fix undefined index error

I am getting the following error with the eCart software:

Notice: Undefined index: eCartCheckoutForm_firstname in /Applications/MAMP/htdocs/cart.php on line 250. (error is for all the fields; last name etc.)

Also getting Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/cart.php:250)

It looks like a SESSION is not started but it is very difficult to determine the cause of the errors with the volume of code the eCart software plugins generate. So I have to ask if Webassit Tech Support can assist. Any help is appreciated.

Here is the code on line 250 on cart.php

$WA_fieldValuesStr = WA_eCDB_ConvertNumber("".$eCart1->GrandTotal() ."") . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_firstname'])?$_SESSION['eCartCheckoutForm_shipping_firstname']:$_SESSION['eCartCheckoutForm_firstname']) ." ".(isset($_SESSION['eCartCheckoutForm_shipping_lastname'])?$_SESSION['eCartCheckoutForm_shipping_lastname']:$_SESSION['eCartCheckoutForm_lastname']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_street1'])?$_SESSION['eCartCheckoutForm_shipping_street1']:$_SESSION['eCartCheckoutForm_street1']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_street2'])?$_SESSION['eCartCheckoutForm_shipping_street2']:$_SESSION['eCartCheckoutForm_street2']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_city'])?$_SESSION['eCartCheckoutForm_shipping_city']:$_SESSION['eCartCheckoutForm_city']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_state_province'])?$_SESSION['eCartCheckoutForm_shipping_state_province']:$_SESSION['eCartCheckoutForm_state_province']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_postcode'])?$_SESSION['eCartCheckoutForm_shipping_postcode']:$_SESSION['eCartCheckoutForm_postcode']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_country'])?$_SESSION['eCartCheckoutForm_shipping_country']:$_SESSION['eCartCheckoutForm_country']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_phone'])?$_SESSION['eCartCheckoutForm_shipping_phone']:$_SESSION['eCartCheckoutForm_phone']) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_fax'])?$_SESSION['eCartCheckoutForm_shipping_fax']:$_SESSION['eCartCheckoutForm_fax']) ."" . "|" . WA_eCDB_ConvertNumber("".$eCart1->GetShipping() ."") . "|" . WA_eCDB_ConvertNumber("".$eCart1->GetTax() ."") . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_email'])?$_SESSION['eCartCheckoutForm_shipping_email']:$_SESSION['eCartCheckoutForm_email']) ."" . "|" . "".(date('Y-m-d h:i:s')) ."";

this is not the way the wizard would write the code.

for 1, the store order summary behaivor would be on the confirm page not the cart page.

for 2, the code for each column uses a ternary expressionthe format should be:

isset(session)?session:""

in other words, check if the session is set, if it is, use the session value, if not, use a blank string,

so:
(isset($_SESSION['eCartCheckoutForm_shipping_firstname'])?$_SESSION['eCartCheckoutForm_shipping_firstname']:$_SESSION['eCartCheckoutForm_firstname'])

should be:
(isset($_SESSION['eCartCheckoutForm_shipping_firstname'])?$_SESSION['eCartCheckoutForm_shipping_firstname']:"")

break that down to:
Question: (isset($_SESSION['eCartCheckoutForm_shipping_firstname'])?
If True: $_SESSION['eCartCheckoutForm_shipping_firstname']
if False: ""

thus preventing the undefined index error.

Not sure how the code got like that as we never changed anything the wizard wrote, but your correction worked. Thanks.

I have one other question. We need to add code to our site that checks for empty or malicious entries on the checkout.php and confirm.php pages. Does WebAssist have any written tutorials on security with eCart pages or other suggestions on how to protect the pages the wizard writes?

see this tutorial for adding server validation to the checkout page:
http://www.webassist.com/community/tutorials/view_tutorial.php?tid=16

Thanks for sending this link. I am setting up the validations and most are complete. But one of the server behavior WA Server Validations is giving this error:

Warning: preg_match(): No ending delimiter '^' found in /Applications/MAMP/htdocs/webassist/form_validations/wavt_scripts_php.php on line 556

I can't tell which one is missing the '^' delimiter. Here is the code around line 556 on the wavy_scripts_php.php page if you can help:

function WAValidateRX($value,$regExStr,$required,$number) {
$value = $value;
$WAFV_ErrorMessage = "";
$isValid = true;
$regExStr = str_replace(""", '"', $regExStr);
if (!(!$required && $value=="")) {
$theMatch = preg_match($regExStr, $value);
if (!$theMatch) {
$isValid = false;
}
}
if (!$isValid) {
$WAFV_ErrorMessage .= ",".$number;
}
return $WAFV_ErrorMessage;
}

send a copy of your page please.

I remade the validations and the delimiter error is gone. However I have another question for you so thanks for reading.

It appears that even after the validations are set and working correctly, when I click the checkout button on the checkout page with no form entries made, a record is still created on my orders table. So the checkout and confirm page validations are working, but the page gets submitted to my database even with no fields filled out. Any suggestions for preventing this?

most likely the problem is code order, make sure the Server Validation code on the confirm page comes before the store order summary and store order details code.

It appears that the Server Validation code is coming before the store order, at least as far as I can tell. Can I send you the confirm page privately?

yes, when you attach a file to your post, the is a checkbox to make the attachments private.