On Sat, May 14, 2005 6:30 am, mayo said: > I have to say it's a pretty simple project. The don't want to keep any > information in a db. (!!??!!) Info will be sent to a merchant services > account and to the distributor which will process the form. > > Info will be kept in hidden fields <input type="hidden" ...> and in > session variables then sent off.
Don't put anything you *NEED* to be correct/accurate in type="hidden" The web surfer can *CHANGE* that in about 5 seconds and send whatever they want. All your prices, all you shipping costs, all the weights, etc had better be in your PHP source code, as arrays, I guess... You'd really be better off just using a database with an existing cart. The amount of code you'll have to write to do this correctly is insane. > They have three products (it may rise to 5) and everything will be > hardcoded as there are no size or color variations. I told them that > it's not advisable to have everything hardcoded but the client insists > there is no reason to pull anything from a database. The on-site > graphics/web designer person will make the changes. He is competent to > do that and did a good job with the basic design. But you CANNOT put your prices in type="hidden" fields!!! That's EXACTLY how you get a shopping cart where the user changes the price! > This is not my very first foray into PHP but first time doing something > more complicated than > > 1. if person has this permission then show A else show B > > or > > 2. if person is on page 1 then show page 1 as bold else show page 1 as > normal -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
