sefu Posted February 10, 2003 Share Posted February 10, 2003 Hi All, MY PHP/SQL is very lacking. I am just wondering if anyone can help me include some code within the Admin that lets me delete the customers CC details individually from the "edit order page"?. Nothing fancy, just a small button that deletes their CC number and Exp date from the DB. Also code would I use in PHPMyAdmin to delete all the CC details in the current DB? Thanks for your help Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 i am working on a cc mod that is doing just that, well the first part anyway. here's the code you want to add....admin/orders.php study it first, make sure you know what you are doing and if you're gonna implement it, BACKUP then backup again. i have deliberatley not put in line numbers as my store is fairly heaviy modified and numbers would be pointless This first section of code is the bit that does the acion and is called when the buttons are clicked. There are references to the removal of the cvv data which i have implemented in my store, you may need to fiddle with this a little or take out the cvv stuff altogether. find case 'deleteconfirm': $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); tep_remove_order($oID, $HTTP_POST_VARS['restock']); tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')))); break; after it add case 'deleteccinfo': $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); $cvvnumber = tep_db_prepare_input ($HTTP_POST_VARS['cc_cvv']); $ccnumber = tep_db_prepare_input ($HTTP_POST_VARS['cc_number']); tep_db_query("update " . TABLE_ORDERS . " set cc_cvv = '000' " . tep_db_input($cvvnumber) . " where orders_id = '" . tep_db_input($oID) . "'"); tep_db_query("update " . TABLE_ORDERS . " set cc_number = '0000000000000000' " . tep_db_input($ccnumber) . " where orders_id = '" . tep_db_input($oID) . "'"); tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')))); break; now to add the buttons on the page that will call the above code and delete the info. find <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td> <td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td> and replace with <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td> <td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, 'oID=' . $HTTP_GET_VARS['oID'] . '&action=deleteccinfo') . '">' . tep_image_button('button_removeccinfo.gif', RemoveCCInfo) . ' </a>' . '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td> adds the button at the top of the order display page next, about 3/4 of the way down the page find <td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td> and replace with <td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, 'oID=' . $HTTP_GET_VARS['oID'] . '&action=deleteccinfo') . '">' . tep_image_button('button_removeccinfo.gif', RemoveCVV) . ' </a>' . '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td> adds the same buttons at the bottom of the page the next addition adds the delete option to the order listing page find $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a>'); and replace with $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=deleteccinfo') . '">' . tep_image_button('button_removeccinfo.gif', RemoveCVV) . '</a>'); hope this helps a little. cheers barry Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 an important point i should have stated in my previous post, however, my infinite wisdom has prevented me from doing so..... anyways the snapshot this is based on is from mid november, the 19th to be exact. cheers barry Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 Hey some of that code looks familiar. :wink: Yes, you will need to remove the cvv parts, unless you collect the number in your store otherwise you will be trying to alter a field that does not exsist. Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 it worked!! WOOHOO! Can't wait til you get the rest completed:) Thanks! Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 Hey some of that code looks familiar. Yeah it will do, thanks for the mod. Unfortunately it didn't go far enough so i had to modify it slightly to fit my needs. t worked!! WOOHOO! Can't wait til you get the rest completed:) Thanks! well i have it all working apart from getting the cc info encrypted in the db, looking for ideas as i'm slowly going bald :cry: cheers barry Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 Barry, I'm beginning to think that's what php does...( make ya go bald!) :lol: Link to comment Share on other sites More sharing options...
mugitty Posted February 11, 2003 Share Posted February 11, 2003 Barry; Just a thought here... If a way is found to encrypt the CC info in the database (with PGP or GnuPG for instance), does there remain any need to delete the info from the database? ... if you want to REALLY see something that doesn't set up right out of the box without some tweaking, try being a Foster Parent! Link to comment Share on other sites More sharing options...
Guest Posted February 11, 2003 Share Posted February 11, 2003 Just a thought here... If a way is found to encrypt the CC info in the database (with PGP or GnuPG for instance), does there remain any need to delete the info from the database? well yeah, the less info you keep, the less of a liability there is should any of your security measures be compromised, and in my opinion, nothing is that secure. cheers barry Link to comment Share on other sites More sharing options...
sefu Posted February 12, 2003 Author Share Posted February 12, 2003 Thanks Barry, Works like a charm! Just what I wanted. Now to make a button for it. It will take some time to manually delete every cc detail in the DB, anyone know the SQL statement to use in PHPMyAdmin to delete all the records in the CC number feild? Link to comment Share on other sites More sharing options...
Guest Posted February 14, 2003 Share Posted February 14, 2003 this worked great when I installed it then I added the contrib_Update Order and now when I try to click on the delete CC Info I get this error: 1054 - Unknown column 'cc_cvv' in 'field list' update orders set cc_cvv = '000' where orders_id = '59' [TEP STOP] Can I fix this? Link to comment Share on other sites More sharing options...
sefu Posted February 14, 2003 Author Share Posted February 14, 2003 //DELETE FROM HERE case 'deleteccinfo': $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); $cvvnumber = tep_db_prepare_input ($HTTP_POST_VARS['cc_cvv']); $ccnumber = tep_db_prepare_input ($HTTP_POST_VARS //TO HERE ['cc_number']); //AND DELETE HERE [b]tep_db_query("update " . TABLE_ORDERS . " set cc_cvv = '000' " . tep_db_input($cvvnumber) . " where orders_id = '" . tep_db_input($oID) . "'"); //TO HERE tep_db_query("update " . TABLE_ORDERS . " set cc_number = '0000000000000000' " . tep_db_input($ccnumber) . " where orders_id = '" . tep_db_input($oID) . "'"); tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')))); break; where i have commented delete Link to comment Share on other sites More sharing options...
sefu Posted February 14, 2003 Author Share Posted February 14, 2003 //DELETE FROM HERE case 'deleteccinfo': $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']); $cvvnumber = tep_db_prepare_input ($HTTP_POST_VARS['cc_cvv']); //TO HERE $ccnumber = tep_db_prepare_input ($HTTP_POST_VARS ['cc_number']); //AND DELETE HERE [b]tep_db_query("update " . TABLE_ORDERS . " set cc_cvv = '000' " . tep_db_input($cvvnumber) . " where orders_id = '" . tep_db_input($oID) . "'"); //TO HERE tep_db_query("update " . TABLE_ORDERS . " set cc_number = '0000000000000000' " . tep_db_input($ccnumber) . " where orders_id = '" . tep_db_input($oID) . "'"); tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')))); break; Ignore last post, made a small mistake Link to comment Share on other sites More sharing options...
Guest Posted February 14, 2003 Share Posted February 14, 2003 thanks that worked for the credit card delete. I still want it where it'll delete cvv too, instead I have to go to update orders to get it deleted. Which will work for now I guess just some extra clicking involved Link to comment Share on other sites More sharing options...
Guest Posted February 14, 2003 Share Posted February 14, 2003 nevermind I got it to work. cvv was called cvvnumber not cc_cvv Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.