|
PHP - E-commerce Site Problems
I am relatively new to php but I have been learning since the end of 2011.
At the moment, I am currently developing an E-Commerce website for a customer, using the Larry Ullman book "Effortless E-Commerce' as a guide. I am hitting many brick walls at the moment though. But before I state my long winded problem, I have attached all my work done thus far to this message. HERES THE PROBLEM... I have created a series of includes such as config.inc.php, form_functions.inc.php, login.inc.php and login_form.inc.php. They are included/required with most of my other files. However I have some major issues; 1. This is the code for my logout.php file; Code: [Select] <?php require ('./includes/config.inc.php'); // If the user isn't logged in, redirect them: redirect_invalid_user(); // Destroy the session: $_SESSION = array(); // Destroy the variables. session_destroy(); // Destroy the session itself. setcookie (session_name(), '', time()-300); // Destroy the cookie. // Include the header file: $page_title = 'Logout'; include ('includes/header.html'); // Print a customized message: include ('includes/main.html'); echo '<h3>Logged Out</h3><p>Thank you for visiting. You are now logged out. Please come back soon!</p>'; // Footer file needs the database connection: require (MYSQL); // Include the HTML footer: include ('includes/footer.html'); ?> At the moment, I cannot determine if a user is logged in/when they logout, I cannot determine if there is an active session and also, when I log into the site, I have a database with values yet it seems to let any Tom, Dick and Harry onto the site to log in even though they are not stored in the database. I apologise if this sounds confusing but I really need some major league help. Help would be greatly appreciated Similar TutorialsI am building an e-commerce site and I am aiming to create a front end displaying my products with an option for customers to buy them, and have a content management system as a back end for an admin to edit product information.
Currently I am storing information about my products on a mysql database. I access and display the product info using a while loop. Below is a simplified version of what I am doing without any html to style it. This code will go through the database and each iteration will go the to the next row and display the info about the next product.
$query = mysql_query("SELECT * FROM truffleProducts");
while ($row = mysql_fetch_array($query)) {
$id = $row['id'];
$name = $row{'Name'};
$price = $row{'Price'};
$desc = $row{'Description'};
echo $id;
echo $name;
echo $price;
echo $desc;
}
I have began to implement a 'buy' button so that customers are able to click on a button next to the product info and purchase it. However I have come across a problem which is where my program won't be able to tell which product you have selected as the number stored in the $id variable will just be the last product it has fetched from the database. I can't differentiate between all the product's buy buttons, so it will impossible to place an order for a customer with the current system I have.
Can any one tell me how to get the id number of the specific product that a user has selected?
I only started learning PHP a month or two ago so assume I know nothing
some guy went on my site and was able to get all the cookies of every user on my site. Its the top thread, he said my site is full of xss, im not sure what that means or how to protect against it the site is www.imgboard.co.uk can you give me some idea of what i done wrong etc Hi all, I'm a bit of a newbie to this type of website and would be extremely grateful for any help on this as it's causing considerable headaches! I've been working on an e-commerce (Online Shop) website based on the site found he http://www.phpwebcommerce.com/ I have been building it into a template from the original shop that was essentially a static website with links to paypal for the cart etc. Now I am trying to add an extra function to the site but cant get my head around the logic to making this work and I know it can be done! The shop is to sell mainly shoes with some accessories. So I understand that shoes obviously come in a variety of sizes, and each size needs to have its own product ID in the MySQL DB so I can show whether it is in stock etc. What I cant figure out is how to firstly make an easy way of adding the shoes different sizes (for eg 10 shoes of the same type in sizes 40-49) to the DB in one hit instead of filling in the same form 10 times but with different sizes. I have the simple form already made and working successfully. My thoughts are to add check box in the form to say I'm adding multiple shoes that tells the process to look for values in text areas for starting shoe size and last shoe size. The process then takes the start size from the end size giving the number of times to loop the process. It then loops the process for each size using the same information... Logically this works but I'm not sure how to code this on what I have. I have attached the files used directly in this. Secondly how do I group the shoes on the front end. Now each product on the front end currently will display a simple message instead of add to cart when the stock = 0, or the product has been made as available on request. I would like to group the shoes of the same type to have a drop down menu showing the available sizes. When a size is selected it needs to query the DB for available stock and either show the 'Add to cart' or 'Call to order' options. Anything else you might need to help with this let me know. I'm keen to get this bit done so I can get the site live! Thanks in advance SEO moz is telling me that I have a few issues on my site. The biggest one being duplicate content. They give me the URL to each page that has this problem. The solutions I have found have told me to place a 301 redirect or a canonical tag to these pages. However, seeing as my site is php and has dynamic pages, this solution will not work. Unless I am not understanding where these tags can go. If I try to go to a specific category page on my site I will be brought to one category page because each page is built from the server depending on the way you get to it.
