I'm new to PHP, I started about 3 weeks ago.
I have a string, which is used with $_POST to pass it to another page, the second page uses $_GET to get these url and split it as desired.
My problem is that, in my first page I use a String, and I want to encrypt it, so that I can pass it as a plan text. In the second page I must decrypt it and get it as an array.
So is there any encryption method or function I can use which is compatible with $_POST ( so I can send it to another page ) and decrypt it as an array ?
I need this method, because the second page is actually connecting to website and is a payment method. So i don't want users to manually edit the url and lower the amount of $ for the product they get.
tnx for your help.
You're thinking about this wrong. You NEVER trust information coming from the user's side.
For example, if your user sends a form that says what item they want, DO NOT include the price in the form. Instead, get the price from the server (database), where it can be trusted.
What you probably want to do is pass the contents of the users cart (i.e. the items he'd like to order) to the payment site.
Therefore, you should create a form like:
<form action="URL/to/paymentPage.php" method="post">
<!-- Item 1 -->
<input type="hidden" name="items[0]" value="productID1"/>
<input type="hidden" name="quantity[0]" value="quantity1"/>
<!-- Item 2 -->
<input type="hidden" name="items[1]" value="productID2"/>
<input type="hidden" name="quantity[1]" value="quantity2"/>
<!-- ... -->
<!-- Item n -->
<input type="hidden" name="items[n]" value="productIDn"/>
<input type="hidden" name="quantity[n]" value="quantityn"/>
<input type="submit" value="Order"/>
</form>
On the server in the file "URL/to/paymentPage.php" you can access the items using the following code:
<?php
$items = $_POST['items']; // Array of items ..
$quantities = $_POST['quantity']; // The array of quantities for each item ..
// Calculate the total price ..
$totalPrice = 0;
foreach($items as $idx => $itemID) {
if($quantities[$idx]>0) {
totalPrice += getPriceFromDB($itemID) * $quantities[$idx];
}
}
echo 'Total Price to pay: '.$totalPrice;
?>
where the function getPriceFromDB actually retrieves the price for the item/product with the id $itemID from your database or elsewhere... :)
However, the user items are usually stored in the session, and, therefore, there is no need to submit the again.. ;)
Despite not fully understanding what you're trying to achieve, you can use base64 encoding:
$encoded_string = base64_encode ($string);
$decoded_string = base64_decode ($encoded_string);
Related
I have setup a PayPal IPN file. When the user is at the site and press submit details about the transaction is uploaded to the db. The relevant id is sent via PayPal as the custom field. When payment complete IPN used to update DB as transaction completed based on id.
All is fine.
However, this is the tricky bit. I also need to update another table - a discount/coupon code db. The update is based on the code entered and also the number of times the code can still be used. Basically if it was 50 times, after used once the db would be updated with 49. So I need to pass the code and the remaining uses allowed so can say update table where code = XXXX (update new value of 49 etc).
I can work out how to pass all these values in the custom field, but cannot work out how to parse them out again? Read about separating them with : etc, but need some advice from someone who has done before.
This is how IPN details currently comes back:
$custom = $_POST['custom'];
Thank you.
I did just this recently,
Send your paypal custom field to data as your would, inside that custom field, use a separator to split your data.
In the below example, the values are split using a "|", you can use any character you want available in your charset.
$member_id = 1;
$some_other_id = 2;
<input type="hidden" name="custom" value="<?php echo $member_id.'|'.$some_other_id ?>"/>
This will output:
<input type="hidden" name="custom" value="1|2"/>
When you get the information from paypal (the IPN response) process it like so:
$ids = explode('|', $_POST['custom']); // Split up our string by '|'
// Now $ids is an array containing your 2 values in the order you put them.
$member_id = $ids[0]; // Our member id was the first value in the hidden custom field
$some_other_ud = $ids[1]; // some_other_id was the second value in our string.
So basically, we send a string with a custom delimiter that we choose to paypal, paypal will return it to us in the IPN response. We then need to split it up (using the explode() function) and then do what you would like with it.
