Jump to content
stevel

Country-State Selector

Recommended Posts

Hello. Quick question - I just installed version 1.5.5. It is generally working, but I had two problems.

First, the indicator graphic shows as soon as you go to one of the address entry/edit pages. I have it set to default to country = 223, but if I load the create_account page for example, without doing anything the page starts out showing the indicator.gif. Only if I change the country does this go away. I decided to disable the image anyway, but if I decide I want it back (or for the benefit of anyone else with this issue), how do you get it to hid initially and only show when it should?

 

Second, I have found that when I start out on create_account (or any other of these pages), it defaults to United States and Alabama for the state. If I change the country (to United Kingdom for example) it works as expected but puts a 1 in the state/province field. If I change to any country with states (US or Canada) it again works as expected, but defaults to the last value in the list (Wyoming for US, Yukon Terr for Canada).

How can I stop it from putting the 1 value in there, and is there an easy way to get it to put no value in the drop-downs? My customers have a tendency to not pay attention to the state and leave the default in there (be it Alabama or Wyoming), which is of course wrong unless they happen to be from one of those states.

 

Thanks!

Share this post


Link to post
Share on other sites

I'm using this add on along with wordpress oscommerce and I'm having a few issues with it.

 

I've got it pretty much worked out howwever when I change the country instead of replacing the state, it replaces the states and then inputs pretty much the whole page again below the states dropdown.

 

The big issue here is that the system was designed for use with div and tables, wpsoc only uses div's so I don't quite know how to stop it inputting the whole page again. Anyone got any advice.

 

my shop is here www.martincphoto.com/shop

 

I have disabled the indicator as I've no use for it but even if I reinstate that it doesn't make any difference.

Share this post


Link to post
Share on other sites

I'm using this add on along with wordpress oscommerce and I'm having a few issues with it.

 

I've got it pretty much worked out howwever when I change the country instead of replacing the state, it replaces the states and then inputs pretty much the whole page again below the states dropdown.

 

The big issue here is that the system was designed for use with div and tables, wpsoc only uses div's so I don't quite know how to stop it inputting the whole page again. Anyone got any advice.

 

my shop is here www.martincphoto.com/shop

 

I have disabled the indicator as I've no use for it but even if I reinstate that it doesn't make any difference.

Just found a solution. I had to create a new php file to update it.

Share this post


Link to post
Share on other sites

Hi all!

 

I used the 1.5.5 and when i go to admin/customers.php i have a blank screen (and no code in the web). I put an error_reporting(E_ALL); at the beggining but it keeps showing nothing.

 

Mi code is this:

<?php
error_reporting(E_ALL);
/*
 $Id: customers.php 1739 2007-12-20 00:52:16Z hpdl $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

 $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');
// +Country-State Selector
$refresh = (isset($HTTP_POST_VARS['refresh']) ? $HTTP_POST_VARS['refresh'] : 'false');
// -Country-State Selector	
 $error = false;
 $processed = false;

 if (tep_not_null($action)) {
   switch ($action) {
     case 'update':
       $customers_id = tep_db_prepare_input($HTTP_GET_VARS['cID']);
       $customers_firstname = tep_db_prepare_input($HTTP_POST_VARS['customers_firstname']);
       $customers_lastname = tep_db_prepare_input($HTTP_POST_VARS['customers_lastname']);
       $customers_email_address = tep_db_prepare_input($HTTP_POST_VARS['customers_email_address']);
       $customers_telephone = tep_db_prepare_input($HTTP_POST_VARS['customers_telephone']);
       $customers_fax = tep_db_prepare_input($HTTP_POST_VARS['customers_fax']);
       $customers_newsletter = tep_db_prepare_input($HTTP_POST_VARS['customers_newsletter']);

       $customers_gender = tep_db_prepare_input($HTTP_POST_VARS['customers_gender']);
       $customers_dob = tep_db_prepare_input($HTTP_POST_VARS['customers_dob']);

       $default_address_id = tep_db_prepare_input($HTTP_POST_VARS['default_address_id']);
       $entry_street_address = tep_db_prepare_input($HTTP_POST_VARS['entry_street_address']);
       $entry_suburb = tep_db_prepare_input($HTTP_POST_VARS['entry_suburb']);
       $entry_postcode = tep_db_prepare_input($HTTP_POST_VARS['entry_postcode']);
       $entry_city = tep_db_prepare_input($HTTP_POST_VARS['entry_city']);
       $entry_country_id = tep_db_prepare_input($HTTP_POST_VARS['entry_country_id']);

       $entry_company = tep_db_prepare_input($HTTP_POST_VARS['entry_company']);
	//NIF start		
       $entry_nif = tep_db_prepare_input($HTTP_POST_VARS['entry_nif']);
       //NIF end
       $entry_state = tep_db_prepare_input($HTTP_POST_VARS['entry_state']);
       // +Country-State Selector
       if (isset($HTTP_POST_VARS['entry_zone_id'])) {
          $entry_zone_id = tep_db_prepare_input($HTTP_POST_VARS['entry_zone_id']);
       } else {
          $entry_zone_id = 0;
       }
       if ($refresh != 'true') {
       // -Country-State Selector

       if (strlen($customers_firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
         $error = true;
         $entry_firstname_error = true;
       } else {
         $entry_firstname_error = false;
       }

       if (strlen($customers_lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
         $error = true;
         $entry_lastname_error = true;
       } else {
         $entry_lastname_error = false;
       }

       if (ACCOUNT_DOB == 'true') {
         if (checkdate(substr(tep_date_raw($customers_dob), 4, 2), substr(tep_date_raw($customers_dob), 6, 2), substr(tep_date_raw($customers_dob), 0, 4))) {
           $entry_date_of_birth_error = false;
         } else {
           $error = true;
           $entry_date_of_birth_error = true;
         }
       }

       if (strlen($customers_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
         $error = true;
         $entry_email_address_error = true;
       } else {
         $entry_email_address_error = false;
       }

       if (!tep_validate_email($customers_email_address)) {
         $error = true;
         $entry_email_address_check_error = true;
       } else {
         $entry_email_address_check_error = false;
       }

       if (strlen($entry_street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
         $error = true;
         $entry_street_address_error = true;
       } else {
         $entry_street_address_error = false;
       }

       if (strlen($entry_postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
         $error = true;
         $entry_post_code_error = true;
       } else {
         $entry_post_code_error = false;
       }

       if (strlen($entry_city) < ENTRY_CITY_MIN_LENGTH) {
         $error = true;
         $entry_city_error = true;
       } else {
         $entry_city_error = false;
       }

       if ($entry_country_id == false) {
         $error = true;
         $entry_country_error = true;
       } else {
         $entry_country_error = false;
       }
/* MCRIADO  7 JUN 2010 BORRADO POR LO DEL COUNTRY STATE
       if (ACCOUNT_STATE == 'true') {
         if ($entry_country_error == true) {
           $entry_state_error = true;
         } else {
           $zone_id = 0;
           $entry_state_error = false;
           $check_query = tep_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int)$entry_country_id . "'");
           $check_value = tep_db_fetch_array($check_query);
           $entry_state_has_zones = ($check_value['total'] > 0);
           if ($entry_state_has_zones == true) {
             $zone_query = tep_db_query("select zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int)$entry_country_id . "' and zone_name = '" . tep_db_input($entry_state) . "'");
             if (tep_db_num_rows($zone_query) == 1) {
               $zone_values = tep_db_fetch_array($zone_query);
               $entry_zone_id = $zone_values['zone_id'];
             } else {
               $error = true;
               $entry_state_error = true;
             }
           } else {
             if (strlen($entry_state) < ENTRY_STATE_MIN_LENGTH) {
               $error = true;
               $entry_state_error = true;
             }
           }
        }
     }

