I don't get the data from my form into my database?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
paulus4605
Forum Newbie
Posts: 12
Joined: Mon Jun 04, 2007 2:50 pm

I don't get the data from my form into my database?

Post by paulus4605 »

Dear
I try to get the data from the below mentioned form into my database?
First question what am I doing wrong here?
second question how do I get an automated Orderid filled in by default into the OrderId field?
Third question how do I get my sha1 working taking the following into account

I have to create a sha1 signature with the following items after the fields have been filled in
Orderid, amount (x100), currency, pspid and pswd
please take into account that the pspid and pswd are allways fix and that the OrderID amount and currency are variables.
the form looks like this
thanks for the much appreciated help and patience

Code: Select all

<?php

// Associatieve array voor de betaalmethodes
// om te voorkomen dat de array moet worden geconverteerd en gesorteerd,
// staan de betaalmethodes als HTML in alfabetische volgorde:
	
   
$payment = array (
			   "CC"		=> "Creditcard",
			   "Dexia"	=> "DEXIA NetBanking",
			   "Direct" => "Direct Debits NL",
			   "Ideal"	=> "Ideal",
			   "ING"	=> "ING Homepay",
			   "kbc"	=> "KBC Online",
			   );

$currency = array (
					"AUD"	=>	"Australische Dollar",
					"CAD"	=>	"Canadese Dollar",
					"CHF"	=>	"Zwitserse frank",
					"CNY"	=>	"Yuan Renminbi",
					"CZK"	=>	"Tsjechische Kroon",
					"DKK"	=>	"Deense kroon",
					"EEK"	=>	"Estonia Kroon",
					"EUR"	=>	"EURO",
					"GBP"	=>	"Britse Pond",
					"HKD"	=>	"Hong Kong Dollar",
					"HRK"	=>	"Croatian Kuna",
					"HUF"	=>	"Hongaarse Forint",
					"ILS"	=>	"New Shekel",
					"ISK"	=>	"Iceland Krona",
					"JPY"	=>	"Japanse Yen",
					"MAD"	=>	"Moroccan Dirham",
					"NZD"	=>	"Nieuw Zeelandse Dollar",
					"PLN"	=>	"Poolse Zloty",
					"RUR"	=>	"Rouble"
					);

//Formulier lezen en controleren:
if(isset($_POST['submit'])){
	$OrderId = trim($_POST['orderid']);
	$amount = trim($_POST['amount']);
	$currency = trim($_POST['currency']);
	$payment = trim($_POST['pt']);
	$ShaSign = trim($_POST['ShaSign']);

	$melding =""; //string voor foutmeldingen
	if (strlen($Orderid) <0) {
		$melding .=" het orderid moet uit minimaal 1 teken bestaan.";
	}
	//amount moet zonder comma's geplaatst worden 
	if (strlen($amount)<2) {
		$melding .="Het bedrag mag geen comma's bevatten vb 5,00 Euro wordt 500";
	}
	//lengte van shasign controleren
	if (strlen($ShaSign) <40) {
		$melding .="De shasign moet uit 40 karakters bestaan";
	}
	if (strlen($naam)<1) {
		$melding .="gebruikersnaam moet uit tenminste 7 karakters bestaan";
	}
	//overige formuliergegevens lezen
	$naam =$_POST['naam'];

	//database verbinding pas openen als er geen foutmeldingen zijn:
	if ($melding == ""){
		//eerst controleren of het OrderID al bestaat
		$sql1 = "Select `OrderId` FROM `payments` ";
		$sql1 .="WHERE `OrderId` = '$OrderId'";
		$sql2 = "INSERT INTO `payments` (`paymentid`, `OrderId`, `naam`, `ShaSign`, `payment`,`currency`)";
		$sql2 .= "VALUES (";
		$sql2 .="'".$paymentid."','".$OrderId."','".$amount."','".$ShaSign."','".$payment."','".$currency."')";
		
	
	//constanten voor Mysql_connect() insluiten:
	require_once('mysql_connect.inc.php');
	//database selecteren en verbinding openenen
	$verbinding = mysql_connect(MYSQL_SERVER,MYSQL_GEBRUIKERSNAAM,MYSQL_WACHTWOORD) or die(mysql_error());
		mysql_select_db("foto_galerij") or die (mysql_error());
	//kijken of OrderId al gebruikt is 
	$resultaat = mysql_query($sql1) or die(mysql_error());
	//de tweede query uitvoeren als het Orderid niet gevonden is
	if (mysql_num_rows($resultaat) == 0){
		mysql_free_result($resultaat);
		mysql_query($sql2) or die (mysql_error());
		mysql_close($verbinding);
		//succesvolle betaling vermelden
		if (!headers_sent()) {
                header("Cache-Control: no-store, no-cache, must-revalidate");
                header("Cache-Control: post-check=0, pre-check=0", false);
                header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
				 }
            include_once('header.php');
            echo "<h1>betaling uitgevoerd</h1>\n";
            
            include_once('footer.php');
            exit;
        } else {
            mysql_free_result($resultaat);
            mysql_close($verbinding);
            $melding .= "het Orderis <strong>$OrderId</strong> is al eens gebruikt ";
            $OrderId = "";
        }
    }