When you get your value from the database your select it using normal methods, then just decrement it by 1 using:
$val_from_db--; // Thats it!, Takes the current number, and minus 1 from it.
This expands on JustAnil's solution.
HTML:
<input type="hidden" name="custom" value="some-id=1&some-type=2&some-thing=xyz"/>
and your IPN script would look something like this:
<?php
parse_str($_POST['custom'],$_CUSTOMPOST);
echo $_CUSTOMPOST['some-id'];
echo $_CUSTOMPOST['some-type'];
echo $_CUSTOMPOST['some-price'];
?>
You may want to double check that parse_str performs urldecode on resulting array elements.
Here is an example using JSON:
<?php
$arr = array($member_id, $coupon);
$data = json_encode($arr);
?>
<input type="hidden" name="custom" value="<?= $data ?>"/>
Then on the other side:
$custom = json_decode($_POST['custom'], true);
$member_id = $custom[0];
$coupon = $custom[1];
You can also parse associative arrays too:
<?php
$arr = array('id' => $member_id, 'coupon' => $coupon);
$data = json_encode($arr);
?>
<input type="hidden" name="custom" value="<?= $data ?>"/>
Then on the other side:
$custom = json_decode($_POST['custom'], true);
$member_id = $custom['id'];
$coupon = $custom['coupon'];
There's a nice symmetry when using JSON to parse the data.
I am trying to multiply to fields together to obtain a total in PHP form.
<label for="190_mnth2"></label>
<div align="center">
<input name="190_mnth" type="text" id="190_mnth2" value="10" size="5" />
</div></td>
<td><div align="center">
<label for="190_rate"></label>
<input name="190_rate" type="text" id="190_rate" value="190.00" size="10" />
</div></td>
<td><div align="center">
<input name="total_190" type="text" id="total_190" value=<? echo '190_mnth2' * '190_rate' ?> size="10" />
The above is my current code but the answer is totally wrong it gives me 36100 What is wrong with my formula if anyone can assist?
First of all you cannot calculate the total like that, it's not Javascript, you need a form with a get/post request which will send a request to the server, server will process and throw the calculated value back to the user.. so wrap the fields around forms, set your method to post(preferred) and than you can write your PHP code like
<?php
if(isset($_POST['submit_button_name'])) { //Use $_GET if it's a GET request
//Save the values in variable
$mnth_190 = $_POST['190_mnth'];
$rate_190 = $_POST['190_rate'];
//Calculate here
$total = $mnth_190 * $rate_190;
/* Now you can use $total either to echo straight in your page,
or inside another input field */
}
?>
Also make sure you validate the data before the form is posted and is calculated, check whether the user input doesn't have string or any other special character.
The purpose of PHP is to generate HTML to display, not to update the HTML of the current page. You can create a POST request that submits your data for display on another page. If you want to dynamically update the total on the current page, you should use Javascript or another front end language.
<? echo '190_mnth2' * '190_rate' ?>
You're attempting to multiply two strings, which will probably be converted by PHP as 190 * 190.
In order to get this to work, you're going to have to do it in two separate steps (with PHP anyway). Because PHP is a server side language, you'll have to $_POST[''], or submit these two values as part of the query string and use $_GET[''] to calculate.
If you don't want to do it this way, then I'd suggest looking at some JavaScript to handle it instead.
I'm going to take a shot at doing something like this, as an example.
$190_mnth2 = 10;
$190_rate = 190;
$total = $190_mnth2 * $190_rate;
then using: value=<? echo '$total'; ?>
I have two pages:
Graph.php
List.php
The Graph page does exactly what it is named, graphs data. If there is no post/get data it displays all the data in a given table.
The List page is a huge table which loads around 500-600 rows of data. In the table you can sort and filter the rows using JavaScript. The table is around 14 columns wide.
After sorting the rows in the List page you can press a button 'Graph' that will take the visible rows and graph them on the graph page.