I have contacted SEO moz many times and they have told me that they are not web experts and can not solve this issue. In fact, the person helping me in the forum from SEO moz is a history major! They only tell me the problems that their site finds when I do a web crawl. Very frustrating! So now I am trying to find any php help I can get with this issue.
Does anyone have a solution?
Hi, I got problems on my website http://www.tranceprofile.com/ When I want to go to my Storeadmin page (http://www.tranceprofile.com/storeadmin/) I get this: Warning: session_start() [function.session-start]: open(/public/tmp/sess_64fb1b28e78195d89731106458023ab4, O_RDWR) failed: No such file or directory (2) in /public/sites/www.tranceprofile.com/storeadmin/index.php on line 5 Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /public/sites/www.tranceprofile.com/storeadmin/index.php:5) in /public/sites/www.tranceprofile.com/storeadmin/index.php on line 5 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /public/sites/www.tranceprofile.com/storeadmin/index.php:5) in /public/sites/www.tranceprofile.com/storeadmin/index.php on line 5 Warning: Cannot modify header information - headers already sent by (output started at /public/sites/www.tranceprofile.com/storeadmin/index.php:5) in /public/sites/www.tranceprofile.com/storeadmin/index.php on line 7 Warning: Unknown: open(/public/tmp/sess_64fb1b28e78195d89731106458023ab4, O_RDWR) failed: No such file or directory (2) in Unknown on line 0 Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/public/tmp) in Unknown on line 0 Can someone help me? Here is my code Code: [Select] <?php session_start(); if (!isset($_SESSION["manager"])) { header("location: admin_login.php"); exit(); } // Be sure to check that this manager SESSION value is in fact in the database $managerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters $manager = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["manager"]); // filter everything but numbers and letters $password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters // Run mySQL query to be sure that this person is an admin and that their password session var equals the database information // Connect to the MySQL database include "../storescripts/connect_to_mysql.php"; $sql = mysql_query("SELECT * FROM admin WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1"); // query the person // ------- MAKE SURE PERSON EXISTS IN DATABASE --------- $existCount = mysql_num_rows($sql); // count the row nums if ($existCount == 0) { // evaluate the count echo "Your login session data is not on record in the database."; exit(); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Store Admin Area</title> <link rel="stylesheet" href="../style/style.css" type="text/css" media="screen" /> </head> <body> <div align="center" id="mainWrapper"> <?php include_once("../template_header.php");?> <div id="pageContent"><br /> <div align="left" style="margin-left:24px;"> <h2>Hello store manager, what would you like to do today?</h2> <p><a href="inventory_list.php">Manage Inventory</a><br /> <a href="#">Manage Blah Blah </a></p> </div> <br /> <br /> <br /> </div> <?php include_once("../template_footer.php");?> </div> </body> </html> Hey everyone. I am making a site for my brother's band and having some trouble with the checkout to paypal. Unfortunately in layout I missed a pretty important variable, the size on shirts. I am trying to add it in as a drop down option just before submitting to paypal but I can't get it to show up on paypal and thus will have no idea what size they are ordering. The site is pretty basic and primitive but I really need this info on the checkout. Here is a link to the temporary site where i'm trying to get this to work: http://www.theblack44s.com/t/index3.php and this is what is up and running now: http://www.theblack44s.com/Merchant%20pages/apparel/index3.php this is the code i'm working on in cart.php: Code: [Select] <?php require "dbconcart.php"; session_start(); //session_destroy(); $page = 'index.php'; $value2 = $_POST['size']; //add to cart function if (isset($_GET['add'])) { $quantity = mysql_query('SELECT id, quantity, imageurl FROM apparel WHERE id='.mysql_real_escape_string((int)$_GET['add'])); while ($quantity_row = mysql_fetch_assoc($quantity)) { if ($quantity_row['quantity']!=$_SESSION['cart_'.(int)$_GET['add']]) { $_SESSION['cart_'.(int)$_GET['add']]+='1'; } } header('Location: '.