[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 353
  • Last Modified:

Passing the dynamic content as hidden input to secure server external page

Hi,
I am building a simple online shop. I found a cart and added a form, everything seems to be working ok, but now I have to pass the final content through a hidden input to the external payment system.

I need to pass the DESCRIPTION of each choosen item (a course), which will include (1) type of a course, date when it starts and ends, (2) how many places are chosen, (3) what is the price per unit and a TOTAL PRICE for all items.

I got to the point where after user choses everything and fills in the form with a name and address, I amended the cart function, so it will display results on a page without giving the user any more chance to change it and at this point I want to include a 'Proceed to secure payment' button.

The courses and prices are pulled from MySql database and I don't know how to pass the information further. I have it in two separate functions and somebody suggested putting it in one to avoid using global variables, but it still didn't work and on the new page where the payment should be proceed i am getting error that the total is not a valid value and the description is blank.

How can I pass the values from my function? please see the code below:
//I'm displaying the final choice on the page with function checkout
function checkout() {
      global $db;
      $cart = $_SESSION['cart'];
      if ($cart) {
            $items = explode(',',$cart);
            $contents = array();
            foreach ($items as $item) {
                  $contents[$item] = (isset($contents[$item])) ? $contents[$item] + 1 : 1;
            }
            $output[] = '<table border="1" id="shop">';
                  $output[] = '<tr>';
                  $output[] = '<td><strong>Item</strong></td>';
                  $output[] = '<td><strong>Quantity</strong></td>';
                  $output[] = '<td><strong>Total per item</strong></td>';
                  $output[] = '</tr>';
            foreach ($contents as $id=>$qty) {
                  $sql = 'SELECT * FROM courses WHERE id = '.$id;
                  $result = $db->query($sql);
                  $row = $result->fetch();
                  extract($row);
                  $output[] = '<tr>';
                  $output[] = '<td><strong>'.$title.'</strong> <br /> '.$start_date.' '.$end_date.' <br /> '.$weeks.'</td>';
                  $output[] = '<td>'.$qty.'</td>';
                  $output[] = '<td>&pound;'.($price * $qty).'</td>';
                  $total += $price * $qty;
                  $output[] = '</tr>';

            }
                  $output[] = '<tr >';
                  $output[] = '<td colspan="2"><strong>Total for all items:</strong></td>';
                  $output[] = '<td colspan="2"><strong>&pound;'.$total.'</strong></td>';
                  $output[] = '</tr>';
            $output[] = '</table>';
            $output[] = '<p>&nbsp;</p>';
      }
      return join('',$output);
}  

//I want to pass the description for each chosen course (which will include $title $start_date $end_date $weeks as well as how many of those courses are purchases ($qty) and what is the price per course ($price)) and apart from that list a total price for all, I'm putting it in the form, which will direct me to the secure server, but unfortunately the values don't go through:

<form action="https://xxx.com" method=POST target="_blank">
<input type=hidden name="testMode" value="123">
<input type=hidden name="instId" value="1234">
<input type=hidden name="cartId" value="1234567">
<input type=hidden name="amount" value="<?php print $title; ?>">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc" value="<?php print $title . '</strong> <br /> ' . $start_date . ' ' . $end_date . ' <br /> (' . $weeks . ') x ' . $qty; ?>">
<input type=hidden name="name" value="<?php print htmlspecialchars($_POST['firstname']) . ' ' . htmlspecialchars($_POST['lastname']); ?>">
<input type=hidden name="address" value="<?php print (htmlspecialchars($_POST['address']) . ', ' . htmlspecialchars($_POST['town'])); ?>">
<input type=hidden name="postcode" value="<?php print htmlspecialchars($_POST['postcode']); ?>">
<input type=hidden name="country" value="<?php print htmlspecialchars($_POST['country']); ?>">
<input type=hidden name="tel" value="<?php print htmlspecialchars($_POST['telephone']); ?>">
<input type=hidden name="email" value="<?php print htmlspecialchars($_POST['email']); ?>">
<input type=submit value="Proceed to secure server">
</form>

Please note, that I am a beginner in PHP. :)
Thank you!

j.
0
justaj
Asked:
justaj
  • 21
  • 11
1 Solution
 
lpxtechCommented:
Hi,

Please explain further, you call the checkout() function and it returns $output, but you would also like it to return $contents so you can put it in a hidden field?

