该文章记录了购物车的实现代码，仅供参考

book_sc_fns.php

include_once('output_fns.php');

include_once('book_fns.php');

include_once('db_fns.php');

include_once("user_auth_fns.php");

include_once("admin_fns.php");

include_once("data_valid_fns.php");

include_once("order_fns.php");

?>

output_fns.php

function do_html_header($title = '') {

// print an HTML header

// declare the session variables we want access to inside the function

if (!$_SESSION['items']) {

$_SESSION['items'] = '0';

}

if (!$_SESSION['total_price']) {

$_SESSION['total_price'] = '0.00';

}

?>

<?php echo $title; ?>

h2 { font-family: Arial, Helvetica, sans-serif; font-size: 22px; color: red; margin: 6px }

body { font-family: Arial, Helvetica, sans-serif; font-size: 13px }

li, td { font-family: Arial, Helvetica, sans-serif; font-size: 13px }

hr { color: #FF0000; width=70%; text-align=center}

a { color: #000000 }

align="left" valign="bottom" height="55" width="325"/>	if(isset($_SESSION['admin_user'])) { echo " "; } else { echo "Total Items = ".$_SESSION['items']; } ?>	if(isset($_SESSION['admin_user'])) { display_button('logout.php', 'log-out', 'Log Out'); } else { display_button('show_cart.php', 'view-cart', 'View Your Shopping Cart'); } ?>
	if(isset($_SESSION['admin_user'])) { echo " "; } else { echo "Total Price = $".number_format($_SESSION['total_price'],2); } ?>

if($title) {

do_html_heading($title);

}

}

function do_html_footer() {

// print an HTML footer

?>

}

function do_html_heading($heading) {

// print heading

?>

<?php echo $heading; ?>

}

function do_html_URL($url, $name) {

// output URL as link and br

?>

<?php echo $name; ?>

}

function display_categories($cat_array) {

if (!is_array($cat_array)) {

echo "

No categories currently available

";

return;

}

echo "

• ";

foreach ($cat_array as $row) {

$url = "show_cat.php?catid=".$row['catid'];

$title = $row['catname'];

echo "

";

do_html_url($url, $title);

echo "

";

}

echo "

";

echo "

---

";

}

function display_books($book_array) {

//display all books in the array passed in

if (!is_array($book_array)) {

echo "

No books currently available in this category

";

} else {

//create table

echo "

//create a table row for each book

foreach ($book_array as $row) {

$url = "show_book.php?isbn=".$row['isbn'];

echo "

";

if (@file_exists("images/".$row['isbn'].".jpg")) {

$title = "

style=\"border: 1px solid black\"/>";

do_html_url($url, $title);

} else {

echo " ";

}

echo "

";

$title = $row['title']." by ".$row['author'];

do_html_url($url, $title);

echo "

";

}

echo "

";

}

echo "

---

";

}

function display_book_details($book) {

// display all details about this book

if (is_array($book)) {

echo "

//display the picture if there is one

if (@file_exists("images/".$book['isbn'].".jpg")) {

$size = GetImageSize("images/".$book['isbn'].".jpg");

if(($size[0] > 0) && ($size[1] > 0)) {

echo "

style=\"border: 1px solid black\"/>

";

}

}

echo "

• ";

echo "

Author: ";

echo $book['author'];

echo "

ISBN: ";

echo $book['isbn'];

echo "

Our Price: ";

echo number_format($book['price'], 2);

echo "

Description: ";

echo $book['description'];

echo "

";

} else {

echo "

The details of this book cannot be displayed at this time.

";

}

echo "

---

";

}

function display_checkout_form() {

//display the form that asks for name and address

?>

Your Details
Name
Address
City/Suburb
State/Province
Postal Code or Zip Code
Country
Shipping Address (leave blank if as above)
Name
Address
City/Suburb
State/Province
Postal Code or Zip Code
Country
Please press Purchase to confirm your purchase, or Continue Shopping to add or remove items.