$page); } //remove from cart if (isset($_GET['remove'])) { $_SESSION['cart_'.(int)$_GET['remove']]--; header('Location: '.$page); } //delete from cart if (isset($_GET['delete'])) { $_SESSION['cart_'.(int)$_GET['delete']]='0'; header('Location: '.$page); } // products function products() { $get = mysql_query('SELECT id, name, item_number, description, price, shipping FROM apparel WHERE quantity > 0 ORDER BY id DESC'); if (mysql_num_rows($get)==0) { echo "There are no products to display!"; } else { while ($get_row = mysql_fetch_assoc($get)) { echo $get_row['name'].'<br />'; echo $get_row['item_number'].'<br />'; echo $get_row['description'].'<br />'; echo 'Price: '.number_format($get_row['price'], 2).'<br />'; echo 'Shipping: '.number_format($get_row['shipping'], 2); echo '<a href="cart.php?add='.$get_row['id'].'">Add to cart</a></p>'; } } } //paypal function function paypal_items() { $num = 0; foreach($_SESSION as $name => $value) { if ($value!=0) { if (substr($name, 0, 5)=='cart_') { $id = substr($name, 5, strlen($name)-5); $get = mysql_query('SELECT id, name, item_number, price, shipping FROM apparel WHERE id='.mysql_real_escape_string((int)$id)); while ($get_row = mysql_fetch_assoc($get)) { $num++; echo '<input type="hidden" name="item_number_'.$num.'" value="'.$get_row['item_number'].'">'; echo '<input type="hidden" name="item_name_'.$num.'" value="'.$get_row['name'].'">'; echo '<input type="hidden" name="size_" value="$_POST'.$value2.']">'; echo '<input type="hidden" name="amount_'.$num.'" value="'.$get_row['price'].'">'; echo '<input type="hidden" name="shipping_'.$num.'" value="'.$get_row['shipping'].'">'; echo '<input type="hidden" name="shipping2_'.$num.'" value="'.$get_row['shipping'].'">'; echo '<input type="hidden" name="quantity_'.$num.'" value="'.$value.'">'; } } } } } //cart function function cart() { foreach($_SESSION as $name => $value) { if ($value>0) { if (substr($name, 0, 5)=='cart_') { $id = substr($name, 5, (strlen($name)-5)); $get = mysql_query('SELECT id, name, price, imageurl FROM apparel WHERE id='.mysql_real_escape_string((int)$id)); while ($get_row = mysql_fetch_assoc($get)) { $sub = $get_row['price']*$value; echo $get_row['name'].' x '.$value.' @ $'.number_format($get_row['price'], 2).' = $'.number_format($sub, 2).'<br />'; ?> <html> <body> <form action="size.php" method="post" name="size"> <label>Size <select name="size"> <option selected="selected">Select</option> <option value="youth">Youth (for the brats)</option> <option value="small">Small (petite)</option> <option value="medium">Medium (average)</option> <option value="large">Large (healthy)</option> <option value="xlarge">X Large (large)</option> <option value="xxlarge">XX Large (full figured</option> <option value="xxxlarge">XXX Large (huge)</option> <option value="xxxxlarge">XXXXLarge (DAMN!!)</option> </select> <input type="hidden" name="size" value="selected" /> <input type="hidden" name="size" value="submit()" /> </label> </form> </body> </html> <?php echo '<a href="cart.php?remove='.$id.'">[-]</a> <a href="cart.php?add='.$id.'">[+]</a> <a href="cart.php?delete='.$id.'">[delete]</a><br />'; } } $total += $sub; } } //cart totals and paypal function if ($total==0) { echo "Your cart is empty."; } else { echo '<p><b>Total: $ '.number_format($total, 2).'</b></p>'; ?> <p> <form action="https://www.paypal.com/cgi-bin/webscr" target="_blank" method="post"> <input type="hidden" name="cmd" value="_cart"> <input type="hidden" name="upload" value="1"> <input type="hidden" name="business" value="webmaster@theblack44s.com"> <?php paypal_items(); ?> <input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="amount" value="<?php echo $total; ?>"> <input type="hidden" name="size" value="<?php echo $value2; ?>"> <input type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but03.gif" target="_blank" name="submit" alt="Make payments with PayPal - it's fast, free and secure!"> </form> </p> <?php } } ?