What I am having trouble with is passing these ID's over to the graph page. I started with:
<?php
if(isset($_POST['data']))
{
echo "FOUND SERIALIZED ARRAY<br>";
$afterSerializeArray = unserialize($_POST['data']);
print_r($afterSerializeArray);
}
$beforeSerializeArray = array();
$beforeSerializeArray[] = 1;
$beforeSerializeArray[] = 2;
$beforeSerializeArray[] = 3;
$serializeArray = serialize($beforeSerializeArray);
?>
<form action="" method="post">
<input type="hidden" name="data" value="<?php echo $serializeArray; ?>"/>
<input type="submit" value="Serialize"/>
</form>
I have written the small snippet to grab the ID's of the visible rows and load them into an array, serialize it and pump it into a variable to post it over to the graph.
Should I be using GET? Should I be doing this a different way?
The reason I wanted the filter and sort on a different page than the graph is because users have a lot of columns and options to filter and sort by.
Rather than trying to send array over post you should concatenate these ids with any special character (say ','). This way you will get all IDs as comma separated values in $_POST['data']. Now you can use PHP explode function to get all the values in an array and use them as you wish.
This code sample might help you
<?php
if(isset($_POST['data']))
{
echo "FOUND Ids<br>";
$IdArray = explode(',',$_POST['data']);
print_r($IdArray );
}
$idarray = array('1','2','3');
$ids = implode(',',$idarray);
?>
<form action="" method="post">
<input type="hidden" name="data" value="<?php echo $ids;?>"/>
<input type="submit" value="Serialize"/>
</form>
This is more of a technique question rather than maybe code. I am having a php form with many fields (items to select). Naturally some of the items might be selected and some not. How do I know which ones are selected when i post the data from page 1 to page 2? I thought of testing each one if empty or not, but there are just too many fields and it doesn't feel at all efficient to use or code.
Thanks,
UPDATE EDIT:
I've tried the following and maybe it will get me somewhere before I carry on testing the repliers solutions...
<html>
<body>
<form name="test" id="name" action="testprocess.php" method="POST">
<input type="text" name="choices[shirt]">
<input type="text" name="choices[pants]">
<input type="text" name="choices[tie]">
<input type="text" name="choices[socks]">
<input type="submit" value="submit data" />
</form>
</body>
</html>
and then second page:
<?php
$names = $_POST['choices'];
echo "Names are: <br>";
print_r($names);
?>
This gives out the following:
Names are: Array ( [shirt] => sdjalskdjlk [pants] => lkjlkjlk [tie]
=> jlk [socks] => lkjlkjl )
Now what I am going to try to do is iterate over the array, and since the values in my case are numbers, I will just check which of the fields are > 0 given the default is 0. I hope this works...if not then I will let you know :)
I think what you're looking for is this:
<form action="submit.php" method="POST">
<input type="checkbox" name="checkboxes[]" value="this" /> This
<input type="checkbox" name="checkboxes[]" value="might" /> might
<input type="checkbox" name="checkboxes[]" value="work" /> work
<input type="submit" />
</form>
And then in submit.php, you simply write:
<?php
foreach($_POST['checkboxes'] as $value) {
echo "{$value} was checked!";
}
?>
The square brackets in the name of the checkbox elements tell PHP to put all elements with this name into the same array, in this case $_POST['checkboxes'], though you could call the checkboxes anything you like, of course.
You should post your code so we would better understand what you want to do.
But from what I understood you are making a form with check boxes. If you want to see if the check boxes are selected, you can go like this:
if(!$_POST['checkbox1'] && !$_POST['checkbox2'] && !$_POST['checkbox3'])
This looks if all the three check boxes are empty.
Just an idea:
Create a hidden input field within your form with no value. Whenever any of the forms fields is filled/selected, you add the name attribute of that field in this hidden field (Field names are saved with a comma separator).
On doing a POST, you can read this variable and only those fields present in this have been selected/filled in the form.
Hope this helps.
Try this.....
<?php
function checkvalue($val) {
if($val != "") return true;
else return false;
}
if(isset($_POST['submit'])) {
$values = array_filter(($_POST), "checkvalue");
$set_values = array_keys($values);
}
?>
In this manner you can get all the values that has been set in an array..