---

}

function display_shipping($shipping) {

// display table row with shipping cost and total price including shipping

?>

Shipping	<?php echo number_format($shipping, 2); ?>
TOTAL INCLUDING SHIPPING	$ <?php echo number_format($shipping+$_SESSION['total_price'], 2); ?>

}

function display_card_form($name) {

//display form asking for credit card details

?>

Credit Card Details
Type	VISA MasterCard American Express
Number
AMEX code (if required)
Expiry Date	Month 01 02 03 04 05 06 07 08 09 10 11 12 Year for ($y = date("Y"); $y < date("Y") + 10; $y++) { echo "".$y.""; } ?>
Name on Card
Please press Purchase to confirm your purchase, or Continue Shopping to add or remove items

}

function display_cart($cart, $change = true, $images = 1) {

// display items in shopping cart

// optionally allow changes (true or false)

// optionally include images (1 - yes, 0 - no)

echo "

Item	Price	Quantity	Total

//display each item as a table row

foreach ($cart as $isbn => $qty) {

$book = get_book_details($isbn);

echo "

";

if($images == true) {

echo "

";

if (file_exists("images/".$isbn.".jpg")) {

$size = GetImageSize("images/".$isbn.".jpg");

if(($size[0] > 0) && ($size[1] > 0)) {

echo "

style=\"border: 1px solid black\"

width=\"".($size[0]/3)."\"

height=\"".($size[1]/3)."\"/>";

}

} else {

echo " ";

}

echo "

";

}

echo "

".$book['title']."

by ".$book['author']."

\$".number_format($book['price'], 2)."";

// if we allow changes, quantities are in text boxes

if ($change == true) {

echo "";

} else {

echo $qty;

}

echo "

\$".number_format($book['price']*$qty,2)."\n";

}

// display total row

echo "

".$_SESSION['items']."

\$".number_format($_SESSION['total_price'], 2)."

";

// display save change button

if($change == true) {

echo "

border=\"0\" alt=\"Save Changes\"/>

";

}

echo "

";

}

function display_login_form() {

// dispaly form asking for name and password

?>

Username:
Password:

}

function display_admin_menu() {

?>

Go to main site

Add a new category

Add a new book

Change admin password

}

function display_button($target, $image, $alt) {

echo "

";

}

function display_form_button($image, $alt) {

echo "

";

}

?>

book_fns.php

function get_categories() {

$conn = db_connect();

$query = "select catid, catname from categories";

$result = @$conn -> query($query);

if (!$result) {

return false;

}

$num_cats = @$result -> num_rows;

if ($num_cats == 0) {

return false;

}

$result = db_result_to_array($result);

return $result;

}

function get_category_name($catid) {

$conn = db_connect();

$query = "select catname from categories where catid = ".$catid."";

$result = @$conn -> query($query);

if (!$result) {

return false;

}

$num_cats = @$result -> num_rows;

if ($num_cats == 0) {

return false;

}

$row = $result -> fetch_object();

return $row -> catname;

}

function get_books($catid) {

$conn = db_connect();

$query = "select * from books where catid = ".$catid."";

$result = @$conn -> query($query);

if (!$result) {

return false;

}

$num_cats = @$result -> num_rows;

if ($num_cats == 0) {

return false;

}

$result = db_result_to_array($result);

return $result;

}

function get_book_details($isbn) {

if ((!$isbn) || $isbn == '') {

return false;

}

$conn = db_connect();

$query = "select * from books where isbn = ".$isbn."";

$result = @$conn -> query($query);

if (!$result) {

return false;

}

$row = @$result -> fetch_assoc();

return $row;

}

function calculate_price($cart) {

$price = 0;

if (is_array($cart)) {

$conn = db_connect();

foreach ($cart as $isbn => $qty) {

$query = "select price from books where isbn='".$isbn."'";

$result = $conn -> query($query);

if ($result) {

$items = $result -> fetch_object();

$item_price = $items -> price;

$price += $item_price * $qty;

}

}

}

return $price;

}

function calculate_items($cart) {

$items = 0;

if (is_array($cart)) {

$conn = db_connect();

foreach ($cart as $isbn => $qty) {

$items += $qty;

}

}

return $items;

}

function calculate_shipping_cost() {

return 20.00;

}

?>

db_fns.php

function db_connect() {

$result = new mysqli('127.0.0.1', 'book_sc', 'password', 'book_sc');

if (!$result) {

return false;

}

$result->autocommit(TRUE);

return $result;

}

function db_result_to_array($result) {

$res_array = array();

for ($count=0; $row = $result->fetch_assoc(); $count++) {

$res_array[$count] = $row;

}

return $res_array;