> Hey guys I had created a while ago a script for my friend where you can buy points and then redeem stuff with those points, i'm looking for ways to keep my site secu currently what i have done- - protected all mysql queries with mysql_real_escape_string, strip_tags, and addslashes - have a valid SSL certificate on my website - checked if emails are valid for account creation what else can I do? Thank you. I have an array that needs to display all titles and allow for a user to view titles based on the category, title, etc . I tried using the print_r() function but it didn't display the titles in a clean list. The only tutorials I've found utilize sql and i need to complete this without using SQL. Code: [Select] $books = array(); array_push($books,array("category" => "Nonfiction","title" => "The Innocent Man","author" => "Grisham","publisher" => "McGraw-Hill","price" => "34.99","isbn" => "5985420166")); array_push($books,array("category" => "Business","title" => "How to Make Money","author" => "Richy","publisher" => "Prentice-Hall","price" => "49.99","isbn" => "8754739342")); array_push($books,array("category" => "Romance","title" => "Twice Kissed","author" => "Jackson","publisher" => "McGraw-Hill","price" => "14.99","isbn" => "5671230987")); Hey guys, I got a tough one. I've been researching for days, weeks even, to try and solve this. And I'm sure I'm going to kick myself if/when I get a solution. I've set up an ecommerce website from scratch (no prestashop, oscommerce, none of that), and I need to figure out how to decrease price on quantity. Ex; Umbrellas are $12.00 a piece. If you order 2 dozen (24) Umbrellas, they are only $10.00 a piece. I can't seem to figure out a way to make it work.. I have set up in my database the following columns. p - base price ($12) p1 - price after first increment ($10) q1 - quantity of first break (24) p2 q2 p3 q3 Hit me with your best shot. Hi, Having completed a site migration this am everything went well aside from issues with logging into and out of our site where two files are used and appear as white pages. When logging into our site, proc_login.php is used and when logging out proc_logout.php is used. Both processes result in a white "blank" page instead of the php files forwarding on. I've no idea about php generally and have been trying my best to find useful and similar information online to attempt to resolve the problem. I am now stuck. The site works perfectly on my local web server, and what is really baffling me is the site also works perfectly on Domain B on the exact same server I'm trying to get the site running under as Domain A. In other words as both Domain A & B are configured on the same host server I'm thinking all the inherited php/apache/mysql settings should be identical (or pretty much thereabouts) and therefore am more confused than ever! I simply don't know where to start therefore in resolving this problem. I've tried looking in the error log file and have also played around with turning on error enabling on those specific php files to try and follow any errors, however the "errors" generated are no different than the ones present on sites where the login/logout process works just fine. I've hopefully attached both files and if anyone could assist in helping me narrow down my search for a solution I'd be very appreciative. Thanks. This topic has been moved to PHP Applications. http://www.phpfreaks.com/forums/index.php?topic=276607.0 This topic has been moved to PHP Applications. http://www.phpfreaks.com/forums/index.php?topic=321270.0 I have several "sites" located in my html directory, and each has a "general" access point and an "administrator" access point:
/var/www/html/site1/index.php /var/www/html/site1/administrator/index.php /var/www/html/site2/index.php /var/www/html/site2/administrator/index.php /var/www/html/site3/index.php /var/www/html/site3/administrator/index.phpAll sites are similar except that data will be specific to site1, site2, or site3, etc. Users who log onto /var/www/html/siteX/index.php are totally unrelated to those who logon to /var/www/html/siteX/administrator/index.php, will have different logon credentials, are stored in different DB tables, and each should have their own session. If a user logs off of either the general or administrator site, it should not effect the other site even if they were previously logged on to both on the same PC (and of course not effect other sites). When a user logs off, I would like to destroy their previous cookie and associated session. Users for either will only use https. I am using Apache to rewrite https://www.mysite.com/ to https://mysite.com/. While I named the administrator site "administrator" above, the administrator user has the ability to change the directory name. I am thinking I need to use session_set_cookie_params to specify where I wish the session cookie to be stored since /var/www/html/siteX/administrator/index.php is a