Jump to content

suggestions on my site


Recommended Posts

i everyone i have set up a site ( not completely) , i want to have some suggestions and comments, in meantime, i also want to know if anyone can help me in this step to protect the security of my site's checkout page, this site is completely based on php. see the security risk i see.go to www.bhuratea.comclick on my account on the top-right cornerunder sign-in enterusername: virtualadz@yahoo.co.in (test username)password: w3schoolsnow click on checkout on the top-right cornerand type in the adress bar : http://bhuratea.com/checkout_success.phpit wil directly check you out without selecting payment method, shipping method and other details, this isn't much of risk as we will verify all orders and it even doesnot generate any invoice but then is there a way i can make it not to appear until the next step is completed, this may become a headache.hope i am not asking much (even if i am thanking you in advance for your help if any). thanksnote to spammers: please dont go there to have fun, as it wont affect me much, dont waste yours and mine time.

Link to post
Share on other sites

You need to have a session variable (ie $_SESSION['steps']) As a step in the order process is completed increment the steps variable. That way you can check before loading each form if the step is correct. This will prevent people from skipping ahead.

Link to post
Share on other sites

Also, if you are passing any form elements into that page you can do a very quick

if (!$_POST[form_element]) {header("Location:redirectpage.php");exit;}

This will not allow them to view the page unless certain elements have been filled out. However, this can be sort of unsafe being as that people can pass in variable names in the status bar. You should probably stick with sessions.

