in $query
"; } //Loop to display the products $product_count=0; while($row=mysql_fetch_array($result)) { $products[$product_count][id]=$row[id]; $products[$product_count][name]=$row[name]; $products[$product_count][price]=$row[price]; $product_count++; } return $products; } $products=get_products(); //Form information. This opens up the form element and table element $form_top="
"; $form_submit='
'; $submit_check='
'; $form_bottom='
'; $order_head="
Results of your order
\n"; $order_bottom="Thank you for your order. Have a nice day.\n
"; //Function to build the form with the login fields and product info. If there is an invalid response, the form //will be built with $comment, which is obtained from function check_form. function build_form($comment) { print "$comment
"; print "
Please log in to your account below to order cookies. If you have not created an account, click here."; print $GLOBALS['form_top']; print "

Username

Password

"; $product_count=0; $products=$GLOBALS['products']; foreach ($products as $prod) { print "\n"; print $prod['name']; print ""; print ""; print "@\$"; print $prod['price']; print "\n"; $product_count++; } /* This is the old way I built the form. $amount=$_POST[$product_count]; $id=$prod[id]; $name=$prod[name]; $price=$prod[price]; print "\n$name@\$$price\n"; $product_count++; */ print $GLOBALS['form_submit']; print $GLOBALS['submit_check']; print $GLOBALS['form_bottom']; } //This next function checks the login for valid entries and the form for valid entries. function check_form() { $username=trim($_POST[username]); $password=trim($_POST[password]); $sha_pass=sha1($password); $GLOBALS['username']=$username; $GLOBALS['custid']=$id; $db=mysql_connect('localhost:6033','akf2102','springtime'); $query="SELECT * from akf2102.customers WHERE username='$username' AND password='$sha_pass'"; $result=mysql_query($query); #print "I am chechnig!
"; $error=mysql_error(); if($error) { print "mysql error is: $error
"; } $row=mysql_fetch_array($result); $id=$row[0]; #print "found id |$id|
"; if(! ($id)) { #print "I return"; return "Invalid username or password.\n"; } $products=$GLOBALS['products']; foreach ($_POST as $number => $amount) { $product_name=$products[$number][name]; if($product_name) { if(($amount!=intval($amount)) or ($amount!=is_numeric($amount)) or $amount<0) { $error.="
$amount for $product_name is an invalid response
"; } else { //print "I ordered $amount of $product_name
"; $order[$number]=$amount; } } } if($error) { return $error; } $GLOBALS[order]=$order; } //This function processes the order and enters the orders into the respective mysql tables. function process_form($order) { print $GLOBAL['order_head']; $products=$GLOBALS['products']; foreach($order as $product_number => $amount) { if($amount > 0 and $products[$product_number]) { $pay=$amount*$products[$product_number][price]; $pay=number_format($pay,2); print "
You purchased $amount ".$products[$product_number][name]; print " cookie(s) for the cost of \$$pay.
"; $sub_total+=$pay; $db=mysql_connect('localhost:6033','akf2102','springtime'); //The purpose of this next query is to obtain the id from the orders table. //This becomes the orderid in the orders_items table. $query="SELECT MAX(id) from akf2102.orders"; $result=mysql_query($query); $error=mysql_error(); if ($error) { print "mysql error is: $error for $query
"; } $row=mysql_fetch_array($result); //I'm not sure on this next statement. It somehow puts the previous mysql query into an array. $last_order_id=$row[0]; //The next line increments the orderid by 1. $new_order_id=$last_order_id+1; $query="INSERT INTO akf2102.orders_items VALUES ('','$new_order_id','$product_number','$amount','$pay')"; $result=mysql_query($query); $error=mysql_error(); if ($error) { print "mysql error is: $error for $query
"; } } } $sales_tax=$GLOBALS['sales_tax']; $grand_total=$sub_total*$sales_tax; $grand_total=number_format($grand_total,2); //Beginning of mysql statements. //I was using mktime to return the date in terms of number of seconds since 1/1/1970. //I changed this to model Bill's format to get year, month, day, and time. $time=date('Y-m-d G:i:s'); //First you need to get the customer id from the customers table. $query="SELECT custid from akf2102.customers where username='$GLOBALS[username]'"; $result=mysql_query($query); $error=mysql_error(); if ($error) { print "mysql error is: $error for $query
"; } $row=mysql_fetch_array($result); $custid=$row['custid']; //Now we insert into the orders table. $query="INSERT INTO akf2102.orders VALUES ('','$custid','$grand_total','$time')"; $result=mysql_query($query); $error=mysql_error(); if ($error) { print "mysql error is: $error for $query
"; } print "
The total cost of your bill with sales tax is \$$grand_total.\n
"; print $GLOBALS['order_bottom']; } if($_POST['submitted']) { $error=check_form(); if($error) { build_form($error); } else { process_form($order); } } else { build_form(''); } ?>

Valid XHTML 1.0!