add_cart.php
Code: Select all
<?php
// This page adds prints to the shopping cart.
session_start();
if (is_numeric ($_GETї'pid'])) {
// Check for a print ID.
// Set the page title and include the HTML header.
$page_title = 'Add to Cart';
include_once ('includes/header_customer_two.html');
// Check if the cart already contains one of these prints.
if (isset ($_SESSIONї'cart']ї'pid'])) {
$qty = $_SESSIONї'cart']ї'pid'] + 1;
} else {
$qty = 1;
}
// Add to the cart session variable.
$_SESSIONї'cart']ї'pid'] = $qty;
// Display a message.
echo '<p>The print has been added to your shopping cart.</p>';
} else { // Redirect
header ("Location: http://" . $_SERVERї'HTTP_HOST'] . dirname($_SERVERї'PHP_SELF']) . "/index.php");
exit();
}
?>Code: Select all
<?php
// This page displays the available prints (products).
// Set the page title and include the HTML header.
$page_title = 'Browse the Prints';
require_once ('./mysql_connect.php'); // Connect to the database.
//Are we looking at a particular artist?
if (isset($_GETї'aid'])) {
$query = "SELECT * FROM category, product WHERE category.category_id = product.category_id AND product.category_id = {$_GETї'aid']} ORDER BY product.product_name";
} else {
$query = "SELECT * FROM category, product WHERE category.category_id = product.category_id ORDER BY category.last_category ASC, product.product_name ASC";
}
echo '<table border="0" width="90%" cellspacing="3" cellpadding="3" align="center">
<tr>
<td align="left" width="20%"><b>Author</b></td>
<td align="left" width="20%"><b>Book Title</b></td>
<td align="left" width="40%"><b>Description</b></td>
<td align="right" width="20%"><b>Price</b></td>
</tr>';
// Display all the URLs.
$result = mysql_query ($query);
while ($row = mysql_fetch_array ($result, MYSQL_ASSOC)) {
// Display each record.
echo " <tr>
<td align="left"><a href="browse_prints.php?aid={$rowї'category_id']}"> {$rowї'last_category']}, {$rowї'first_category']} {$rowї'middle_category']}</a></td>
<td align="left"><a href="view_print.php?pid={$rowї'product_id']}">{$rowї'product_name']}</td>
<td align="left">" . stripslashes($rowї'description']) . "</td>
<td align="right">\${$rowї'price']}</td>
</tr>\n";
} // End of while loop.
echo '</table>'; // Close the table.
mysql_close(); // Close the database connection.
?>Code: Select all
<?php
// This is the registration page for the site.
// Set the page title and include the HTML header.
$page_title = 'Confirmation';
if (isset($_POSTї'submit'])) { // Handle the form.
// Register the user in the database.
require_once ('./mysql_connect.php'); // Connect to the db.
$variable = $_SESSIONї'cart']ї$key];
// Create a function for escaping the data.
function escape_data ($data) {
global $dbc; // Need the connection.
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
} // End of function.
$message = NULL; // Create an empty new variable.
// Check for the account number.
if (empty($_POSTї'account_no'])) {
$aa = FALSE;
$message .= '<p>You forgot to enter your account number!</p>';
} else {
$aa = escape_data($_POSTї'account_no']);
}
if (empty($_POSTї'token'])) {
$t = FALSE;
$message .= '<p>You forgot to enter your reference ID!</p>';
} else {
$t = escape_data($_POSTї'token']);
}
if (empty($_POSTї'name'])) {
$n = FALSE;
} else {
$n = escape_data($_POSTї'name']);
}
if (empty($_POSTї'address'])) {
$ad = FALSE;
} else {
$ad = escape_data($_POSTї'address']);
}
if (empty($_POSTї'postcode'])) {
$p = FALSE;
} else {
$p = escape_data($_POSTї'postcode']);
}
if (empty($_POSTї'state'])) {
$s = FALSE;
} else {
$s = escape_data($_POSTї'state']);
}
if (empty($_POSTї'country'])) {
$c = FALSE;
} else {
$c = escape_data($_POSTї'country']);
}
if ( $aa && $t ) { // If everything's OK.
// Make sure the token available.
$query = "SELECT * FROM customer_bank WHERE token_id = '$t' ";
$result = @mysql_query ($query);
if (mysql_num_rows($result) == 0) { // Available.
// Add the user.
$query = "INSERT INTO view (account_no, token, name, address, postcode, state, country) VALUES ( '$aa','$t','$n','$ad','$p','$s','$c' )";
$result = @mysql_query ($query); // Run the query.
// Retrieve all of the information for the prints in the cart.
$query1 = "INSERT INTO view (product_id) VALUES ('$variable')";
$result1 = mysql_query ($query1);
if ($result && $result1) { // If it ran OK.
// Successful add the new customer.
echo '<h3>Successful the transaction</h3>';
include ('includes/header_bank.html');
exit();
} else { // If it did not run OK.
// Send a message to the error log, if desired.
echo '<p><font color="red" size="+1">Cannot complete the transaction due to a system error. We apologize for any inconvenience.</font></p>';
}
} else { // The account number already exist.
echo '<p><font color="red" size="+1">The account number already in the database</font></p>';
}
mysql_close(); // Close the database connection.
} else { // If it did not run OK.
$message = '<p>Please try again.</p>';
}
} // End of the main Submit conditional.
// Print the error message if there is one.
