Custom field username check if unique

[vpnzforum]

<?php
function hook_UNIQUENAME_ShoppingCartValidateProductUpdate($vars) {
       global $errormessage;
// ob_start();
// print_r($_SESSION['cart']);
// $errormessage .= "<li>Error herei ".ob_get_contents() ;
// ob_end_clean();
       foreach ($_SESSION['cart']['products'] as $product) {
               // make sure were the correct product group
               $sql = "select p.id from tblproductgroups pg join tblproducts p on pg.id = p.gid and pg.name = 'PRODUCT GROUP NAME' and p.id = ".mysql_real_escape_string($product['pid']);
               $result = mysql_query($sql);
               if (mysql_error() != "" ) {
                       $errormessage .= "<li>database error: ".mysql_error()."</li>";
                       return;
               }
               if ( $row = mysql_fetch_assoc($result) ) {
                       // its in the right group so check if we have the field to validate
                       foreach ( $product['customfields'] as $key => $value ) {
                               $sql = "select * from tblcustomfields where relid = ".$row['id']." and type='product' and fieldname = 'FIELD NAME TO VALIDATE' and id = ".mysql_real_escape_string($key);
                               $result = mysql_query($sql);
                               if (mysql_error() != "" ) {
                                       $errormessage .= "<li>database error: ".mysql_error()."</li>";
                                        return;
                               }
                               if ( $row2 = mysql_fetch_assoc($result) ) {
                                       // this is the correct field so run your validation
                                       // put validation code here!
                                       if (!$valid ) {
                                               $errormessage .= "<li>Duplicat user name : ".$value."</li>";
					// bomb out on first error - if you want it to find all errors comment out the return
                                               return;
                                       }
                               }

                       }
               }
       }
}

add_hook("ShoppingCartValidateProductUpdate",1,"hook_UNIQUENAME_ShoppingCartValidateProductUpdate");
?>

 

We got the hook above to kind of work for checking the username but can't figure out the validation part (// put validation code here!). Would anyone be willing to share how to check if the username is unique.

 

- - - Updated - - -

 

Right now everything is being returned !$valid

[durangod]

I will take a look at this prob tomorrow at the earliest as i am working on something at the moment... But just so you know this line here

 

and id = ".mysql_real_escape_string($key);

 

and this line too

 

p.id = ".mysql_real_escape_string($product['pid']);

 

id on that table is a integer, and so is the $key im sure.

 

you dont have to use escape on integer's just make sure they are integer's, like this

 

and id = intval($key);  //this is just one way

 

integers are not susceptible to sql injection

 

also make sure if you escape a value in your query, that if you display that value that you use stripslashes on it first... and when you save it you only have to escape just before you save it to the db.

 

alot of people have issues with over escaping way too much which makes your string look like heck \\\\\\\\\\ with all those in it, each time you escape it it adds more. so always use stripslashes to get rid of them..

 

one more thing...

 

i love personally useing assoc rather than array, glad to see you use assoc , array is just too much garbage that i normally dont need... even better if you can (sometimes it wont let you) but if you can try mysql_fetch_object, its a really clean and nice array..

Edited July 3, 2014 by durangod

[durangod]

i have not forgot about you, im just trying to get stuff wrapped up here. appreciate your patience.

[durangod]

i have not yet been successful at this, do you still need this or have you figured this out?

[vpnzforum]

Hello,

 

I could still use some help. I need to validate if a custom field already has an entry. Your assistance would be greatly appreciated.

 

Thank You,

Jason

[vpnzforum]

I'm working on creating this hook. How can I get the custom field value?

 

Example: $username = custom_field_input_on_product_page

 

I'm having a hard time figuring this out. Also there should be an option in WHMCS to prevent duplicate custom fields when creating custom fields for products. It would make everyone's life a little easier.

[durangod]

yeah i apologize sincerely, my sites went down today and are still down due to dns changes, i know there are those here that can help you with a hook as well, i hope they chime im.. sorry but im in panic mode right now seeing my business dive bomb due to this....

