thientanchuong
01-10-2010, 11:18 AM
I already finish a shopping cart function, but when I create a INSERT function for check out page, I got error
this is code of customer function page which give $_SESSION values to customer id
<?php
/*
Check if a session user id exist or not. If not set redirect
to login page. If the user session id exist and there's found
$_GET['logout'] in the query string logout the user
*/
function checkUser()
{
// if the session id is not set, redirect to login page
if (!isset($_SESSION['valid_user'])) {
header('Location: ' . WEB_ROOT . 'customer/login.php');
exit;
}
// the user want to logout
if (isset($_GET['logout'])) {
doLogout();
}
}
/*
*/
function doLogin()
{
// if we found an error save the error message in this variable
$errorMessage = '';
$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];
$_SESSION['valid_user'] = $userName;
$_SESSION['valid_password'] = $password;
// first, make sure the username & password are not empty
if ($userName == '') {
$errorMessage = 'You must enter your username';
} else if ($password == '') {
$errorMessage = 'You must enter the password';
} else {
// check the database and see if the username and password combo do match
$sql = "SELECT *
FROM tbl_customer
WHERE customer_name = '$userName'
AND customer_password = md5('$password')";
$result = dbQuery($sql);
if (dbNumRows($result) == 1) {
$row = dbFetchAssoc($result);
$_SESSION['valid_user'] = $row['customer_id'];
$_SESSION['valid_name'] = $row['customer_name'];
// log the time when the user last login
$sql = "UPDATE tbl_customer
SET customer_last_login = NOW()
WHERE customer_id = '{$row['customer_id']}'";
dbQuery($sql);
// now that the user is verified we move on to the next page
// if the user had been in the admin pages before we move to
// the last page visited
if (isset($_SESSION['login_return_url'])) {
header('Location: ' . $_SESSION['login_return_url']);
exit;
} else {
header('Location: index.php');
exit;
}
} else {
$errorMessage = 'Wrong username or password';
}
}
return $errorMessage;
}
/*
Logout a user
*/
function doLogout()
{
if (isset($_SESSION['valid_user'])) {
session_unset($_SESSION['valid_user']);
session_destroy();
}
header('Location: login.php');
exit;
}
?>
đây là code cũa trang checkout_function.php
<?php
require_once 'config.php';
//using session of logined customer
require_once ('customer/library/functions.php');
$customer_id = $_SESSION['valid_user'];
/*********************************************************
* CHECKOUT FUNCTIONS
*********************************************************/
function saveOrder()
{
$orderId = 0;
$shippingCost = 5;
$requiredField = array('hidShippingFirstName', 'hidShippingLastName', 'hidShippingAddress1', 'hidShippingCity', 'hidShippingPostalCode',
'hidPaymentFirstName', 'hidPaymentLastName', 'hidPaymentAddress1', 'hidPaymentCity', 'hidPaymentPostalCode');
if (checkRequiredPost($requiredField)) {
extract($_POST);
// make sure the first character in the
// customer and city name are properly upper cased
$hidShippingFirstName = ucwords($hidShippingFirstName);
$hidShippingLastName = ucwords($hidShippingLastName);
$hidPaymentFirstName = ucwords($hidPaymentFirstName);
$hidPaymentLastName = ucwords($hidPaymentLastName);
$hidShippingCity = ucwords($hidShippingCity);
$hidPaymentCity = ucwords($hidPaymentCity);
$cartContent = getCartContent();
$numItem = count($cartContent);
// save order & get order id
$sql = "INSERT INTO tbl_order(od_date, od_last_update, od_shipping_first_name, od_shipping_last_name, od_shipping_address1,
od_shipping_address2, od_shipping_phone, od_shipping_state, od_shipping_city, od_shipping_postal_code, od_shipping_cost,