}

?>

user_auth_fns.php

require_once('db_fns.php');

function login($username, $password) {

// check username and password with db

// if yes, return true

// else return false

// connect to db

$conn = db_connect();

if (!$conn) {

return 0;

}

// check if username is unique

$result = $conn->query("select * from admin

where username='".$username."'

and password = sha1('".$password."')");

if (!$result) {

return 0;

}

if ($result->num_rows>0) {

return 1;

} else {

return 0;

}

}

function check_admin_user() {

// see if somebody is logged in and notify them if not

if (isset($_SESSION['admin_user'])) {

return true;

} else {

return false;

}

}

function change_password($username, $old_password, $new_password) {

// change password for username/old_password to new_password

// return true or false

// if the old password is right

// change their password to new_password and return true

// else return false

if (login($username, $old_password)) {

if (!($conn = db_connect())) {

return false;

}

$result = $conn->query("update admin

set password = sha1('".$new_password."')

where username = '".$username."'");

if (!$result) {

return false; // not changed

} else {

return true; // changed successfully

}

} else {

return false; // old password was wrong

}

}

?>

admin_fns.php

// This file contains functions used by the admin interface

// for the Book-O-Rama shopping cart.

function display_category_form($category = '') {

// This displays the category form.

// This form can be used for inserting or editing categories.

// To insert, don't pass any parameters. This will set $edit

// to false, and the form will go to insert_category.php.

// To update, pass an array containing a category. The

// form will contain the old data and point to update_category.php.

// It will also add a "Delete category" button.

// if passed an existing category, proceed in "edit mode"

$edit = is_array($category);

// most of the form is in plain HTML with some

// optional PHP bits throughout

?>

action="<?php echo $edit ? 'edit_category.php' : 'insert_category.php'; ?>">

Category Name:	value="<?php echo $edit ? $category['catname'] : ''; ?>" />
align="center"> if ($edit) { echo ""; } ?> value="<?php echo $edit ? 'Update' : 'Add'; ?> Category" />

if ($edit) {

//allow deletion of existing categories

echo "

";

}

?>

}

function display_book_form($book = '') {

// This displays the book form.

// It is very similar to the category form.

// This form can be used for inserting or editing books.

// To insert, don't pass any parameters. This will set $edit

// to false, and the form will go to insert_book.php.

// To update, pass an array containing a book. The

// form will be displayed with the old data and point to update_book.php.

// It will also add a "Delete book" button.

// if passed an existing book, proceed in "edit mode"

$edit = is_array($book);

// most of the form is in plain HTML with some

// optional PHP bits throughout

?>

action="<?php echo $edit ? 'edit_book.php' : 'insert_book.php';?>">

ISBN:	value="<?php echo $edit ? $book['isbn'] : ''; ?>" />
Book Title:	value="<?php echo $edit ? $book['title'] : ''; ?>" />
Book Author:	value="<?php echo $edit ? $book['author'] : ''; ?>" />
Category:	// list of possible categories comes from database $cat_array=get_categories(); foreach ($cat_array as $thiscat) { echo " // if existing book, put in current catgory if (($edit) && ($thiscat['catid'] == $book['catid'])) { echo " selected"; } echo ">".$thiscat['catname']." "; } ?>
Price:	value="<?php echo $edit ? $book['price'] : ''; ?>" />
Description:	name="description"><?php echo $edit ? $book['description'] : ''; ?>
align="center"> if ($edit) // we need the old isbn to find book in database // if the isbn is being updated echo " value=\"".$book['isbn']."\" />"; ?> value="<?php echo $edit ? 'Update' : 'Add'; ?> Book" />

if ($edit) {

echo "

value=\"".$book['isbn']."\" />

";

}

?>

}

function display_password_form() {

// displays html change password form

?>

Old password:
New password:
Repeat new password:

}

function insert_category($catname) {

// inserts a new category into the database

$conn = db_connect();

// check category does not already exist

$query = "select *

from categories

where catname='".$catname."'";

$result = $conn->query($query);

if ((!$result) || ($result->num_rows!=0)) {

return false;

}

// insert new category

$query = "insert into categories values

(0, '".$catname."')";

$result = $conn->query($query);

if (!$result) {

return false;

} else {

return true;

}

}

function insert_book($isbn, $title, $author, $catid, $price, $description) {

// insert a new book into the database

$conn = db_connect();

