purchase_now.php

完善的PHP/MySQL电子商务方案

<?
/* purchase_now.php (c) 2000 Ying Zhang (ying@zippydesign.com)
 *
 * TERMS OF USAGE:
 * This file was written and developed by Ying Zhang (ying@zippydesign.com)
 * for educational and demonstration purposes only.  You are hereby granted the 
 * rights to use, modify, and redistribute this file as you like.  The only
 * requirement is that you must retain this notice, without modifications, at
 * the top of your source code.  No warranties or guarantees are expressed or
 * implied. DO NOT use this code in a production environment without
 * understanding the limitations and weaknesses pretaining to or caused by the
 * use of these scripts, directly or indirectly. USE AT YOUR OWN RISK!
 */

/******************************************************************************
 * MAIN
 *****************************************************************************/

include("../application.php");
require_login();

$DOC_TITLE = "MyMarket Checkout";
$template_to_show = "templates/purchase_now.php";

/* form has been submitted */
if (match_referer() && isset($HTTP_POST_VARS)) {
	$frm = $HTTP_POST_VARS;
	$errormsg = validate_form($frm, $errors);

	if (empty($errormsg)) {
		save_orderinfo($HTTP_POST_VARS);
		$qid = get_cart_items();
		
		$DOC_TITLE = "MyMarket Purchase Confirmation";
		$template_to_show = "templates/purchase_confirmation.php";
	}

} if ($info = load_orderinfo()) {
	$customer = $info->customer;
	$contact = $info->contact;
	$address = $info->address;
	$comments = $info->comments;

} else {
	$user = load_userinfo();
	$customer = $user->firstname . " " . $user->lastname;
	$contact = $user->phone;
	$address = $user->address;	
}

include("$CFG->templatedir/header.php");
include("$CFG->templatedir/form_header.php");
include($template_to_show);
include("$CFG->templatedir/footer.php");

/******************************************************************************
 * FUNCTIONS
 *****************************************************************************/

function validate_form(&$frm, &$errors) {
/* validate the billing information form, and return the error messages in a
 * string.  if the string is empty, then there are no errors */

	$errors = new Object;
	$msg = "";

	if (empty($frm["customer"])) {
		$errors->customer = true;
		$msg .= "<li>You did not specify your name";

	} elseif (empty($frm["contact"])) {
		$errors->contact = true;
		$msg .= "<li>You did not specify a way to contact you";

	} elseif (empty($frm["address"])) {
		$errors->address = true;
		$msg .= "<li>You did not specify your billing address";

	} elseif (empty($frm["creditcard"])) {
		$errors->creditcard = true;
		$msg .= "<li>You did not specify your credit card number";

	} elseif (empty($frm["expiry"])) {
		$errors->creditcard = true;
		$msg .= "<li>You did not specify your credit card expiry date";
	}

	return $msg;
}

function load_userinfo() {
/* this function returns an object containing the user's information (name,
 * address, etc.  we will use this information to pre-populate the billing
 * information fields of the form */

	global $SESSION;
 
	$qid = db_query("SELECT firstname, lastname, phone, address FROM users WHERE username = '{$SESSION["user"]["username"]}'");
	return db_fetch_object($qid);
}

?>