1
00:00:00,750 --> 00:00:01,410
Welcome back.

2
00:00:02,340 --> 00:00:05,670
Now it's time to fix many bugs that we have.

3
00:00:06,210 --> 00:00:12,690
And we and whenever you create a big project, you will definitely have so many bugs.

4
00:00:12,690 --> 00:00:19,710
And you need to be very careful because otherwise your application could be very vulnerable to many

5
00:00:19,920 --> 00:00:20,430
problems.

6
00:00:21,030 --> 00:00:27,630
So the first thing that we have here is that here, if you open up the place, order up, you'll find

7
00:00:27,630 --> 00:00:32,880
that I'm allowing users who are not logged in to place an order.

8
00:00:32,880 --> 00:00:40,090
And this is a problem because if they if the user is not logged in, there should be there.

9
00:00:40,200 --> 00:00:41,610
There is no user ID.

10
00:00:41,970 --> 00:00:45,120
And if we try to place an order, we we are going to get an error.

11
00:00:45,360 --> 00:00:47,310
So this is the first problem that we have.

12
00:00:47,850 --> 00:00:51,560
Another problem is that there it's better to protect the excuse.

13
00:00:52,380 --> 00:00:58,210
It's better to check the execute before proceeding and executing the code below.

14
00:00:58,770 --> 00:01:02,490
So this excuse will always return true or false?

15
00:01:02,640 --> 00:01:10,810
If if if this goes through, it means that the the ill statement has been executed successfully else.

16
00:01:11,310 --> 00:01:14,100
If it returns false, it means that there is a problem.

17
00:01:14,400 --> 00:01:22,020
So it's better to add here now if statement and check whether this is this return true or false.

18
00:01:22,530 --> 00:01:24,090
This is the second thing that we need to do.

19
00:01:24,360 --> 00:01:32,460
The third thing that we need to do is that if user is not logged in, they shouldn't be able to to to

20
00:01:32,460 --> 00:01:33,240
place an order.

21
00:01:33,720 --> 00:01:35,760
So let me fix all of these things.

22
00:01:36,120 --> 00:01:38,720
The first thing that I'm going to do is that here I'm going to add a statement.

23
00:01:38,730 --> 00:01:44,550
I'm going to say if and then I'm going to say if execute is false.

24
00:01:45,270 --> 00:01:48,900
If here if false.

25
00:01:49,830 --> 00:01:51,410
By the way, you can do something else.

26
00:01:51,420 --> 00:01:59,910
You can say here is the empty underscore status is equal to this.

27
00:02:01,410 --> 00:02:07,980
And then you can say if is the empty underscore status.

28
00:02:09,240 --> 00:02:10,140
Is false.

29
00:02:11,100 --> 00:02:13,940
If exclamation mark, which means it's false.

30
00:02:13,950 --> 00:02:25,590
If it's false, we should use the header and then take the user to the to the index page or any page

31
00:02:26,040 --> 00:02:26,590
you want.

32
00:02:26,640 --> 00:02:27,630
You shouldn't continue.

33
00:02:27,680 --> 00:02:31,870
You should just take the user somewhere else and you should exit.

34
00:02:31,890 --> 00:02:32,760
This is very important.

35
00:02:32,760 --> 00:02:38,070
You should exit because if you do not exit, it's going to continue executing the code below.

36
00:02:39,270 --> 00:02:42,090
And you can display an error message message if you want.

37
00:02:42,630 --> 00:02:54,090
But the possibility of this being false is so slim because because if we have these things and we already

38
00:02:54,090 --> 00:03:00,600
made sure that we have the email and the password and and the the email, the name of the email or if

39
00:03:00,600 --> 00:03:01,380
one of the city.

40
00:03:01,710 --> 00:03:06,510
Because they form the form in the in the place.

41
00:03:07,200 --> 00:03:08,130
Let me show you that.

42
00:03:08,640 --> 00:03:13,380
In the place order here in the check out page.