// check book does not already exist

$query = "select *

from books

where isbn='".$isbn."'";

$result = $conn->query($query);

if ((!$result) || ($result->num_rows!=0)) {

return false;

}

// insert new book

$query = "insert into books values

('".$isbn."', '".$author."', '".$title."',

'".$catid."', '".$price."', '".$description."')";

$result = $conn->query($query);

if (!$result) {

return false;

} else {

return true;

}

}

function update_category($catid, $catname) {

// change the name of category with catid in the database

$conn = db_connect();

$query = "update categories

set catname='".$catname."'

where catid='".$catid."'";

$result = @$conn->query($query);

if (!$result) {

return false;

} else {

return true;

}

}

function update_book($oldisbn, $isbn, $title, $author, $catid,

$price, $description) {

// change details of book stored under $oldisbn in

// the database to new details in arguments

$conn = db_connect();

$query = "update books

set isbn= '".$isbn."',

title = '".$title."',

author = '".$author."',

catid = '".$catid."',

price = '".$price."',

description = '".$description."'

where isbn = '".$oldisbn."'";

$result = @$conn->query($query);

if (!$result) {

return false;

} else {

return true;

}

}

function delete_category($catid) {

// Remove the category identified by catid from the db

// If there are books in the category, it will not

// be removed and the function will return false.

$conn = db_connect();

// check if there are any books in category

// to avoid deletion anomalies

$query = "select *

from books

where catid=".$catid."";

$result = @$conn->query($query);

if ((!$result) || (@$result->num_rows > 0)) {

return false;

}

$query = "delete from categories

where catid='".$catid."'";

$result = @$conn->query($query);

if (!$result) {

return false;

} else {

return true;

}

}

function delete_book($isbn) {

// Deletes the book identified by $isbn from the database.

$conn = db_connect();

$query = "delete from books

where isbn='".$isbn."'";

$result = @$conn->query($query);

if (!$result) {

return false;

} else {

return true;

}

}

?>

data_valid_fns.php

function filled_out($form_vars) {

// test that each variable has a value

foreach ($form_vars as $key => $value) {

if ((!isset($key)) || ($value == '')) {

return false;

}

}

return true;

}

function valid_email($address) {

// check an email address is possibly valid

if (ereg("^[a-zA-Z0-9_\.\-]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$", $address)) {

return true;

} else {

return false;

}

}

?>

order_fns.php

function process_card($card_details) {

// connect to payment gateway or

// use gpg to encrypt and mail or

// store in DB if you really want to

return true;

}

function insert_order($order_details) {

// extract order_details out as variables

extract($order_details);

// set shipping address same as address

if((!$ship_name) && (!$ship_address) && (!$ship_city) && (!$ship_state) && (!$ship_zip) && (!$ship_country)) {

$ship_name = $name;

$ship_address = $address;

$ship_city = $city;

$ship_state = $state;

$ship_zip = $zip;

$ship_country = $country;

}

$conn = db_connect();

// we want to insert the order as a transaction

// start one by turning off autocommit

$conn->autocommit(FALSE);

// insert customer address

$query = "select customerid from customers where

name = '".$name."' and address = '".$address."'

and city = '".$city."' and state = '".$state."'

and zip = '".$zip."' and country = '".$country."'";

$result = $conn->query($query);

if($result->num_rows>0) {

$customer = $result->fetch_object();

$customerid = $customer->customerid;

} else {

$query = "insert into customers values

(0, '".$name."','".$address."','".$city."','".$state."','".$zip."','".$country."')";

$result = $conn->query($query);

if (!$result) {

return false;

}

}

$customerid = $conn->insert_id;

$date = date("Y-m-d");

$query = "insert into orders values

(0, '".$customerid."', '".$_SESSION['total_price']."', '".$date."', '".'PARTIAL'."',

'".$ship_name."', '".$ship_address."', '".$ship_city."', '".$ship_state."',

'".$ship_zip."', '".$ship_country."')";

$result = $conn->query($query);

if (!$result) {

return false;

