Two questions, shopping cart, and view source.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
kyoru
Forum Commoner
Posts: 26
Joined: Mon Feb 13, 2006 9:35 pm

Two questions, shopping cart, and view source.

Post by kyoru »

take a look at this great shopping cart tutorial...
http://www.phpwebcommerce.com/php-mysql ... torial.php
i plan i using it to hlep make a shopping card for my site and so far it has been great, hoever I can't figure out how a customers temp. shopping card is recored, is it stored in the data base (I think it is but its not detailed anywhere, if it is how is it recalled to a certain customer)?

another question i want to have a link to view the source of my index page of my website and be able to change and save it, what kind of functions would i look at to accomplish this?

*edit: oh yes i was looking at this one snippet of code that closes the page if its called directly (eg its function.php) anyone know how to code tha tone?
Thanks guys!
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

a temporary shopping cart is most likely stored in the session. wherever you're in doubt that something is in the session you can do

Code: Select all

print_r($_SESSION);
in debugging mode of course, not on the live production site. If it is stored in the database, just loop through your table till you find what you want.

I'd suggest setting up an admin area so you can just type in what you're looking for and loop through records without having to recode a function each time.

As far as changing the source... i'm not quite sure what you mean. You can always view the source, change the source, save it with the same name as your original php file and save it locally. then reupload to the server (if it's remote).
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
matthijs
DevNet Master
Posts: 3360
Joined: Thu Oct 06, 2005 3:57 pm

Post by matthijs »

I didn't study all code but a quick view at the login system gives me a hint that it would be wise to thoroughly go through the code to make sure it is safe to use. The admin directory contains an index file which calls the checkUser() function which is a function in the functions.php file. That function checks the SESSION

Code: Select all

if (!isset($_SESSION['plaincart_user_id'])) {
		header('Location: ' . WEB_ROOT . 'admin/login.php');
	}
and redirects to the login page were the doLogin() is called (also in functions.php):

Code: Select all

function doLogin()
{
	// if we found an error save the error message in this variable
	global $errorMessage;
	
	$userName = $_POST['txtUserName'];
	$password = $_POST['txtPassword'];
	
	// first, make sure the username & password are not empty
	if ($userName == '') {
		$errorMessage = 'You must enter your username';
	} else if ($password == '') {
		$errorMessage = 'You must enter the password';
	} else {
		$sql = "SELECT user_id
		        FROM tbl_user 
				WHERE user_name = '$userName' AND user_password = PASSWORD('$password')";
		$result =& dbQuery($sql);
		
		if (dbNumRows($result) == 1) {
			$row =& dbFetchAssoc($result);
			$_SESSION['plaincart_user_id'] = $row['user_id'];
			
			$sql = "UPDATE tbl_user 
			        SET user_last_login = NOW() 
					WHERE user_id = '{$row['user_id']}'";
			dbQuery($sql);
		
			if (isset($_SESSION['login_return_url'])) {
				header('Location: ' . $_SESSION['login_return_url']);
			} else {
				header('Location: index.php');
			}
		} else {
			$errorMessage = 'Wrong username or password';
		}		
			
	}
}
I'm not sure but it seems like the script doesn't escape the $userName and $password and is depending on magic_quotes being on. You might want to check that out.
Post Reply