43
00:03:14,010 --> 00:03:18,260
The user will not be able to place an order without filling out this form.

44
00:03:18,270 --> 00:03:23,130
So we are 100% sure that the user will provide us with these things.

45
00:03:23,460 --> 00:03:24,990
The only problem is with the.

46
00:03:25,590 --> 00:03:26,790
Is with the.

47
00:03:29,120 --> 00:03:33,290
The user I.D. So we need to make sure that the user is locked in.

48
00:03:34,010 --> 00:03:39,020
Also, if the user is if the court is empty, we already handle this.

49
00:03:39,800 --> 00:03:41,120
We already handle this.

50
00:03:41,120 --> 00:03:42,740
If the card is not empty.

51
00:03:43,550 --> 00:03:47,350
If the court is empty, then it's going to take the user to the index page.

52
00:03:47,360 --> 00:03:48,410
So this is protected.

53
00:03:48,710 --> 00:03:55,750
Therefore, here in the police order, the only problem that we could have is the decision being the

54
00:03:55,820 --> 00:03:58,430
session user ID being empty.

55
00:03:58,430 --> 00:04:01,120
So which means that the user is not logged in.

56
00:04:01,130 --> 00:04:06,320
So the only thing that we need to do is that we need to make sure that the user is logged in similarly.

57
00:04:06,530 --> 00:04:10,840
Similarly here, if we have a problem, it's better to protect this.

58
00:04:10,850 --> 00:04:15,620
But again, again here we already know that the card is not empty at this point.

59
00:04:16,160 --> 00:04:21,380
And at this point, the product ID and the name and image and the price and the quantity, all of them

60
00:04:21,620 --> 00:04:26,460
will never be empty because you have inserted these in the database.

61
00:04:26,480 --> 00:04:34,490
There is no way that these could be empty because here in the in the card, if you check again, if

62
00:04:34,490 --> 00:04:37,820
we check the card, we fill the card with these things.

63
00:04:37,830 --> 00:04:41,990
So it's it's like 99.9%.

64
00:04:42,710 --> 00:04:44,930
So it's 99.9%.

65
00:04:44,930 --> 00:04:45,770
Not going to be empty.

66
00:04:46,190 --> 00:04:54,650
And this is not I'm not saying this, I I'm saying this because we already protected these in other

67
00:04:54,650 --> 00:04:54,920
pages.

68
00:04:54,930 --> 00:05:01,640
So adding just adding so many statements is also not a good practice.

69
00:05:01,640 --> 00:05:06,680
So you need to check, read your errors once before moving on.

70
00:05:06,740 --> 00:05:09,680
We have already done that already here, by the way.

71
00:05:09,680 --> 00:05:13,640
Here in case user places an order successfully.

72
00:05:14,180 --> 00:05:17,270
We actually shouldn't keep the card

73
00:05:20,420 --> 00:05:21,560
filled with products.

74
00:05:21,560 --> 00:05:22,790
And I'm going to work on this later.

75
00:05:23,300 --> 00:05:28,580
Let me now focus on making sure that the user will not be able to place an order unless they will get

76
00:05:28,910 --> 00:05:33,350
and to do this here in the place order, that would be the first thing that we need to do is that we

77
00:05:33,350 --> 00:05:41,630
need if statement here and then we need to say if not is set session.

78
00:05:42,980 --> 00:05:43,530
Session.

79
00:05:44,540 --> 00:05:45,410
Logged in.

80
00:05:46,460 --> 00:05:48,800
Logged under score ein.

81
00:05:49,810 --> 00:05:56,140
Then if the user is not logged in then we need to say header and then we need to take the user to the

82
00:05:57,100 --> 00:05:59,630
check out page or any page you want.

83
00:05:59,650 --> 00:06:01,150
It doesn't have to be the check out.

84
00:06:01,150 --> 00:06:07,120
You can take the user through the index or the check out or even the account or even the log in.

