close ad
WARNING PC USERS: Do Not Install the DREAMWEAVER CC 2017 Update »
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Checkout page binding issue

Thread began 5/26/2009 8:18 am by geordie728 | Last modified 5/26/2009 5:17 pm by geordie728 | 2316 views | 15 replies |

geordie728

Checkout page binding issue

OK - decided that checkout really should have user logged in to keep track.

So...tried attaching a user recordset where session variable = MM_UserGroup

However, the user's name, last name and email address don't appear on the checkout form, even after login.

Any ideas?

Sign in to reply to this post

Ray BorduinWebAssist

What have you set the initial value to?

Sign in to reply to this post

geordie728

Sorry Ray - not following you?

I've got my shopping cart page which has option to checkout, checkout page has restricted access for members only, so user logs in and get diverted to the checkout page, however the checkout page doesn't contain any of the details from the recordset filtered by session variable MM_UserGroup

Sign in to reply to this post

Ray BorduinWebAssist

Right... so how did you tell it to contain the details from the recordset?

Did you highlight the field that you wanted populated from the recordset and use the bindings tab?

Post sample code from one of your form elements that you expect to be pre populated but isn't.

Sign in to reply to this post

geordie728

yeah did that.

Here's what I've got on checkout.php in the code before html starts:

<?php
//WA eCart Include
require_once("WA_eCart/hchq_PHP.php");
?>
<?php require_once('Connections/connHCHQ.php'); ?>
<?php
$hchq->GetContent();
?>
<?php
if (!isset($_SESSION)) {
if (!session_id()) session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "customer_login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
?>
<?php
$colname_rsRegUser = "-1";
if (isset($_SESSION['MM_UserGroup'])) {
$colname_rsRegUser = (get_magic_quotes_gpc()) ? $_SESSION['MM_UserGroup'] : addslashes($_SESSION['MM_UserGroup']);
}
mysql_select_db($database_connHCHQ, $connHCHQ);
$query_rsRegUser = sprintf("SELECT * FROM users WHERE UserID = %s", GetSQLValueString($colname_rsRegUser, "int"));
$rsRegUser = mysql_query($query_rsRegUser, $connHCHQ) or die(mysql_error());
$row_rsRegUser = mysql_fetch_assoc($rsRegUser);
$totalRows_rsRegUser = mysql_num_rows($rsRegUser);
?>
<?php
if ($hchq->IsEmpty()) {
$hchq->redirStr = "shopping_cart.php";
$hchq->cartAction = "RedirectIfEmpty";
}
?>
<?php
// WA eCart Redirect
if ($hchq->redirStr != "") {
header("Location: ".$hchq->redirStr);
}
?>


and here's a sample of the form:
<tr>
<th><label for="firstname" >First name</label></th>
<td><input type="text" name="firstname" id="firstname" value="<?php echo $row_rsRegUser['FirstName']; ?>" /></td>
</tr>

Sign in to reply to this post

Ray BorduinWebAssist

$_SESSION['MM_UserGroup'] must not be set to the userID correctly. It looks like it would work if it were.

Sign in to reply to this post

geordie728

is that an issue on my login page then or on the checkout?

Sign in to reply to this post

Ray BorduinWebAssist

Add a die statement to your recordset to see:


<?php
$colname_rsRegUser = "-1";
if (isset($_SESSION['MM_UserGroup'])) {
$colname_rsRegUser = (get_magic_quotes_gpc()) ? $_SESSION['MM_UserGroup'] : addslashes($_SESSION['MM_UserGroup']);
}
mysql_select_db($database_connHCHQ, $connHCHQ);
$query_rsRegUser = sprintf("SELECT * FROM users WHERE UserID = %s", GetSQLValueString($colname_rsRegUser, "int"));
$rsRegUser = mysql_query($query_rsRegUser, $connHCHQ) or die(mysql_error());
$row_rsRegUser = mysql_fetch_assoc($rsRegUser);
$totalRows_rsRegUser = mysql_num_rows($rsRegUser);
die($query_rsRegUser);
?>

My guess is a problem on the login page. Does anything associated with the MM_UserGroup session variable work?

Sign in to reply to this post

geordie728

Sorry - where should die statement go?

Nothing of MM_UserGroup seems to work.

Here's the login page:

<?php require_once('Connections/connHCHQ.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['emailAddress'])) {
$loginUsername=$_POST['emailAddress'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "checkout.php";
$MM_redirectLoginFailed = "customer_login.php?failed=true";
$MM_redirecttoReferrer = false;
mysql_select_db($database_connHCHQ, $connHCHQ);

$LoginRS__query=sprintf("SELECT UserEmail, Password1 FROM users WHERE UserEmail=%s AND Password1=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $connHCHQ) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

and it's form:

<form action="<?php echo $loginFormAction; ?>" method="POST" name="customerLogin" class="user">
<p><label>Email address:</label><input name="emailAddress" type="text" /></p>
<p><label>Password:</label><input name="password" type="password" /></p>
<p class="submit">
<label>
<input name="Login" type="image" id="Login" value="Login to my account" src="images/login-button.png" />
</label>
</p>
</form>

Sign in to reply to this post

Ray BorduinWebAssist

Yes it looks like you have applied your login server behavior wrong. Try applying again and make sure to use the correct settings for the username, password, and user group fields.

If you own security assist you should use that login server behavior instead. It has a lot of advantages.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...