}

$query = "select orderid from orders where

customerid = '".$customerid."' and

amount > (".$_SESSION['total_price']."-.001) and

amount < (".$_SESSION['total_price']."+.001) and

date = '".$date."' and

order_status = 'PARTIAL' and

ship_name = '".$ship_name."' and

ship_address = '".$ship_address."' and

ship_city = '".$ship_city."' and

ship_state = '".$ship_state."' and

ship_zip = '".$ship_zip."' and

ship_country = '".$ship_country."'";

$result = $conn->query($query);

if($result->num_rows>0) {

$order = $result->fetch_object();

$orderid = $order->orderid;

} else {

return false;

}

// insert each book

foreach($_SESSION['cart'] as $isbn => $quantity) {

$detail = get_book_details($isbn);

$query = "delete from order_items where

orderid = '".$orderid."' and isbn = '".$isbn."'";

$result = $conn->query($query);

$query = "insert into order_items values

('".$orderid."', '".$isbn."', ".$detail['price'].", $quantity)";

$result = $conn->query($query);

if(!$result) {

return false;

}

}

// end transaction

$conn->commit();

$conn->autocommit(TRUE);

return $orderid;

}

?>

index.php

require_once("book_sc_fns.php");

// The shopping cart needs sessions, so start one

session_start();

// Display header

do_html_header("Book-store");

// Show cat title

echo "

Please chose a category:

";

$cat_array = get_categories();

display_categories($cat_array);

// If login as admin, show add, delete, edit cat link

if (isset($_SESSION['admin_user'])) {

display_button("admin.php", "admin-menu", "Admin Menu");

}

do_html_footer();

?>

login.php

require_once("book_sc_fns.php");

do_html_header("Administration");

display_login_form();

do_html_footer();

?>

logout.php

// include function files for this application

require_once('book_sc_fns.php');

session_start();

$old_user = $_SESSION['admin_user']; // store to test if they *were* logged in

unset($_SESSION['admin_user']);

session_destroy();

// start output html

do_html_header("Logging Out");

if (!empty($old_user)) {

echo "

Logged out.

";

do_html_url("login.php", "Login");

} else {

// if they weren't logged in but came to this page somehow

echo "

You were not logged in, and so have not been logged out.

";

do_html_url("login.php", "Login");

}

do_html_footer();

?>

admin.php

require_once("book_sc_fns.php");

session_start();

if ($_POST["username"] && $_POST["passwd"]) {

$username = $_POST["username"];

$passwd = $_POST["passwd"];

if (login($username, $passwd)) {

$_SESSION["admin_user"] = $username;

}else {

do_html_header("Problem:");

echo "

You could not be logged in.

You must be logged in to view this page.

";

do_html_url("login.php", "Login");

do_html_footer();

exit;

}

}

do_html_header("Administrtion");

if (check_admin_user()) {

display_admin_menu();

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

insert_book_form.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Add a category");

if (check_admin_user()) {

display_book_form();

do_html_url("admin.php", "Back to administration menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

insert_book.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Adding a book");

if (check_admin_user()) {

if (filled_out($_POST)) {

$isbn = $_POST['isbn'];

$title = $_POST['title'];

$author = $_POST['author'];

$catid = $_POST['catid'];

$price = $_POST['price'];

$description = $_POST['description'];

if (insert_book($isbn, $title, $author, $catid, $price, $description)) {

echo "

Book ".stripslashes($title)." was added to the database.

";

}else {

echo "

Book ".stripslashes($title)." could not be added to the database.

";

}

}else {

echo "

You have not filled out the form. Please try again

";

}

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

insert_category_form.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Add a category");

if (check_admin_user()) {

display_category_form();

do_html_url("admin.php", "Back to administration menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

insert_category.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Adding a category");

if (check_admin_user()) {

if (filled_out($_POST)) {

$catname = $_POST['catname'];

if (insert_category($catname)) {

echo "

Category \"".$catname."\" was added to the database.

";

}else {

echo "

Category \"".$catname."\" could not be added to the database.

";

}

}else {

echo "

You have not filled out the form. Please try again

";

}

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

delete_book.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Deleting book");

if (check_admin_user()) {

if (isset($_POST['isbn'])) {

if (delete_book($_POST['isbn'])) {

echo "

Book was deleted.

";

}else {

echo "

Book could not be deleted.

";

}

}else {

echo "

No Book specified. Please try again

";

}

do_html_url("admin.php", "Back to administation menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

delete_category.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Deleting category");

if (check_admin_user()) {

if (isset($_POST['catid'])) {

if (delete_category($_POST['catid'])) {

echo "

Category was deleted.