85
00:06:07,900 --> 00:06:16,480
So I'm going to here say location, first location, and then I'm going to say check first that because

86
00:06:16,480 --> 00:06:20,590
we are the place order is inside is inside the server.

87
00:06:20,980 --> 00:06:25,310
So we need to go back one step back and then access the checkout.

88
00:06:26,170 --> 00:06:31,120
So we need to say here dot that and therefore slash check out not B2B.

89
00:06:31,510 --> 00:06:38,740
And then the message I'm going to say message and the message is going to say, please log in.

90
00:06:39,990 --> 00:06:45,660
Slash register to place an order.

91
00:06:47,660 --> 00:06:51,260
And most importantly, you need to exit.

92
00:06:51,380 --> 00:06:52,400
This is very important.

93
00:06:52,430 --> 00:06:53,270
You need to exit.

94
00:06:53,660 --> 00:06:55,160
This is very, very important.

95
00:06:55,580 --> 00:06:56,900
So you have to exit.

96
00:06:57,170 --> 00:07:05,560
If you don't want to exit, then you can add ILS and then place all of this good inside this else here.

97
00:07:05,570 --> 00:07:06,170
Like this.

98
00:07:06,890 --> 00:07:07,400
Like this.

99
00:07:07,400 --> 00:07:11,030
So all of this code can be pushed inside this, Elise.

100
00:07:12,370 --> 00:07:24,160
So this is, I think this is more, um, uh, meaningful now that you can see if a user is logged in

101
00:07:24,790 --> 00:07:26,380
and if a user is not logged in.

102
00:07:26,500 --> 00:07:28,930
If user is not.

103
00:07:32,600 --> 00:07:35,960
This is a comment, by the way, not logged in.

104
00:07:36,710 --> 00:07:39,950
And again, if you don't want to use the alpha, you need to say your exit.

105
00:07:41,240 --> 00:07:41,830
Exit.

106
00:07:41,840 --> 00:07:44,420
But exit here would be redundant because we have else.

107
00:07:44,840 --> 00:07:47,450
Anyway, he's now in the check out.

108
00:07:47,450 --> 00:07:48,740
We need to display this message.

109
00:07:49,220 --> 00:07:53,180
So in the check out, the first thing that we need to do is that we need to remove this.

110
00:07:54,140 --> 00:07:55,780
Check out boss.

111
00:07:55,800 --> 00:07:56,390
Check out.

112
00:07:57,050 --> 00:08:03,830
The reason is because if you don't remove it and redirect the user from the place order to this page,

113
00:08:03,830 --> 00:08:06,290
it's always going to take the user to the index.

114
00:08:06,920 --> 00:08:09,260
So we need to remove this check out from here.

115
00:08:10,650 --> 00:08:14,820
I'm going to remove it from here and we just need to check if user is.

116
00:08:16,940 --> 00:08:20,420
If user is, um, if the card is not empty.

117
00:08:21,500 --> 00:08:25,940
And finally, we just near here need, we need to display the error message.

118
00:08:25,940 --> 00:08:26,900
We need to say.

119
00:08:28,290 --> 00:08:30,780
We need to hear about reform or.

120
00:08:31,560 --> 00:08:35,730
Or you're actually here about reform or.

121
00:08:36,770 --> 00:08:37,550
Or.

122
00:08:38,090 --> 00:08:39,020
Or above this.

123
00:08:40,130 --> 00:08:41,720
Above or below this form.

124
00:08:42,110 --> 00:08:44,750
You can use a p and then.

125
00:08:46,150 --> 00:08:46,840
BHP.

126
00:08:48,510 --> 00:08:50,100
And first you need to check.

127
00:08:51,430 --> 00:08:55,240
You need to check if is set.

128
00:08:56,480 --> 00:08:57,080
Get.

129
00:08:59,050 --> 00:09:02,140
And then message.

130
00:09:04,240 --> 00:09:06,490
Then at this point, we need to echo the message.

131
00:09:06,490 --> 00:09:10,120
We need to say echo and then echo what?