Is this correct? If so you can have remove the return from your function and  do like the code below.

declare the function: function checkout(&$output, &$contents) {
 
 
Call the function: checkout($output, $contents);

Open in new window

0
 
justajAuthor Commented:
yes, I want to use $title, $price, $total (which should be in a place of $title; in
<input type=hidden name="amount" value="<?php print $title; ?>"> above
in the hidden form.

At the moment I simply call function checkout on a page, after which I call the form with hidden elements. Not sure if this is correct either. I will try your suggestion and get back to you. Thanks.

J
0
 
justajAuthor Commented:
Unfortunately it didnt work.
I need the return, as I want to display the results on the page.

Ill try to explain the process:
User choses items in the SHOP > then goes to the CART or >goes to CHECKOUT, where puts name, address, etc. in a form.

CHECKOUT page has a simple function there:
<?php

if ($_POST['_submit_check']) {
      // If validate_form( ) returns errors, pass them to show_form( )
      if ($form_errors = validate_form( )) {
            show_form($form_errors);
      } else {
            process_form( );
      }
} else {
      show_form( );
}

?>

The checkout function posted in the first post is called in the process_form (its defined I a separate inc file) after which the form with hidden inputs and button proceed to secure payment is placed. Please see the process_form function below. Thank you.

function process_form( ) {
?>

                        <div id="cart_content">

                              <p class="border_top">&nbsp;</p>
                              <h2 class="border_middle">Your details:</h2>

                              <div class="border_middle">
<?php

      print "<p>" . htmlspecialchars($_POST['firstname']) . " " . htmlspecialchars($_POST['lastname']) . "<br />";
      print htmlspecialchars($_POST['address']) . "<br />";
      print htmlspecialchars($_POST['town']) . " " . htmlspecialchars($_POST['postcode']) . "<br />";
      print htmlspecialchars($_POST['country']) . "</p>";

      print "<p>" . htmlspecialchars($_POST['email']) . "<br />";
      print htmlspecialchars($_POST['telephone']) . "</p>";
?>

<br />
                        </div>


                              <p class="border_bottom">&nbsp;</p>


                              <p class="border_top">&nbsp;</p>
                              <h2 class="border_middle">Your order details:</h2>

                              <div class="border_middle">
                                    <?php
                                    echo checkout();
                                    ?>

                              </div>

                              <p class="border_bottom">&nbsp;</p>
                        </div>

<br /><br />

      <form action="https://xxxxx" method=POST target="_blank">
            <input type=hidden name="testMode" value="100">
            <input type=hidden name="instId" value="12345">
            <input type=hidden name="cartId" value="123456">
            <input type=hidden name="amount" value="<?php print $total; ?>">
            <input type=hidden name="currency" value="GBP">
            <input type=hidden name="desc" value="<?php print $title . '</strong> <br /> ' . $start_date . ' ' . $end_date . ' <br /> (' . $weeks . ') x ' . $qty; ?>">
            <input type=hidden name="name" value="<?php print htmlspecialchars($_POST['firstname']) . ' ' . htmlspecialchars($_POST['lastname']); ?>">
            <input type=hidden name="address" value="<?php print (htmlspecialchars($_POST['address']) . ', ' . htmlspecialchars($_POST['town'])); ?>">
            <input type=hidden name="postcode" value="<?php print htmlspecialchars($_POST['postcode']); ?>">
            <input type=hidden name="country" value="<?php print htmlspecialchars($_POST['country']); ?>">
            <input type=hidden name="tel" value="<?php print htmlspecialchars($_POST['telephone']); ?>">
            <input type=hidden name="email" value="<?php print htmlspecialchars($_POST['email']); ?>">
            <input type=submit value="Proceed to secure server">
      </form>



<?php
}
?>

Regards,

J
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
lpxtechCommented:
By using the method provided, it would return the variables for you to display.

function checkout(&$output, &$contents) {

when this function is called checkout($output, $contents) it will set the variables $output and $contents to the end result of those variables in the function and return them.

So for example,

if you have in your code checkout($output, $contents), you could then put

echo $output;
echo function_to_parse_contents($contents);

the function to parse the contents would return the html for the form with hidden values
0
 
justajAuthor Commented:
Hi, I will do one step at the time...
1.)i changed that, but it doesn't work :(

What I did was (if you look at my first post):
replaced "function checkout() {"  to  "function checkout(&$output, &$contents) {" and just deleted "return join('',$output);" from the end of that function.

