Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 30 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
30
Dung lượng
578,36 KB
Nội dung
Chapter 15: Online Stores 541 < /tr > < /table > < /td > < td > < table > < tr > < th colspan=”2” > Shipping Information < /th > < /tr > < tr > < td > First Name: < /td > < td > < ?php echo htmlspecialchars($shipping_first_name);? > < /td > < /tr > < tr > < td > Last Name: < /td > < td > < ?php echo htmlspecialchars($shipping_last_name);? > < /td > < /tr > < tr > < td > Billing Address: < /td > < td > < ?php echo htmlspecialchars($shipping_address_1);? > < /td > < /tr > < tr > < td > < /td > < td > < ?php echo htmlspecialchars($shipping_address_2);? > < /td > < /tr > < tr > < td > City: < /td > < td > < ?php echo htmlspecialchars($shipping_city);? > < /td > < /tr > < tr > < td > State: < /td > < td > < ?php echo htmlspecialchars($shipping_state);? > < /td > < /tr > < tr > < td > Zip Code: < /td > < td > < ?php echo htmlspecialchars($shipping_zip_code);? > < /td > < /tr > < tr > < td > Phone Number: < /td > < td > < ?php echo htmlspecialchars($shipping_phone);? > < /td > < /tr > < tr > < td > Email Address: < /td > < td > < ?php echo htmlspecialchars($shipping_email);? > < /td > < /tr > < /table > < /td > < /tr > < /table > < table style=”width: 75%;” > < tr > < th > Item Code < /th > < th > Item Name < /th > < th > Quantity < /th > < th > Price Each < /th > < th > Extended Price < /th > < /tr > < ?php $query = ‘SELECT p.product_code, order_qty, name, description, price c15.indd 541c15.indd 541 12/10/08 6:03:27 PM12/10/08 6:03:27 PM 542 Part II: Comic Book Fan Site FROM ecomm_order_details d JOIN ecomm_products p ON d.product_code = p.product_code WHERE order_id = “’ . $order_id . ‘” ORDER BY p.product_code ASC’; $result = mysql_query($query, $db) or die (mysql_error($db)); $rows = mysql_num_rows($result); $total = 0; $odd = true; while ($row = mysql_fetch_array($result)) { echo ($odd == true) ? ‘ < tr class=”odd_row” > ’ : ‘ < tr class=”even_row” > ’; $odd = !$odd; extract($row); ? > < td > < ?php echo $product_code; ? > < /td > < td > < ?php echo $name; ? > < /td > < td > < ?php echo $order_qty; ? > < /td > < td style=”text-align: right;” > $ < ?php echo $price; ? > < /td > < td style=”text-align: right;” > $ < ?php echo number_format($price * $order_qty, 2);? > < /td > < /tr > < ?php } ? > < /table > < p > Shipping: $ < ?php echo number_format($cost_subtotal, 2); ? > < /p > < p > Tax: $ < ?php echo number_format($cost_tax, 2); ? > < /p > < p > < strong > Total Cost: $ < ?php echo number_format($cost_total, 2); ? > < /strong > < /p > < /body > < /html > < ?php $html_body = ob_get_clean(); // display the page echo $html_head; ? > < h1 > Comic Book Appreciation Store < /h1 > < h2 > Order Checkout < /h2 > < ol > < li > Enter Billing and Shipping Information < /li > < li > Verify Accuracy of Order Information and Send Order < /li > < li > < strong > Order Confirmation and Receipt < strong > < /li > < /ol > < h3 > A copy of this order has been emailed to you for your records. < /h3 > < ?php c15.indd 542c15.indd 542 12/10/08 6:03:27 PM12/10/08 6:03:27 PM Chapter 15: Online Stores 543 echo $html_body; // send email $headers = array(); $headers[] = ‘MIME-Version: 1.0’; $headers[] = ‘Content-type: text/html; charset=”iso-8859-1”’; $headers[] = ‘Content-Transfer-Encoding: 7bit’; $headers[] = ‘From: < store@example.com > ’; $headers[] = ‘Bcc: < store@example.com > ’; mail($email, “Order Confirmation”, $html_head . $html_body, join(“\r\n”, $headers)); ? > 4. Now to test it out. Enter the site and place a few items in your shopping cart. Then choose to check out. You should see something that looks like Figure 15 - 4 . Figure 15-4 c15.indd 543c15.indd 543 12/10/08 6:03:27 PM12/10/08 6:03:27 PM 544 Part II: Comic Book Fan Site Figure 15-5 5. Enter your billing information, and click the button to proceed to the next step of the checkout process. Your screen should resemble Figure 15 - 5 . 