132
00:09:10,170 --> 00:09:10,810
Equally.

133
00:09:12,010 --> 00:09:13,900
Get message.

134
00:09:17,270 --> 00:09:18,950
And here I'm going to say.

135
00:09:20,710 --> 00:09:21,310
Glass.

136
00:09:22,650 --> 00:09:24,820
And then next.

137
00:09:26,690 --> 00:09:27,320
Center.

138
00:09:29,210 --> 00:09:31,310
And I'm going to also say style.

139
00:09:33,870 --> 00:09:39,870
Color red and you can display a link so that the user logs.

140
00:09:41,860 --> 00:09:43,000
So that they use an analogy.

141
00:09:43,240 --> 00:09:52,120
So you can hear here, you can add another statement here, or you can by the way, you can close this

142
00:09:52,750 --> 00:09:54,160
you can close this beach.

143
00:09:54,190 --> 00:09:56,280
B And then, um.

144
00:09:57,160 --> 00:10:03,790
And then here you can display a button.

145
00:10:04,150 --> 00:10:04,750
You just.

146
00:10:06,210 --> 00:10:06,660
Here.

147
00:10:07,860 --> 00:10:09,090
Display a button.

148
00:10:09,870 --> 00:10:10,680
Let me keep this.

149
00:10:11,250 --> 00:10:14,340
Let me keep this line as it is, because I don't want to confuse you.

150
00:10:14,380 --> 00:10:15,570
This is going to be complicated.

151
00:10:16,380 --> 00:10:18,420
Let me just keep this and be law.

152
00:10:18,450 --> 00:10:21,010
I'm just going to check.

153
00:10:21,300 --> 00:10:22,410
Get another check.

154
00:10:23,520 --> 00:10:25,590
Another beach B with a.

155
00:10:26,830 --> 00:10:27,310
If.

156
00:10:29,140 --> 00:10:34,540
Is it again a safe get message?

157
00:10:37,300 --> 00:10:43,750
Then your daily bracket and then close the candy bracket each be.

158
00:10:45,120 --> 00:10:48,570
Close the Kennedy bracket and then you can hear this play the.

159
00:10:51,670 --> 00:10:56,800
You can display the attack with the with with a link to log in.

160
00:10:57,100 --> 00:11:05,080
And then here you can see and log in and then you can again you can say class and then Beattie and.

161
00:11:08,170 --> 00:11:10,420
And then you can even say BP in primary.

162
00:11:13,250 --> 00:11:14,930
And the sheriff at this point.

163
00:11:15,560 --> 00:11:17,000
The sheriff is going to be.

164
00:11:19,840 --> 00:11:22,600
Equal to log in that BHP.

165
00:11:23,820 --> 00:11:26,390
And here we need to say like this.

166
00:11:26,400 --> 00:11:27,000
And that's it.

167
00:11:28,230 --> 00:11:35,640
Now let me go back and let me add another to the cart and let me try to place an order.

168
00:11:36,480 --> 00:11:38,250
So I'm going to here click on checkout.

169
00:11:38,940 --> 00:11:44,490
And if I click on place order, first of all, I will not be able to place an order because I have to

170
00:11:44,490 --> 00:11:45,660
feel this lady feel this.

171
00:11:46,720 --> 00:11:52,960
So if I fill out this form and click on place order, as you can see here, it's going to say, please

172
00:11:52,960 --> 00:11:59,320
log in, register to place an order so this button is not going to work unless you log in.

173
00:11:59,590 --> 00:12:02,200
And if you click on log in, it's going to take me to the log in page.

174
00:12:03,340 --> 00:12:07,960
Now, I will not be able to place an order unless I feel this.

175
00:12:07,960 --> 00:12:10,480
And then look at the first log in, actually.

176
00:12:11,260 --> 00:12:12,520
So this is very important.

177
00:12:12,520 --> 00:12:17,650
You need to not to allow users to place orders before they log in.

178
00:12:18,100 --> 00:12:20,440
You can even add this go to the cart.