Link to post
Share on other sites

hi this is the code for shipping page, may i know where do i add the sessions<?php/* $Id: checkout_shipping.php,v 1.16 2003/06/09 23:03:53 hpdl Exp $*/ require('includes/application_top.php'); require('includes/classes/http_client.php');// if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); }// if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); }// if no shipping destination address was selected, use the customers own address as default if (!tep_session_is_registered('sendto')) { tep_session_register('sendto'); $sendto = $customer_default_address_id; } else {// verify the selected shipping address $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$sendto . "'"); $check_address = tep_db_fetch_array($check_address_query); if ($check_address['total'] != '1') { $sendto = $customer_default_address_id; if (tep_session_is_registered('shipping')) tep_session_unregister('shipping'); } } require(DIR_WS_CLASSES . 'order.php'); $order = new order;// register a random ID in the session to check throughout the checkout procedure// against alterations in the shopping cart contents if (!tep_session_is_registered('cartID')) tep_session_register('cartID'); $cartID = $cart->cartID;// if the order contains only virtual products, forward the customer to the billing page as// a shipping address is not needed if ($order->content_type == 'virtual') { if (!tep_session_is_registered('shipping')) tep_session_register('shipping'); $shipping = false; $sendto = false; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } $total_weight = $cart->show_weight(); $total_count = $cart->count_contents();// load all enabled shipping modules require(DIR_WS_CLASSES . 'shipping.php'); $shipping_modules = new shipping; if ( defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && (MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true') ) { $pass = false; switch (MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) { case 'national': if ($order->delivery['country_id'] == STORE_COUNTRY) { $pass = true; } break; case 'international': if ($order->delivery['country_id'] != STORE_COUNTRY) { $pass = true; } break; case 'both': $pass = true; break; } $free_shipping = false; if ( ($pass == true) && ($order->info['total'] >= MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER) ) { $free_shipping = true; include(DIR_WS_LANGUAGES . $language . '/modules/order_total/ot_shipping.php'); } } else { $free_shipping = false; }// process the selected shipping method if ( isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process') ) { if (!tep_session_is_registered('comments')) tep_session_register('comments'); if (tep_not_null($HTTP_POST_VARS['comments'])) { $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); } if (!tep_session_is_registered('shipping')) tep_session_register('shipping'); if ( (tep_count_shipping_modules() > 0) || ($free_shipping == true) ) { if ( (isset($HTTP_POST_VARS['shipping'])) && (strpos($HTTP_POST_VARS['shipping'], '_')) ) { $shipping = $HTTP_POST_VARS['shipping']; list($module, $method) = explode('_', $shipping); if ( is_object($$module) || ($shipping == 'free_free') ) { if ($shipping == 'free_free') { $quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE; $quote[0]['methods'][0]['cost'] = '0'; } else { $quote = $shipping_modules->quote($method, $module); } if (isset($quote['error'])) { tep_session_unregister('shipping'); } else { if ( (isset($quote[0]['methods'][0]['title'])) && (isset($quote[0]['methods'][0]['cost'])) ) { $shipping = array('id' => $shipping, 'title' => (($free_shipping == true) ? $quote[0]['methods'][0]['title'] : $quote[0]['module'] . ' (' . $quote[0]['methods'][0]['title'] . ')'), 'cost' => $quote[0]['methods'][0]['cost']); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } } } else { tep_session_unregister('shipping'); } } } else { $shipping = false; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } }// get all available shipping quotes $quotes = $shipping_modules->quote();// if no shipping method has been selected, automatically select the cheapest method.// if the modules status was changed when none were available, to save on implementing// a javascript force-selection method, also automatically select the cheapest shipping// method if more than one module is now enabled if ( !tep_session_is_registered('shipping') || ( tep_session_is_registered('shipping') && ($shipping == false) && (tep_count_shipping_modules() > 1) ) ) $shipping = $shipping_modules->cheapest(); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_SHIPPING); $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));?><!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"><html <?php echo HTML_PARAMS; ?>><head><meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"><title><?php echo TITLE; ?></title><base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"><link rel="stylesheet" type="text/css" href="stylesheet.css"><script language="javascript"><!--var selected;function selectRowEffect(object, buttonSelect) { if (!selected) { if (document.getElementById) { selected = document.getElementById('defaultSelected'); } else { selected = document.all['defaultSelected']; } } if (selected) selected.className = 'moduleRow'; object.className = 'moduleRowSelected'; selected = object;// one button is not an array if (document.checkout_address.shipping[0]) { document.checkout_address.shipping[buttonSelect].checked=true; } else { document.checkout_address.shipping.checked=true; }}function rowOverEffect(object) { if (object.className == 'moduleRow') object.className = 'moduleRowOver';}function rowOutEffect(object) { if (object.className == 'moduleRowOver') object.className = 'moduleRow';}//--></script></head><body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"><!-- header //--><?php require(DIR_WS_INCLUDES . 'header.php'); ?><!-- header_eof //--><!-- body //--><table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"><!-- left_navigation //--><?php require(DIR_WS_INCLUDES . 'column_left.php'); ?><!-- left_navigation_eof //--> </table></td><!