od_payment_first_name, od_payment_last_name, od_payment_address1, od_payment_address2,
od_payment_phone, od_payment_state, od_payment_city, od_payment_postal_code, customer_id)
VALUES (NOW(), NOW(), '$hidShippingFirstName', '$hidShippingLastName', '$hidShippingAddress1',
'$hidShippingAddress2', '$hidShippingPhone', '$hidShippingState', '$hidShippingCity', '$hidShippingPostalCode', '$shippingCost',
'$hidPaymentFirstName', '$hidPaymentLastName', '$hidPaymentAddress1',
'$hidPaymentAddress2', '$hidPaymentPhone', '$hidPaymentState', '$hidPaymentCity', '$hidPaymentPostalCode','$customer_id')";
$result = dbQuery($sql);
// get the order id
$orderId = dbInsertId();
if ($orderId) {
// save order items
for ($i = 0; $i < $numItem; $i++) {
$sql = "INSERT INTO tbl_order_item(od_id, pd_id, od_qty)
VALUES ($orderId, {$cartContent[$i]['pd_id']}, {$cartContent[$i]['ct_qty']})";
$result = dbQuery($sql);
}
// update product stock
for ($i = 0; $i < $numItem; $i++) {
$sql = "UPDATE tbl_product
SET pd_qty = pd_qty - {$cartContent[$i]['ct_qty']}
WHERE pd_id = {$cartContent[$i]['pd_id']}";
$result = dbQuery($sql);
}
// then remove the ordered items from cart
for ($i = 0; $i < $numItem; $i++) {
$sql = "DELETE FROM tbl_cart
WHERE ct_id = {$cartContent[$i]['ct_id']}";
$result = dbQuery($sql);
}
}
}
return $orderId;
}
/*
Get order total amount ( total purchase + shipping cost )
*/
function getOrderAmount($orderId)
{
$orderAmount = 0;
$sql = "SELECT SUM(pd_price * od_qty)
FROM tbl_order_item oi, tbl_product p
WHERE oi.pd_id = p.pd_id and oi.od_id = $orderId
UNION
SELECT od_shipping_cost
FROM tbl_order
WHERE od_id = $orderId";
$result = dbQuery($sql);
if (dbNumRows($result) == 2) {
$row = dbFetchRow($result);
$totalPurchase = $row[0];
$row = dbFetchRow($result);
$shippingCost = $row[0];
$orderAmount = $totalPurchase + $shippingCost;
}
return $orderAmount;
}
?>
My idea is, after user logined , there is session variable for valid user, then continue to process shopping cart.
there are 3 steps:
1 - input all shipping and payment infor
2- review all infor
http://img706.imageshack.us/img706/3246/carterror2.jpg
3- INSERT all the infor into database table order with the user id
In 3rd step, I got error when customer id is insert into table order:
Notice: Undefined variable: customer_id in /home/content/v/h/p/vhp0003/html/library/checkout-functions.php on line 38
Warning: Cannot modify header information - headers already sent by (output started at /home/content/v/h/p/vhp0003/html/library/checkout-functions.php:38) in /home/content/v/h/p/vhp0003/html/checkout.php on line 33
http://img25.imageshack.us/img25/2200/carterror3.jpg
so in the checkout code, I have:
$customer_id = $_SESSION['valid_user'];
and INSERT INTO table order:
$sql = "INSERT INTO tbl_order(od_date, od_last_update, od_shipping_first_name, od_shipping_last_name, od_shipping_address1,
od_shipping_address2, od_shipping_phone, od_shipping_state, od_shipping_city, od_shipping_postal_code, od_shipping_cost,
od_payment_first_name, od_payment_last_name, od_payment_address1, od_payment_address2,
od_payment_phone, od_payment_state, od_payment_city, od_payment_postal_code, customer_id)
VALUES (NOW(), NOW(), '$hidShippingFirstName', '$hidShippingLastName', '$hidShippingAddress1',
'$hidShippingAddress2', '$hidShippingPhone', '$hidShippingState', '$hidShippingCity', '$hidShippingPostalCode', '$shippingCost',
'$hidPaymentFirstName', '$hidPaymentLastName', '$hidPaymentAddress1',
'$hidPaymentAddress2', '$hidPaymentPhone', '$hidPaymentState', '$hidPaymentCity', '$hidPaymentPostalCode','$customer_id')";
How can I insert the valid_user session into database order ? If I remove $customer_id, the INSERT function will work nicely.