Then I instead of
                                    <?php
                                    echo checkout();
                                    ?>
I put
                                    <?php
                                    echo $output;
                                    ?>

I got empty div on a page :(

Why do I use $contents?
I have it in the checkout function, but the values I need to use from this function are:

$title $start_date $end_date $weeks.$qty $price (all those can be defined as new $descritption, I guess, but I would need it for each chosed item - to pass it on to the secure server) and $total

2.) Finally I understand I have to write a function function_to_parse_contents($contents);?
I placed it in the include file after the function process_form( ) but I'm still getting the same error as before - I'm not sure If I'm writing it correctly in the hidden input... Is that correct:
<input type=hidden name="amount" value="<?php print $total; ?>">

Maybe it would be easier if you see how it works, or how it doesn't:
Please go to: http://www.capoeira-agora.com/experts/shop_agora.php
It's password protected:
user: experts
password: exchange

Thanks. J
0
 
lpxtechCommented:
Ok, this makes more sense now.

Ok, I think I misread the function and realized that $contents is not what you need. I apologize. So, lets say $fields then just the same as we did $contents and add $fields[] = $row after the query see the code below.

Now you would call this like so.

<?php
checkout($output, $fields);
echo $output;
echo $fields;
?>

Also, may I ask why your using $output as an array and not a string?

See the code below.
<?php
 
function checkout(&$output, &$fields) {
	global $db;
	$cart = $_SESSION['cart'];
	if ($cart) {
		$items = explode(',',$cart);
		$contents = array();
		foreach ($items as $item) {
			$contents[$item] = (isset($contents[$item])) ? $contents[$item] + 1 : 1;
		}
		$output = '<table border="1" id="shop">
					<tr>
					<td><strong>Item</strong></td>
					<td><strong>Quantity</strong></td>
					<td><strong>Total per item</strong></td>
					</tr>';
		foreach ($contents as $id=>$qty) {
			$sql = 'SELECT * FROM courses WHERE id = '.$id;
			$result = $db->query($sql);
			$row = $result->fetch();
			$fields[] = $row;
			extract($row);
			$output .= '<tr>
						<td><strong>'.$title.'</strong> <br /> '.$start_date.' '.$end_date.' <br /> '.$weeks.'</td>
						<td>'.$qty.'</td>
						<td>&pound;'.($price * $qty).'</td>
						</tr>';
			$total += $price * $qty;
		}
		$output .= '<tr >
					<td colspan="2"><strong>Total for all items:</strong></td>
					<td colspan="2"><strong>&pound;'.$total.'</strong></td>
					</tr>
				</table>
				<p>&nbsp;</p>';
	}
	$fields = parse_fields($fields);
}
 
function parse_fields($fields) {
	foreach ($fields as $row) {
		extract($row);
			$output .= 'PUT OUTPUT HERE!';
	}
}
 
?>

Open in new window

0
 
justajAuthor Commented:
Hello,

Thanks for that.

I don't know the answer re: "why your using $output as an array and not a string?", as I found that function on the Web and just modified it slightly to display results. I use it once to showcart and calculateand allow user to change the amount, then I renamed it to use just for displaying results, but that's it...

Could you please let me know what do you mean by  'PUT OUTPUT HERE!' in  
$output .= 'PUT OUTPUT HERE!'; ?
Is it the my form connecting to the secure server with hidden values?
If yes, then I tried it - I put one below, but it doesn't display the 'Proceed' button now at all.

Again, you can see it in the link provided earlier.

Thanks,

J
<?php
function parse_fields($fields) {
        foreach ($fields as $row) {
                extract($row);
                        $output .= '<form action="https://select-test.worldpay.com/wcc/purchase" method=POST target="_blank">
					<input type=hidden name="testMode" value="100">
					<input type=hidden name="instId" value="215207">
					<input type=hidden name="cartId" value="101KT0098">
					<input type=hidden name="amount" value="<?php print $title; ?>">
					<input type=hidden name="currency" value="GBP">
					<input type=hidden name="desc" value="<?php print $title . " <br /> " . $start_date . " " . $end_date . " <br /> (" . $weeks . ") x " . $qty; ?>">
					<input type=hidden name="name" value="<?php print htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"]); ?>">
					<input type=hidden name="address" value="<?php print (htmlspecialchars($_POST["address"]) . ", " . htmlspecialchars($_POST["town"])); ?>">
					<input type=hidden name="postcode" value="<?php print htmlspecialchars($_POST["postcode"]); ?>">
					<input type=hidden name="country" value="<?php print htmlspecialchars($_POST["country"]); ?>">
					<input type=hidden name="tel" value="<?php print htmlspecialchars($_POST["telephone"]); ?>">
					<input type=hidden name="email" value="<?php print htmlspecialchars($_POST["email"]); ?>">
					<input type=submit value="Proceed to secure server">
				</form>';
        }
}
?>

Open in new window

0
 
justajAuthor Commented:
Oops, sorry, I have to take the php tags out...
Will be back shortly...
0
 
justajAuthor Commented:
still doesn't work, it's obviously still worng, please see attached code
<?php
function parse_fields($fields) {
        foreach ($fields as $row) {
                extract($row);
                        $output .= '<form action="https://xxx" method=POST target="_blank">
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="22222">
<input type=hidden name="cartId" value="11111118">
<input type=hidden name="amount" value="$total">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc" value="$title . $start_date . $end_date . $weeks . $qty">
<input type=hidden name="name" value="htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"])">
<input type=hidden name="address" value="htmlspecialchars($_POST["address"]) . ", " . htmlspecialchars($_POST["town"]))">
<input type=hidden name="postcode" value="htmlspecialchars($_POST["postcode"])">
<input type=hidden name="country" value="htmlspecialchars($_POST["country"])">
<input type=hidden name="tel" value="htmlspecialchars($_POST["telephone"])">
<input type=hidden name="email" value="htmlspecialchars($_POST["email"])">
<input type=submit value="Proceed to secure server">
</form>';
        }
}
?>

Open in new window

0
 
lpxtechCommented:
paste the code used to call the checkout function and print data
0
 
justajAuthor Commented:
you mean this one:
<?php
checkout($output, $fields);
echo $output;
echo $fields;
?>

...I have added it to the process form function:
<?php
function process_form( ) {
?>
		<div id="cart_content">
			<p class="border_top">&nbsp;</p>
			<h2 class="border_middle">Your details:</h2>
 
			<div class="border_middle">
<?php
 
	print "<p>" . htmlspecialchars($_POST['firstname']) . " " . htmlspecialchars($_POST['lastname']) . "<br />";
	print htmlspecialchars($_POST['address']) . "<br />";
	print htmlspecialchars($_POST['town']) . " " . htmlspecialchars($_POST['postcode']) . "<br />";
	print htmlspecialchars($_POST['country']) . "</p>";
 
	print "<p>" . htmlspecialchars($_POST['email']) . "<br />"; 
	print htmlspecialchars($_POST['telephone']) . "</p>";
?>
 
<br />
			</div>
 
			<p class="border_bottom">&nbsp;</p>
 
 
			<p class="border_top">&nbsp;</p>
			<h2 class="border_middle">Your order details:</h2>
				<div class="border_middle">
			         <?php
					checkout($output, $fields);
					echo $output;
					echo $fields;
				 ?>
 
				</div>
 
			<p class="border_bottom">&nbsp;</p>
			</div>
 
<br /><br />
<?php
}
?>

Open in new window

0
 
lpxtechCommented:
whoops. forgot to add return $output in the parse_fields function. That should make a difference
0
 
justajAuthor Commented:
hi,

it did make a difference, as I have button now, but as it says 'for each...', if I have 2 rows, I get two buttons, if 3 - 3 buttons...

then when I press the button it still doesn't pass the values across... :(

That's where I added the return:
function parse_fields($fields) {
        foreach ($fields as $row) {
                extract($row);
                        $output .= '<form action="https://xxx" method=POST target="_blank">
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="2222">
<input type=hidden name="cartId" value="111233">
<input type=hidden name="amount" value="$total">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc" value="$title . $start_date . $end_date . $weeks . $qty">
<input type=hidden name="name" value="htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"])">
<input type=hidden name="address" value="htmlspecialchars($_POST["address"]) . ", " . htmlspecialchars($_POST["town"]))">
<input type=hidden name="postcode" value="htmlspecialchars($_POST["postcode"])">
<input type=hidden name="country" value="htmlspecialchars($_POST["country"])">
<input type=hidden name="tel" value="htmlspecialchars($_POST["telephone"])">
<input type=hidden name="email" value="htmlspecialchars($_POST["email"])">
<input type=submit value="Proceed to secure server">
</form>';
        }
	return $output;
}
 