  HASTA AQUI */

     if (strlen($customers_telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
       $error = true;
       $entry_telephone_error = true;
     } else {
       $entry_telephone_error = false;
     }

     $check_email = tep_db_query("select customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($customers_email_address) . "' and customers_id != '" . (int)$customers_id . "'");
     if (tep_db_num_rows($check_email)) {
       $error = true;
       $entry_email_address_exists = true;
     } else {
       $entry_email_address_exists = false;
     }

     // +Country-State Selector	  
     }  // End if (!$refresh)	
     if (($error == false) && ($refresh != 'true')) {
// -Country-State Selector


       $sql_data_array = array('customers_firstname' => $customers_firstname,
                               'customers_lastname' => $customers_lastname,
                               'customers_email_address' => $customers_email_address,
                               'customers_telephone' => $customers_telephone,
                               'customers_fax' => $customers_fax,
                               'customers_newsletter' => $customers_newsletter);

       if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $customers_gender;
       if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = tep_date_raw($customers_dob);

       tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customers_id . "'");

       tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int)$customers_id . "'");

       if ($entry_zone_id > 0) $entry_state = '';

       $sql_data_array = array('entry_firstname' => $customers_firstname,
                               'entry_lastname' => $customers_lastname,
                               'entry_street_address' => $entry_street_address,
                               'entry_postcode' => $entry_postcode,
                               'entry_city' => $entry_city,
                               'entry_country_id' => $entry_country_id);

       if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $entry_company;
	//NIF start
       if (ACCOUNT_NIF == 'true') $sql_data_array['entry_nif'] = $entry_nif;
       //NIF end

       if (ACCOUNT_SUBURB == 'true') $sql_data_array['entry_suburb'] = $entry_suburb;

       if (ACCOUNT_STATE == 'true') {
         if ($entry_zone_id > 0) {
           $sql_data_array['entry_zone_id'] = $entry_zone_id;
           $sql_data_array['entry_state'] = '';
         } else {
           $sql_data_array['entry_zone_id'] = '0';
           $sql_data_array['entry_state'] = $entry_state;
         }
       }

       tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '" . (int)$customers_id . "' and address_book_id = '" . (int)$default_address_id . "'");

       tep_redirect(tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $customers_id));

       } else if ($error == true) {
         $cInfo = new objectInfo($HTTP_POST_VARS);
          $processed = true;
         // +Country-State Selector
         } else if ($refresh == 'true') {
           $cInfo = new objectInfo($HTTP_POST_VARS);
         }
         // -Country-State Selector

       }

       break;
     case 'deleteconfirm':
       $customers_id = tep_db_prepare_input($HTTP_GET_VARS['cID']);

       if (isset($HTTP_POST_VARS['delete_reviews']) && ($HTTP_POST_VARS['delete_reviews'] == 'on')) {
         $reviews_query = tep_db_query("select reviews_id from " . TABLE_REVIEWS . " where customers_id = '" . (int)$customers_id . "'");
         while ($reviews = tep_db_fetch_array($reviews_query)) {
           tep_db_query("delete from " . TABLE_REVIEWS_DESCRIPTION . " where reviews_id = '" . (int)$reviews['reviews_id'] . "'");
         }

         tep_db_query("delete from " . TABLE_REVIEWS . " where customers_id = '" . (int)$customers_id . "'");
       } else {
         tep_db_query("update " . TABLE_REVIEWS . " set customers_id = null where customers_id = '" . (int)$customers_id . "'");
       }

       tep_db_query("delete from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customers_id . "'");
       tep_db_query("delete from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customers_id . "'");
       tep_db_query("delete from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . (int)$customers_id . "'");
       tep_db_query("delete from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int)$customers_id . "'");
       tep_db_query("delete from " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " where customers_id = '" . (int)$customers_id . "'");
       tep_db_query("delete from " . TABLE_WHOS_ONLINE . " where customer_id = '" . (int)$customers_id . "'");

       tep_redirect(tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action'))));
       break;
     default:
      //NIF start
       $customers_query = tep_db_query("select c.customers_id, c.customers_gender, c.customers_firstname, c.customers_lastname, c.customers_dob, c.customers_email_address, a.entry_company, a.entry_nif, a.entry_street_address, a.entry_suburb, a.entry_postcode, a.entry_city, a.entry_state, a.entry_zone_id, a.entry_country_id, c.customers_telephone, c.customers_fax, c.customers_newsletter, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_default_address_id = a.address_book_id where a.customers_id = c.customers_id and c.customers_id = '" . (int)$HTTP_GET_VARS['cID'] . "'");
       //NIF end
	$customers = tep_db_fetch_array($customers_query);
       $cInfo = new objectInfo($customers);
   }
 }
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js"></script>
<?php
// +Country-State Selector
 if ($refresh == 'true') {
   $entry_state = '';
   $cInfo->entry_state = '';
 }
 // -Country-State Selector
 // PRUEBAif ($action == 'edit' || $action == 'update') {

?>
<script language="javascript"><!--

function check_form() {
 var error = 0;
 var error_message = "<?php echo JS_ERROR; ?>";

 var customers_firstname = document.customers.customers_firstname.value;
 var customers_lastname = document.customers.customers_lastname.value;
<?php if (ACCOUNT_COMPANY == 'true') echo 'var entry_company = document.customers.entry_company.value;' . "\n"; ?>
//NIF start
<?php if (ACCOUNT_NIF == 'true') echo 'var entry_nif = document.customers.entry_nif.value;' . "\n"; ?>
//NIF end

<?php if (ACCOUNT_DOB == 'true') echo 'var customers_dob = document.customers.customers_dob.value;' . "\n"; ?>
 var customers_email_address = document.customers.customers_email_address.value;
 var entry_street_address = document.customers.entry_street_address.value;
 var entry_postcode = document.customers.entry_postcode.value;
 var entry_city = document.customers.entry_city.value;
 var customers_telephone = document.customers.customers_telephone.value;

<?php if (ACCOUNT_GENDER == 'true') { ?>
 if (document.customers.customers_gender[0].checked || document.customers.customers_gender[1].checked) {
 } else {
   error_message = error_message + "<?php echo JS_GENDER; ?>";
   error = 1;
 }
<?php } ?>

 if (customers_firstname.length < <?php echo ENTRY_FIRST_NAME_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_FIRST_NAME; ?>";
   error = 1;
 }

 if (customers_lastname.length < <?php echo ENTRY_LAST_NAME_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_LAST_NAME; ?>";
   error = 1;
 }

<?php if (ACCOUNT_DOB == 'true') { ?>
 if (customers_dob.length < <?php echo ENTRY_DOB_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_DOB; ?>";
   error = 1;
 }
<?php } ?>

 if (customers_email_address.length < <?php echo ENTRY_EMAIL_ADDRESS_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_EMAIL_ADDRESS; ?>";
   error = 1;
 }

 if (entry_street_address.length < <?php echo ENTRY_STREET_ADDRESS_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_ADDRESS; ?>";
   error = 1;
 }

 if (entry_postcode.length < <?php echo ENTRY_POSTCODE_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_POST_CODE; ?>";
   error = 1;
 }

 if (entry_city.length < <?php echo ENTRY_CITY_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_CITY; ?>";
   error = 1;
 }