this is code of customer function page which give $_SESSION values to customer id
<?php
/*
Check if a session user id exist or not. If not set redirect
to login page. If the user session id exist and there's found
$_GET['logout'] in the query string logout the user
*/
function checkUser()
{
// if the session id is not set, redirect to login page
if (!isset($_SESSION['valid_user'])) {
header('Location: ' . WEB_ROOT . 'customer/login.php');
exit;
}
// the user want to logout
if (isset($_GET['logout'])) {
doLogout();
}
}
/*
*/
function doLogin()
{
// if we found an error save the error message in this variable
$errorMessage = '';
$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];
$_SESSION['valid_user'] = $userName;
$_SESSION['valid_password'] = $password;
// first, make sure the username & password are not empty
if ($userName == '') {
$errorMessage = 'You must enter your username';
} else if ($password == '') {
$errorMessage = 'You must enter the password';
} else {
// check the database and see if the username and password combo do match
$sql = "SELECT *
FROM tbl_customer
WHERE customer_name = '$userName'
AND customer_password = md5('$password')";
$result = dbQuery($sql);
if (dbNumRows($result) == 1) {
$row = dbFetchAssoc($result);
$_SESSION['valid_user'] = $row['customer_id'];
$_SESSION['valid_name'] = $row['customer_name'];
// log the time when the user last login
$sql = "UPDATE tbl_customer
SET customer_last_login = NOW()
WHERE customer_id = '{$row['customer_id']}'";
dbQuery($sql);
// now that the user is verified we move on to the next page
// if the user had been in the admin pages before we move to
// the last page visited
if (isset($_SESSION['login_return_url'])) {
header('Location: ' . $_SESSION['login_return_url']);
exit;
} else {
header('Location: index.php');
exit;
}
} else {
$errorMessage = 'Wrong username or password';
}
}
return $errorMessage;
}
/*
Logout a user
*/
function doLogout()
{
if (isset($_SESSION['valid_user'])) {
session_unset($_SESSION['valid_user']);
session_destroy();
}
header('Location: login.php');
exit;
}
?>
đây là code cũa trang checkout_function.php
<?php
require_once 'config.php';
//using session of logined customer
require_once ('customer/library/functions.php');
$customer_id = $_SESSION['valid_user'];
/*********************************************************
* CHECKOUT FUNCTIONS
*********************************************************/
function saveOrder()
{
$orderId = 0;
$shippingCost = 5;
$requiredField = array('hidShippingFirstName', 'hidShippingLastName', 'hidShippingAddress1', 'hidShippingCity', 'hidShippingPostalCode',
'hidPaymentFirstName', 'hidPaymentLastName', 'hidPaymentAddress1', 'hidPaymentCity', 'hidPaymentPostalCode');
if (checkRequiredPost($requiredField)) {
extract($_POST);
// make sure the first character in the
// customer and city name are properly upper cased
$hidShippingFirstName = ucwords($hidShippingFirstName);
$hidShippingLastName = ucwords($hidShippingLastName);
$hidPaymentFirstName = ucwords($hidPaymentFirstName);
$hidPaymentLastName = ucwords($hidPaymentLastName);
$hidShippingCity = ucwords($hidShippingCity);
$hidPaymentCity = ucwords($hidPaymentCity);
$cartContent = getCartContent();
$numItem = count($cartContent);
// save order & get order id
$sql = "INSERT INTO tbl_order(od_date, od_last_update, od_shipping_first_name, od_shipping_last_name, od_shipping_address1,
od_shipping_address2, od_shipping_phone, od_shipping_state, od_shipping_city, od_shipping_postal_code, od_shipping_cost,
od_payment_first_name, od_payment_last_name, od_payment_address1, od_payment_address2,
od_payment_phone, od_payment_state, od_payment_city, od_payment_postal_code, customer_id)
VALUES (NOW(), NOW(), '$hidShippingFirstName', '$hidShippingLastName', '$hidShippingAddress1',
'$hidShippingAddress2', '$hidShippingPhone', '$hidShippingState', '$hidShippingCity', '$hidShippingPostalCode', '$shippingCost',
'$hidPaymentFirstName', '$hidPaymentLastName', '$hidPaymentAddress1',
'$hidPaymentAddress2', '$hidPaymentPhone', '$hidPaymentState', '$hidPaymentCity', '$hidPaymentPostalCode','$customer_id')";
$result = dbQuery($sql);
// get the order id
$orderId = dbInsertId();
if ($orderId) {
// save order items
for ($i = 0; $i < $numItem; $i++) {
$sql = "INSERT INTO tbl_order_item(od_id, pd_id, od_qty)
VALUES ($orderId, {$cartContent[$i]['pd_id']}, {$cartContent[$i]['ct_qty']})";
$result = dbQuery($sql);
}
// update product stock
for ($i = 0; $i < $numItem; $i++) {
$sql = "UPDATE tbl_product
SET pd_qty = pd_qty - {$cartContent[$i]['ct_qty']}
WHERE pd_id = {$cartContent[$i]['pd_id']}";
$result = dbQuery($sql);
}
// then remove the ordered items from cart
for ($i = 0; $i < $numItem; $i++) {
$sql = "DELETE FROM tbl_cart
WHERE ct_id = {$cartContent[$i]['ct_id']}";
$result = dbQuery($sql);
}
}
}
return $orderId;
}
/*
Get order total amount ( total purchase + shipping cost )
*/
function getOrderAmount($orderId)
{
$orderAmount = 0;
$sql = "SELECT SUM(pd_price * od_qty)
FROM tbl_order_item oi, tbl_product p
WHERE oi.pd_id = p.pd_id and oi.od_id = $orderId
UNION
SELECT od_shipping_cost
FROM tbl_order
WHERE od_id = $orderId";
$result = dbQuery($sql);
if (dbNumRows($result) == 2) {
$row = dbFetchRow($result);
$totalPurchase = $row[0];
$row = dbFetchRow($result);
$shippingCost = $row[0];
$orderAmount = $totalPurchase + $shippingCost;
}
return $orderAmount;
}
?>
My idea is, after user logined , there is session variable for valid user, then continue to process shopping cart.
there are 3 steps:
1 - input all shipping and payment infor
2- review all infor
http://img706.imageshack.us/img706/3246/carterror2.jpg
3- INSERT all the infor into database table order with the user id
In 3rd step, I got error when customer id is insert into table order:
Notice: Undefined variable: customer_id in /home/content/v/h/p/vhp0003/html/library/checkout-functions.php on line 38
Warning: Cannot modify header information - headers already sent by (output started at /home/content/v/h/p/vhp0003/html/library/checkout-functions.php:38) in /home/content/v/h/p/vhp0003/html/checkout.php on line 33
http://img25.imageshack.us/img25/2200/carterror3.jpg
so in the checkout code, I have:
$customer_id = $_SESSION['valid_user'];
and INSERT INTO table order:
$sql = "INSERT INTO tbl_order(od_date, od_last_update, od_shipping_first_name, od_shipping_last_name, od_shipping_address1,
od_shipping_address2, od_shipping_phone, od_shipping_state, od_shipping_city, od_shipping_postal_code, od_shipping_cost,
od_payment_first_name, od_payment_last_name, od_payment_address1, od_payment_address2,
od_payment_phone, od_payment_state, od_payment_city, od_payment_postal_code, customer_id)
VALUES (NOW(), NOW(), '$hidShippingFirstName', '$hidShippingLastName', '$hidShippingAddress1',
'$hidShippingAddress2', '$hidShippingPhone', '$hidShippingState', '$hidShippingCity', '$hidShippingPostalCode', '$shippingCost',
'$hidPaymentFirstName', '$hidPaymentLastName', '$hidPaymentAddress1',
'$hidPaymentAddress2', '$hidPaymentPhone', '$hidPaymentState', '$hidPaymentCity', '$hidPaymentPostalCode','$customer_id')";
How can I insert the valid_user session into database order ? If I remove $customer_id, the INSERT function will work nicely.