6. Finally, click the Process Order button. Your screen should resemble Figure 15 - 6 . c15.indd 544c15.indd 544 12/10/08 6:03:28 PM12/10/08 6:03:28 PM Chapter 15: Online Stores 545 How It Works As you can see, checkout is a three - step process. First, you allow the customer to enter his or her billing and shipping information. Then, you present the information back to the customer, along with the contents of the shopping cart, for review. The final step performs some database manipulation and sends an e - mail to both the customer and to you, as confirmation for the order. Taking a closer look at ecomm_checkout.php , you see it is your basic web form which collects the billing and shipping information and then posts the data to ecomm_checkout2.php . This is the first step in the checkout process. While you could display the form fields for both the billing and shipping areas side by side, the shipping fields aren ’ t necessary unless the addresses are different. A little bit of Figure 15-6 c15.indd 545c15.indd 545 12/10/08 6:03:28 PM12/10/08 6:03:28 PM 546 Part II: Comic Book Fan Site JavaScript can be tied to the check - box button; if the customer wishes to use a shipping address that is different from the billing address, the shipping area can be displayed. Otherwise, it remains hidden. window.onload = function() { // assign toggle_shipping_visibility to same_info checkbox var c = document.getElementById(‘same_info’); c.onchange = toggle_shipping_visibility; } function toggle_shipping_visibility() { var c = document.getElementById(‘same_info’); var t = document.getElementById(‘shipping_table’); // update shipping table’s visibility t.style.display = (c.checked) ? ‘none’ : ‘’; } ecomm_checkout2.php accepts the incoming posted data, presents it back for review, and inserts it into a form full of hidden fields. To make sure all the data is passed along to the next step, you check to see if $_POST[ ‘ same_info ’ ] is set. This means the shipping information (if any) that was sent should be disregarded and set the same as the billing information. if (isset($_POST[‘same_info’])) { $_POST[‘shipping_first_name’] = $_POST[‘first_name’]; $_POST[‘shipping_last_name’] = $_POST[‘last_name’]; $_POST[‘shipping_address_1’] = $_POST[‘address_1’]; $_POST[‘shipping_address_2’] = $_POST[‘address_2’]; $_POST[‘shipping_city’] = $_POST[‘city’]; $_POST[‘shipping_state’] = $_POST[‘state’]; $_POST[‘shipping_zip_code’] = $_POST[‘zip_code’]; $_POST[‘shipping_phone’] = $_POST[‘phone’]; $_POST[‘shipping_email’] = $_POST[‘email’]; } The information is placed in a form of hidden fields, so when the customers click the Process Order button, they are really posting the data to the final step. < form method=”post” action=”ecomm_checkout3.php” > < div > < input type=”submit” name=”submit” value=”Process Order”/ > < input type=”hidden” name=”first_name” value=” < ?php echo htmlspecialchars($_POST[‘first_name’]);? > ”/ > < input type=”hidden” name=”last_name” value=” < ?php echo htmlspecialchars($_POST[‘last_name’]);? > ”/ > < input type=”hidden” name=”address_1” value=” < ?php echo htmlspecialchars($_POST[‘address_1’]);? > ”/ > < input type=”hidden” name=”address_2” value=” < ?php echo htmlspecialchars($_POST[‘address_2’]);? > ”/ > < input type=”hidden” name=”city” value=” < ?php echo htmlspecialchars($_POST[‘city’]);? > ”/ > < input type=”hidden” name=”state” c15.indd 546c15.indd 546 12/10/08 6:03:28 PM12/10/08 6:03:28 PM Chapter 15: Online Stores 547 value=” < ?php echo htmlspecialchars($_POST[‘state’]);? > ”/ > < input type=”hidden” name=”zip_code” value=” < ?php echo htmlspecialchars($_POST[‘zip_code’]);? > ”/ > < input type=”hidden” name=”phone” value=” < ?php echo htmlspecialchars($_POST[‘phone’]);? > ”/ > < input type=”hidden” name=”email” value=” < ?php echo htmlspecialchars($_POST[‘email’]);? > ”/ > < input type=”hidden” name=”shipping_first_name” value=” < ?php echo htmlspecialchars($_POST[‘shipping_first_name’]);? > ”/ > < input type=”hidden” name=”shipping_last_name” value=” < ?php echo htmlspecialchars($_POST[‘shipping_last_name’]);? > ”/ > < input type=”hidden” name=”shipping_address_1” value=” < ?php echo htmlspecialchars($_POST[‘shipping_address_1’]);? > ”/ > < input type=”hidden” name=”shipping_address_2” value=” < ?php echo htmlspecialchars($_POST[‘shipping_address_2’]);? > ”/ > < input type=”hidden” name=”shipping_city” value=” < ?php echo htmlspecialchars($_POST[‘shipping_city’]);? > ”/ > < input type=”hidden” name=”shipping_state” value=” < ?php echo htmlspecialchars($_POST[‘shipping_state’]);? > ”/ > < input type=”hidden” name=”shipping_zip_code” value=” < ?php echo htmlspecialchars($_POST[‘shipping_zip_code’]);? > ”/ > < input type=”hidden” name=”shipping_phone” value=” < ?php echo htmlspecialchars($_POST[‘shipping_phone’]);? > ”/ > < input type=”hidden” name=”shipping_email” value=” < ?php echo htmlspecialchars($_POST[‘shipping_email’]);? > ”/ > < /div > < /form > The ecomm_checkout3.php script contains the most complex logic of the three checkout scripts, but you will find it is understandable if you patiently work your way through it. The first major task is to assign the incoming data and some other important information (such as the current timestamp and the user ’ s session ID) to the variables that will be used throughout the script. $now = date(‘Y-m-d H:i:s’); $session = session_id(); $first_name = $_POST[‘first_name’]; $last_name = $_POST[‘last_name’]; $address_1 = $_POST[‘address_1’]; $address_2 = $_POST[‘address_2’]; $city = $_POST[‘city’]; $state = $_POST[‘state’]; $zip_code = $_POST[‘zip_code’]; $phone = $_POST[‘phone’]; $email = $_POST[‘email’]; $shipping_first_name = $_POST[‘shipping_first_name’]; $shipping_last_name = $_POST[‘shipping_last_name’]; $shipping_address_1 = $_POST[‘shipping_address_1’]; $shipping_address_2 = $_POST[‘shipping_address_2’]; $shipping_city = $_POST[‘shipping_city’]; c15.indd 547c15.indd 547 12/10/08 6:03:29 PM12/10/08 6:03:29 PM 548 Part II: Comic Book Fan Site $shipping_state = $_POST[‘shipping_state’]; $shipping_zip_code = $_POST[‘shipping_zip_code’]; $shipping_phone = $_POST[‘shipping_phone’]; $shipping_email = $_POST[‘shipping_email’]; Then you need to retrieve the customer ’ s ID from the ecomm_customers database. In the case of an existing customer, the ID can be retrieved with a SELECT statement. If the customer is new, then he or she will not have an ID already stored in the database, so the information needs to be added and a new ID generated. $query = ‘SELECT customer_id FROM ecomm_customers WHERE first_name = “’ . mysql_real_escape_string($first_name, $db) . ‘” AND last_name = “’ . mysql_real_escape_string($last_name, $db) . ‘” AND