<?php
 if (ACCOUNT_STATE == 'true') {
?>
 if (document.customers.elements['entry_state'].type != "hidden") {
   if (document.customers.entry_state.value.length < <?php echo ENTRY_STATE_MIN_LENGTH; ?>) {
      error_message = error_message + "<?php echo JS_STATE; ?>";
      error = 1;
   }
 }
<?php
 }
?>

 if (document.customers.elements['entry_country_id'].type != "hidden") {
   if (document.customers.entry_country_id.value == 0) {
     error_message = error_message + "<?php echo JS_COUNTRY; ?>";
     error = 1;
   }
 }

 if (customers_telephone.length < <?php echo ENTRY_TELEPHONE_MIN_LENGTH; ?>) {
   error_message = error_message + "<?php echo JS_TELEPHONE; ?>";
   error = 1;
 }
//NIF start
<?php if (ACCOUNT_NIF_REQ == 'true') {
?>
 if (document.customers.elements['entry_nif'].value == "") {
   error_message = error_message + "<?php echo JS_NIF; ?>";
   error = 1;
 }
<?php
 }
?>
//NIF end

 if (error == 1) {
   alert(error_message);
   return false;
 } else {
   return true;
 }
}
function refresh_form(form_name) {
  form_name.refresh.value = 'true';
  form_name.submit();
  return true;
  }
//--></script>
<?php
 }
?>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
 <tr>
   <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
   </table></td>
<!-- body_text //-->
   <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
 if ($action == 'edit' || $action == 'update') {
   $newsletter_array = array(array('id' => '1', 'text' => ENTRY_NEWSLETTER_YES),
                             array('id' => '0', 'text' => ENTRY_NEWSLETTER_NO));
?>
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
           <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
     </tr>
     <tr><?php echo tep_draw_form('customers', FILENAME_CUSTOMERS, tep_get_all_get_params(array('action')) . 'action=update', 'post', 'onSubmit="return check_form();"') . tep_draw_hidden_field('default_address_id', $cInfo->customers_default_address_id); ?>
        <?php
        // +Country-State Selector
        echo tep_draw_hidden_field('refresh','false'); 
        // -Country-State Selector
        ?>
<td class="formAreaTitle"><?php echo CATEGORY_PERSONAL; ?></td>
     </tr>
     <tr>
       <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
<?php
   if (ACCOUNT_GENDER == 'true') {
?>
         <tr>
           <td class="main"><?php echo ENTRY_GENDER; ?></td>
           <td class="main">
<?php
   if ($error == true) {
     if ($entry_gender_error == true) {
       echo tep_draw_radio_field('customers_gender', 'm', false, $cInfo->customers_gender) . '  ' . MALE . '  ' . tep_draw_radio_field('customers_gender', 'f', false, $cInfo->customers_gender) . '  ' . FEMALE . ' ' . ENTRY_GENDER_ERROR;
     } else {
       echo ($cInfo->customers_gender == 'm') ? MALE : FEMALE;
       echo tep_draw_hidden_field('customers_gender');
     }
   } else {
     echo tep_draw_radio_field('customers_gender', 'm', false, $cInfo->customers_gender) . '  ' . MALE . '  ' . tep_draw_radio_field('customers_gender', 'f', false, $cInfo->customers_gender) . '  ' . FEMALE;
   }
?></td>
         </tr>
<?php
   }
?>
         <tr>
           <td class="main"><?php echo ENTRY_FIRST_NAME; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_firstname_error == true) {
     echo tep_draw_input_field('customers_firstname', $cInfo->customers_firstname, 'maxlength="32"') . ' ' . ENTRY_FIRST_NAME_ERROR;
   } else {
     echo $cInfo->customers_firstname . tep_draw_hidden_field('customers_firstname');
   }
 } else {
   echo tep_draw_input_field('customers_firstname', $cInfo->customers_firstname, 'maxlength="32"', true);
 }
?></td>
         </tr>
         <tr>
           <td class="main"><?php echo ENTRY_LAST_NAME; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_lastname_error == true) {
     echo tep_draw_input_field('customers_lastname', $cInfo->customers_lastname, 'maxlength="32"') . ' ' . ENTRY_LAST_NAME_ERROR;
   } else {
     echo $cInfo->customers_lastname . tep_draw_hidden_field('customers_lastname');
   }
 } else {
   echo tep_draw_input_field('customers_lastname', $cInfo->customers_lastname, 'maxlength="32"', true);
 }
?></td>
         </tr>
	  <!--NIF start-->					
<?php  if (ACCOUNT_NIF == 'true') { ?>
       <tr>
           <td class="main"><?php echo ENTRY_NIF; ?></td>
           <td class="main"><?php 
           if (ACCOUNT_NIF_REQ == 'true') echo tep_draw_input_field('entry_nif', $cInfo->entry_nif, 'maxlength="9"', true);
           else echo tep_draw_input_field('entry_nif', $cInfo->entry_nif, 'maxlength="9"'); ?></td>        
       </tr>
<?php } ?>
<!--NIF end-->

<?php
   if (ACCOUNT_DOB == 'true') {
?>
         <tr>
           <td class="main"><?php echo ENTRY_DATE_OF_BIRTH; ?></td>
           <td class="main">

