1 / 41

Session 18, 29 th February 2012

Web Programming!. Session 18, 29 th February 2012. Today’s session. Understanding the framework Adding a page Register an account / login / logout Shopping cart Checkout REST credit card service Planning the database. includes/header.inc. includes/header.inc. includes/ navigation.inc.

orli
Download Presentation

Session 18, 29 th February 2012

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Programming! Session 18, 29th February 2012

  2. Today’s session... • Understanding the framework • Adding a page • Register an account / login / logout • Shopping cart • Checkout • REST credit card service • Planning the database

  3. includes/header.inc

  4. includes/header.inc includes/ navigation.inc

  5. includes/header.inc includes/ navigation.inc includes/ sidebar.inc

  6. includes/header.inc includes/ navigation.inc includes/ sidebar.inc includes/footer.inc

  7. includes/header.inc includes/ navigation.inc includes/ sidebar.inc modules/ main.inc.php includes/footer.inc

  8. How to add a page • Add it to index.php The word after case is how you will access the page in the browser. In this example it would be: http://www.cems.uwe.ac.uk/[~yourusername]/wp/assignment/index.php?p=about

  9. How to add a page (2) 2) Create a file and save to the “modules” folder Save as: pagename.inc.php Include the code shown on the screenshot

  10. How to add a page (3) Your new page

  11. How to add a page (4) • To add a link to your new page in the navigation, open includes/navigation.inc

  12. Creating a user login (1) • Follow the tutorial from http://www.knowledgesutra.com/forums/topic/7887-php-simple-login-tutorial/ • First, get it working by itself • Add extra features you might need(e.g. Address on register form) • Copy the code into the relevant pages in the framework(add database connection to modules/config.inc.php)

  13. Creating a user login (2) • The login tutorial uses sessions to maintain state (not cookies) • Where you use session_start(); make sure it is the first line of code on that page • Tutorial includes code for register form, login form, members only page and logout • Make sure to reference all code that wasn’t written by you.

  14. Shopping cart (1) • Follow the tutorial from http://v3.thewatchmakerproject.com/journal/276/building-a-simple-php-shopping-cart • Demo site: http://v3.thewatchmakerproject.com/cart-demo/

  15. Shopping cart (2) • Saves product details in a database table • WHY? • Uses sessions to remember user’s cart • Allows users to: • Add products to cart • Change the quantity of products in cart • Delete a product from cart • Doesn’t include “checkout” code

  16. Shopping cart (3) • First, get it working by itself • Add extra features you might need(e.g. Fields in “products” table) • Copy the code into the relevant pages in the framework

  17. Checkout • How might you do the checkout? • Form? How many steps? Is user logged in? • What do you need from user? • List of products • Their username • Their address/telephone • Payment details • REST credit card service

  18. REST Credit Card Validation Service • What? • Why? • When? • How?

  19. What is the service? • The service is based at http://www.cems.uwe.ac.uk/~p-chatterjee/rest/rest.php • Validates credit/debit card data – simulating on a very small scale what gateways such as PayPal or SagePay do • Takes GET variables from the URL you enter, and returns XML within an <auth> tag • Documentation at http://www.cems.uwe.ac.uk/~p-chatterjee/rest/rest_guide.php

  20. Base Data Set

  21. #win • This will be returned if you’ve sent correct card data according to the Base Data Set, and none of the errors are generated... (see request)

  22. #fail • An error like this will be generated if one or more ofthe error conditions to theright are met(in this case, my request statesan amount which equals moreto the limit for that card)

  23. Why are you using this? • To teach you how to call a RESTful service based on provided parameters • Coding & handling for a response a service will return, be this errors or successful requests • Basic security & integrity principles • (And because the assignment spec says so...)

  24. The When? • You should implement a call to the RESTful card clearance service at the checkout stage once the user has filled in their data and credit card details for submission • This should be AFTER you have validated for: • Empty fields (e.g. No name, no card type) • Incorrect data (e.g. Text in expiry date/card number) • ONLY THEN should you call to the service to verify the credit card details.

  25. How to use it? • Use PHP’s file_get_contents or cURL function to call the API, like so: Add GET variables here...

  26. Variables Required • service – needs to be ‘cardAuth’ • msg_id – random number to verify transaction authenticity • num_md5 – credit card number but encrypted using the md5 algorithm • amount – basket total • currency – will be GBP • api_key – have you been given one?

  27. Variables Required Generate a random 4 digit number Note: This URL should all be on one line when you do yours

  28. Interpreting the returned XML • Use PHP’s simpleXMLElement function to create a copy of the XML tree that is interpretable by PHP:

  29. That returns...

  30. That returns... We can access these through PHP through the simpleXMLElement object we created ($response) like this: We get:

  31. If an error is present... • An <error> tag will be in place of all the others as you’ve just seen that get returned, and to catch errors we can do something like...

  32. Check the XML data against posted data • Check the returned XML matches the following: • the id attribute on the <auth> tag matches the one that was randomly generated before calling. • the cardholder name matches the posted name (bearer) • the card type, card start date and card expiry date match those posted (type, syear, fyear) • If all these match, transaction is successful!

  33. The 8 magic steps of the checkout(Summary) • Get and submit checkout data (e.g. Credit Card number etc) • Validate the data server side (e.g. Check for empty fields, incorrect formats of text) • If data’s valid, generate a random 4-digit number, md5 the credit card number and make a call to the service • Interpret whether the XML returned contains an error or a successful request...

  34. The 8 magic steps of the checkout(Summary) • If there’s an error, return to the form and output the error. • If it’s successful, then check the user-posted details match with those returned by the XML. • If the posted details don’t match those returned, someone will have entered an incorrect start/expiry date etc – therefore return an error. • But if the details all match then the transaction should be confirmed and successful!

  35. Planning the database (1) • Plan your tables & fields before you start • It’s difficult to add new fields later • Think AHEAD – what might you need to do in the future? • Stock control • Is product live? • User details • Product categories • Order control – has it been shipped?

  36. Planning the database (2) • Possible tables • Products • Users • Orders • Any more? • Think about relationships between the tables • 1 user could have 0, 1 or many orders • Foreign keys

  37. Planning the database (3) • Sketch out your tables on paper • Add in all of the fields and their datatypes • Add in the relationships • One-to-one • One-to-many • Many-to-many (don’t forget link tables!) • Identify foreign keys • THEN start building it in PHP MyAdmin

  38. Any questions? ???

More Related