[SOLVED] a little help please....

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Bunter
Forum Newbie
Posts: 8
Joined: Mon Jul 12, 2010 6:03 am

[SOLVED] a little help please....

Post by Bunter »

Hi,

I have an issue and being a newbe I was hoping that somebody here could help / point me in the right direction. The issue I am having is passing a PHP var into a form value for posting over to WorldPay.

I have coded a cart using ajax / php, once the customer clicks checkout they are taken to a order page (for entry of payment details to pass to worldpay). I have the customers items and total passed to this page via a var that is posted.

I need to know how to make the items into a string (seperated via a comma) and then passed into a var that I can submit with the form to worldpay. I am also having the same issue with the total amount.

The code I have is the following:

Code: Select all

<?php

define('INCLUDE_CHECK',1);
require "connect.php";

if(!$_POST)
{
	if($_SERVER['HTTP_REFERER'])
	header('Location : '.$_SERVER['HTTP_REFERER']);
	
	exit;
}

?>
Which of of course is used to bring var's accross from cart....


The following code is how I display the ordered items and value

Code: Select all

<?php
				
				$cnt = array();
				$products = array();
				
				
				foreach($_POST as $key=>$value)
				{
					$key=(int)str_replace('_cnt','',$key);
				
					$products[]=$key;
					$cnt[$key]=$value;
				}

				$result = mysql_query("SELECT * FROM internet_shop WHERE id IN(".join($products,',').")");
				
				if(!mysql_num_rows($result))
				{
					echo '<p><strong>There was an error with your order!</strong></p>';
				}
				else
				{
					echo '<p><strong>Your order:</strong></p>';
					
					while($row=mysql_fetch_assoc($result))
					{
						echo '<h4>'.$cnt[$row['id']].' x '.$row['name'].' - '.$row['description'].'</h4>';
						
						
						$total+=$cnt[$row['id']]*$row['price'];
						$total = number_format($total, 2, '.', '');
						
					}
		
					echo '<br /><p><strong>Total: &pound;'.$total.' inc VAT</strong></p>';
				}
				?>

The form I have is:

Code: Select all

<form id="purchase" name="purchase" action="https://secure-test.wp3.rbsworldpay.com/wcc/purchase" method="post" >
						    <fieldset>
                              <input type="hidden" name="testMode" value="100">
                              <input type="hidden" name="instId" value="XXXXX">
							  <input type="hidden" name="cartId" value="Retail Sale">
							  <input type="hidden" name="currency" value="GBP">
                              <input type="hidden" name="desc" value="">
							  <input type="hidden" name="amount" value="">
							  <input type=hidden name="accId1" value="XXXXX"> 
							  <label for="name" id="name_label">Name</label><br />
							  <input type="text" name="name" id="name" size="30" value="" class="text-input" />
							  <br style="clear:both" />
                              <label for="address" id="address_label">Address</label><br />
							  <input type="text" name="address" id="address" size="30" value="" class="text-input" />
                              <br style="clear:both" />
                              <label for="postcode" id="postcode_label">Postcode</label><br />
							  <input type="text" name="postcode" id="postcode" size="30" value="" class="text-input" />
                              <br style="clear:both" />
                              <label for="tel" id="tel">Telephone</label><br />
							  <input type="text" name="tel" id="tel" size="30" value="" class="text-input" />
                              <br style="clear:both" />
							  <label for="email" id="email_label">Email</label><br />
							  <input type="text" name="email" id="email" size="30" value="" class="text-input" />
							  <br />
							  <input type="submit" name="submit" class="but" id="submit_btn" value="Buy Now"/>
							</fieldset>
                          </form>
I need to pass the total value ($total) into the form field value for "amount" and the items as a single line seperated by a comma into the form field of "desc"

I have tried various ways, such as passing the php var into a javascript var at end of page, then using (document.purchase.amount.value = javaVar), however I seem to be having a major issue in getting it to work. I would really be thankful of any help offered.

Thanks
Last edited by Bunter on Tue Jul 13, 2010 5:24 am, edited 1 time in total.
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: a little help please....

Post by Jonah Bron »

Not secure. Those fields could be spoofed. Use sessions instead.

http://www.w3schools.com/php/php_sessions.asp
Bunter
Forum Newbie
Posts: 8
Joined: Mon Jul 12, 2010 6:03 am

[SOLVED] Re: a little help please....

Post by Bunter »

Jonah,

The elements of the form were not stay visable, it was only to show how I needed to pass the php vars to the form. The finished product passes elements to another script which adds secure fields.

I have resolved this now anyway.... Thanks to anybody that looked at this, however I did imagine that as a newbie this forum would be filled with people holding more knowledge and understanding than I do.

Thanks
Post Reply