<?php
   if ($error == true) {
     if ($entry_date_of_birth_error == true) {
       echo tep_draw_input_field('customers_dob', tep_date_short($cInfo->customers_dob), 'maxlength="10"') . ' ' . ENTRY_DATE_OF_BIRTH_ERROR;
     } else {
       echo $cInfo->customers_dob . tep_draw_hidden_field('customers_dob');
     }
   } else {
     echo tep_draw_input_field('customers_dob', tep_date_short($cInfo->customers_dob), 'maxlength="10"', true);
   }
?></td>
         </tr>
<?php
   }
?>
         <tr>
           <td class="main"><?php echo ENTRY_EMAIL_ADDRESS; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_email_address_error == true) {
     echo tep_draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"') . ' ' . ENTRY_EMAIL_ADDRESS_ERROR;
   } elseif ($entry_email_address_check_error == true) {
     echo tep_draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"') . ' ' . ENTRY_EMAIL_ADDRESS_CHECK_ERROR;
   } elseif ($entry_email_address_exists == true) {
     echo tep_draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"') . ' ' . ENTRY_EMAIL_ADDRESS_ERROR_EXISTS;
   } else {
     echo $customers_email_address . tep_draw_hidden_field('customers_email_address');
   }
 } else {
   echo tep_draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"', true);
 }
?></td>
         </tr>
       </table></td>
     </tr>
<?php
   if (ACCOUNT_COMPANY == 'true') {
?>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
     </tr>
     <tr>
       <td class="formAreaTitle"><?php echo CATEGORY_COMPANY; ?></td>
     </tr>
     <tr>
       <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
         <tr>
           <td class="main"><?php echo ENTRY_COMPANY; ?></td>
           <td class="main">
<?php
   if ($error == true) {
     if ($entry_company_error == true) {
       echo tep_draw_input_field('entry_company', $cInfo->entry_company, 'maxlength="32"') . ' ' . ENTRY_COMPANY_ERROR;
     } else {
       echo $cInfo->entry_company . tep_draw_hidden_field('entry_company');
     }
   } else {
     echo tep_draw_input_field('entry_company', $cInfo->entry_company, 'maxlength="32"');
   }
?></td>
         </tr>
       </table></td>
     </tr>
<?php
   }
?>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
     </tr>
     <tr>
       <td class="formAreaTitle"><?php echo CATEGORY_ADDRESS; ?></td>
     </tr>
     <tr>
       <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
         <tr>
           <td class="main"><?php echo ENTRY_STREET_ADDRESS; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_street_address_error == true) {
     echo tep_draw_input_field('entry_street_address', $cInfo->entry_street_address, 'maxlength="64"') . ' ' . ENTRY_STREET_ADDRESS_ERROR;
   } else {
     echo $cInfo->entry_street_address . tep_draw_hidden_field('entry_street_address');
   }
 } else {
   echo tep_draw_input_field('entry_street_address', $cInfo->entry_street_address, 'maxlength="64"', true);
 }
?></td>
         </tr>
<?php
   if (ACCOUNT_SUBURB == 'true') {
?>
         <tr>
           <td class="main"><?php echo ENTRY_SUBURB; ?></td>
           <td class="main">
<?php
   if ($error == true) {
     if ($entry_suburb_error == true) {
       echo tep_draw_input_field('suburb', $cInfo->entry_suburb, 'maxlength="32"') . ' ' . ENTRY_SUBURB_ERROR;
     } else {
       echo $cInfo->entry_suburb . tep_draw_hidden_field('entry_suburb');
     }
   } else {
     echo tep_draw_input_field('entry_suburb', $cInfo->entry_suburb, 'maxlength="32"');
   }
?></td>
         </tr>
<?php
   }
?>
         <tr>
           <td class="main"><?php echo ENTRY_POST_CODE; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_post_code_error == true) {
     echo tep_draw_input_field('entry_postcode', $cInfo->entry_postcode, 'maxlength="8"') . ' ' . ENTRY_POST_CODE_ERROR;
   } else {
     echo $cInfo->entry_postcode . tep_draw_hidden_field('entry_postcode');
   }
 } else {
   echo tep_draw_input_field('entry_postcode', $cInfo->entry_postcode, 'maxlength="8"', true);
 }
?></td>
         </tr>
         <tr>
           <td class="main"><?php echo ENTRY_CITY; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_city_error == true) {
     echo tep_draw_input_field('entry_city', $cInfo->entry_city, 'maxlength="32"') . ' ' . ENTRY_CITY_ERROR;
   } else {
     echo $cInfo->entry_city . tep_draw_hidden_field('entry_city');
   }
 } else {
   echo tep_draw_input_field('entry_city', $cInfo->entry_city, 'maxlength="32"', true);
 }
?></td>
         </tr>
<?php
   if (ACCOUNT_STATE == 'true') {
?>
         <tr>
           <td class="main"%2
           $zones_array[] = array('id' => $zones_values['zone_name'], 'text' => $zones_values['zone_name']);
         }
         echo tep_draw_pull_down_menu('entry_state', $zones_array) . ' ' . ENTRY_STATE_ERROR;
       } else {
         echo tep_draw_input_field('entry_state', tep_get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state)) . ' ' . ENTRY_STATE_ERROR;
       }
     } else {
       echo $entry_state . tep_draw_hidden_field('entry_zone_id') . tep_draw_hidden_field('entry_state');
     }
   } else {
     ech
           $zones_array[] = array('id' => $zones_values['zone_name'], 'text' => $zones_values['zone_name']);
         }
         echo tep_draw_pull_down_menu('entry_state', $zones_array) . ' ' . ENTRY_STATE_ERROR;
       } else {
         echo tep_draw_input_field('entry_state', tep_get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state)) . ' ' . ENTRY_STATE_ERROR;
       }
     } else {
       echo $entry_state . tep_draw_hidden_field('entry_zone_id') . tep_draw_hidden_field('entry_state');
     }
   } else {
     echo tep_draw_input_field('entry_state', tep_get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state));
   }
*/
// +Country-State Selector
    $entry_state = tep_get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state);
    $zones_array = array();
    $zones_query = tep_db_query("select zone_name, zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int)$cInfo->entry_country_id . "' order by zone_name");
    while ($zones_values = tep_db_fetch_array($zones_query)) {
       $zones_array[] = array('id' => $zones_values['zone_id'], 'text' => $zones_values['zone_name']);
    }
      if (count($zones_array) > 0) {
        echo tep_draw_pull_down_menu('entry_zone_id', $zones_array, $cInfo->entry_zone_id);
        echo tep_draw_hidden_field('entry_state', '');
     } else {
        echo tep_draw_input_field('entry_state', $entry_state);
     }
     // -Country-State Selector

?></td>
        </tr>
<?php
   }
?>
         <tr>
           <td class="main"><?php echo ENTRY_COUNTRY; ?></td>
           <td class="main">
<?php
/* MCRIADO Borrado por country selector
 if ($error == true) {
   if ($entry_country_error == true) {
     echo tep_draw_pull_down_menu('entry_country_id', tep_get_countries(), $cInfo->entry_country_id) . ' ' . ENTRY_COUNTRY_ERROR;
   } else {
     echo tep_get_country_name($cInfo->entry_country_id) . tep_draw_hidden_field('entry_country_id');
   }
 } else {
   echo tep_draw_pull_down_menu('entry_country_id', tep_get_countries(), $cInfo->entry_country_id);
 }
 HASTA AQUI */

 // +Country-State Selector
echo css_get_country_list('entry_country_id',  $cInfo->entry_country_id,'onChange="return refresh_form(customers);"');

