954,580 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
5 Months Ago
0

Please Help - PHP Dynamic Redirect Header

Hi, I'm having a trouble with dynamic redirection. I've searched for everything and did $_GET and $_POST but still not working. The $id is not returning any results.

Here's my code:

include_once("includes/connection.php");

global $result;
putenv("TZ=Asia/Manila");

$arrErrors = array();
$oid = isset($_GET['oid']) ? intval($_GET['oid']) : 0;
$package_id = isset($_GET['package_id']) ? intval($_GET['package_id']) : 0;

if (count($_POST)) {
//Post Form values
$addon_id = isset($_POST['addon_id']) ? intval($_POST['addon_id']) : 0;
$itemname = isset($_POST['itemname']) ? trim($_POST['itemname']) : "";
$subtotal = isset($_POST['subtotal']) ? trim($_POST['subtotal']) : "";
$total_price= isset($_POST['total_price']) ? trim($_POST['total_price']) : "";

//Check for errors


//Save/Update record/s if no errors found
if (count($arrErrors) == 0) {

$creation_date = strftime("%Y-%m-%d %H:%M:%S");

if ($oid > 0) {

$query = "UPDATE orders SET package_id = '$package_id', addon_id = '$addon_id', itemname = '$itemname', subtotal = '$subtotal', total_price = '$total_price', creation_date = '$creation_date' WHERE oid = '$oid'";

}

else {

$query = "INSERT INTO orders (package_id, addon_id, itemname, subtotal, total_price, creation_date) VALUES ('$package_id', '$addon_id', '$itemname', '$subtotal', '$total_price', '$creation_date')";

}

$result = mysql_query($query) or die(mysql_error());


if ($result) {

header("Location: checkout.php?oid=".$_POST['oid']."");

}
}

}
if ($oid > 0) {
$query = "SELECT * FROM orders WHERE oid='{$oid}'";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
$package_id = $row['package_id'];
$addon_id = $row['addon_id'];
$itemname = $row['itemname'];
$subtotal = $row['subtotal'];
$total_price= $row['total_price'];
$creation_date= $row['creation_date'];
}
}

?>


Your help would be greatly appreciated.

Thanks Guys!

sjsanjuan
Newbie Poster
4 posts since Dec 2011
Reputation Points: 10
Solved Threads: 0
 
5 Months Ago
0

use code tags [ CODE ] and repost - difficult to follow

diafol
Rhod Gilbert Fan (ardav)
Moderator
7,792 posts since Oct 2006
Reputation Points: 1,170
Solved Threads: 1,080
 
5 Months Ago
0

True.

rotten69
Posting Whiz
346 posts since May 2011
Reputation Points: 3
Solved Threads: 16
 
5 Months Ago
0

Hi Guys, here's the code...

<?php
include_once("includes/connection.php");

global $result;
putenv("TZ=Asia/Manila");

$arrErrors = array();
$oid = isset($_GET['oid']) ? intval($_GET['oid']) : 0;
$package_id = isset($_GET['package_id']) ? intval($_GET['package_id']) : 0;

if (count($_POST)) {
//Post Form values
$addon_id = isset($_POST['addon_id']) ? intval($_POST['addon_id']) : 0;
$itemname = isset($_POST['itemname']) ? trim($_POST['itemname']) : "";
$subtotal = isset($_POST['subtotal']) ? trim($_POST['subtotal']) : "";
$total_price= isset($_POST['total_price']) ? trim($_POST['total_price']) : "";

//Check for errors


//Save/Update record/s if no errors found
if (count($arrErrors) == 0) {

$creation_date = strftime("%Y-%m-%d %H:%M:%S");

if ($oid > 0) {

$query = "UPDATE orders SET package_id = '$package_id', addon_id = '$addon_id', itemname = '$itemname', subtotal = '$subtotal', total_price = '$total_price', creation_date = '$creation_date' WHERE oid = '$oid'";

}

else {

$query = "INSERT INTO orders (package_id, addon_id, itemname, subtotal, total_price, creation_date) VALUES ('$package_id', '$addon_id', '$itemname', '$subtotal', '$total_price', '$creation_date')";

}

$result = mysql_query($query) or die(mysql_error());


if ($result) {

header("Location: checkout.php?oid=".$_POST['oid']."");

}
}

}
if ($oid > 0) {
$query = "SELECT * FROM orders WHERE oid='{$oid}'";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
$package_id = $row['package_id'];
$addon_id = $row['addon_id'];
$itemname = $row['itemname'];
$subtotal = $row['subtotal'];
$total_price= $row['total_price'];
$creation_date= $row['creation_date'];
}
}


