0

i hope this explanation makes sense...

I have a cart that works using SESSION/PHP/MySQLi, my isssue is that I can't get the Checkout screen to show the ShipTo address based on the logged in customers ID.

Database Table is "customers" and field name is "id"

Working:
the Customer Can Register/Login
Pages are protected against non-members
All Cart details are pulled through to checkout

Not Working: (checkout.php)
show current customer ShipTo based on ID - currently set to default ID "5" so i could test it.

login.php this checks the email/psw exist before logging in and uses the same "sesscustomerID" reference.

<?php
    session_start();
    include("db.php"); //Establishing connection with database

    $error = ""; //Variable for storing our errors.
    if(isset($_POST["submit"]))
    {
        if(empty($_POST["email"]) || empty($_POST["password"]))
        {
            $error = "Both fields are required.";
        }else
        {
            // Define $email and $password
            $email=$_POST['email'];
            $password=$_POST['password'];

            // To protect from MySQL injection
            $email = stripslashes($email);
            $password = stripslashes($password);
            $email = mysqli_real_escape_string($db, $email);
            $password = mysqli_real_escape_string($db, $password);
            $password = md5($password);

            //Check email and password from database
            $sql="SELECT id FROM customers WHERE email='$email' and password='$password'";
            $result=mysqli_query($db,$sql);
            $row=mysqli_fetch_array($result,MYSQLI_ASSOC);

            //If email and password exist in our database then create a session.
            //Otherwise echo error.

            if(mysqli_num_rows($result) == 1)
            {
                $_SESSION['sessCustomerID'] = $email; // Initializing Session
                header("location: products.php"); // Redirecting To Other Page
            }else
            {
                $error = "Incorrect email or password.";
            }

        }
    }

?>

checkout.php

<?php
include 'check.php';    
?>

<?php
// include database configuration file
include 'dbConfig.php';

// initializ shopping cart class
include 'Cart.php';
$cart = new Cart;

// redirect to home if cart is empty
if($cart->total_items() <= 0){
    header("Location: products.php");
}

// set customer ID in session
$_SESSION['sessCustomerID'] = 5;

// get customer details by session customer ID
$query = $db->query("SELECT * FROM customers WHERE id = ".$_SESSION['sessCustomerID']);
$custRow = $query->fetch_assoc();
?>

<!DOCTYPE html>
<html lang="en">
<head>
    <title>Checkout</title>
    <meta charset="utf-8">
    <link rel="stylesheet" href="css/bootstrap.min.css">
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
    <script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
    <style>
    .container{width: 100%;padding: 50px;}
    .table{width: 65%;float: left;}
    .shipAddr{width: 30%;float: left;margin-left: 30px;}
    .footBtn{width: 95%;float: left;}
    .orderBtn {float: right;}
    </style>
</head>
<body>
<h1 class="hello">Hello, <em><?php echo $login_user;?>!</em></h1>
<a href="logout.php" style="font-size:18px">Logout?</a>

<div class="container">
    <h1>Order Preview</h1>
    <table class="table">
    <thead>
        <tr>
            <th>Scent</th>
            <th>Type</th>
            <th>Price</th>
            <th>Quantity</th>
            <th>Subtotal</th>
        </tr>
    </thead>
    <tbody>
        <?php
        if($cart->total_items() > 0){
            //get cart items from session
            $cartItems = $cart->contents();
            foreach($cartItems as $item){
        ?>
        <tr>
            <td><?php echo $item["name"]; ?></td>
            <td><?php echo $item["category"]; ?></td>
            <td><?php echo '£'.$item["price"].' GBP'; ?></td>
            <td><?php echo $item["qty"]; ?></td>
            <td><?php echo '£'.$item["subtotal"].' GBP'; ?></td>
        </tr>
        <?php } }else{ ?>
        <tr><td colspan="4"><p>No items in your cart......</p></td>
        <?php } ?>
    </tbody>
    <tfoot>
        <tr>
            <td colspan="3"></td>
            <td class="text-right"><strong>Total</strong></td>
            <?php if($cart->total_items() > 0){ ?>
            <td class="text-left"><strong><?php echo '£'.$cart->total().' GBP'; ?></strong></td>
            <?php } ?>
        </tr>

        <tr>
            <td><a href="products.php" class="btn btn-warning"><i class="glyphicon glyphicon-menu-left"></i> Continue Shopping</a></td>
            <td colspan="3"></td>
            <td><a href="cartAction.php?action=placeOrder" class="btn btn-success orderBtn">Place Order <i class="glyphicon glyphicon-menu-right"></i></a></td>
        </tr>

    </tfoot>
    </table>
    <div class="shipAddr">
        <h4>Shipping Details</h4>
        <p><?php echo $custRow['name']; ?></p>
        <p><?php echo $custRow['email']; ?></p>
        <p><?php echo $custRow['phone']; ?></p>
        <p><?php echo $custRow['address']; ?></p>
    </div>
</div>
</body>
</html>
Steve
  • 29
  • 1
  • 9
  • either there is an error or there is no customer with id=5 – Your Common Sense Mar 15 '17 at 15:31
  • ID 5 does exist but i cannot the get code to pull through the current logged in customers ID automatically. i only have it as a default valule at the moment. $_SESSION['sessCustomerID'] = 5; is it a GET command i should using to retrieve the current user ID ? – Steve Mar 15 '17 at 15:56
  • so you have a problem with a *session?* – Your Common Sense Mar 15 '17 at 15:57
  • wait. Where $_SESSION['sessCustomerID'] is supposed to be set if not hardcoded to 5? – Your Common Sense Mar 15 '17 at 15:58
  • yes I need it to auto-detect or GET the customer ID of the logged in customer i.e 1 , 2 , 3 , 5 whichever... which will display the relevant ShipTo address below the order. – Steve Mar 15 '17 at 16:09
  • ok got it. you are doing $_SESSION['sessCustomerID'] = $email but then for some reason comparing its value with id. smart – Your Common Sense Mar 15 '17 at 16:18
  • The $email is to confirm the user login exists in yhe database then i tried to make it so once logged in yhe checkout would use the email confirmation to retrieve the ID it belongs to.. – Steve Mar 15 '17 at 17:54
  • You. Are. Storing. An. **EMAIL.** In. A. Session. Variable. And. Then. Compare. It. With. **ID**. Do you understand that? – Your Common Sense Mar 15 '17 at 19:25
  • yes ok i get that but do I not need to use "echo" or something along those lines on $_SESSION['sessCustomerID'] = 5; to replace the default value "5" to automatically put the releveant address based on the logged in user? at the moment regardless of who is logged in it will always display the ShipTo address of customer ID "5". – Steve Mar 16 '17 at 08:28
  • all you need is **consistent code**. either store id instead of email in the $_SESSION['sessCustomerID'] OR compare email, not id in the checkout. – Your Common Sense Mar 16 '17 at 08:33

0 Answers0