Correct set up?

Beginners - Learning PHP
#1

Hey everyone, again, new to php/html,etc. I was just wondering if I have this set up correctly? Im making a products page for paintball supplies and when the customer fills the form out, the submit button is to send them to their receipt that tells them what they bought, how much, total cost, etc.

Can you guys check this over and see if what I have so far makes sense? I dont want to get too into this and find out I messed something up. Thanks! (Ill be posting updates to this post frequently)

[php]<?php
extract($_POST);

if($gun1=="")$gun1=0;
if($gun2=="")$gun2=0

// If any of the quantities are blank, set them to zero

if ($gun1 == “”) $gun1 = 0;
if ($gun2 == “”) $gun2 = 0;
if ($gun3 == “”) $gun3 = 0;
if ($gun4 == “”) $gun4 = 0;

// Compute the item costs and total cost

$gun1_cost = 1669.95 * $gun1;
$gun2_cost = 1650.00 * $gun2;
$gun3_cost = 1650.00 * $gun3;
$tank1_cost = 184.95 * $tank1;
$tank2_cost = 184.95. * $tank2;
$tank3_cost = 184.95 * $tank3;
$mask1_cost = 119.95 * $mask1;
$mask2_cost = 109.95 * $mask2;
$mask3_cost = 135.0 * $mask3;
$hopper1_cost = 189.95 * $hopper1;
$hopper2_cost = 169.95 * $hopper2;
$hopper3_cost = 199.95 * $hopper3;

$total_price = $gun1_cost + $gun2_cost + $gun3_cost +
$tank1_cost + $tank2_cost + $tank3_cost +
$mask1_cost + $mask2_cost + $mask3_cost +
$hopper1_cost + $hopper2_cost + $hopper3_cost;
$total_items = $gun1 + $gun2 + $gun3 +
$tank1 + $tank2 + $tank3 +
$mask1 + $mask2 + $mask3 +
$hopper1 + $hopper2 + $hopper3;

// Return the results to the browser in a table

?>[/php]

ANY AND ALL FEEDBACK IS APPRECIATED!

Thank you again in advance!

#2

First of all I don’t know why you are using extract, for the php manual says that it shouldn’t be used on user input.

Second this is where using a database will come in use, but before getting to that stage I would do something like the following (in order to get comfort with working with arrays and php itself):

[php]<?php
$message = “Place Your Order”;
$inventory = array(“weapon” => array(‘Blaster Gun’ => 1690.00, ‘Ray Gun’ => 2000.00, “Snazzy Gun” => 2199.00),
“tank” => array(‘tank1’ => 184.95, ‘tank2’ => 109.95, ‘tank3’ => 199.00),
“mask” => array(‘mask1’ => 109.95, ‘mask2’ => 119.95, ‘mask3’ => 135.00),
“hopper” => array(‘hopper1’ => 169.96, ‘hopper2’ => 189.95, ‘hopper3’ => 199.94)
);

if (isset($_POST[‘action’]))
{
$gun_type = $_POST[‘gun’];
$gun_qty = $_POST[‘gun_qty’];
$gun_cost = $inventory[‘weapon’][$gun_type];
$total_cost = $gun_cost * $gun_qty;

$tank_type = $_POST['tank'];
$tank_qty = $_POST['tank_qty'];
$tank_cost = $inventory['tank'][$tank_type];
$total_cost = $total_cost + ($tank_cost * $tank_qty);


$message  =  "You ordered " . $gun_qty . " guns of the gun type " . $gun_type . " at a cost of $" . number_format($gun_cost, 2);
$message .= "<br>";
$message .=  "You ordered " . $tank_qty . " tanks of the tank type " . $tank_type . " at a cost of $" . number_format($tank_cost, 2);
$message .= "<br>";
$message .=  "Your total cost so far is " . number_format($total_cost, 2);
$message .= "<br>";

}
$cost = NULL;

?>

Paint Ball Order #gun-id {

}

<?php echo $message; ?>


Blaster Gun Ray Gun Snazzy Gun Quantity:
tank1 tank2 tank3 Quantity:
[/php]

You should also get in the habit of encapsulating any user input variable for example [php]$gun_type = htmlspecialchars($_POST[‘gun’]);[/php]

This is how I would go about do something like this, but everyone programs differently to come up with the same result(s).

#3

Well I am told to use extract for my class. Thats what the professor wants.

And I would have posted everything required, but I didnt want people to get the idea that I was trying to get people to do my work for me…so I decided to just throw up a chunk of my code and ask for advice.

However, Im now running into a problem with the code above (unchanged). When I hit submit, its supposed to print the receipt of the order, however, I get this:

“); //if(!empty($name)) //{die(‘ERROR: Please enter your name.’); //} //else{ //echo $name; //}; if (!empty($name) == true) { echo “ERROR: Please enter your name.”; } else { echo $name; } print (”
“); if(empty($address)) {die(‘ERROR: Please enter your address.’); } else{ echo $address; }; print (”
“); if(empty($city)) {die(‘ERROR: Please enter your city.’); } else{ echo $city; }; print (”
“); if(empty($state)) {die(‘ERROR: Please enter your state.’); } else{ echo $state; }; print (”
“); if(empty($zip)) {die(‘ERROR: Please enter your zip code.’); } else{ echo $zip; }; print (”
“); //if (!preg_match(’/^\([0-9]{3}\) [0-9]{3}-[0-9]{4}$/’, $phone)); //{die(‘ERROR: Please provide your phone number in form (ddd) ddd-dddd.’); //} if ( !preg_match(”/^\([0-9]{3}\) [0-9]{3}-[0-9]{4}$/", $phone ) ) {die(“ERROR: Please provide your phone number in form (ddd) ddd-dddd.”); } ?>
Customer:

$street
$city
"); ?>

Order Information
Product Unit Price Quantity Ordered Item Cost
Bob Long Ripper $1669.95
Machine Vapor Bkack 1650.00
Machine Vapor Green $1650.00
Ninja Pro Carbon Fiber 90/4500 $184.95
GI Sportz 68/4500 $184.95
Ninja Dura Pro Carbon Fiber 77/4500 $184.95
$
$
$
$
$
$

"); printf ("Your total bill is: $ %.2f
", $total_price); print ("Your chosen method of payment is: $payment
"); ?>

And I have no idea why.

If it will help, I can provide screen shots of this so it looks a little bit neater.

#4

Oh well, I tried to help, but I was just goofing around with the code. The professor in my opinion is crazy for teaching unsecured coding practices, but that is my just my opinion. 8)

#5

Well I agree with you, but this is just for Jane Doe information. Its just a practice site to get us familiar with the languages.

#6

Were you given a specific form to use or did you create the form?

If you were given this form and told to use extract, well this is the worst teacher in the world heh

#7

Post your entire code if you want help with the specific problem.

Sponsor our Newsletter | Privacy Policy | Terms of Service