dmx1 Posted February 11, 2022 Share Posted February 11, 2022 Hi Larry, I am having a few problems regarding the 'billing_stripe.php' file. I wrote the code below that's in my 'billing_stripe.php' file. When I get to the line: $cc_last_four = substr($cc_number, -4); An error is thrown up and it says: 'Undefined variable: cc_number'. I have tried everything but I can't seem to find out why it's saying that the cc_number variable is undefined. Qu 1: Do you have any suggestions as to what might be the problem? Qu 2: Is the code in the billing_stripe.php file below correct, or do I need to take out some sections? Code for 'billing_stripe.php' file <?php // This file is the second step in the checkout process. // It takes and validates the billing information. // This updated versions uses Stripe. // This script is created in Chapter 15. // Require the configuration before any PHP code: require('./includes/config.inc.php'); // Start the session: session_start(); // The session ID is the user's cart ID: $uid = session_id(); // Check that this is valid: if (!isset($_SESSION['customer_id'])) { // Redirect the user. $location = 'https://' . BASE_URL . 'checkout.php'; header("Location: $location"); exit(); } // Require the database connection: require(MYSQL); // Validate the billing form... // For storing errors: $billing_errors = array(); // Check for a form submission: if ($_SERVER['REQUEST_METHOD'] === 'POST') { //if (get_magic_quotes_gpc()) { $_POST['cc_first_name'] = stripslashes($_POST['cc_first_name']); // Repeat for other variables that could be affected. // } // Check for a first name: if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $_POST['cc_first_name'])) { $cc_first_name = $_POST['cc_first_name']; } else { $billing_errors['cc_first_name'] = 'Please enter your first name!'; } // Check for a last name: if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $_POST['cc_last_name'])) { $cc_last_name = $_POST['cc_last_name']; } else { $billing_errors['cc_last_name'] = 'Please enter your last name!'; } // Check for a Stripe token: if (isset($_POST['token'])) { $token = $_POST['token']; } else { $message = 'The order cannot be processed. Please make sure you have JavaScript enabled and try again.'; $billing_errors['token'] = true; } // Check for a street address: if (preg_match ('/^[A-Z0-9 \',.#-]{2,160}$/i', $_POST['cc_address'])) { $cc_address = $_POST['cc_address']; } else { $billing_errors['cc_address'] = 'Please enter your street address!'; } // Check for a city: if (preg_match ('/^[A-Z \'.-]{2,60}$/i', $_POST['cc_city'])) { $cc_city = $_POST['cc_city']; } else { $billing_errors['cc_city'] = 'Please enter your city!'; } // Check for a state: /*if (preg_match ('/^[A-Z]{2}$/', $_POST['cc_state'])) { $cc_state = $_POST['cc_state']; } else { $billing_errors['cc_state'] = 'Please enter your state!'; } */ // Check for a zip code: if (preg_match ('/^[a-z]{1,2}\d[a-z\d]?\s*\d[a-z]{2}$/i', $_POST['cc_zip'])) { $cc_zip = $_POST['cc_zip']; } else { $billing_errors['cc_zip'] = 'Please enter your zip code!'; } if (empty($billing_errors)) { // If everything's OK... // Check for an existing order ID: if (isset($_SESSION['order_id'])) { // Use existing order info: $order_id = $_SESSION['order_id']; $order_total = $_SESSION['order_total']; } else { // Create a new order record: // Get the last four digits of the credit card number: // Temporary solution for Stripe: // $cc_last_four = 1234; $cc_last_four = substr($cc_number, -4); // PROBLEM-----------------------PROBLEM LINE---------------------------PROBLEM LINE // Call the stored procedure: $shipping = $_SESSION['shipping'] * 100; $r = mysqli_query($dbc, "CALL add_order({$_SESSION['customer_id']}, '$uid', $shipping, $cc_last_four, @total, @oid)"); // Confirm that it worked: if ($r) { // Retrieve the order ID and total: $r = mysqli_query($dbc, 'SELECT @total, @oid'); if (mysqli_num_rows($r) == 1) { list($order_total, $order_id) = mysqli_fetch_array($r); // Store the information in the session: $_SESSION['order_total'] = $order_total; $_SESSION['order_id'] = $order_id; } else { // Could not retrieve the order ID and total. unset($cc_number, $cc_cvv, $_POST['cc_number'], $_POST['cc_cvv']); trigger_error('Your order could not be processed due to a system error. We apologize for the inconvenience.'); } } else { // The add_order() procedure failed. trigger_error('Your order could not be processed due to a system error. We apologize for the inconvenience.'); } } // End of isset($_SESSION['order_id']) IF-ELSE. // ------------------------ // Process the payment! if (isset($order_id, $order_total)) { try { // Include the Stripe library: require_once('includes/stripe-php-master.php'); // set your secret key: remember to change this to your live secret key in production // see your keys here https://manage.stripe.com/account Stripe::setApiKey('sk_test_5671Ho5BXJqZPKqEIbC9WJInaYpkgFz0TKM00yZFexsOh'); // Charge the order: $charge = Stripe_Charge::create(array( 'amount' => $order_total, 'currency' => 'GBP', 'card' => $token, 'description' => $_SESSION['email'], 'capture' => false ) ); // echo '<pre>' . print_r($charge, 1) . '</pre>';exit; // Did it work? if ($charge->paid == 1) { // Add slashes to two text values: $full_response = addslashes(serialize($charge)); // Record the transaction: $r = mysqli_query($dbc, "CALL add_charge('{$charge->id}', $order_id, 'auth_only', $order_total, '$full_response')"); // Add the transaction info to the session: $_SESSION['response_code'] = $charge->paid; // Redirect to the next page: $location = 'https://' . BASE_URL . 'final.php'; header("Location: $location"); exit(); } else { // Charge was not paid! $message = $charge->response_reason_text; } } catch (Stripe_CardError $e) { // Stripe declined the charge. $e_json = $e->getJsonBody(); $err = $e_json['error']; $message = $err['message']; } catch (Exception $e) { // Try block failed somewhere else. trigger_error(print_r($e, 1)); } } // End of isset($order_id, $order_total) IF. // Above code added as part of payment processing. // ------------------------ } // Errors occurred IF } // End of REQUEST_METHOD IF. // Include the header file: $page_title = 'EFYHAH - Checkout - Your Billing Information'; include('./includes/checkout_header.html'); // Get the cart contents: $r = mysqli_query($dbc, "CALL get_shopping_cart_contents('$uid')"); if (mysqli_num_rows($r) > 0) { // Products to show! if (isset($_SESSION['shipping_for_billing']) && ($_SERVER['REQUEST_METHOD'] !== 'POST')) { $values = 'SESSION'; } else { $values = 'POST'; } include('./views/billing_stripe.html'); } else { // Empty cart! include('./views/emptycart.html'); } // Finish the page: include('./includes/footer.html'); ?> Link to comment Share on other sites More sharing options...
M155368AA Posted February 12, 2022 Share Posted February 12, 2022 Hi DMX1, I had a look at your code and cannot see where $cc_number is defined. Is it defined somewhere else? Regards Link to comment Share on other sites More sharing options...
dmx1 Posted February 12, 2022 Author Share Posted February 12, 2022 Hi Larry, I copied your code line to line, and the only reference is in the billing.js file on line 16 var cc_number = $('#cc_number').val(), Also, it's in the billing_stripe.html form <div class="field"><label for="cc_number"><strong>Card Number</strong></label><br /><input type="text" id="cc_number" autocomplete="off" /></div> Other than that, I can't see it defined anywhere else. QU: Do I need to define the variable 'cc_number' again somewhere else, because I literally copied your entire code and assumed everything is fine, so I am reluctant to change anything. I have run out of ideas regards Link to comment Share on other sites More sharing options...
M155368AA Posted February 14, 2022 Share Posted February 14, 2022 Hi, I had a look at code that I also used from Larry's book. In my implementation the $cc_number PHP variable is set when the $_POST data are processed from the submitted form. In Larry's code I think that that is in module billing.php (line 55). Do you have this in your implementation? Regards, Necuima Link to comment Share on other sites More sharing options...
M155368AA Posted February 14, 2022 Share Posted February 14, 2022 I had a further look at code that I wrote over 2 years ago where I did a fairly major adaptation of Larry's STRIPE payment processing as my situation was a standard shopping cart. In my implementation I have an HTML form which I then process in a REDUX call to extract the credit card number from the form's submitted $_POST data. So I probably can't help you. I am sorry if I have wasted your time. Regards, Necuima Link to comment Share on other sites More sharing options...
Larry Posted February 14, 2022 Share Posted February 14, 2022 How the Stripe integration works has changed significantly since this edition was written. I'd look at Stripe's documentation for the proper JavaScript and PHP code to use in 2022. Sorry for the confusion! Link to comment Share on other sites More sharing options...
Recommended Posts