure about the post issues...
Jul 16 '10 #12
AaronL
99 New Member
Ok, found something interesting...

First, I put a line of text in the review order section at the top that says The posted first name is:

Now here is the steps you can recreate the problem with

Add item to cart:
click next
enter first name
click next
you should see your name at the top
then click back to cart,
click next
enter in a different first name
click next
you'll see that nothing posted.

It appears that if a page is in cache, it will not post again when you submit the form. Any way to fix that?
Jul 16 '10 #13
JKing
1,206 Recognized Expert Top Contributor
Are you setting the hidden inputs on the shipping page?
Jul 17 '10 #14
AaronL
99 New Member
Yeah I was, but now I'm just going to recalculate the totals (which were the hidden inputs). I'm having problems even with the inputs that aren't hidden and are just in text boxes, I'll just have to put up with them for now. Don't know how good my software will do in the market though with glitches like that...
Jul 17 '10 #15
JKing
1,206 Recognized Expert Top Contributor
@AaronL
Okay, cause i was just looking at your website noticed on the cart page all hidden inputs had values but on the shipping page all the values were blank. So if you post again from the shipping page it would be replacing all the previous $_Post info with empty strings.
Jul 17 '10 #16
AaronL
99 New Member
Yeah, I'm working on the program right now, those hidden inputs are going away, I don't like using hidden inputs anyway, I heard there may be exploits with them...
Jul 17 '10 #17
AaronL
99 New Member
Ok, I found out that this strictly has to do with browsers keeping pages cached. If you click on a link to go back a page, post method will not work. However, if you manually type the url to go back, it will reload the page and repost. Looks like nothing can really fix that...
Jul 17 '10 #18

Sign in to post your reply or Sign up for a free account.

Similar topics
3
A problem with variables?
by: Tuuska | last post by:
Hello! Please help a newbie in PHP... I have a problem with variables. I have a website which has a form. Form asks for an email-address: <form action="conf.php" method="post"> email :...
Latest Bytes
2
how to loop through POST variables and contents
by: NotGiven | last post by:
I am looking for a standard way/function to loop through all POST variables and their respective contents to update a database record. Here's my ideal to pass a function and it update: session...
Latest Bytes
13
security of post variables
by: Marcus | last post by:
Hi All, I was wondering if there is a way to ensure that when submitting forms and using POST vars, the page sending the form resides on the same server as the destination page specified in the...
Latest Bytes
1
Processing an unknown number of POST variables to a DB
by: sarah | last post by:
Hi.. I'm having a problem trying to figure out the best way to process a POST and add items to my database, and hope someone can help me... :) Background: I have a database that I will use to...
Latest Bytes
5
How to validate a URL that receives POST variables?
by: Kit | last post by:
Hi there, I am recoding a website, and I want to add a generic footer to each page, using an included file with PHP snippets. Part of that footer would be a link to validate the page using the...
Latest Bytes
2
Post Variables to External Script
by: Deb M. | last post by:
I am trying to find out how I can use the ASP.net framework yet still post the variables to an external script (not ASPX) after the form has been submitted. So, the ASPX page will still post to...
Latest Bytes
3
How to send POST variables in my case?
by: Lars Netzel | last post by:
Hello! I have a button, in the click event I have this code: ---------------------------------------------------------------------------- ---------------------------- Response.Write("<script...
Latest Bytes
9
Problem with POST variables (PHP5)
by: Nicko | last post by:
Hey everyone, I'm on a server running PHP 5.0.5 but we've discovered that there's a problem with it. We cannot create a form with method "POST" because it simply will not post the form data...
Latest Bytes
3
Post variables after java sort are lost
by: Vic Spainhower | last post by:
Hello, I have an HTML table that is being constructed from a MySQL table and displays a form that includes a check box on 1 of the fields on the form for each record. I have included in this PHP...
Latest Bytes
4
2 Forms on 1 Page. How to separate Post Variables?
by: SupraFast | last post by:
I have 2 forms on one page. I have hidden variables in each form, with separate names, that contain values. The user decides which form to submit on. Only 1 form will be processed. Now my...
Latest Bytes
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
Latest Bytes
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Latest Bytes
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Latest Bytes
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
Latest Bytes
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Latest Bytes
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Latest Bytes
0
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
Latest Bytes
1
muto222
php
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
Latest Bytes
0
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
Latest Bytes

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us