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('checkout_address', tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')) . tep_draw_hidden_field('action', 'process'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_delivery.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TABLE_HEADING_SHIPPING_ADDRESS; ?></b></td> </tr> </table></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" width="50%" valign="top"><?php echo TEXT_CHOOSE_SHIPPING_DESTINATION . '<br><br><a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL') . '">' . tep_image_button('button_change_address.gif', IMAGE_BUTTON_CHANGE_ADDRESS) . '</a>'; ?></td> <td align="right" width="50%" valign="top"><table border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main" align="center" valign="top"><?php echo '<b>' . TITLE_SHIPPING_ADDRESS . '</b><br>' . tep_image(DIR_WS_IMAGES . 'arrow_south_east.gif'); ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" valign="top"><?php echo tep_address_label($customer_id, $sendto, true, ' ', '<br>'); ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr><?php if (tep_count_shipping_modules() > 0) {?> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TABLE_HEADING_SHIPPING_METHOD; ?></b></td> </tr> </table></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"><?php if (sizeof($quotes) > 1 && sizeof($quotes[0]) > 1) {?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" width="50%" valign="top"><?php echo TEXT_CHOOSE_SHIPPING_METHOD; ?></td> <td class="main" width="50%" valign="top" align="right"><?php echo '<b>' . TITLE_PLEASE_SELECT . '</b><br>' . tep_image(DIR_WS_IMAGES . 'arrow_east_south.gif'); ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php } elseif ($free_shipping == false) {?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" width="100%" colspan="2"><?php echo TEXT_ENTER_SHIPPING_INFORMATION; ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php } if ($free_shipping == true) {?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td colspan="2" width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" colspan="3"><b><?php echo FREE_SHIPPING_TITLE; ?></b> <?php echo $quotes[$i]['icon']; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> <tr id="defaultSelected" class="moduleRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="selectRowEffect(this, 0)"> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" width="100%"><?php echo sprintf(FREE_SHIPPING_DESCRIPTION, $currencies->format(MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER)) . tep_draw_hidden_field('shipping', 'free_free'); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php } else { $radio_buttons = 0; for ($i=0, $n=sizeof($quotes); $i<$n; $i++) {?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" colspan="3"><b><?php echo $quotes[$i]['module']; ?></b> <?php if (isset($quotes[$i]['icon']) && tep_not_null($quotes[$i]['icon'])) { echo $quotes[$i]['icon']; } ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php if (isset($quotes[$i]['error'])) {?> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" colspan="3"><?php echo $quotes[$i]['error']; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php } else { for ($j=0, $n2=sizeof($quotes[$i]['methods']); $j<$n2; $j++) {// set the radio button to be checked if it is the method chosen $checked = (($quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id'] == $shipping['id']) ? true : false); if ( ($checked == true) || ($n == 1 && $n2 == 1) ) { echo ' <tr id="defaultSelected" class="moduleRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="selectRowEffect(this, ' . $radio_buttons . ')">' . "\n"; } else { echo ' <tr class="moduleRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="selectRowEffect(this, ' . $radio_buttons . ')">' . "\n"; }?> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" width="75%"><?php echo $quotes[$i]['methods'][$j]['title']; ?></td><?php if ( ($n > 1) || ($n2 > 1) ) {?> <td class="main"><?php echo $currencies->format(tep_add_tax($quotes[$i]['methods'][$j]['cost'], (isset($quotes[$i]['tax']) ? $quotes[$i]['tax'] : 0))); ?></td> <td class="main" align="right"><?php echo tep_draw_radio_field('shipping', $quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id'], $checked); ?></td><?php } else {?> <td class="main" align="right" colspan="2"><?php echo $currencies->format(tep_add_tax($quotes[$i]['methods'][$j]['cost'], $quotes[$i]['tax'])) . tep_draw_hidden_field('shipping', $quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id']); ?></td><?php }?> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php $radio_buttons++; } }?> </table></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr><?php } }?> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr><?php }?> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td> </tr> </table></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_textarea_field('comments', 'soft', '60', '5'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo '<b>' . TITLE_CONTINUE_CHECKOUT_PROCEDURE . '</b><br>' . TEXT_CONTINUE_CHECKOUT_PROCEDURE; ?></td> <td class="main" align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'checkout_bullet.gif'); ?></td> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> </tr> </table></td> <td width="25%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="25%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="25%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="50%"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td> </tr> </table></td> </tr> <tr> <td align="center" width="25%" class="checkoutBarCurrent"><?php echo CHECKOUT_BAR_DELIVERY; ?></td> <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_PAYMENT; ?></td> <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_CONFIRMATION; ?></td> <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_FINISHED; ?></td> </tr> </table></td> </tr> </table></form></td><!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"><!-- right_navigation //--><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?><!-- right_navigation_eof //--> </table></td> </tr></table><!-- body_eof //--><!-- footer //--><?php require(DIR_WS_INCLUDES . 'footer.php'); ?><!-- footer_eof //--><br></body></html><?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