179
00:12:20,920 --> 00:12:30,500
You can prevent users from coming to this page altogether before before even clicking on on the card

180
00:12:30,610 --> 00:12:30,910
here.

181
00:12:30,910 --> 00:12:34,330
Before clicking on on this button, check out.

182
00:12:38,360 --> 00:12:41,090
So now let me test let me now log in first.

183
00:12:41,090 --> 00:12:45,590
Let me log in and try to try to.

184
00:12:47,450 --> 00:12:54,140
To place an order after you log in, because now if I try to place an order, I will not be.

185
00:12:55,100 --> 00:12:57,500
So again, if I click on place order, it's not going to work.

186
00:12:57,500 --> 00:13:02,030
So I first need to log in and if I log in, let me log in at least on order.

187
00:13:05,210 --> 00:13:08,780
So if I click on log in now, I will be able to log in.

188
00:13:08,780 --> 00:13:12,680
And if I go to the card, let me go to the card.

189
00:13:13,770 --> 00:13:16,680
I'm going to here go through the card.

190
00:13:16,680 --> 00:13:17,580
I'm going to say card.

191
00:13:19,760 --> 00:13:20,960
And now in the cards.

192
00:13:22,070 --> 00:13:23,150
Oh, let me check out.

193
00:13:24,110 --> 00:13:24,710
And leave me here.

194
00:13:24,720 --> 00:13:25,670
Fill out this form.

195
00:13:25,730 --> 00:13:30,590
Now, if you click on Place Order, as you can see, the order will be placed and you will be taken

196
00:13:30,590 --> 00:13:31,700
to the payment page.

197
00:13:32,210 --> 00:13:40,670
So it worked successfully and I will only be able to log through to place an order if I am logged in.

198
00:13:41,780 --> 00:13:44,540
So this is very, very important practice you need to have.

199
00:13:44,870 --> 00:13:50,490
Also, if you are logged in but the cart is empty, you will not be able to place an order.

200
00:13:50,510 --> 00:13:51,350
Let me show you this.

201
00:13:52,310 --> 00:13:53,450
So let me show you this.

202
00:13:53,460 --> 00:13:55,430
So here I'm logged in, right?

203
00:13:55,910 --> 00:13:57,550
If I remove this from the cart.

204
00:13:57,560 --> 00:13:58,850
So now the cart is empty.

205
00:13:59,240 --> 00:14:02,400
And if I click on check out, I will not be able to.

206
00:14:02,750 --> 00:14:04,050
So this is very important.

207
00:14:04,070 --> 00:14:06,710
Now our system is protected.

208
00:14:07,310 --> 00:14:11,960
The user will have will have here in the in the chain.

209
00:14:11,990 --> 00:14:14,360
And they cannot be in the actually in the check out.

210
00:14:15,110 --> 00:14:22,310
We have here the if the cart is empty, then if the cart is not empty, the user will be let in it.

211
00:14:22,370 --> 00:14:27,830
Also, the user will be taken to the through the index, also in the police order before the user places

212
00:14:27,830 --> 00:14:28,280
an order.

213
00:14:28,280 --> 00:14:30,740
We need first to check whether we are looking or not.

214
00:14:31,910 --> 00:14:39,020
And again, I need to emphasize on adding this good in in the check out is also possible you can protect

215
00:14:39,140 --> 00:14:45,920
this the you can make the protection from here or from here or even from the cart.

216
00:14:45,920 --> 00:14:47,670
Which is it also?

217
00:14:47,810 --> 00:14:51,410
It's just the same goal.

218
00:14:51,800 --> 00:14:54,650
It's just the same goal, but a different method.

219
00:14:54,650 --> 00:14:56,360
So you can follow any method you want.

220
00:14:56,600 --> 00:15:03,440
But the goal is to protect the but the placing an order page because you shouldn't allow users to place

221
00:15:03,440 --> 00:15:07,790
orders without logging in and without having something in the cart.