address_1 = “’ . mysql_real_escape_string($address_1, $db) . ‘” AND address_2 = “’ . mysql_real_escape_string($address_2, $db) . ‘” AND city = “’ . mysql_real_escape_string($city, $db) . ‘” AND state = “’ . mysql_real_escape_string($state, $db) . ‘” AND zip_code = “’ . mysql_real_escape_string($zip_code, $db) . ‘” AND phone = “’ . mysql_real_escape_string($phone, $db) . ‘” AND email = “’ . mysql_real_escape_string($email, $db) . ‘”’; $result = mysql_query($query, $db) or (mysql_error($db)); echo mysql_num_rows($result); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); extract($row); } else { $query = ‘INSERT INTO ecomm_customers (customer_id, first_name, last_name, address_1, address_2, city, state, zip_code, phone, email) VALUES (NULL, “’ . mysql_real_escape_string($first_name, $db) . ‘”, “’ . mysql_real_escape_string($last_name, $db) . ‘”, “’ . mysql_real_escape_string($address_1, $db) . ‘”, “’ . mysql_real_escape_string($address_2, $db) . ‘”, “’ . mysql_real_escape_string($city, $db) . ‘”, “’ . mysql_real_escape_string($state, $db) . ‘”, “’ . mysql_real_escape_string($zip_code, $db) . ‘”, “’ . mysql_real_escape_string($phone, $db) . ‘”, “’ . mysql_real_escape_string($email, $db) . ‘”)’; mysql_query($query, $db) or (mysql_error($db)); echo $query; $customer_id = mysql_insert_id(); } mysql_free_result($result); With the customer ’ s valid ID now known, you begin the process of actually storing the order in the database. First, you insert the shipping information into the ecomm_orders table. This creates the record and generates the order ’ s ID, which you need to transfer the shopping cart ’ s contents into the ecomm_order_ details table. You come back later to insert the cost values after you transfer the order details. c15.indd 548c15.indd 548 12/10/08 6:03:29 PM12/10/08 6:03:29 PM Chapter 15: Online Stores 549 $query = ‘INSERT into ecomm_orders (order_id, order_date, customer_id, cost_subtotal, cost_total, shipping_first_name, shipping_last_name, shipping_address_1, shipping_address_2, shipping_city, shipping_state, shipping_zip_code, shipping_phone, shipping_email) VALUES (NULL, “’ . $now . ‘”, ‘ . $customer_id . ‘, 0.00, 0.00, “’ . mysql_real_escape_string($shipping_first_name, $db) . ‘”, “’ . mysql_real_escape_string($shipping_last_name, $db) . ‘”, “’ . mysql_real_escape_string($shipping_address_1, $db) . ‘”, “’ . mysql_real_escape_string($shipping_address_2, $db) . ‘”, “’ . mysql_real_escape_string($shipping_city, $db) . ‘”, “’ . mysql_real_escape_string($shipping_state, $db) . ‘”, “’ . mysql_real_escape_string($shipping_zip_code, $db) . ‘”, “’ . mysql_real_escape_string($shipping_phone, $db) . ‘”, “’ . mysql_real_escape_string($shipping_email, $db) . ‘”)’; mysql_query($query, $db) or (mysql_error($db)); $order_id = mysql_insert_id(); An INSERT SELECT statement is used to transfer the values from the temp table to the ecomm_order_ details table. $query = ‘INSERT INTO ecomm_order_details (order_id, order_qty, product_code) SELECT ‘ . $order_id . ‘, qty, product_code FROM ecomm_temp_cart WHERE session = “’ . $session . ‘”’; mysql_query($query, $db) or (mysql_error($db)); Instead of returning the information retrieved with the SELECT statement to PHP, the script passes the values directly into an INSERT statement and adds them to the table. You can add a clause after the SELECT portion of the statement to instruct MySQL how to handle cases where a duplicate value might be inserted into a column that requires all unique values (a primary key, for example), though that clause is not necessary