next »

[kopkingmeister]

Hey

As I said in my initial post in the welcome section I am a complete newbie when it comes to coding php and mysql and do not have the slightest idea as to where to start, however I want to build something for one of my WH sites.

Basically I have a discount codes website based on wordpress which I am going to revamp and make more like a cms - I believe I can do this through the use of some plug ins and so on - however the big issue I have is that if I carry on as I have been doing which is displaying the discount code on the site then people will just get the code and go directly to the retailer - without using my aff link.

I could be naughty and stuff cookies - which I don't want to do in this instance so instead I want to do the following:

Have a use promo button on my post / page - this will then open another browser window or tab within which the merchant site is loaded - however over the top of the merchant site (and using css / js) I will display a 'pop up' with the promo code inserted in there - this means people can only get the code once the cookie has been dropped on opening of the merchant site.

I have the code for the css and js already so can do that part but the bit I am struggling with is the dynamic generation of the content to insert into that 'pop up' etc

So here is what I am thinking that I need:

A password protected admin section on my site
In this area I am able to enter  -through a web based form - certain pieces of information such as meta keywords, voucher details, actual promo code etc
This data is then written to a DB and has a unique reference
Insert php tags into a merchant load page - i.e. www.mydomain.com/merchantload.php?merchant_id=XX
When this page is then loaded it opens the merchant site in the background and then shows the css pop up on top with the voucher code dynamically inserted

I could do this manually for each one but this takes a lot of time and ultimately I want to be able to do it through a web based admin interface and have the data inserted on the fly when the page is called.

I am sure for a php / mysql newbie like myself this is a fairly big project to undertake but I want to be able to have a go at it so would welcome some initial inspiration / thoughts from people as to where to start.

Cheers for reading this far!!

[nutballs]

actually the project doesnt need to be that hard if you are willing to simplify and keep it inflexible.
A lot of noobs get stuck on the idea that they need to do everything correctly the first time. In reality, you just need to DO IT.
just like BH...

Once you know how to do it, then its a matter of doing it right. Like sex. but not as fun. so not like sex. but you get my point.

login for example. dont bother with one of these crazy ass login systems with multi permissions etc etc if you dont need it. just use my ghetto login as a starting point, or even go simpler if you want.

for the most part, stupid simple will help you succeed. features will kill you as a noob.

[vsloathe]

Need more information.

Sounds like an awfully complicated way of doing it though.

[kopkingmeister]

Thanks for the response guys

Like I said I am just finding my way with this stuff  - Vsloathe have sent you a pm with the site I have got the idea from - and based on my very 'simple' view of these things - it was my assumption that what I had outlined in my post above was the best way to do things

But you guys are the experts!!

Cheers KK

[perkiset]

Hey Kops -

Let's just tackle the "CRUD" part of the job first - (Create/Read/Update/Delete) - does this have to be a custom piece of code? I mean, if you have a table with an autoincrementing integer as the primary key (call it "ID" or something) then as you enter new items you'd automatically get a unique id. If you manage this all with phpMyAdmin then you have a nice web interface that can be set up to require a password everytime and you've nailed the first half of your job, no?

[kopkingmeister]

Hey perks

Yes that would be perfect, I have been doing some further reading today to try and get more upto speed with things!

[vsloathe]

Thanks for the link to the site KK.

What you're looking for is some pretty tricky javascript. The PHP and database part is relatively simple, and I'm sure we could help you tackle it. PM some of the more guru-esque javascript guys like Nutballs or Perk for help with the javascript to do what he's doing on that page you sent me. There is a bit of XSS restriction to overcome there.

[kopkingmeister]

Quick update on where we are!

Thanks to Nutballs, Vsloathe and Perks for their replies and PM's so far, looks like I am biting something off that is a lot more than I can chew right now but what the hell!!

Anyway have broken it down into its component parts and story boarded what I want it to do.

Took some time last night with a php and mysql tutorial and built a very very simple form to input data into my db - so am quite proud of that so far! - a small step but an important one!!!