// -Country-State Selector
?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
     </tr>
     <tr>
       <td class="formAreaTitle"><?php echo CATEGORY_CONTACT; ?></td>
     </tr>
     <tr>
       <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
         <tr>
           <td class="main"><?php echo ENTRY_TELEPHONE_NUMBER; ?></td>
           <td class="main">
<?php
 if ($error == true) {
   if ($entry_telephone_error == true) {
     echo tep_draw_input_field('customers_telephone', $cInfo->customers_telephone, 'maxlength="32"') . ' ' . ENTRY_TELEPHONE_NUMBER_ERROR;
   } else {
     echo $cInfo->customers_telephone . tep_draw_hidden_field('customers_telephone');
   }
 } else {
   echo tep_draw_input_field('customers_telephone', $cInfo->customers_telephone, 'maxlength="32"', true);
 }
?></td>
         </tr>
         <tr>
           <td class="main"><?php echo ENTRY_FAX_NUMBER; ?></td>
           <td class="main">
<?php
 if ($processed == true) {
   echo $cInfo->customers_fax . tep_draw_hidden_field('customers_fax');
 } else {
   echo tep_draw_input_field('customers_fax', $cInfo->customers_fax, 'maxlength="32"');
 }
?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
     </tr>
     <tr>
       <td class="formAreaTitle"><?php echo CATEGORY_OPTIONS; ?></td>
     </tr>
     <tr>
       <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
         <tr>
           <td class="main"><?php echo ENTRY_NEWSLETTER; ?></td>
           <td class="main">
<?php
 if ($processed == true) {
   if ($cInfo->customers_newsletter == '1') {
     echo ENTRY_NEWSLETTER_YES;
   } else {
     echo ENTRY_NEWSLETTER_NO;
   }
   echo tep_draw_hidden_field('customers_newsletter');
 } else {
   echo tep_draw_pull_down_menu('customers_newsletter', $newsletter_array, (($cInfo->customers_newsletter == '1') ? '1' : '0'));
 }
?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
     </tr>
     <tr>
       <td align="right" class="main"><?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE) . ' <a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('action'))) .'">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>'; ?></td>
     </tr></form>
<?php
 } else {
?>
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr><?php echo tep_draw_form('search', FILENAME_CUSTOMERS, '', 'get'); ?>
           <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
           <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
           <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . tep_draw_input_field('search'); ?></td>
         <?php echo tep_hide_session_id(); ?></form></tr>
       </table></td>
     </tr>
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr class="dataTableHeadingRow">
               <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_LASTNAME; ?></td>
               <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_FIRSTNAME; ?></td>
               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACCOUNT_CREATED; ?></td>
               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>
             </tr>
<?php
   $search = '';
   if (isset($HTTP_GET_VARS['search']) && tep_not_null($HTTP_GET_VARS['search'])) {
     $keywords = tep_db_input(tep_db_prepare_input($HTTP_GET_VARS['search']));
     $search = "where c.customers_lastname like '%" . $keywords . "%' or c.customers_firstname like '%" . $keywords . "%' or c.customers_email_address like '%" . $keywords . "%'";
   }
   $customers_query_raw = "select c.customers_id, c.customers_lastname, c.customers_firstname, c.customers_email_address, a.entry_country_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_id = a.customers_id and c.customers_default_address_id = a.address_book_id " . $search . " order by c.customers_lastname, c.customers_firstname";
   $customers_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $customers_query_raw, $customers_query_numrows);
   $customers_query = tep_db_query($customers_query_raw);
   while ($customers = tep_db_fetch_array($customers_query)) {
     $info_query = tep_db_query("select customers_info_date_account_created as date_account_created, customers_info_date_account_last_modified as date_account_last_modified, customers_info_date_of_last_logon as date_last_logon, customers_info_number_of_logons as number_of_logons from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . $customers['customers_id'] . "'");
     $info = tep_db_fetch_array($info_query);

     if ((!isset($HTTP_GET_VARS['cID']) || (isset($HTTP_GET_VARS['cID']) && ($HTTP_GET_VARS['cID'] == $customers['customers_id']))) && !isset($cInfo)) {
       $country_query = tep_db_query("select countries_name from " . TABLE_COUNTRIES . " where countries_id = '" . (int)$customers['entry_country_id'] . "'");
       $country = tep_db_fetch_array($country_query);

       $reviews_query = tep_db_query("select count(*) as number_of_reviews from " . TABLE_REVIEWS . " where customers_id = '" . (int)$customers['customers_id'] . "'");
       $reviews = tep_db_fetch_array($reviews_query);

       $customer_info = array_merge($country, $info, $reviews);

       $cInfo_array = array_merge($customers, $customer_info);
       $cInfo = new objectInfo($cInfo_array);
     }

     if (isset($cInfo) && is_object($cInfo) && ($customers['customers_id'] == $cInfo->customers_id)) {
       echo '          <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $cInfo->customers_id . '&action=edit') . '\'">' . "\n";
     } else {
       echo '          <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '\'">' . "\n";
     }
?>
               <td class="dataTableContent"><?php echo $customers['customers_lastname']; ?></td>
               <td class="dataTableContent"><?php echo $customers['customers_firstname']; ?></td>
               <td class="dataTableContent" align="right"><?php echo tep_date_short($info['date_account_created']); ?></td>
               <td class="dataTableContent" align="right"><?php if (isset($cInfo) && is_object($cInfo) && ($customers['customers_id'] == $cInfo->customers_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>
             </tr>
<?php
   }
?>
             <tr>
               <td colspan="4"><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td class="smallText" valign="top"><?php echo $customers_split->display_count($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_CUSTOMERS); ?></td>
                   <td class="smallText" align="right"><?php echo $customers_split->display_links($customers_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'info', 'x', 'y', 'cID'))); ?></td>
                 </tr>
<?php
   if (isset($HTTP_GET_VARS['search']) && tep_not_null($HTTP_GET_VARS['search'])) {
?>
                 <tr>
                   <td align="right" colspan="2"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS) . '">' . tep_image_button('button_reset.gif', IMAGE_RESET) . '</a>'; ?></td>
                 </tr>
<?php
   }
?>
               </table></td>
             </tr>
           </table></td>
<?php
 $heading = array();
 $contents = array();

 switch ($action) {
   case 'confirm':
     $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE_CUSTOMER . '</b>');

     $contents = array('form' => tep_draw_form('customers', FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $cInfo->customers_id . '&action=deleteconfirm'));
     $contents[] = array('text' => TEXT_DELETE_INTRO . '<br><br><b>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</b>');
     if (isset($cInfo->number_of_reviews) && ($cInfo->number_of_reviews) > 0) $contents[] = array('text' => '<br>' . tep_draw_checkbox_field('delete_reviews', 'on', true) . ' ' . sprintf(TEXT_DELETE_REVIEWS, $cInfo->number_of_reviews));
     $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $cInfo->customers_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
     break;
   default:
     if (isset($cInfo) && is_object($cInfo)) {
       $heading[] = array('text' => '<b>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</b>');

       $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $cInfo->customers_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_CUSTOMERS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $cInfo->customers_id . '&action=confirm') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, 'cID=' . $cInfo->customers_id) . '">' . tep_image_button('button_orders.gif', IMAGE_ORDERS) . '</a> <a href="' . tep_href_link(FILENAME_MAIL, 'selected_box=tools&customer=' . $cInfo->customers_email_address) . '">' . tep_image_button('button_email.gif', IMAGE_EMAIL) . '</a>');
       $contents[] = array('text' => '<br>' . TEXT_DATE_ACCOUNT_CREATED . ' ' . tep_date_short($cInfo->date_account_created));
       $contents[] = array('text' => '<br>' . TEXT_DATE_ACCOUNT_LAST_MODIFIED . ' ' . tep_date_short($cInfo->date_account_last_modified));
       $contents[] = array('text' => '<br>' . TEXT_INFO_DATE_LAST_LOGON . ' '  . tep_date_short($cInfo->date_last_logon));
       $contents[] = array('text' => '<br>' . TEXT_INFO_NUMBER_OF_LOGONS . ' ' . $cInfo->number_of_logons);
       $contents[] = array('text' => '<br>' . TEXT_INFO_COUNTRY . ' ' . $cInfo->countries_name);
       $contents[] = array('text' => '<br>' . TEXT_INFO_NUMBER_OF_REVIEWS . ' ' . $cInfo->number_of_reviews);
     }
     break;
 }

 if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {
   echo '            <td width="25%" valign="top">' . "\n";

   $box = new box;
   echo $box->infoBox($heading, $contents);

   echo '            </td>' . "\n";
 }
?>
         </tr>
       </table></td>
     </tr>
<?php
 }
?>
   </table></td>
<!-- body_text_eof //-->
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

 

Anyone can help me a little please?

Thanks a lot!

Edited by infinityl

Share this post


Link to post
Share on other sites

A blank page usually indicates a PHP syntax error. You may want to edit your php.ini file to permit PHP errors to be displayed on the page - offhand I don't recall what that setting is, but I'm sure a web search can find it. You may also want to check your server error logs to see if anything is reported there.

 

I see lots of people are having difficulties with the AJAX-modified version of my contribution. I can't really help with those.

