selling on website

[learnvb1]

Hi

I am new to PHP. I am using Dreamweaver cs3. i want to buid a small website which allows selling products on the website. i have seen few websilte with the link " add to shopping cart". How to use that sort of technology via php and Dreamweaver.

Any tutorial or guideance would be highly appriciated.

[kows]

you could look for pre-built shopping cart modules to add to your website, if you'd like. if you would rather do this yourself however, you might want to grab a book or search for some basic PHP tutorials to get started.

[learnvb1]

you could look for pre-built shopping cart modules to add to your website, if you'd like. if you would rather do this yourself however, you might want to grab a book or search for some basic PHP tutorials to get started.

Thanks...i am using a book that has basic php tutorial...but doesnt cover shopping cart modules......

Has anybody got idea of any materila with shopping cart modules?

[Nightwalker83]

Here is the code I have for a working shopping cart example:

add_to_cart.php

PHP Code:

<?php
session_start();
include 'cart.php';
        //get the item_id and the quantity
        $item_id=$_POST['item_id'];
        $qty=$_POST['qty'];
        //store number of items in the shopping cart
        $counter = $_SESSION['counter'];
        $cart = new Cart();
        //unserialize the cart if the cart is not empty
        if ($counter>0)
            $cart = unserialize($_SESSION['cart']);
        else {
            session_register('cart');
            session_register('counter');
        }
        if (($item_id == "")or ($qty < 1))
        {
                header("Location: products.php");
                exit;
        }
        else
        {
            //connect to server and select database
            require_once('conn_video.php');
               $query = "SELECT item_name, price from products WHERE (item_id = '$item_id') ";
            $result= mysql_query($query) or die( "Database Error");
            if (mysql_num_rows($result) == 1) {
                $item_name=mysql_result($result,0,"item_name");
                $price=mysql_result($result,0,"price");
                //add items to the cart
                $new_item = new Item($item_id, $item_name, $qty, $price);
                $cart->add_item($new_item);
                //update the counter
                $_SESSION['counter'] = $counter+1;
                $_SESSION['cart'] = serialize($cart);
                header("Location: view_cart.php");
            }
            else
                {
                     header("Location: products.php");
                        exit;
                 }
        }
    
?>

cart.php

PHP Code:

<?php

class Item {
    var $item_id;
    var $item_name;
    var $qty;
    var $price;
    var $deleted = false;
    
    function Item ($item_id, $item_name, $qty, $price) {
        $this->item_id = $item_id;
        $this->item_name = $item_name;
        $this->qty = $qty;
        $this->price = $price;
    }
    function get_item_cost() {
      return $this->qty * $this->price;
    }
    
    function get_item_id() {
        return $this->item_id;
    }
    
    function get_item_name() {
        return $this->item_name;
    }
    function get_qty() {
        return $this->qty;
    }
    function get_price() {
        return $this->price;
    }
    function delete_item() {
        $this->deleted = true;
    }
}

class Cart {
    var $items;
    var $depth;

    function Cart() {
        $this->items = array();
        $this->depth = 0;
    }

    function add_item($item) {
        $this->items[$this->depth] = $item;
        $this->depth++;
    }

    function delete_item($item_no) {
        $this->items[$item_no]->delete_item();
    }

    function get_depth() {
        return $this->depth;
    }
    function get_item($item_no) {
        return $this->items[$item_no];
    }
}

?>

checkout.php

PHP Code:

<?php
session_start();
include 'cart.php';
$cart = new Cart();
$counter= $_SESSION['counter'];
$total_amount = 0;     

if ($counter==0)
            echo"<br><br><p><b> Your Shopping Cart is empty !!! </b></p>";
        else {
            $cart = unserialize($_SESSION['cart']);
            $depth = $cart->get_depth();
            echo"<h1>Shopping Cart</h1>";
            echo "<table border=1>";
            echo"<tr><td><b>Item Name</b></td><td><b>Quantity</b></td><td><b> Price</b></td></tr>";
            for ($i=0; $i < $depth; $i++)
            {
                $item = $cart->get_item($i);
                $deleted = $item->deleted;
                if (!$deleted){
                    $item_id = $item->get_item_id();
                    $item_name = $item->get_item_name();
                    $qty = $item->get_qty();
                    $price = $item->get_price();
                    $total_amount = $total_amount + ($price * $qty);
                    echo"<tr><td>$item_name</td><td>$qty </td><td>$price</td></tr>";        
                }        
            }

            echo"<tr><td><b> Total </b></td><td>&nbsp;</td><td><b>$total_amount</b></td></tr>";    
            echo "</table>";
            echo"<p><b> <a href=view_cart.php>Remove Items from the Cart </a> </b></p>";
            echo"<p><b> <a href=products.php>Go back to products </a> </b></p>";
        }
?>

conn_video.php

PHP Code:

<?php
# FileName="conn_video.php"

$hostname= "localhost";
$database = "cartdb";
$user = "root";
$pass = "";
mysql_connect($hostname,$user,$pass) or die( "Unable to connect to the server");
mysql_select_db($database) or die( "Unable to select the database");
?>

products.php

PHP Code:

<?php
    session_start();
    //connect to server and select database
    require_once('conn_video.php');
        $item_name = 0;
            $type = 0;     
?>
<html>
<body>
    <form method="post" action="products.php">
      <table width="699" border="0">
        <tr>
          <td><strong>Title</strong></td>
          <td><strong>Category</strong></td>
          <td><strong>Search</strong></td>
          <td>&nbsp;</td>
        </tr>
        <tr>
          <td width="152"><input name="item_name" type="text" id="item_name"></td>
          <td width="196"><select name="type" size="1" id="type">
            <option selected></option>
            <option value="comedy">Comedy</option>
            <option value="romance">Romance</option>
            <option value="action">Action</option>
            <option value="other">Other</option>
          </select></td>
          <td width="121">
            <div align="left">
              <input type="submit" name="Submit" value="Search">        
              </div></td>
          <td width="212"><a href="view_cart.php"><strong>View your Shopping Cart </strong></a></td>
        </tr>
      </table>
    </form>
    <table width="100%"  border="1">
    <tr>
    
    <td><b>Select Item</b> </td>
    <td><b> Item Name </b></td>
    <td><b> Quantity </b></td>
    <td><b> Add to Cart </b></td>
    </tr>
    
      <?php
               
          //Search products 
if(isset($_POST['type'], $_POST['item_name'])){
  $type = $_POST['type'];
  $item_name = $_POST['item_name'];
  }
    if (($item_name =="") && ($type ==""))
        $query = "SELECT * FROM products";
    else
        $query = "SELECT item_id, item_name FROM products WHERE (type = '$type' AND item_name='$item_name')";
    
    $result = mysql_query ($query) or die ("query 2 failed");
    
                  //Display products
                while ($row = mysql_fetch_row ($result))
                {
                  echo "<tr><form  action=add_to_cart.php method=POST>";
                  echo "<td> <input name= item_id type=checkbox id= $row[0] value=$row[0]></td>";
                  echo "<td> $row[1]</td>";
                  echo"<td><input name=qty type=text id=qty value=1 size=4 maxlength=2></td>";
                  echo"<td><INPUT  name=add TYPE=submit id=add value=Add><td>";
                  echo "</form></tr>";
                  
                 }
     ?>   
   </table>
</body>
</html>

remove_from_cart.php

PHP Code:

<?php
session_start();
include 'cart.php';

        $item_no=$_POST['item_no'];
        //remove item from the cart if selected - mark as deleted
        if ($item_no!=""){
            $counter = $_SESSION['counter'];
            $cart = new Cart();
            $cart = unserialize($_SESSION['cart']);
            //delete selected item from the cart
            $cart->delete_item($item_no);
            //update the counter
            $_SESSION['counter'] = $counter-1;
            $_SESSION['cart'] = serialize($cart);
            header("Location: view_cart.php");
        }
?>

view_cart.php

PHP Code:

<?php
session_start();
include 'cart.php';

        $cart = new Cart();
        $counter= $_SESSION['counter'];
    
?>
<html>
</head>

<body>
<table width="100%"  border="0">
  
  <tr>
    <td height="244" colspan="4" valign="top">
    <?php
        //check whether the cart is empty or not
        
        
        if ($counter==0){
            echo"<h1>Shopping Cart</h1>";
            echo"<br><br><p><b> Your Shopping Cart is empty !!! </b></p>";
            echo"<p><b> <a href=products.php>Go back to products </a> </b></p>";
        }
        else {
            $cart = unserialize($_SESSION['cart']);
            //$cart = $_SESSION['cart'];
            $depth = $cart->get_depth();
            echo"<h1>Shopping Cart</h1>";
            echo "<table border=1>";
            echo"<tr><td><b>Item Name</b></td><td><b>Quantity</b></td><td><b> Price</b></td></tr>";
            for ($i=0; $i < $depth; $i++)
            {
                $item = $cart->get_item($i);
                $deleted = $item->deleted;
                //display if the item is not marked for deletion
                if (!$deleted){
                    $item_id = $item->get_item_id();
                    $item_name = $item->get_item_name();
                    $qty = $item->get_qty();
                    $price = $item->get_price();
                    echo "<tr><form  action=remove_from_cart.php method=POST>";
                    echo"<td>$item_name</td><td>$qty </td><td>$price</td>";
                    echo "<td> <input name= item_no type=checkbox id= item_no value=$i></td>";
                    echo"<td><INPUT  name=remove TYPE=submit id=remove value=Remove><td>";
                    echo "</tr></form>";
                }
            }
        
            echo "</table>";
            echo"<p><b> <a href=checkout.php>Checkout </a> </b></p>";
            echo"<p><b> <a href=products.php>Go back to products </a> </b></p>";
        }
    ?>
  </tr>
</table>
</body>
</html>