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>
<form action="<?php echo $_SERVERї'PHP_SELF']; ?>"method="post">
<fieldset><legend>Enter the reference id that you get request from the server with the account number that register with this website:</legend>
<p><b>Account number:</b> <input type="text" name="account_no" size="50" maxlength="50" value="<?php if (isset($_POSTї'account_no'])) echo $_POSTї'account_no']; ?>" /></p>
<p><b>Reference ID:</b> <input type="text" name="token" size="20" maxlength="20" value="<?php if (isset($_POSTї'token'])) echo $_POSTї'token']; ?>" /></p>
</fieldset>
<fieldset><legend>Enter the billing information correctly so that the product can delivered</legend>
<p><b>Recipient Name:</b> <input type="text" name="name" size="20" maxlength="20" value="<?php if (isset($_POSTї'name'])) echo $_POSTї'name']; ?>" /></p>
<p><b>Address:</b> <input type="text" name="address" size="50" maxlength="50" value="<?php if (isset($_POSTї'address'])) echo $_POSTї'address']; ?>" /></p>
<p><b>Postcode:</b> <input type="text" name="postcode" size="5" maxlength="5" value="<?php if (isset($_POSTї'postcode'])) echo $_POSTї'postcode']; ?>" /></p>
<p><b>State:</b> <input type="text" name="state" size="10" maxlength="10" value="<?php if (isset($_POSTї'state'])) echo $_POSTї'state']; ?>" /></p>
<p><b>Country:</b> <input type="text" name="country" size="10" maxlength="10" value="<?php if (isset($_POSTї'country'])) echo $_POSTї'country']; ?>" /></p>
</fielset>
<div align="center"><input type="submit" name="submit" value="Confirmation" /></div>
</form><!-- End of Form -->
<?php
include ('includes/footer_home.html');
?>Code: Select all
<?php
// This page displays the contents of the shopping cart.
session_start();
// Set the page title and include the HTML header.
$page_title = 'View Your Shopping Cart';
include_once ('includes/header_customer_two.html');
// Check if the form has been submitted (to update the cart)
if (isset ($_POSTї'submit'])) {
foreach ($_POSTї'qty'] as $key => $value) {
if (($value == 0) AND (is_numeric ($value))) {
unset ($_SESSIONї'cart']ї$key]);
} elseif ( is_numeric ($value) AND ($value > 0) ) {
$_SESSIONї'cart']ї$key] = $value;
}
}
}
// Check if the shopping cart is empty.
$empty = TRUE;
if (isset ($_SESSIONї'cart'])) {
foreach ($_SESSIONї'cart'] as $key => $value) {
if (isset($value)) {
$empty = FALSE;
}
}
}
// Display the cart if it's not empty.
if (!$empty) {
require_once ('./mysql_connect.php'); // Connect to the database.
// Retrieve all of the information for the prints in the cart.
// Retrieve all of the information for the prints in the cart.
$query = "SELECT * FROM category INNER JOIN product USING (category_id) WHERE product.product_id IN (";
foreach ($_SESSIONї'cart'] as $key => $value) {
$query .= $value . ",";
}
$query = substr ($query, 0, -1) . ") ORDER BY category.last_category ASC";
$result = mysql_query ($query);
// Create a table and a form.
echo '<table border="0" width="90%" cellspacing="3" cellpadding="3" align="center">
<tr>
<td align="left" width="30%"><b>Author</b></td>
<td align="left" width="30%"><b>Book Title</b></td>
<td align="right" width="10%"><b>Price</b></td>
<td align="center" width="10%"><b>Qty</b></td>
<td align="right" width="10%"><b>Total Price</b></td>
</tr>
<form action="view_cart.php" method="post">
';
// Print each item.
$total = 0; // Total cost of the order.
while ($row = mysql_fetch_array ($result, MYSQL_ASSOC)) {
// Calculate the total and subtotals.
$subtotal = $_SESSIONї'cart']ї$rowї'product_id']] * $rowї'price'];
$total += $subtotal;
// Print the row.
echo " <tr>
<td align="left">{$rowї'first_category']} {$rowї'middle_category']} {$rowї'last_category']}</td>
<td align="left">{$rowї'product_name']}</td>
<td align="right">\${$rowї'price']}</td>
<td align="center"><input type="text" size="3" name="qtyї{$rowї'product_id']}]" value="{$_SESSIONї'cart']ї$rowї'product_id']]}" /></td>
<td align="right">$" . number_format ($subtotal, 2). "</td>
</tr>\n";
} // End of the WHILE loop.
// Print the footer and close the table and the form.
echo ' <tr>
<td colspan="4" align="right"><b>Total : <b></td>
<td align="right">$' . number_format ($total, 2) . '</td>
</tr>
</table><div align="center"><input type="submit" name="submit" value="Update My Cart" /></form><br /><br /><a href="checkout.php"><font size="+3">Checkout</font></a></div>';
mysql_close(); // Close the database connection.
} else {
echo '<p>Your cart is currently empty.</p>';
}
?>Code: Select all
<?php
// This page displays the details for a particular print.
if (is_numeric ($_GETї'pid'])) {
// Make sure there's a print ID.
require_once ('./mysql_connect.php'); // Connect to the database.
$query = "SELECT * FROM category, product WHERE category.category_id = product.category_id AND product.product_id = {$_GETї'pid']}";
$result = mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_ASSOC);
mysql_close(); // Close the database connection.
// Set the page title and include the HTML header.
$page_title = $rowї'product_name'];
include_once ('includes/header_customer.html');
// Display a header.
echo "<div align="center">
<b>{$rowї'product_name']}</b> by
{$rowї'first_category']} {$rowї'middle_category']} {$rowї'last_category']}
<br />{$rowї'description']}
<br />\${$rowї'price']}
<a href="add_cart.php?pid={$rowї'product_id']}">Add to Cart</a>
</div><br />";
} else { // Redirect
header ("Location: http://" . $_SERVERї'HTTP_HOST'] . dirname($_SERVERї'PHP_SELF']) . "/index.php");
exit();
}
?>