I'm not exactly sure to understand your intention. I assume that you have multiple form fields you'd like to part into different Web pages (e.g. a typical survey form).
If this is the case use sessions to store the different data of your forms until the "final submit button" (e.g. on the last page) has been pressed.
How do I know which ones are selected when i post the data from page 1 to page 2?
is a different question from how to avoid a large POST to PHP.
Assuming this is a table of data...
Just update everything regardless (if you've got the primary / unique keys set correctly)
Use Ajax to update individual rows as they are changed at the front end
Use Javascript to set a flag within each row when the data in that row is modified
Or store a representation of the existing data for each row as a hidden field for the row, on submission e.g.
print "<form....><table>\n";
foreach ($row as $id=>$r) {
print "<tr><td><input type='hidden' name='prev[$id]' value='"
. md5(serialize($r)) . "'>...
}
...at the receiving end...
foreach ($_POST['prev'] as $id=>$prev) {
$sent_back=array( /* the field values in the row */ );
if (md5(serialize($sent_back)) != $prev) {
// data has changed
update_record($id, $sent_back);
}
}
I have setup a PayPal IPN file. When the user is at the site and press submit details about the transaction is uploaded to the db. The relevant id is sent via PayPal as the custom field. When payment complete IPN used to update DB as transaction completed based on id.
All is fine.
However, this is the tricky bit. I also need to update another table - a discount/coupon code db. The update is based on the code entered and also the number of times the code can still be used. Basically if it was 50 times, after used once the db would be updated with 49. So I need to pass the code and the remaining uses allowed so can say update table where code = XXXX (update new value of 49 etc).
I can work out how to pass all these values in the custom field, but cannot work out how to parse them out again? Read about separating them with : etc, but need some advice from someone who has done before.
This is how IPN details currently comes back:
$custom = $_POST['custom'];
Thank you.
I did just this recently,
Send your paypal custom field to data as your would, inside that custom field, use a separator to split your data.
In the below example, the values are split using a "|", you can use any character you want available in your charset.
$member_id = 1;
$some_other_id = 2;
<input type="hidden" name="custom" value="<?php echo $member_id.'|'.$some_other_id ?>"/>
This will output:
<input type="hidden" name="custom" value="1|2"/>
When you get the information from paypal (the IPN response) process it like so:
$ids = explode('|', $_POST['custom']); // Split up our string by '|'
// Now $ids is an array containing your 2 values in the order you put them.
$member_id = $ids[0]; // Our member id was the first value in the hidden custom field
$some_other_ud = $ids[1]; // some_other_id was the second value in our string.
So basically, we send a string with a custom delimiter that we choose to paypal, paypal will return it to us in the IPN response. We then need to split it up (using the explode() function) and then do what you would like with it.
When you get your value from the database your select it using normal methods, then just decrement it by 1 using:
$val_from_db--; // Thats it!, Takes the current number, and minus 1 from it.
This expands on JustAnil's solution.
HTML:
<input type="hidden" name="custom" value="some-id=1&some-type=2&some-thing=xyz"/>
and your IPN script would look something like this:
<?php
parse_str($_POST['custom'],$_CUSTOMPOST);
echo $_CUSTOMPOST['some-id'];
echo $_CUSTOMPOST['some-type'];
echo $_CUSTOMPOST['some-price'];
?>
You may want to double check that parse_str performs urldecode on resulting array elements.
Here is an example using JSON:
<?php
$arr = array($member_id, $coupon);
$data = json_encode($arr);
?>
<input type="hidden" name="custom" value="<?= $data ?>"/>
Then on the other side:
$custom = json_decode($_POST['custom'], true);
$member_id = $custom[0];
$coupon = $custom[1];
You can also parse associative arrays too:
<?php
$arr = array('id' => $member_id, 'coupon' => $coupon);
$data = json_encode($arr);
?>
<input type="hidden" name="custom" value="<?= $data ?>"/>
Then on the other side:
$custom = json_decode($_POST['custom'], true);
$member_id = $custom['id'];
$coupon = $custom['coupon'];
There's a nice symmetry when using JSON to parse the data.