php if orderID exists give new order number

Report · Jun 17, 2013

I am having a trouble with a shopping cart i am setting up. basically if the order is processed sucessfully it returns a value to the database of PAID and next time the order is placed a new orderID is issues, however when the order fails it return the result FAILED, what is happening is when you try to re order it is issuing the same orderID as the failed orderID do when the user try to proceed the the gateway i am getting a DUPLICATE ID error. on the failed-order.pho i have killed the orderID (session_unregister("OrderID");)

this is what i thought i would need to do so when the user is sent to failed-order.php this would kill the session then give the user a new orderID?

I have included the script on the checkout page ( only the parts relating to the orderID)

// *** Retrieve X ID ***

if (!session_id()) session_start();

$XC_OrderIdSessionVar = "OrderID";

if (!isset($_SESSION[$XC_OrderIdSessionVar])) {

// Get a unique OrderID number and save to session.

$XC_tableName = "LOTTIE_nextorder";

$XC_fieldName = "NextOrderID";

mysql_select_db($database_lotties, $lotties);

$XC_IdSource = "select " . $XC_fieldName . " from " . $XC_tableName;

$XC_rsId = mysql_query($XC_IdSource, $lotties) or die(mysql_error());

$row_XC_rsId = mysql_fetch_assoc($XC_rsId);

$_SESSION[$XC_OrderIdSessionVar] = $row_XC_rsId[$XC_fieldName];

$$XC_OrderIdSessionVar = $_SESSION[$XC_OrderIdSessionVar];

session_register($XC_OrderIdSessionVar);

$XC_next = $_SESSION[$XC_OrderIdSessionVar] + 1;

$XC_upd = "update " . $XC_tableName . " set " . $XC_fieldName . " = " . $XC_next;

$XC_rsId = mysql_query($XC_upd, $lotties) or die(mysql_error());

$XC_rsId = null;

}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {

$insertSQL = sprintf("INSERT INTO LOTTIE_orders (OrderID, CustomerID, OrderDate, Shipping, Discount, Tax, Total) VALUES (%s, %s, %s, %s, %s, %s, %s)",

GetSQLValueString($_POST['OrderID'], "text"),

GetSQLValueString($_POST['CustomerID'], "int"),

GetSQLValueString($_POST['OrderDate'], "date"),

GetSQLValueString($_POST['Shipping'], "double"),

GetSQLValueString($_POST['Discount'], "double"),

GetSQLValueString($_POST['Tax'], "double"),

GetSQLValueString($_POST['XC_Amount'], "double"));

// *** Save XCart contents to table ***

require_once('XCInc/XCsaveAction.inc');

if (isset($_GET['XC_SaveCartToTable']) && ($_GET['XC_SaveCartToTable'] == "1")) {

$XC_destColName = array("ProductID","Quantity","","","Total");

$XC_destColType = array("str","str","str","num","num");

$XC_orderId = $_SESSION['OrderID'];

$XC_tableName = "LOTTIE_orderdetails";

$XC_OrderIDCol = "OrderID";

$XC_OrderIDType = "num";

$XC_AddToTableRedirect = "../HostedSample/Process.php?$x_reqstr";

$XC_conName = "lotties";

require_once('XCInc/SaveXCartToTable.inc');

}

mysql_select_db($database_lotties, $lotties);

$Result1 = mysql_query($insertSQL, $lotties) or die(mysql_error());

what do i need to do to rectify this issue

thanks in advance

Report · Jun 17, 2013

i think i figured it out, the session hasnt been restarted when returning from the gateway, so it couldnt be killed

session_start();

Report · Jun 17, 2013

I have found another issue with this though, basically when the user clicks through to the gateway they send the orderID to the database, then they land on the gateway page and if they decide to you the back button then return to the checkout page they are still on the same orderID so if they try to use this again they are shown the duplicate key, what is the best method to overcome this and issued a new orderID?

thanks