Link to post
Share on other sites

Hi,The session will come ahead of all the code. You can have sessions like this,Example:Delivery Information : $_SESSION['step1']Payment Information : $_SESSION['step2']When the Delivery Information page is completed and is about to redirect to the next page the set $_SESSION['step1'] to TRUEWhen the Payment Information page [ http://bhuratea.com/checkout_payment.php ] loads, in the first line check if $_SESSION['step1']=truethen proceed with the pageelseredirect to previos pagesimlarly at the end of the second page set $_SESSION['step2'] to true and in the third page check if $_SESSION['step2'] is true..The session check will be in the first line because the age must not load if condition is not ture..

Link to post
Share on other sites

starting with i included the code only in shipping and everything clicked (worked well). please tell me have i done anything wrong as i dont want to proceed if it is wrong, no errors come but just to mkae sure, below giving a part of the code as told to include it at the top, no errors so far, should i proceed<?php/* $Id: checkout_shipping.php,v 1.16 2003/06/09 23:03:53 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright © 2003 osCommerce Released under the GNU General Public License*/ require('includes/application_top.php'); require('includes/classes/http_client.php');//to prevent directly moving out of the pagesession_start($_SESSION['step1']=true);// if the customer is not logged on, redirect them to the login page

Link to post
Share on other sites

hey i did this both one ship.. and pay.. //to prevent directly moving out of the pagesession_start();$_SESSION['step1'] = true;pulpfiction told to include something at the end of the page, does that mean at the end of the shiiping page i should add://to prevent directly moving out of the pagesession_start();$_SESSION['step2'] = true;and then at the starting of conirmationpage add//to prevent directly moving out of the pagesession_start();$_SESSION['step2'] = true;please clear this also after what ending in payment should i add this , have a lookat't ending </table></form></td><!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"><!-- right_navigation //--><?php require(DIR_WS_INCLUDES . 'column_right.php'); ?><!-- right_navigation_eof //--> </table></td> </tr></table><!-- body_eof //--><!-- footer //--><?php require(DIR_WS_INCLUDES . 'footer.php'); ?><!-- footer_eof //--><br></body></html><?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

Link to post
Share on other sites

What I meant was, the step2 page must set the $_SESSION['step2']=TRUE only after that page if done and just before it is redirected to the next page (page/step 3) where you will check for $_SESSION['step2']. Cos initially in page/step 2 the $_SESSION['step2'] will be false. Hope i didnt confuse more...

Link to post
Share on other sites

so in page/step 2 just aftersession_start();$_SESSION['step1'] = true;i should have//to prevent directly moving out of the pagesession_start();$_SESSION['step2'] = true;and in page/step 3, i should have//to prevent directly moving out of the pagesession_start();$_SESSION['step2'] = true;

Link to post
Share on other sites

This is jus a representation, hth..Page/step 1:Code starting.........if everything is correct then just before redirect set$_SESSION['step1'] = true;and goto next pageCode endingPage/step 2:Code startingonly if $_SESSION['step1'] = true proceed else back.........if everything is correct then $_SESSION['step2'] = true;goto next pageCode ending

Link to post
Share on other sites

If you want to do something like that, you need to either store the customer's cart information in the database, or you need to store it in a temporary file. You would also want some cleanup mechanism to empty out all the old ones where people just close the window and leave.

Link to post
Share on other sites

hi again i have a new question: see this code below:<script language="javascript"><!--document.write('<?php echo '<a href="java script:popupWindow(\\\'' . tep_href_link(FILENAME_POPUP_IMAGE, 'pID=' . $product_info['products_id']) . '\\\')">' . tep_image(DIR_WS_IMAGES . $product_info['products_image'], addslashes($product_info['products_name']), SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'hspace="5" vspace="5"') . '<br>' . TEXT_CLICK_TO_ENLARGE . '</a>'; ?>');//--></script><noscript><?php echo '<a href="' . tep_href_link(DIR_WS_IMAGES . $product_info['products_image']) . '" target="_blank">' . tep_image(DIR_WS_IMAGES . $product_info['products_image'], $product_info['products_name'], SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'hspace="5" vspace="5"') . '<br>' . TEXT_CLICK_TO_ENLARGE . '</a>'; ?></noscript>in the above code it is understood that a popup window will open with a image. i dont want the popup and have replaced it with dynamic drive's picture viewer, which opens the images there itself, i inserted this coderel="lightbox" inside the href and also removed all things related to opening a popup window, everythign was going right until now that the image opens itself in the same window by the image url : www.mysite.com/images/imagecan anyone help me remove all popup related javascript and put this simple rel="lightbox" in the href section, any will be great

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...