Share this post


Link to post
Share on other sites

hi

 

Im not good at php and this contribution seems very good to be added onto my site. Thanks everyone :D

 

The problem is, since the last complete package been uploaded, many corrections have been made. I spent like 5 days to figure out a Fatal Error unable to declare Temp_show_category bla bla bla and finally fixed probem by tracing bk to the first day i installed the oscommerce and modified colume_left.php lmao

 

So...in short words, can anyone please upload a most upto date full package? I am so scared to manually changed all those files in case I messed up again.

 

 

Thank you :ppp

Share this post


Link to post
Share on other sites

hi

 

Im not good at php and this contribution seems very good to be added onto my site. Thanks everyone :D

 

The problem is, since the last complete package been uploaded, many corrections have been made. I spent like 5 days to figure out a Fatal Error unable to declare Temp_show_category bla bla bla and finally fixed probem by tracing bk to the first day i installed the oscommerce and modified colume_left.php lmao

 

So...in short words, can anyone please upload a most upto date full package? I am so scared to manually changed all those files in case I messed up again.

 

 

Thank you :ppp

 

I'm also looking for a full package as there hasn't been one for a while.

 

OR do any of the non-ajax ones work pretty well?


Stephanie D.

Share this post


Link to post
Share on other sites

Hello..

 

I am in the process of upgrading my oscommerce store to 2.3 © (SEC) Add Customer Session Token to Forms.

 

The problem i am having is that the address_book_process.php

 

Has anybody else managed to get the following changes done so that the country code selector refreshes like it should.

 

@@ -20,7 +20,7 @@
// needs to be included earlier to set the success message in the messageStack
  require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ADDRESS_BOOK_PROCESS);

-  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'deleteconfirm') && isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete'])) {
+  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'deleteconfirm') && isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete']) && isset($HTTP_GET_VARS['formid']) && ($HTTP_GET_VARS['formid'] == md5($sessiontoken))) {
    tep_db_query("delete from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['delete'] . "' and customers_id = '" . (int)$customer_id . "'");

    $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_DELETED, 'success');
@@ -30,7 +30,7 @@

// error checking when updating or adding an entry
  $process = false;
-  if (isset($HTTP_POST_VARS['action']) && (($HTTP_POST_VARS['action'] == 'process') || ($HTTP_POST_VARS['action'] == 'update'))) {
+  if (isset($HTTP_POST_VARS['action']) && (($HTTP_POST_VARS['action'] == 'process') || ($HTTP_POST_VARS['action'] == 'update')) && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
    $process = true;
    $error = false;

@@ -270,7 +270,7 @@
<!-- left_navigation_eof //-->
    </table></td>
<!-- body_text //-->
-    <td width="100%" valign="top"><?php if (!isset($HTTP_GET_VARS['delete'])) echo tep_draw_form('addressbook', tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, (isset($HTTP_GET_VARS['edit']) ? 'edit=' . $HTTP_GET_VARS['edit'] : ''), 'SSL'), 'post', 'onSubmit="return check_form(addressbook);"'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
+    <td width="100%" valign="top"><?php if (!isset($HTTP_GET_VARS['delete'])) echo tep_draw_form('addressbook', tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, (isset($HTTP_GET_VARS['edit']) ? 'edit=' . $HTTP_GET_VARS['edit'] : ''), 'SSL'), 'post', 'onSubmit="return check_form(addressbook);"', true); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
@@ -329,7 +329,7 @@
              <tr>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                <td><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
-                <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $HTTP_GET_VARS['delete'] . '&action=deleteconfirm', 'SSL') . '">' . tep_image_button('button_delete.gif', IMAGE_BUTTON_DELETE) . '</a>'; ?></td>
+                <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $HTTP_GET_VARS['delete'] . '&action=deleteconfirm&formid=' . md5($sessiontoken), 'SSL') . '">' . tep_image_button('button_delete.gif', IMAGE_BUTTON_DELETE) . '</a>'; ?></td>
                <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
              </tr>
            </table></td>

 

Thank you for your time..

Share this post


Link to post
Share on other sites

Here is my address_book_process, I added the form tokens to it

 

<?php
/*
 $Id$

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2007 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');

 // +Country-State Selector
 require(DIR_WS_FUNCTIONS . 'ajax.php');
if (isset($HTTP_POST_VARS['action']) && (($HTTP_POST_VARS['action'] == 'getStates')) && isset($HTTP_POST_VARS['country']) && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
ajax_get_zones_html(tep_db_prepare_input($HTTP_POST_VARS['country']), true);
} else {
 // -Country-State Selector

 if (!tep_session_is_registered('customer_id')) {
   $navigation->set_snapshot();
   tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
 }

// needs to be included earlier to set the success message in the messageStack
 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ADDRESS_BOOK_PROCESS);

 if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'deleteconfirm') && isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete']) && isset($HTTP_GET_VARS['formid']) && ($HTTP_GET_VARS['formid'] == md5($sessiontoken))) {
   if ((int)$HTTP_GET_VARS['delete'] == $customer_default_address_id) {
     $messageStack->add_session('addressbook', WARNING_PRIMARY_ADDRESS_DELETION, 'warning');
   } else {
     tep_db_query("delete from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['delete'] . "' and customers_id = '" . (int)$customer_id . "'");

     $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_DELETED, 'success');
   }

   tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
 }

// error checking when updating or adding an entry
 $process = false;
 if (isset($HTTP_POST_VARS['action']) && (($HTTP_POST_VARS['action'] == 'process') || ($HTTP_POST_VARS['action'] == 'update')) && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {
   $process = true;
   $error = false;

   if (ACCOUNT_GENDER == 'true') $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
   if (ACCOUNT_COMPANY == 'true') $company = tep_db_prepare_input($HTTP_POST_VARS['company']);
   $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
   $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
   $street_address = tep_db_prepare_input($HTTP_POST_VARS['street_address']);
   if (ACCOUNT_SUBURB == 'true') $suburb = tep_db_prepare_input($HTTP_POST_VARS['suburb']);
   $postcode = tep_db_prepare_input($HTTP_POST_VARS['postcode']);
   $city = tep_db_prepare_input($HTTP_POST_VARS['city']);
   $country = tep_db_prepare_input($HTTP_POST_VARS['country']);
   if (ACCOUNT_STATE == 'true') {
     if (isset($HTTP_POST_VARS['zone_id'])) {
       $zone_id = tep_db_prepare_input($HTTP_POST_VARS['zone_id']);
     } else {
       $zone_id = false;
     }
     $state = tep_db_prepare_input($HTTP_POST_VARS['state']);
   }

   if (ACCOUNT_GENDER == 'true') {
     if ( ($gender != 'm') && ($gender != 'f') ) {
       $error = true;

       $messageStack->add('addressbook', ENTRY_GENDER_ERROR);
     }
   }

   if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
     $error = true;

     $messageStack->add('addressbook', ENTRY_FIRST_NAME_ERROR);
   }

   if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
     $error = true;

     $messageStack->add('addressbook', ENTRY_LAST_NAME_ERROR);
   }

   if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
     $error = true;

     $messageStack->add('addressbook', ENTRY_STREET_ADDRESS_ERROR);
   }

   if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
     $error = true;

     $messageStack->add('addressbook', ENTRY_POST_CODE_ERROR);
   }

   if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
     $error = true;

     $messageStack->add('addressbook', ENTRY_CITY_ERROR);
   }

   if (!is_numeric($country)) {
     $error = true;

     $messageStack->add('addressbook', ENTRY_COUNTRY_ERROR);
   }

   if (ACCOUNT_STATE == 'true') {
     // +Country-State Selector
     if ($zone_id == 0) {
     // -Country-State Selector

       if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
         $error = true;

         $messageStack->add('addressbook', ENTRY_STATE_ERROR);
       }
     }
   }

   if ($error == false) {
     $sql_data_array = array('entry_firstname' => $firstname,
                             'entry_lastname' => $lastname,
                             'entry_street_address' => $street_address,
                             'entry_postcode' => $postcode,
                             'entry_city' => $city,
                             'entry_country_id' => (int)$country);

     if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
     if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
     if (ACCOUNT_SUBURB == 'true') $sql_data_array['entry_suburb'] = $suburb;
     if (ACCOUNT_STATE == 'true') {
       if ($zone_id > 0) {
         $sql_data_array['entry_zone_id'] = (int)$zone_id;
         $sql_data_array['entry_state'] = '';
       } else {
         $sql_data_array['entry_zone_id'] = '0';
         $sql_data_array['entry_state'] = $state;
       }
     }

     if ($HTTP_POST_VARS['action'] == 'update') {
       $check_query = tep_db_query("select address_book_id from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "' and customers_id = '" . (int)$customer_id . "' limit 1");
       if (tep_db_num_rows($check_query) == 1) {
         tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "' and customers_id ='" . (int)$customer_id . "'");

// reregister session variables
         if ( (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) || ($HTTP_GET_VARS['edit'] == $customer_default_address_id) ) {
           $customer_first_name = $firstname;
           $customer_country_id = $country;
           $customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0');
           $customer_default_address_id = (int)$HTTP_GET_VARS['edit'];

           $sql_data_array = array('customers_firstname' => $firstname,
                                   'customers_lastname' => $lastname,
                                   'customers_default_address_id' => (int)$HTTP_GET_VARS['edit']);

           if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;

           tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'");
         }

         $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success');
       }
     } else {
       if (tep_count_customer_address_book_entries() < MAX_ADDRESS_BOOK_ENTRIES) {
         $sql_data_array['customers_id'] = (int)$customer_id;
         tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);

         $new_address_book_id = tep_db_insert_id();

// reregister session variables
         if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) {
           $customer_first_name = $firstname;
           $customer_country_id = $country;
           $customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0');
           if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $customer_default_address_id = $new_address_book_id;

           $sql_data_array = array('customers_firstname' => $firstname,
                                   'customers_lastname' => $lastname);

           if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
           if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $sql_data_array['customers_default_address_id'] = $new_address_book_id;

           tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'");

           $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success');
         }
       }
     }

     tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
   }
 }

 if (isset($HTTP_GET_VARS['edit']) && is_numeric($HTTP_GET_VARS['edit'])) {
   $entry_query = tep_db_query("select entry_gender, entry_company, entry_firstname, entry_lastname, entry_street_address, entry_suburb, entry_postcode, entry_city, entry_state, entry_zone_id, entry_country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "'");

   if (!tep_db_num_rows($entry_query)) {
     $messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);

     tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
   }

   $entry = tep_db_fetch_array($entry_query);
 } elseif (isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete'])) {
   if ($HTTP_GET_VARS['delete'] == $customer_default_address_id) {
     $messageStack->add_session('addressbook', WARNING_PRIMARY_ADDRESS_DELETION, 'warning');

     tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
   } else {
     $check_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['delete'] . "' and customers_id = '" . (int)$customer_id . "'");
     $check = tep_db_fetch_array($check_query);

     if ($check['total'] < 1) {
       $messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);

       tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
     }
   }
 } else {
   $entry = array();
// +Country-State Selector
   if (!isset($country)) $country = DEFAULT_COUNTRY;
	$entry['entry_country_id'] = $country;
// -Country-State Selector
 }

 if (!isset($HTTP_GET_VARS['delete']) && !isset($HTTP_GET_VARS['edit'])) {
   if (tep_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) {
     $messageStack->add_session('addressbook', ERROR_ADDRESS_BOOK_FULL);

     tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
   }
 }

 $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
 $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));

 if (isset($HTTP_GET_VARS['edit']) && is_numeric($HTTP_GET_VARS['edit'])) {
   $breadcrumb->add(NAVBAR_TITLE_MODIFY_ENTRY, tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'edit=' . $HTTP_GET_VARS['edit'], 'SSL'));
 } elseif (isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete'])) {
   $breadcrumb->add(NAVBAR_TITLE_DELETE_ENTRY, tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $HTTP_GET_VARS['delete'], 'SSL'));
 } else {
   $breadcrumb->add(NAVBAR_TITLE_ADD_ENTRY, tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, '', 'SSL'));
 }
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
<?php
 if (!isset($HTTP_GET_VARS['delete'])) {
   include('includes/form_check.js.php');
// +Country-State Selector 		
   require('includes/ajax.js.php');	
// -Country-State Selector 		
 }
?>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="3" cellpadding="3">
 <tr>
   <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
   </table></td>
<!-- body_text //-->
   <td width="100%" valign="top"><?php if (!isset($HTTP_GET_VARS['delete'])) echo tep_draw_form('addressbook', tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, (isset($HTTP_GET_VARS['edit']) ? 'edit=' . $HTTP_GET_VARS['edit'] : ''), 'SSL'), 'post', 'onSubmit="return check_form(addressbook);"', true); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td class="pageHeading"><?php if (isset($HTTP_GET_VARS['edit'])) { echo HEADING_TITLE_MODIFY_ENTRY; } elseif (isset($HTTP_GET_VARS['delete'])) { echo HEADING_TITLE_DELETE_ENTRY; } else { echo HEADING_TITLE_ADD_ENTRY; } ?></td>
           <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_address_book.gif', (isset($HTTP_GET_VARS['edit']) ? HEADING_TITLE_MODIFY_ENTRY : HEADING_TITLE_ADD_ENTRY), HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
 if ($messageStack->size('addressbook') > 0) {
?>
     <tr>
       <td><?php echo $messageStack->output('addressbook'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
 }

 if (isset($HTTP_GET_VARS['delete'])) {
?>
     <tr>
       <td class="main"><b><?php echo DELETE_ADDRESS_TITLE; ?></b></td>
     </tr>
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
         <tr class="infoBoxContents">
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td class="main" width="50%" valign="top"><?php echo DELETE_ADDRESS_DESCRIPTION; ?></td>
               <td align="right" width="50%" valign="top"><table border="0" cellspacing="0" cellpadding="2">
                 <tr>
                   <td class="main" align="center" valign="top"><b><?php echo SELECTED_ADDRESS; ?></b><br><?php echo tep_image(DIR_WS_IMAGES . 'arrow_south_east.gif'); ?></td>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                   <td class="main" valign="top"><?php echo tep_address_label($customer_id, $HTTP_GET_VARS['delete'], true, ' ', '<br>'); ?></td>
                   <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
                 </tr>
               </table></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
         <tr class="infoBoxContents">
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
               <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $HTTP_GET_VARS['delete'] . '&action=deleteconfirm&formid=' . md5($sessiontoken), 'SSL') . '">' . tep_image_button('button_delete.gif', IMAGE_BUTTON_DELETE) . '</a>'; ?></td>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>
<?php
 } else {
?>
     <tr>
       <td><?php include(DIR_WS_MODULES . 'address_book_details.php'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
   if (isset($HTTP_GET_VARS['edit']) && is_numeric($HTTP_GET_VARS['edit'])) {
?>
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
         <tr class="infoBoxContents">
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
               <td align="right"><?php echo tep_draw_hidden_field('action', 'update') . tep_draw_hidden_field('edit', $HTTP_GET_VARS['edit']) . tep_image_submit('button_update.gif', IMAGE_BUTTON_UPDATE); ?></td>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>
<?php
   } else {
     if (sizeof($navigation->snapshot) > 0) {
       $back_link = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
     } else {
       $back_link = tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL');
     }
?>
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
         <tr class="infoBoxContents">
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td><?php echo '<a href="' . $back_link . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
               <td align="right"><?php echo tep_draw_hidden_field('action', 'process') . tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>