?>


Thank you.

sjsanjuan
Newbie Poster
4 posts since Dec 2011
Reputation Points: 10
Solved Threads: 0
 
5 Months Ago
0

Please indent your code - it's confusing as hell otherwise.
I've commented in the code:

<?php
include_once("includes/connection.php");
//Why make $result global??
global $result;
putenv("TZ=Asia/Manila");
 
$arrErrors = array();
$oid = isset($_GET['oid']) ? intval($_GET['oid']) : 0;
$package_id = isset($_GET['package_id']) ? intval($_GET['package_id']) : 0;
 
if (count($_POST)) {
	//Post Form values - THESE MUST BE SANITIZED! STRINGS NOT SANITIZED WITH TRIM ALONE
	$addon_id = isset($_POST['addon_id']) ? intval($_POST['addon_id']) : 0;
	$itemname = isset($_POST['itemname']) ? trim($_POST['itemname']) : "";
	$subtotal = isset($_POST['subtotal']) ? trim($_POST['subtotal']) : "";
	$total_price= isset($_POST['total_price']) ? trim($_POST['total_price']) : "";

	if (count($arrErrors) == 0) {
		$creation_date = strftime("%Y-%m-%d %H:%M:%S");
		if ($oid > 0) {
			//NO NEED FOR integers and numbers to be enclosed with ''
			$query = "UPDATE orders SET package_id = '$package_id', addon_id = '$addon_id', itemname = '$itemname', subtotal = '$subtotal', total_price = '$total_price', creation_date = '$creation_date' WHERE oid = '$oid'";
		}else{
			$query = "INSERT INTO orders (package_id, addon_id, itemname, subtotal, total_price, creation_date) VALUES ('$package_id', '$addon_id', '$itemname', '$subtotal', '$total_price', '$creation_date')";
		}
 
		$result = mysql_query($query) or die(mysql_error());
		if (mysql_affected_rows()) {
			//WHY IS THIS POST - was GET earlier - also not sanitized
			header("Location: checkout.php?oid=".$_POST['oid']."");
			//Is this page checkout.php or is it another one? If same page - no need to send again.
		}
	}
}

if ($oid > 0) {
	$query = "SELECT * FROM orders WHERE oid='{$oid}'";
	$result = mysql_query($query) or die(mysql_error());
	while ($row = mysql_fetch_assoc($result)) {
		$package_id = $row['package_id'];
		$addon_id = $row['addon_id'];
		$itemname = $row['itemname'];
		$subtotal = $row['subtotal'];
		$total_price= $row['total_price'];
		$creation_date= $row['creation_date'];
	}
}

//You don't echo any of this out - so nothing will appear on the screen.
 
?>
diafol
Rhod Gilbert Fan (ardav)
Moderator
7,792 posts since Oct 2006
Reputation Points: 1,170
Solved Threads: 1,080
 
5 Months Ago
0

Hi, sorry for my code.. I'm just new in PHP..

I have no problems with the submission of the form because it posts the details in the database just fine. I'm just having trouble with the "oid".

I already tried using GET but still it doesn't return any value.

The checkout.php is another page.

sjsanjuan
Newbie Poster
4 posts since Dec 2011
Reputation Points: 10
Solved Threads: 0
 
5 Months Ago
0

I am confused...

You are using oid as $_GET and using $_POST in header... :O

I guess :

header("Location: checkout.php?oid=".$_POST['oid']."");

should be :

header("Location: checkout.php?oid=".$_GET['oid']."");

...?

AnkurThakur
Newbie Poster
10 posts since Sep 2011
Reputation Points: 10
Solved Threads: 0
 
5 Months Ago
0

I already tried using GET and I can't get any results, that's why I tried using POST but still the same, no results.

sjsanjuan
Newbie Poster
4 posts since Dec 2011
Reputation Points: 10
Solved Threads: 0
 
5 Months Ago
0
I already tried using GET and I can't get any results, that's why I tried using POST but still the same, no results.

This doesn't make any sense to me. Either you're passing the var in a querystring ($_GET) or you're passing it in get-method form ($_GET) or in a post-method form ($_POST). What are you doing? As you haven't posted your form code, we're just guessing.

I'll give you another go.

diafol
Rhod Gilbert Fan (ardav)
Moderator
7,792 posts since Oct 2006
Reputation Points: 1,170
Solved Threads: 1,080
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
View similar articles that have also been tagged:
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed