I am creating a hopping website, and when someone creates an order and checks out, I want the following information to be sent to me, via email or some other method. There are a few pieces of data I would like to send (see below). The website is also static fyi.
I would like to send The Price they spent - a string, a list of all the items(I have an array of objects containing the data), and the shipping type - a string.
I also don't mind how the data is sent, as I'm the only one who needs this info.
Thanks!
Related
I'm currently making an application for a client to automatically fill some web forms on the website he uses to store his item pricing. The website doesn't have a documented public API, and there doesn't seem to be a way to add bulk pricing on the website itself. In order to accomplish this, I'm making a simple python application that reads his data, then sends POSTs to the website.
Their website is giving me a hard time, however, because it's sending payloads containing dozens of fields, while the form used to enter the pricing information only has 4 input fields. On top of that, their website uses angularjs to generate most of the web page, so I can't just find the <form>[...]</form> block and look at what's being sent, because that's not what they use.
Here is what the payload json looks like:
{
"entities":
[
{
"Price_Line_ID":"{}",
"Price_List_ID":"{}",
"Item_ID":"{}",
"Uofm_ID":"{}",
"Amount":"{}",
"Dtstamp":"{}",
"Tenant_ID":"{}",
"Created_On":"null",
"Created_By":"null",
"Changed_On":"null",
"Changed_By":"null",
"Seq":"0",
"Begin_Qty":"0",
"End_Qty":"0",
"Customer_ID":"null",
"Tax_Before_Discount":"false",
"Discount_Target":"All",
"Max_Discount_Amount":"null",
"Min_Discount_Amount":"null",
"Customer_Name":"null",
"Uofm":"null",
"Item_Number":"null",
"Uofm_Schedule_ID":"null",
"Uofm_Schedule":"null",
"Inactive":"false",
"entityAspect":
{
"entityTypeName":"PriceLine:#SalesPad.Spo.Api.Model",
"defaultResourceName":"PriceLines",
"entityState":"Added",
"originalValuesMap":
{},
"autoGeneratedKey":
{
"propertyName":"Price_Line_ID",
"autoGeneratedKeyType":"Identity"
}
}
}
],
"saveOptions":
{}
}
The 7 values at the top (with values of "{}") are found when I do a GET or POST action on the website's other pages. I've managed to find where all the values originate from, except the "Price_Line_ID" one, because it appears to change from page to page (and it changes after a price is added).
I know a web page can get the data needed for a POST event either in its own html (when using tags like <form>), and it can get them from other GET and POST events. Is there any other way for a web page to determine a value that will be sent in a POST event?
I'm not very familiar with angularjs, although from what I understand it only creates a bunch of Javascript for the page. Does it offer different ways of determining what values are sent in a POST or GET event?
Edit: I've already tracked all responses from GET and POST events from logging-in to adding a price, the Price_Line_ID field changes from page to page, and adding the price appears to use an ID different to the one received in the GET event. I just want to know the different ways that a web page (specifically one using angularjs might use to determine the value of the data sent in POST events.
I have created a webpage with a details of products (15, 30 or 45 per page).
The user have the possibility to reorder by reviews, by price, etc. and can select the brands, the weight, etc.
I'm using Ajax to send the query to the external page.. This is dangerous?
What would be another way to make sure I do not get attacks?
From your API, make sure you're auditing the request coming from the client. Check for bounds, make sure it's not malformed, make sure it fits what you're expecting. If it's invalid, send back a proper response to the client stating so (403/404/etc)... if it's valid, then send back the filtered results.
You shouldn't send raw SQL from the client. Just send the values of the form fields, and use them in the PHP script on the server to construct the SQL query.
See https://stackoverflow.com/a/28909923/1491895 for a technique to generate the WHERE clause dynamically from form fields. Similar methods can be used for the ORDER BY clause.
I'm new to php and have read lots of posts here in SO but couldn't find an answer for my specific question.
I have a database in which I store information about projects (project name, start date, status, etc...). I'm trying to create an updating api, so the user can update the project info.
What I would like to do is to let the user choose a project from a regular html "select". Once the user chose the project I would like to display a new form containing all the fields that the user can update. The issue is that I would like to have all the project current information (before the update) as values of the form. (So I must send the user selected project name and get back all the info in order to display it on the second form).