[perkiset]

right on kops - you go man!

looking forward to hearing of the progress. ping as you need it.

/p

[kopkingmeister]

Cheers Perks

Got a quick question - I am going to have a play around tonight with inserting data from the DB into a page - just while I start to get a feel for getting individual pieces of data from the Db rather than whole rows

I have managed to get information displaying individually by using the following code:

<?
   
$id = "2";

   # setup SQL statement
   
$SQL = " SELECT * FROM discount_codes ";
   $SQL = $SQL . " WHERE id = '$id' ";

   

# execute SQL statement
   

$retid = mysql_db_query($db, $SQL, $cid);

   

# check for errors
   if (!$retid) { echo( mysql_error()); }
   else {

      

# display results
      

      while ($row = mysql_fetch_array($retid)) {
         $affurl = $row["affurl"];
         $disccode = $row["disccode"];

         echo ("<DD><A HREF='$affurl'>$disccode[/url]</DD>\n");
      }

   
}

?>

However I am having to individually write the ID of the row into the bit of code: $id = "2"; - ie. in this case row 2

Ultimately I want to retrieve that bit of info from the url - i.e. www.mydomain.com/discountcodeoffer.php?affid=2

Is it possible to select a specific piece of info from a url to do that? - I have had a scout around today and some sites are advising to use $_Get but my attempts at using this have proved fruitless so far - any thoughts?

I want to get a feel for all the bits that I have to do and have a play around with it before I really get my teeth stuck into the main bit of the project!

KK

[nutballs]

change this line: 
$id = "2";

to this:

$id = $_GET['affid'];

assuming affid is what is actually in the querystring or course. also make sure GET is all caps.

that at least gets you to pulling the database entry, based upon the ID in the URL like you want. The next step will be verifying that its actually an integer, since I could fuck your site 10 ways from sunday without it.

if (!is_int($_GET['affid'])
{
die("fuck off hacker.");
}

[kopkingmeister]

Cheers Nutballs - appreciate it

[perkiset]

(Dang it, NBs just got in here quicker)

Consider this snippet:

Code:

<?

$id = $_GET['theparam'];

if ($retid = mysql_db_query($db, "SELECT * FROM discount_codes where id=$id", $cid))
{
while ($row = mysql_fetch_array($retid))
echo ("<DD><A HREF='{$row["affurl"]}'>$row["disccode"]</A></DD>\n");
} else echo mysql_error();

?>

I wrote this kind of "squishy" so that you could see some different ways to handle strings and control blocks.

However I am having to individually write the ID of the row into the bit of code: $id = "2"; - ie. in this case row 2
Ultimately I want to retrieve that bit of info from the url - i.e. www.mydomain.com/discountcodeoffer.php?affid=2
Is it possible to select a specific piece of info from a url to do that? - I have had a scout around today and some sites are advising to use $_Get but my attempts at using this have proved fruitless so far - any thoughts?

The problem is that PHP is case sensitive for variables and $_Get is not the same as $_GET ... change as listed and as Nuts says. Also, Nuts' is_int() call is an excellent way to start protecting yourself - I was gonna comment as well on the sql-insertion vector you are opening up here. That's a good start.

[vsloathe]

if (!is_int($_GET['affid'])
{
die("fuck off hacker.");
}

You'll need to do a little more than this.

At least do

Code:

if (!is_int($_GET['affid'] || strlen($_GET['affid']) > 10)
{
die("fuck off hacker.");
}

There are always ways of doing clever things with integers, given enough of them to work with. LOL

[kopkingmeister]

OK hit a brick wall!!!

I keep getting the following error when trying to run the code:

Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/xxxxxxxxxx.php on line 40

done some searching to try and find a way around it and for the life of me cannot get it change!- if I remove anything then i just get other errors in the code!

Perk followed your code above and it is throwing the error everytime - looks like it is something to do with this line:

echo ("<DD><A HREF='{$row["affurl"]}'>$row["disccode"][/url]</DD>\n");