sub-directory to /var/www/html/siteX/index.php, but am not really sure. Sorry for the cryptic post, but I am not very well versed in this subject. How would you recommend setting up cookies/sessions for this scenario? Thank you Hi, My first post here is a cry for help I have a Windows 2003 server running IIS6/PHP5, the server hosts multiple web sites. The problem is include files that are for site A are showing on site B (each site having its own includes as part of the site files in its own site folder), though not every time, its very random, sometimes the correct includes show, sometimes ones from another site on the same server. This only occurs where the include files for both sites have the same name, such as 'inc-header.php' for example. I can only assume PHP is caching includes and because they have the same name is showing the wrong one on other sites sometimes, if I rename them to something unique then the problem goes away, but its not a practical solution to rename all include files to unique names so I find myself looking for a 'real' fix. I have a feeling its to do with the include_path in the php.ini, but right now its disabled with a semi-colon, and I don't want to set one as I have no global includes, all includes are site specific. Any help would be very much appreciated! Phil Not sure if I'm trying to achieve something totally crazy here, or if this is something pretty standard. Didn't have much luck with searching as I'm not fully down with all the terms. (A) I have one site providing an RSS feed. (B) I have one site I want to search, once for each of the items in the feed A. (C) I want the results of the search in (B) to be displayed on page (C). So for example, the feed on (A) says; apples bananas oranges cheese I want site (B) to search for each of those terms (by passing the item in the feed (A) to the ?search= part of the URL of that page) and then show the results from THAT search on page C. Bit of a complex one, let me know if you need me to clarify. Thanks for any help! now i use this code to show where the visitors came from to my site. <?php $referer=$_SERVER['HTTP_REFERER']; echo $referer; ?> now, i want to show the 5 latest vistors referer's site url on my site ? Transferring data from sub-domain.site.com Reading sub-domain.site.com What is this all about? I'm going to put all .. images into a separate sub-domain eg: images.site.com. This would create a folder inside my public_HTML called "images" Now when sites have that Transferring data, and Reading... is this .. something relating to what I want. Facebook also does it, and they get their images for the site from a sub domain, how is it all done? I'm not sure if its entirely PHP, but I hope someone can help. Thanks I'm currently running a classified ads site and planning to display my own content from database combined with and external site rss. So here is what i got right now after the db query for the jobs ads (procedural php),
while ($row = mysqli_fetch_array($results, MYSQLI_ASSOC)){
echo '<div class="media margin-none">
<a class="pull-left bg-inverse innerAll text-center" href="#"><img src="'.$foto.'" share_alt="" width="100" height="100"></a>
<div class="media-body innerAll">
<h4 class="media-heading innerT">
<a href="' . $row['title'] .'-da' . $row['id_ad'] . '" class="text-inverse">'. $remuneracion .' ' . substr(ucfirst(strtolower($row['title'])), 0, 53) . '</a> <small class="pull-right label label-default"><i class="fa fa-fw fa-calendar-o"></i> ' . $row['date_created'] . '</small></h4>
<p>' . substr(ucfirst(strtolower($row['description'])), 0, 80) . ' ...</p>';
echo '</div>
</div>
<div class="col-separator-h"></div>';
}
echo pagination($statement,$per_page,$page, $url_filtros, $filtros);
?>
it is the while loop that i use to display ads from my database, what could be the best way to display (in this same loop?) other site's rss feed so i can show my content combined with the external rss?
Thanks
Hi I made a new design for my website and I made some changes. I want to use layout for my second site.
I'll like to know if my site is easier to browse through now and if you like the design better?. I test my site on internet explorer, chrome, and firefox. It is best to use site on better browsers like firefox and chrome to get a better experience of site. Thanks.
http://adjade.com
This topic has been moved to mod_rewrite. http://www.phpfreaks.com/forums/index.php?topic=318858.0 |
|||||||