";

}else {

echo "

Category could not be deleted.

";

}

}else {

echo "

No category specified. Please try again

";

}

do_html_url("admin.php", "Back to administation menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

edit_book_form.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Edit book details");

if (check_admin_user()) {

if ($book = get_book_details($_GET['isbn'])) {

display_book_form($book);

}else {

echo "

Could not retrieve book details.

";

}

do_html_url("admin.php", "Back to administration menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

edit_book.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Updating book");

if (check_admin_user()) {

if (filled_out($_POST)) {

$old_isbn = $_POST['oldisbn'];

$isbn = $_POST['isbn'];

$title = $_POST['title'];

$author = $_POST['author'];

$catid = $_POST['catid'];

$price = $_POST['price'];

$description = $_POST['description'];

if (update_book($old_isbn, $isbn, $title, $author, $catid, $price, $description)) {

echo "

Book was updated.

";

}else {

echo "

Book could not be updated.

";

}

}else {

echo "

You have not filled out the form. Please try again

";

}

do_html_url("admin.php", "Back to administation menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

edit_category_form.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Edit category");

if (check_admin_user()) {

if ($catname = get_category_name($_GET['catid'])) {

$catid = $_GET['catid'];

$cat = compact('catname', 'catid');

display_category_form($cat);

}else {

echo "

Could not retrieve catogory details.

";

}

do_html_url("admin.php", "Back to administration menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

edit_category.php

require_once("book_sc_fns.php");

session_start();

do_html_header("Updating category");

if (check_admin_user()) {

if (filled_out($_POST)) {

if (update_category($_POST['catid'], $_POST['catname'])) {

echo "

Category was updated.

";

}else {

echo "

Category could not be updated.

";

}

}else {

echo "

You have not filled out the form. Please try again

";

}

do_html_url("admin.php", "Back to administation menu");

}else {

echo "

You are not authorized to enter the administration area.

";

}

do_html_footer();

?>

change_password_form.php

require_once('book_sc_fns.php');

session_start();

do_html_header("Change administrator password");

check_admin_user();

display_password_form();

do_html_url("admin.php", "Back to administration menu");

do_html_footer();

?>

change_password.php

require_once('book_sc_fns.php');

session_start();

do_html_header('Changing password');

check_admin_user();

if (!filled_out($_POST)) {

echo "

You have not filled out the form completely.

Please try again.

";

do_html_url("admin.php", "Back to administration menu");

do_html_footer();

exit;

} else {

$new_passwd = $_POST['new_passwd'];

$new_passwd2 = $_POST['new_passwd2'];

$old_passwd = $_POST['old_passwd'];

if ($new_passwd != $new_passwd2) {

echo "

Passwords entered were not the same. Not changed.

";

} else if ((strlen($new_passwd)>16) || (strlen($new_passwd)<6)) {

echo "

New password must be between 6 and 16 characters. Try again.

";

} else {

// attempt update

if (change_password($_SESSION['admin_user'], $old_passwd, $new_passwd)) {

echo "

Password changed.

";

} else {

echo "

Password could not be changed.

";

}

}

}

do_html_url("admin.php", "Back to administration menu");

do_html_footer();

?>

checkout.php

include("book_sc_fns.php");

session_start();

do_html_header("Checkout");

if (($_SESSION['cart']) && (array_count_values($_SESSION['cart']))) {

display_cart($_SESSION['cart'], false, 0);

display_checkout_form();

}else {

echo "

There are no items in your cart

";

}

display_button("show_cart.php", "continue-shopping", "Continue Shopping");

do_html_footer();

?>

process.php

include("book_sc_fns.php");

session_start();

do_html_header("Checkout");

$card_type = $_POST['card_type'];

$card_number = $_POST['card_number'];

$card_month = $_POST['card_month'];

$card_year = $_POST['card_year'];

$card_name = $_POST['card_name'];

if ($_SESSION["cart"] && ($card_type) && ($card_number)

&& ($card_month) && ($card_year) && ($card_name)) {

display_cart($_SESSION['cart'], false, 0);

display_shipping(calculate_shipping_cost());

if (process_card($_POST)) {

session_destroy();

echo "

Thank you for shopping with us.Your order has been placed.