<?php
   }
 }
?>
   </table><?php if (!isset($HTTP_GET_VARS['delete'])) echo '</form>'; ?></td>
<!-- body_text_eof //-->
   <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
<!-- right_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
<!-- right_navigation_eof //-->
   </table></td>
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
<?php
// +Country-State Selector 
}
// -Country-State Selector 
?>

Share this post


Link to post
Share on other sites

Here is my address_book_process, I added the form tokens to it

 

thank you for the code. i see that you are using ajax..

 

i will have to upgrade to use ajax and will give it a go.. Thanks

Share this post


Link to post
Share on other sites

I'm trying to add sessiontoken to the forms for country but this code isnt working below:

 

if (isset(HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'getStates') && isset($HTTP_POST_VARS['country']) && ($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {

Share this post


Link to post
Share on other sites

Did anyone get the Session Token to work for the Coun? Also anyone get the mvs admin/vendors.php to work with Country State Selector? Im using the ajax version.

Share this post


Link to post
Share on other sites

Hi,

 

I am just selling on line goods to the USA. I just need USA and the States to come up as a dropdown menu. I also would love to change the value of the states as the state abbreviation instead of the state name, so "CO" instead of "Colorado" -- but still would like to have Colorado as the 'name' of the drop down when people see it..

 

I am wondering if this is the correct add on, or is this too involved for such a simple task?

 

Thanks in advance!

Share this post


Link to post
Share on other sites

Does anyone else have trouble with this working in Internet Explorer? I have v. 1.5.5 but it seems the ajax isn't working for some IE customers including myself on my test server. I checked in IE 8 and IE 7. It doesn't update the state field at all when you change the country. However, it works in Firefox 3.6 - haven't tried in v. 4

Share this post


Link to post
Share on other sites

There are a bunch of security patches with osc v2.3.1 and one of them breaks this as in /checkout_shipping_address.php

 

// next line is supposed to be updated but breaks something for now..
// new  2.3.1 line   
if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'submit') && isset($HTTP_POST_VARS['formid']) && ($HTTP_POST_VARS['formid'] == $sessiontoken)) {

// old 2.2rc2a line  
if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'submit')) {

 

in the upgrade_guide pdf - it is in this section

© (SEC) Add Customer Session Token to Forms

© (SEC) Add Customer Session Token to Forms

Importance: Medium | Difficulty: Medium

Add a customer session token to forms to protect against Cross-Site Request Forgeries (CSRF).

 


------------------------------------------------------------------------

The first panacea for a mismanaged nation is inflation

of the currency; the second is war. Both bring a
temporary prosperity; both bring permanent ruin.
Ernest Hemingway
------------------------------------------------------------------------

Share this post


Link to post
Share on other sites

My advice is to use version 1.4.1. I know a lot of people are using the Ajax version but it also seems to give people the most trouble.

 

Hey Stevel, thanks for the reply!

 

Another quick question: How do I change values from the State like "Colorado" to just the abbreviation "CO" .. and so on...??

 

Do I need to edit each of these in the database to reflect change?

Share this post


Link to post
Share on other sites

No - I would change the routine in includes/functions/general.php that creates the zones dropdown list (I don't have the code handy so I forget exactly what it is called) to insert the zone code rather than name.

Share this post


Link to post
Share on other sites

No - I would change the routine in includes/functions/general.php that creates the zones dropdown list (I don't have the code handy so I forget exactly what it is called) to insert the zone code rather than name.

 

 

oh, wow, Thanks for the reply, I wouldn't have looked there!!

 

SO here are the two functions in /includes/functions/general.php:

 

So, just change the zone_name (from the first function below) to zone_code , right?

 

// Returns the zone (State/Province) name
// TABLES: zones
 function tep_get_zone_name($country_id, $zone_id, $default_zone) {
   $zone_query = tep_db_query("select zone_name from " . TABLE_ZONES . " where zone_country_id = '" . (int)$country_id . "' and zone_id = '" . (int)$zone_id . "'");
   if (tep_db_num_rows($zone_query)) {
     $zone = tep_db_fetch_array($zone_query);
     return $zone['zone_name'];
   } else {
     return $default_zone;
   }
 }

////
// Returns the zone (State/Province) code
// TABLES: zones
 function tep_get_zone_code($country_id, $zone_id, $default_zone) {
   $zone_query = tep_db_query("select zone_code from " . TABLE_ZONES . " where zone_country_id = '" . (int)$country_id . "' and zone_id = '" . (int)$zone_id . "'");
   if (tep_db_num_rows($zone_query)) {
     $zone = tep_db_fetch_array($zone_query);
     return $zone['zone_code'];
   } else {
     return $default_zone;
   }
 }

Share this post


Link to post
Share on other sites

oh, wow, Thanks for the reply, I wouldn't have looked there!!

 

SO here are the two functions in /includes/functions/general.php:

 

So, just change the zone_name (from the first function below) to zone_code , right?

 

 

No, not those routines. Maybe the routine I am thinking of is in html_output.php. It is the one that creates a dropdown list of zone names. You would replace the call to tep_get_zone_name with one to tep_get_zone_code.

Share this post


Link to post
Share on other sites

No, not those routines. Maybe the routine I am thinking of is in html_output.php. It is the one that creates a dropdown list of zone names. You would replace the call to tep_get_zone_name with one to tep_get_zone_code.

 

 

hmmmm.. thanks for the try.. i did a global search and only came up with tep_get_zone_name in customers.php and address_book.php and general.php.. ?

 

dang.

 

thanks for your time, i will keep searching!

Share this post


Link to post
Share on other sites

hmmmm.. thanks for the try.. i did a global search and only came up with tep_get_zone_name in customers.php and address_book.php and general.php.. ?

 

dang.

 

thanks for your time, i will keep searching!

 

 

dang, still can't find that file ???

Share this post


Link to post
Share on other sites

That's what I get for trying to remember. Sorry to have led you astray.

 

On the pages where you are using this, there will be code like this:

 

    while ($zones_values = tep_db_fetch_array($zones_query)) {
     $zones_array[] = array('id' => $zones_values['zone_id'], 'text' => $zones_values['zone_name'] . ' (' . $zones_values['zone_code'] . ')');
     }

 

At least in this version, this gives you lines such as:

 

New Hampshire (NH)

 

If you just want NH there, then make this:

 

 

    while ($zones_values = tep_db_fetch_array($zones_query)) {
     $zones_array[] = array('id' => $zones_values['zone_id'], 'text' => $zones_values['zone_code']);
     }

 

You will have to repeat this in each file where there is a zone dropdown. Be careful as some of them may use different variable names.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×