} 
    // Lege formuliervelden:
    $naam				= "";
    $OrderId			= "";
    $ShaSign            = "";
	//vaste bijdrage
    $amount				= "500";
	
	//vaste waarden 
	$pspid ="yourpspid";
	$pswd="yourshasignature";
	//berekening van sha1	
    $ShaSign= sha1($OrderId.$amount.$currency.$pspid.$pswd);


// HTTP-headers toevoegen:
if (!headers_sent()) {
    header("Cache-Control: no-store, no-cache, must-revalidate");
    header("Cache-Control: post-check=0, pre-check=0", false);
    header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
}

//include_once('header.txt');
?>
<body>
<?php include_once('header.php'); 
require_once("init.php");
print getNavHTML();
?>
<form method="post" action="https://secure.ogone.com/ncol/test/orderstandard.asp" id="form1" name="form1" >

	<fieldset>
	<legend>paymentform</legend>
	
	<table >
	
		<tr>
			<td>
				<label for="n">
				<span style="text-decoration: underline">N</span>aam:</label>
			</td>
			<td>
				<input 
				 accesskey ="n" 
				 name="n"
				 id="n" 
				 type="text"
				 value="<?php echo $naam;?>"/>

			</td>
		</tr>

		<tr>
			<td>
				<label for="orderid">
				<span style="text-decoration: underline">O</span>rderId:</label>
				
			</td>
			<td>
				<input 
					 accesskey="orderid"
					 name="orderid" 
					 id="orderid" 
					 type="text"
					 value="<?php echo $OrderId;?>"/>
			</td>
		</tr>	
		<tr>
			<td>
				<label for="currency">
				<span style="text-decoration: underline">C</span>urrency:</label>
				
			</td>
			<td>
				<select 
					 accesskey="currency"
					 name="currency" 
					 id="currency" 
<?php
foreach ($currency as $currencycode => $currencyname) {
		echo "<option ";
    if ($currencycode == $currencyname) {
        echo "selected ";
    }
    echo "value=\"".$currencycode."\">".$currencyname."</option>\n";
}
    
?>
				</select>					 
			</td>
		</tr>
				<tr>
			<td>
				<label for="amount">
				<span style="text-decoration: underline">A</span>mount:</label>
				
			</td>
			<td>
				<input 
					 accesskey="amount"
					 name="amount" 
					 id="amount 
					 type="text"
					 value="<?php echo $amount;?>"/>
			</td>
		</tr>				
			<tr>
			<td>
				<label for="SHASign">
				<span style="text-decoration: underline">S</span>haSign:</label>
				
			</td>
			<td>
			
				<input 
					 accesskey="SHASign"
					 name="SHASign" 
					 id="SHASign" 
					 type="text"
					 value="<?php echo $ShaSign;?>"/>
			</td>
		</tr>		
			<tr>
			<td>
				<label for="pt">
				<span style="text-decoration: underline">P</span>aymenttype:</label>
				
			</td>
			<td>
				<select 
					 accesskey="pt"
					 name="pt" 
					 id="pt" 
					 type="text"/>
<?php
foreach ($payment as $paymentcode => $paymentname) {
		echo "<option ";
    if ($paymentcode == $paymentname) {
        echo "selected ";
    }
    echo "value=\"".$paymentcode."\">".$paymentname." </option>\n";
}

?>			    
			    </select>
			</td>
			<tr>
			</tr>
			<td>
				&nbsp;
			</td>
			<td>
				<input type="hidden" name="PSPID" value="yourpspid">
				<input type="submit" value="versturen" id="submit2" name="submit2">
		     
			</td>
		</tr>	
	
	</table>
	
	</fieldset>
</form>
blackbeard
Forum Contributor
Posts: 123
Joined: Thu Aug 03, 2006 6:20 pm

Post by blackbeard »

Code: Select all

if (mysql_num_rows($resultaat) == 0){
                mysql_free_result($resultaat);
                mysql_query($sql2) or die (mysql_error());
                mysql_close($verbinding);
The only way to submit the data is for the first query to not return anything. You should probably be inserting the data immediately after your data validation.
Post Reply