Page 1 of 1

new from php need help and critics

Posted: Wed Nov 06, 2013 7:49 am
by glendon
hello everyone im new in php im a 3rd year college student and i want you guys to see my project, it is a dental clinic site, please suggest anything or maybe help me out on improving the site.. in the site u can register, log in, and it has an admin with username:admin password:admin, please see my output here, please help me out on security and improving this, you can add me on facebook sumasalad5@yahoo.com hehehe , I'm just so desperate to finish this project and i want it to be the best dental clinic site! :) :D

Re: new from php need help and critics

Posted: Wed Nov 06, 2013 9:56 pm
by Christopher
I don't know what is in the ZIP file. I doubt people will download it. You will only get help if you post specific parts of your code and ask questions about that code.

Re: new from php need help and critics

Posted: Thu Nov 07, 2013 5:49 am
by Celauran
Agreed. Not touching a random zip file. Why not post it on GitHub?

Re: new from php need help and critics

Posted: Thu Nov 07, 2013 5:51 am
by vipinsaini
glendon wrote:hello everyone im new in php im a 3rd year college student and i want you guys to see my project, it is a dental clinic site, please suggest anything or maybe help me out on improving the site.. in the site u can register, log in, and it has an admin with username:admin password:admin, please see my output here, please help me out on security and improving this, you can add me on facebook sumasalad5@yahoo.com hehehe , I'm just so desperate to finish this project and i want it to be the best dental clinic site! :) :D
What kind of help do you need for your project??? let me know???

Re: new from php need help and critics

Posted: Thu Nov 07, 2013 8:01 am
by glendon
well i am a dreamer and im dreaming on to up or host this site someday! :) well, i just want to know what's the best way to secure it from hackers or the security of my output, my output or the program i attached is a dental clinic, i just posted it here simply because maybe someone that's very good in programming can see it and i dont know what's the best way or the proper way or process to do on online payments and maybe i could get some advice and help, as for now, i still have to go to my professor for him to check it and there's no problem on the program yet! :) i'm new in this forum and im very happy reading ur replies, i'm 18 and having fun programming this even if it takes all my time but i just love it so much when i'm doing my dream, :D

Re: new from php need help and critics

Posted: Thu Nov 07, 2013 10:45 pm
by Christopher
Please post specific parts of your code that you have questions or concerns about. For example, a form where you accept user input would be important code to have reviewed for security problems.

Re: new from php need help and critics

Posted: Fri Nov 08, 2013 10:12 am
by glendon
in my program when the user clicks the product, it will show the description and price of the product, then, in payment process i only made it orderform,since my program or output is a reservation system on a dental clinic, here is my codes

Code: Select all

<?php
session_start();
?>
<?php
include("dbconnect.php");
include("header.php");
$user_id=$_SESSION['user_id'];
$prid = $_POST['prid'];
$result=mysql_query("select * from patient_tbl where user_id='$user_id'")or die(mysql_error);
$row=mysql_fetch_array($result);
?>

<TABLE>
	<form action='sendorder.php' method='post' name='form1'  onSubmit="return validateForm()">
		<input type='hidden' name='prid' value='<?=$prid ?>'>
		<TR><TD><B>Product name:</B> </TD><TD><input readonly type=text name=prodname value="<?=$_POST['prodname']; ?>"></input>
		<BR></TD></TR>
		<TR><TD><B>Price:</B> </TD><TD><input readonly type=text name=price value="<?=$_POST['price'].$curency;?>"></input>
		<BR></TD></TR>
		<TR><TD><B>Limit:</B> </TD><TD><input readonly type=text name=stock value="<?=$_POST['stock'];?>"></input>
		<BR></TD></TR>
		<input type=hidden name=quantity value="1"><BR></TD></TR>
		<TR><TD>Patient firstname:<TD><input  type="Text" name="fname" value="<?php echo $row["fname"];?>"></input>
		<TR><TD>Patient lastname:<TD><input  type="Text" name="lname" value="<?php echo $row["lname"];?>"></input>
		<TR><TD>email: </TD><TD><input readonly type="Text" name="email" value="<?php echo $row["email"];?>"></input>
		<TR><TD>Phone: </TD><TD><input readonly type="Text" name="phone" value="<?php echo $row["contact"];?>"></input>
		<TR><TD>Address: </TD><TD><input readonly type="Text" name="country" value="<?php echo $row["address"];?>"></input>
		<TR><TD>Credit card: </TD><TD><select><option>Visa
		                                      <option>MasterCard<input type=text name=credit><BR></TD></TR>
		<TR><TD>Date of Appointment: </TD><TD><select name=datemonth><option>(MM) 
							                                            <option>1
							                                            <option>2
							                                            <option>3
							                                            <option>4
							                                            <option>5    
                                                                        <option>6
                                                                        <option>7 
                                                                        <option>8
                                                                        <option>9 
                                                                        <option>10 
                                                                        <option>11 
                                                                        <option>12 	</select>	
			                                 <select name=dateday><option>(DD)
							                                            <option>1
							                                            <option>2
							                                            <option>3
							                                            <option>4
							                                            <option>5    
                                                                        <option>6
                                                                        <option>7 
                                                                        <option>8
                                                                        <option>9 
                                                                        <option>10 
                                                                        <option>11 
                                                                        <option>12 	
																		<option>13
							                                            <option>14
							                                            <option>15
							                                            <option>16
							                                            <option>17    
                                                                        <option>18
                                                                        <option>19 
                                                                        <option>20
                                                                        <option>21 
                                                                        <option>22
                                                                        <option>23 
                                                                        <option>24
																		<option>25
																		<option>26
																		<option>27
																		<option>28
																		<option>29
																		<option>30
																		<option>31
																		</select>
         															    <select name=dateyear><option>(YY)
							                                            <option>2013 </select>
<TR><TD>Time: </TD><TD><select name=time><option>(time) 
							                                            <option>8:00am
							                                            <option>9:00am
							                                            <option>10:00am
							                                            <option>11:00am
							                                            <option>1:00pm
							                                            <option>2:00pm
							                                            <option>3:00pm
							                                            
							                                              
                                                                         	</select>																			
		<TR><TD></TD><TD><input type=submit name=submit value='avail/purchase' ></TD></TR>
		<tr align=center>
<td colspan=2>
<span id=invalid1></span>
</td>
</tr>
	</form>
</TABLE>

<?php include("footerr.php");?>
this will get the current logged in user info, is it alright that the user just input his credit card number? or in the registration i will include the credit card info? how? i really don't know what's the best thing to do in payment process, pls help me, should i add carting? and please help me also in security and also improve my program