For example: let's say that there are 2 possible project statuses: "on execution" and "frozen", then I would like to put as "selected" the current status, and let the user change it if he wants to and then send the second form so I can update the db info.
I would like to know what is the best way to implement that. Solutions can contain javascript if needed.
Thank you in advance for your time and pacience.
I'm not sure what is the best practice.
I have some big and complex objects (NOT flat).
In that object I have many related objects - for example Invoice is the main class and one of it's properties is invoiceSupervisor - a big class by it's own called User.
User can also be not flat and have department property - also an object called Department.
For example I want create new Invoice.
First way:
I can present to client several fields to fill in. Some of them will be combos that I will need to fill with available values. For example available invoiceSupervisors. Then all the chosen values I can send to server and on server I can create new Invoice and assign all chosen values to that new Invoice. Then I will need to assign new supervisor I will pull the chosen User by id that user picked up on server from combobox. I might do some verification on the User such as does the user applicable to be invoice supervisor. Then I will assign the User object to invoiceSupervisor. Then after filling all properties I will save the new invoice.
Second way:
In the beginning I can call to server to get a new Invoice. Then on client I can fill all chosen values , for example I can call to server to get new User object and then fill it's id from combobox and assign the User as invoiceSupervisor. After filling the Invoice object on client I can send it to server and then the server will save the new invoice. Before saving server can run some validations as well.
So what is the best approach - to make the object on client and send it to server or to collect all values from client and to make a new object on server using those values ?
Think in terms of complexity of your business processing.
What you need is the client creates a new invoice. To do this, the client provides several different input parameters, calls the process and gets the response. This is your first scenario. Simple and clear.
On the other hand, the second approach involves a communication protocol - give me this, I give you something as a response, then give me something else. This sounds unreasonably complicated. You'd have to carefully inspect what happens when the communication breaks at some point. Should a distributed transaction be involved? If yes, do you really need such complexity?
I would opt then for the first scenario. You don't unnecessarily complicate the contract between the client and the server.
I have a requirement for a multi-part form which I want to apply some clever submission logic. Here's the idea, the form has 3 steps:
Personal Contact Details
Quote Details
Final Comments
As any good marketer I don't want to lose any data in the event that the user does not complete ALL the steps this (somewhat long) form.
As a result, what I would like to do is to have the form submit as each step is completed. So that in the event the user drops off we still capture the details on the completed steps.
Ideally I don't actually want to have the form submit 3 time as, if it was going to a simple email script, we'd get 3 results through for each 'complete' submission.
So I'm trying to find some clever way to store the data and submit it after a certain period of time or something along those lines.
I intend to be building this in HTML & JavaScrip (& if need be in PHP). Can anyone suggest the best route to achieve this (from past experience etc) before I get my feet wet!!!
Thanks for your time & any suggestions
The best way to achieve this is to have three separate forms, one for each page. Upon the submission of each form make a post() request to a PHP page on the server using jQuery, containing the serialized() form data. This PHP page then stores the contents of the form in a database for retrieval later.
If the ajax request is successful, show the next page of the form, otherwise display an error telling the user what happened.
Further reading on .post() and .serialize()
You need server support to store survey's temporary result. When user submits next part, you will simple append new answers to the query. The trick is in detecting abandoned queries, but I think if the survey will not be completed in 24h, you can safely assume that user closed browser and will not append any future data.
You must implement persistance on server, SQL database is the best option for PHP - millions of examples.
If I understand your question correctly then you are trying to have the behavior of Wizard in the same page, in that case you can use have three forms .
After completion of one section do an ajax call and save the filled in data in some temp database table, finally when user completes the form you can collate the temp table data and persist in your main table.
In case user doesn't complete all the steps then you can clean up your temp table after certain period of time or you can move it in some 'not-complete' table just in case you want to do some BI over the data.
I would serialize the response and store it in a database {id, stage1 data,stage2 data, last_entry_timestamp}.
Assuming that validation is done at each stage before storing the data,
Stage 1 I would check if an entry exists, and if not create a new entry, and store the serialized stage1 info and set timestamp, else retrieve stage 1 info. (back/forward)
Stage 2 If not set, I would update the created entry with the serialized stage2 info and set timestamp, otherwise retrieve and than update.
Stage 3 I would retrieve stage 1 and stage 2 info, and submit. I would then delete that entry.
Finally I would setup a cron job to look at all entries that are over X hours old, submit them, and delete the entry.