Open in new window

0
 
justajAuthor Commented:
just double checked - it's just doesn't like the value here:
<input type=hidden name="amount" value="$total">

when I changed that to a number I got a page without an error, but then the description was just one line and it said exactly: $title . $start_date . $end_date . $weeks . $qty, instead of actual values and not giving it for each row...

finally when i got to the next stage instead of name I had: htmlspecialchars($_POST["firstname"])

It worked before, when the form was not in a php tags...

So we are definitively closer, but now how correctly write the values in the hidden tags and how to make sure that the details of each item are passed on?

Thanks,
J
0
 
justajAuthor Commented:
...and how to get rid of those additional 'proceed buttons'...

Thanks
0
 
justajAuthor Commented:
actually it's just that what is passed on in the name, etc: htmlspecialchars($_POST[
0
 
justajAuthor Commented:
ok, when I took the form out and put back to where it was before - in the process form function, the name, address etc, was passed on fine, so I am still at square one - how to pass $total anf the description which would consist of $title $start_date $end_date $weeks $qty in the hidden fields... ?
0
 
lpxtechCommented:
Ok, You do realize that you have to concatenate php variables when using strings of text.

see below.
function parse_fields($fields) {
        foreach ($fields as $row) {
                extract($row);
                        $output .= '<form action="https://xxx" method=POST target="_blank">
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="2222">
<input type=hidden name="cartId" value="111233">
<input type=hidden name="amount" value="'.$total.'">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc" value="'."$title $start_date $end_date $weeks $qty".'">
<input type=hidden name="name" value="htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"])">
<input type=hidden name="address" value="'.htmlspecialchars($_POST["address"]) . ', ' . htmlspecialchars($_POST["town"])).'">
<input type=hidden name="postcode" value="'.htmlspecialchars($_POST["postcode"]).'">
<input type=hidden name="country" value="'.htmlspecialchars($_POST["country"]).'">
<input type=hidden name="tel" value="'.htmlspecialchars($_POST["telephone"]).'">
<input type=hidden name="email" value="'.htmlspecialchars($_POST["email"]).'">
<input type=submit value="Proceed to secure server">
</form>';
        }
        return $output;
}

Open in new window

0
 
lpxtechCommented:
Forgot line 11. Replace with this code below.
<input type=hidden name="name" value="'.htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"]).'">

Open in new window

0
 
justajAuthor Commented:
hello,

ok, that's better, thanks, sorry about that, but I'm beginner :(

still three things:
1.) There's still an issue with the $total, for some reasons it's not passed on... when I do 'view source' of the final page - it shows value as '0'
2.) Also there is a 'Proceed' button for each different item (if I choose two different items or more, I'll get two buttons or more), and I want it just once on the page, so I have to move it out of 'for each' statement
3.) Only one description is passed on in the form and I need to pass on description for each item.

Thank you!

J
0
 
lpxtechCommented:
Ok,

For the multiple proceed buttons, move the submit field and closing form tag like so.
function parse_fields($fields) {
        foreach ($fields as $row) {
                extract($row);
                        $output .= '<form action="https://xxx" method=POST target="_blank">
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="2222">
<input type=hidden name="cartId" value="111233">
<input type=hidden name="amount" value="'.$total.'">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc" value="'."$title $start_date $end_date $weeks $qty".'">
<input type=hidden name="name" value="htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"])">
<input type=hidden name="address" value="'.htmlspecialchars($_POST["address"]) . ', ' . htmlspecialchars($_POST["town"])).'">
<input type=hidden name="postcode" value="'.htmlspecialchars($_POST["postcode"]).'">
<input type=hidden name="country" value="'.htmlspecialchars($_POST["country"]).'">
<input type=hidden name="tel" value="'.htmlspecialchars($_POST["telephone"]).'">
<input type=hidden name="email" value="'.htmlspecialchars($_POST["email"]).'">';
        }
        $output .= '<input type=submit value="Proceed to secure server">
        </form>';
        return $output;
}