Here is an an sql file:

PHP Code:

CREATE DATABASE `cartdb` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci;
USE `cartdb`;

CREATE TABLE IF NOT EXISTS `customers` (
  `first_name` varchar(15) NOT NULL,
  `last_name` varchar(20) NOT NULL,
  `phone` varchar(20) NOT NULL,
  `email` varchar(30) NOT NULL,
  `password` varchar(8) NOT NULL,
  PRIMARY KEY (`email`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS `order_line` (
  `order_id` varchar(10) NOT NULL,
  `item_id` varchar(6) NOT NULL,
  `qty` int(4) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS `orders` (
  `order_id` varchar(10) NOT NULL,
  `email` varchar(30) NOT NULL,
  `total_amount` decimal(6,2) NOT NULL,
  `status` varchar(15) NOT NULL,
  PRIMARY KEY (`order_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

CREATE TABLE IF NOT EXISTS `products` (
  `item_id` varchar(6) NOT NULL,
  `item_name` varchar(30) NOT NULL,
  `price` decimal(6,2) NOT NULL,
  `type` varchar(15) NOT NULL,
  `item_date` date NOT NULL DEFAULT '2004-11-11',
  PRIMARY KEY (`item_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

INSERT INTO `products` (`item_id`, `item_name`, `price`, `type`, `item_date`) VALUES
('10001', 'Heroes', 12.00, 'Action', '2004-11-11'),
('10002', 'Bruno', 22.00, 'Comdy', '2009-11-07'),
('10003', 'True Blood', 24.95, 'Horror', '2008-11-11'); 


[kfcSmitty]

If you do use NightWalkers code, be sure to look into SQL Injection, as this code has some holes in it.

[SambaNeko]

While you can experiment with Nightwalker83's code for your own education, if you're going to be handling real transactions and you're a beginner with PHP/MySQL, get a professionally built shopping cart software - search Google for "php shopping cart". You're dealing with people's personal information and credit card numbers: if you don't take this seriously and do it correctly, you could find yourself in a lot of trouble.

[learnvb1]

Thanks guys....helped heaps

[Nightwalker83]

Yes, as Smitty and Samba Neko pointed out you would need to modify my code because it has holes, etc in it. The above code is an example I was given during one of my classes by my lecturer to show me how a shopping cart was suppose to work.

[penagate]

Yes, as Smitty and Samba Neko pointed out you would need to modify my code because it has holes, etc in it. The above code is an example I was given during one of my classes by my lecturer to show me how a shopping cart was suppose to work.

Three things:

1. You should not give a code example containing amateur security vulnerabilities for a serious topic like commerce.

2. I hope your lecturer gave you permission to reproduce his example.

3. Switch courses immediately. Your lecturer is incompetent.

[Nightwalker83]

Three things:

1. You should not give a code example containing amateur security vulnerabilities for a serious topic like commerce.

2. I hope your lecturer gave you permission to reproduce his example.

3. Switch courses immediately. Your lecturer is incompetent.

1. I'm not sure what you are talking about.
2. Yes, he did.
3. I plan on doing programming next year.

[I_Love_My_Vans]

Throughout my college years none of my lecturers knew squat about PHP, the code examples they provided I wouldn't show to a beginner. Because I started using PHP before everyone else on my course I ended up writing my own examples for them, simple things like a hit counter using over 200 lines of hideous, hideous code :-(

Any way it was nice for NightWalker to provide an example, however it does have holes in it, and as a beginner you are unlikely to be able to spot these and that's a real concern.

If you are serious about wanting to sell stuff online your options are to either purchase a shopping cart solution (Magneto or [url=http://www.shopify.com/]Shopify[/url), or simply use eBay.

The idea is if you want to learn PHP, do so on something less risky and let the professionals handle the risky business of security (especially payment).

[Nightwalker83]

Throughout my college years none of my lecturers knew squat about PHP

That is true for a lot of areas I'm afraid! That's why teachers/lecturers need to have a background in what they are teaching either from having studied it at university/school themselves or from working in the field.