";

display_button("index.php", "continue-shopping", "Continue Shopping");

}else {

echo "

Could not process your card.Please contact the card issuer or try again.

";

display_button("purchase.php", "back", "Back");

}

}else {

echo "

You did not fill in all the fields, please try again.

---

";

display_button("purchase.php", "back", "Back");

}

do_html_footer();

?>

purchase.php

include("book_sc_fns.php");

session_start();

do_html_header("Checkout");

// Info

$name = $_POST['name'];

$address = $_POST['address'];

$city = $_POST['city'];

$zip = $_POST['zip'];

$country = $_POST['country'];

// Check if filled out

if (($_SESSION['cart']) && ($name) && ($address) && ($city) && ($zip) && ($country)) {

if ((insert_order($_POST)) != false) {

display_cart($_SESSION['cart'], false, 0);

display_shipping(calculate_shipping_cost());

display_card_form($name);

display_button('show_cart.php', 'continue-shopping', 'Continu Shopping');

}else {

echo "

Could not store data, please try again.

---

";

display_button('checkout.php', 'back', 'back');

}

}else {

echo "

You did not fill in all the fields, please try again.

---

";

display_button('checkout.php', 'back', 'back');

}

do_html_footer();

?>

show_book.php

// include function files for this application

require_once('book_sc_fns.php');

session_start();

$isbn = $_GET['isbn'];

$book = get_book_details($isbn);

do_html_header($book['title']);

display_book_details($book);

$target = "index.php";

if ($book['catid']) {

$target = "show_cat.php?catid=".$book['catid']."";

}

if (check_admin_user()) {

display_button("edit_book_form.php?isbn=".$isbn."", "edit-item", "Edit Book");

display_button("admin.php", "admin-menu", "Admin Menu");

display_button($target, "continue", "Continue");

}else {

display_button("show_cart.php?new=".$isbn."", "add-to-cart", "Add ".$book['title']." To My Shopping Cart");

display_button($target, "continue-shopping", "Continue Shopping");

}

do_html_footer();

?>

show_cart.php

include("book_sc_fns.php");

session_start();

@$new = $_GET['new'];

if ($new) {

// If cart is null create a new cat

if (!isset($_SESSION['cart'])) {

$_SESSION['cart'] = array();

$_SESSION['item'] = 0;

$_SESSION['total_price'] = '0.00';

}

// book count

if (isset($_SESSION['cart'][$new])) {

$_SESSION['cart'][$new] ++;

}else {

$_SESSION['cart'][$new] = 1;

}

$_SESSION['total_price'] = calculate_price($_SESSION['cart']);

$_SESSION['items'] = calculate_items($_SESSION['cart']);

}

// Save

if (isset($_POST['save'])) {

foreach ($_SESSION['cart'] as $isbn => $qty) {

if ($_POST[$isbn] == '0') {

unset($_SESSION['cart'][$isbn]);

}else {

$_SESSION['cart'][$isbn] = $_POST[$isbn];

}

}

$_SESSION['total_price'] = calculate_price($_SESSION['cart']);

$_SESSION['items'] = calculate_items($_SESSION['cart']);

}

do_html_header("Your shopping cart");

// Display the cart

if ($_SESSION['cart'] && (array_count_values($_SESSION['cart']))) {

display_cart($_SESSION['cart']);

}else {

echo "

There are no items in your cart

---

";

}

$target = "index.php";

if ($new) {

$detail = get_book_details($new);

if ($detail['catid']) {

$target = "show_cat.php?catid=".$detail['catid'];

}

}

display_button($target, "continue-shopping", "Continue Shopping");

display_button("checkout.php", "go-to-checkout", "Go To Checkout");

do_html_footer();

?>

show_cat.php

// include function files for this application

require_once('book_sc_fns.php');

session_start();

$catid = $_GET['catid'];

$name = get_category_name($catid);

do_html_header($name);

// Get books

$book_array = get_books($catid);

display_books($book_array);

if (isset($_SESSION['admin_user'])) {

display_button("index.php", "continue", "Continue Shopping");

display_button("admin.php", "admin-menu", "Admin Menu");

display_button("edit_category_form.php?catid=".$catid."", "edit-category", "Edit category");

}else {

display_button("index.php", "continue-shopping", "Continue Shopping");

}

do_html_footer();

?>

说明