Open in new window

0
 
lpxtechCommented:
And as for the total not being defined. See the update made to the checkout function below.
<?php
 
function checkout(&$output, &$fields) {
        global $db;
        $cart = $_SESSION['cart'];
        if ($cart) {
                $items = explode(',',$cart);
                $contents = array();
                foreach ($items as $item) {
                        $contents[$item] = (isset($contents[$item])) ? $contents[$item] + 1 : 1;
                }
                $output = '<table border="1" id="shop">
                                        <tr>
                                        <td><strong>Item</strong></td>
                                        <td><strong>Quantity</strong></td>
                                        <td><strong>Total per item</strong></td>
                                        </tr>';
                $i=0;
                foreach ($contents as $id=>$qty) {
                        $sql = 'SELECT * FROM courses WHERE id = '.$id;
                        $result = $db->query($sql);
                        $row = $result->fetch();
                        $fields[$i] = $row;
                        extract($row);
                        $output .= '<tr>
                                                <td><strong>'.$title.'</strong> <br /> '.$start_date.' '.$end_date.' <br /> '.$weeks.'</td>
                                                <td>'.$qty.'</td>
                                                <td>&pound;'.($price * $qty).'</td>
                                                </tr>';
                        $total += $price * $qty;
                        $fields[$i]['total'] = $total;
                        $i++;
                }
                $output .= '<tr >
                                        <td colspan="2"><strong>Total for all items:</strong></td>
                                        <td colspan="2"><strong>&pound;'.$total.'</strong></td>
                                        </tr>
                                </table>
                                <p> </p>';
        }
        $fields = parse_fields($fields);
}

Open in new window

0
 
justajAuthor Commented:
Hi there,

Thanks for that.
The proceed button works fine now.

Regarding the £total - I put your code above in my page and as the result, the form was repeated (in the hidden files), then when I clicked 'Proceed' the values that were passed on, included the first items' price is and the description - please see the code attached...

So.. I tried to take off the 'i++' after
                        $total += $price * $qty;
                        $fields[$i]['total'] = $total;
                        $i++;
and left only
                        $total += $price * $qty;
                        $fields[$i]['total'] = $total;

and now I get just one form, with the correct total (subtotal for all), but only the last item's description is passed on.

How can we now pass all the descriptions?

I tried something like this:
after the piece of code above, I followed your pattern and added:
                        $desc = $title . " " . $start_date . " " . $end_date . " (" . $weeks . ")" . " x " . $qty;
                        $fields[$i]['desc'] = $desc;

so now we could you pls help me to make the $desc include all of the items descriptions displayed one under another, so when the value $desc is passed in the hidden field:
<input type=hidden name="desc" value="'.$desc.'">
it will include all of the items.

(Below please see the output of the form from the 'view sourse' after I added your code (now, as I said, after removing i++, it doesn't do it any more):


<form action="https://xxx" method=POST target="_blank">
 
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="2222">
<input type=hidden name="cartId" value="1111">
<input type=hidden name="amount" value="36">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc" value="Tuesday course (Cat No: 2001) From 16-09-2009 to 07-10-2008 4 weeks ">
<input type=hidden name="name" value="jackie brown">
<input type=hidden name="address" value="65 street, test">
<input type=hidden name="postcode" value="s6 5rt">
<input type=hidden name="country" value="test">
<input type=hidden name="tel" value="012345688">
<input type=hidden name="email" value="test@test.com"><form action="https://xxx" method=POST target="_blank">
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="2222">
<input type=hidden name="cartId" value="1111">
<input type=hidden name="amount" value="81">
<input type=hidden name="currency" value="GBP">
 
<input type=hidden name="desc" value="Thursday course (Cat No: 4002) From 09-10-2008 to 06-11-2008 5 weeks ">
<input type=hidden name="name" value="jackie brown">
<input type=hidden name="address" value="65 street, test">
<input type=hidden name="postcode" value="s6 5rt">
<input type=hidden name="country" value="test">
<input type=hidden name="tel" value="012345688">
<input type=hidden name="email" value="test@test.com"><input type=submit value="Proceed to secure server">
        </form>