for your purposes here. The syntax for an INSERT SELECT statement is: INSERT [IGNORE] INTO tbl_name [(col_name, )] SELECT [ ON DUPLICATE KEY UPDATE col_name=expr, ] After the products have been transferred from the ecomm_temp_cart table to the ecomm_order_ details table, they are removed from ecomm_temp_cart . $query = ‘DELETE FROM ecomm_temp_cart WHERE session = “’ . $session . ‘”’; mysql_query($query, $db) or (mysql_error($db)); c15.indd 549c15.indd 549 12/10/08 6:03:29 PM12/10/08 6:03:29 PM 550 Part II: Comic Book Fan Site The product information is now stored permanently in the details table and associated with the appropriate order. You now need to determine the cost of the purchase and then go back to update the record in ecomm_orders with that information. MySQL ’ s SUM() function adds the values of a column together and is used to determine the purchase subtotal. $query = ‘SELECT SUM(price * order_qty) AS cost_subtotal FROM ecomm_order_details d JOIN ecomm_products p ON d.product_code = p.product_code WHERE order_id = ‘ . $order_id; $result = mysql_query($query, $db) or (mysql_error($db)); $row = mysql_fetch_assoc($result); extract($row); For the sake of simplicity, we just use 25% of the subtotal as the cost of shipping, and 10% as the tax rate. Your values would be different, depending on your delivery arrangements and the municipality in which you live. $cost_shipping = round($cost_subtotal * 0.25, 2); $cost_tax = round($cost_subtotal * 0.1, 2); $cost_total = $cost_subtotal + $cost_shipping + $cost_tax; The order record in the ecomm_orders table is then updated with the order ’ s costs. $query = ‘UPDATE ecomm_orders SET cost_subtotal = ‘ . $cost_subtotal . ‘, cost_shipping = ‘ . $cost_shipping . ‘, cost_tax = ‘ . $cost_tax . ‘, cost_total = ‘ . $cost_total . ‘ WHERE order_id = ‘ . $order_id; mysql_query($query, $db) or (mysql_error($db)); The script finishes off by generating a confirmation to display and send to you and your customer by e - mail. $headers = array(); $headers[] = ‘MIME-Version: 1.0’; $headers[] = ‘Content-type: text/html; charset=”iso-8859-1”’; $headers[] = ‘Content-Transfer-Encoding: 7bit’; $headers[] = ‘From: < store@example.com > ’; $headers[] = ‘Bcc: < store@example.com > ’; mail($email, “Order Confirmation”, $html_head . $html_body, join(“\r\n”, $headers)); c15.indd 550c15.indd 550 12/10/08 6:03:30 PM12/10/08 6:03:30 PM [...]... WHERE id = ‘ $id; $result = mysql_ query($sql, $db) or die (mysql_ error($db)); $row = mysql_ fetch_assoc($result); mysql_ free_result($result); return $row; } function get_forum_id($db, $topic_id) { $sql = ‘SELECT forum_id FROM frm_posts WHERE id = ‘ $topic_id; $result = mysql_ query($sql, $db) or die (mysql_ error($db)); $row = mysql_ fetch_assoc($result); $retVal = $row[‘forum_id’]; mysql_ free_result($result);... let’s get started! 1 Open your favorite editor Enter the following code as db_ch16.php: . ‘db.inc.php’; $db = mysql_ connect (MYSQL_ HOST, MYSQL_ USER, MYSQL_ PASSWORD) or die (‘Unable to connect. Check your connection parameters.’); mysql_ select_db (MYSQL_ DB, $db) or die (mysql_ error($db)); . mysql_ real_escape_string($phone, $db) . ‘”, “’ . mysql_ real_escape_string($email, $db) . ‘”)’; mysql_ query($query, $db) or (mysql_ error($db)); echo $query; $customer_id = mysql_ insert_id(); } mysql_ free_result($result); . phone = “’ . mysql_ real_escape_string($phone, $db) . ‘” AND email = “’ . mysql_ real_escape_string($email, $db) . ‘”’; $result = mysql_ query($query, $db) or (mysql_ error($db)); echo mysql_ num_rows($result); if