[vpnzforum]

I almost have this working.

 

<?php
function hook_UNIQUENAME_ShoppingCartValidateProductUpdate($vars) {
       global $errormessage;
	//print_r($_SESSION['cart']);
	$username = testing;

	$username_exists = get_query_val("tblcustomfieldsvalues","COUNT(*)",array("value"=>$username));
									if ($username_exists >= 1) { 
                                               $errormessage .= "<li>Duplicat user name : ".$username."</li>";
                                       }
                               }
add_hook("ShoppingCartValidateProductUpdate",1,"hook_UNIQUENAME_ShoppingCartValidateProductUpdate");
?>

 

- - - Updated - - -

 

I anyone could help me get this value from product configuration.

 

$username = testing;

 

testing needs to be the entered custom field.

 

Thanks...

[vpnzforum]

Please help me. I've been working on this for almost a week. Seems like it should be sooooo simple. I suck at coding!

[vpnzforum]

I don't understand why this doesn't work.

 

$username2 = $params['customfields']['Username'];

 

Is the above how you define customfields?

[vpnzforum]

Can you even access custom fields in hooks during product configuration?

[vpnzforum]

Anyone willing to help with this? Need to figure out how to store the custom field on the product configuration page in $username.

[durangod]

ok sorry about the long delay last few days have been heck.. , i looked at this again, and just to give you another route other than a hook.. Why not just either add the input into the template file or scan for the custom field like the registration page does..

 

here is what i mean... this might help you with another way to capture this.

 

Awhile back i decided to add another security question to the registration page.

 

so here is what i did, i wont go into placement cause its not the file your working on but it will give you an option to edit a tpl file and add something to it.

 

First at the bottom of the reg form template i ask the question

 

 

 

<!-- added -->

<p align="center"><strong>Security Question:</strong> What color is the blank blank on the right side of this page(lower case)? <input type="text" name="squest" id="squest" size="6" maxlength="6" /></p>

<!-- end add -->

 

 

 

now i have to capture that input from the post so above that in the same file at the top i add the capture of the post value

 

{php}

$notcorrect = '';  //initialize this

if($_POST['squest'])
{

$answered = mysql_real_escape_string(trim(strtolower($_POST['squest'])));

 if($answered != "red")
 {  
 $notcorrect = "Secret Question Incorrect or Not Answered";
{/php}

{if !$errormessage}  <!-- if no other error messages then force this one -->

{php}
 echo "<div class='errorbox'>$notcorrect</div>";
{/php}

{/if}

{php}   
 }else{
    $notcorrect = '';
      }//end else

}else{
     $notcorrect = "Secret Question Incorrect or Not Answered";
    }// else if post

{/php}

 

 

and of course above that i have the js to make sure the input is correct format and not just junk.

 

 

------------------------------------------------------

 

now for your second choice, capture the custom field like the reg file does. here is how it does it and its in the botton of the clientregister.tpl file

 

 {/if}
         {foreach key=num item=customfield from=$customfields}
          <tr>
           <td class="fieldarea">{$customfield.name}</td>
           <td>{$customfield.input} {$customfield.description}</td>
         </tr>
         {/foreach}

 

 

does that help

 

- - - Updated - - -

 

and this is how you assign a value to smarty

 

 

       $smarty->assign($params['assign'],$content);

 

- - - Updated - - -

 

i am exhausted but i wanted to give you something to chew on for a bit maybe it will help you. I will check on you in the morning.... nite

Edited July 9, 2014 by durangod

[vpnzforum]

Hello,

 

Thank you for your help. I was able to fix this using an addon module. The customfield now checks the tblcustomfieldsvalues value row and if another exact entry is present an error is displayed.

 

Thank You

[durangod]

your welcome again sorry for the long delay in help, im usually "johnny on the spot" but my spot got rubbed out this week lol... glad you got it fixed...