Open in new window

0
 
lpxtechCommented:
Ok, so do you want only 1 total for all products? Also for multiple descriptions to be posted, you have to use an array such as desc[]. See new code below.
<?php
 
function checkout(&$output, &$fields) {
        global $db;
        $cart = $_SESSION['cart'];
        if ($cart) {
                $items = explode(',',$cart);
                $contents = array();
                foreach ($items as $item) {
                        $contents[$item] = (isset($contents[$item])) ? $contents[$item] + 1 : 1;
                }
                $output = '<table border="1" id="shop">
                                        <tr>
                                        <td><strong>Item</strong></td>
                                        <td><strong>Quantity</strong></td>
                                        <td><strong>Total per item</strong></td>
                                        </tr>';
                foreach ($contents as $id=>$qty) {
                        $sql = 'SELECT * FROM courses WHERE id = '.$id;
                        $result = $db->query($sql);
                        $row = $result->fetch();
                        $fields[$i] = $row;
                        extract($row);
                        $output .= '<tr>
                                                <td><strong>'.$title.'</strong> <br /> '.$start_date.' '.$end_date.' <br /> '.$weeks.'</td>
                                                <td>'.$qty.'</td>
                                                <td>&pound;'.($price * $qty).'</td>
                                                </tr>';
                        $total += $price * $qty;
                }
				$fields['total'] = $total;
                $output .= '<tr >
                                        <td colspan="2"><strong>Total for all items:</strong></td>
                                        <td colspan="2"><strong>&pound;'.$total.'</strong></td>
                                        </tr>
                                </table>
                                <p> </p>';
        }
        $fields = parse_fields($fields);
}
 
function parse_fields($fields) {
		$total = $fields['total'];
		unset($fields['total']);
        foreach ($fields as $row) {
                extract($row);
                        $output .= '<form action="https://xxx" method=POST target="_blank">
<input type=hidden name="testMode" value="100">
<input type=hidden name="instId" value="2222">
<input type=hidden name="cartId" value="111233">
<input type=hidden name="amount" value="'.$total.'">
<input type=hidden name="currency" value="GBP">
<input type=hidden name="desc[]" value="'."$title $start_date $end_date $weeks $qty".'">
<input type=hidden name="name" value="'.htmlspecialchars($_POST["firstname"]) . " " . htmlspecialchars($_POST["lastname"]).'">
<input type=hidden name="address" value="'.htmlspecialchars($_POST["address"]) . ', ' . htmlspecialchars($_POST["town"])).'">
<input type=hidden name="postcode" value="'.htmlspecialchars($_POST["postcode"]).'">
<input type=hidden name="country" value="'.htmlspecialchars($_POST["country"]).'">
<input type=hidden name="tel" value="'.htmlspecialchars($_POST["telephone"]).'">
<input type=hidden name="email" value="'.htmlspecialchars($_POST["email"]).'">
<input type=submit value="Proceed to secure server">
</form>';
        }
        return $output;
}
 
?>

Open in new window

0
 
justajAuthor Commented:
Yes, just one total - for all items together and then description one under another (so with <br /> between) so for example it will look:

Tuesday course (Cat No: 2001) From 16-09-2009 to 07-10-2008 (4 weeks) x 1
Thursday course (Cat No: 4002) From 09-10-2008 to 06-11-2008 (5 weeks) x 1
Total for all: £81

Your code above works regarding the total - I get one final one in the hidden output now, but doesn't work with the descriptions - I still get one - the last description only in the hidden form.

Thanks.
0
 
justajAuthor Commented:
shouldn't I declare that array somewhere first? at the moment it's just mentioned in your code in line 53 ?
0
 
lpxtechCommented:
You have to handle the desc array after the form is posted.
0
 
justajAuthor Commented:
it's going to an external page, where I have no possibility of editing :(

Can't I turn the array into one value before it's put to the hidden input?
0
 
justajAuthor Commented:
also I don't know if I explained it clearly - the array items not supposed to be: $title $start_date $end_date $weeks $qty

but those values for each item - for each tow in a table, so
[0] $title $start_date $end_date $weeks $qty
[1] $title $start_date $end_date $weeks $qty
[2] $title $start_date $end_date $weeks $qty

if for example three different items were chosen

Thanks, J
0
 
justajAuthor Commented:
row in a table I meant :)
0
 
justajAuthor Commented:
thanks for your help, I will post the rest as a separate question.

Regards,

j
0
 
justajAuthor Commented:
thanks for your help
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 21
  • 11
Tackle projects and never again get stuck behind a technical roadblock.
Join Now