can't transfer values with $_POST

Hi
I need to transfer some values, which I have put in a hidden field in a form, that I wish to transfer to another page.
Unfortunately it does not transfer any values.
In the form I have a simple radio button asking the viewer to choose a yes and no answer, then I refresh the page and analyse the answer then depending on the answer, it goes to either one page or the other.


two questions please:
1) what am I doing wrong
2) is this the safest way to transfer numbers, as they need to be very secure, since they are prices from shopping cart.

my form code:

......
<php>
 switch($_POST['card']){
        case 'card':
   header("Location:http://www.page1.php");
           break;
        case 'nocard':
              header("Location:http://www.page2.php");
           break;
       
     }
?>
............
...





 <form name="yes_no" Method="Post"  action="<?php echo $_SERVER['PHP_SELF']; ?>">
					  
					  
					  
                                                        <tr>
                              <td colspan="7"id="heading2" > Do you wish to pay for the above purchases using a credit/debit card?                            
                                                        </tr>
							
						                   <tr>
                              <td colspan="7" > <input type="radio" name="card" value="card"> Yes 
							  
							
                            </tr>
							         <tr>
                              <td colspan="7" > <input type="radio" name="card" value="nocard"> No 
							  
							
                            </tr>		
							 <tr>
                              <td colspan="7" > <input type="submit" name="submityes_no"> 
							  	</td>
							
                            </tr>
									 <input type="hidden" name="grand" id="grand" value="<?php  echo number_format($Gt, 2, ".", ","); ?>">	
									<input type="hidden" name="delivery" id="delivery" value="<?php  echo number_format($delivery, 2, ".", ","); ?>">	
										<input type="hidden" name="vat" id="vat" value="<?php  echo number_format($vat, 2, ".", ","); ?>">	
										
								<input type="hidden" name="totalcost" id="totalcost" value="<?php  echo number_format($totalcost, 2, ".", ","); ?>">	
										
										
										
								</form>	
							

Code (markup):

Then in my other page (say page1) I have:

 <fieldset class="fourth">
				
  <legend class="pc">Purchase Cost </legend>
  
    <label class="pi" for="Total  ">Value of Purchases =  <?php  echo  "£ ".$_POST["totalcost"]  ;?> </label>
   
    <br />
  
  <label class="pi" for="Delivery  ">Delivery =
  <?php  echo  "£ ".$_POST["delivery"]  ;?>
</label>
    
    <br />
  <label class="pi" for="Vat  ">Vat = <?php  echo  "£ ".$_POST["vat"]  ;?>  </label>
  

    <br />
     <label class="pi" for="grand  ">Grand Total = <?php  echo  "£ ".$_POST["Gt"]  ;?></label>
  
  </fieldset>

Code (markup):

Your help is much appreciated.

 

Maybe put these numbers in session?

 

<?php
if ((isset($_POST['card'])) && ($_POST['card']!=""))
{
switch($_POST['card']){
case 'card':
header("Location:http://www.yahoo.com");
break;
case 'nocard':
header("Location:http://www.google.com");
break;

}
}
?>

<form name="yes_no" Method="Post" action="<?php echo $_SERVER['PHP_SELF']; ?>">



<tr>
<td colspan="7"id="heading2" > Do you wish to pay for the above purchases using a credit/debit card?
</tr>

<tr>
<td colspan="7" > <input type="radio" name="card" value="card"> Yes


</tr>
<tr>
<td colspan="7" > <input type="radio" name="card" value="nocard"> No


</tr>
<tr>
<td colspan="7" > <input type="submit" name="submityes_no">
</td>

</tr>
<input type="hidden" name="grand" id="grand" value="<?php echo number_format($Gt, 2, ".", ","); ?>">
<input type="hidden" name="delivery" id="delivery" value="<?php echo number_format($delivery, 2, ".", ","); ?>">
<input type="hidden" name="vat" id="vat" value="<?php echo number_format($vat, 2, ".", ","); ?>">

<input type="hidden" name="totalcost" id="totalcost" value="<?php echo number_format($totalcost, 2, ".", ","); ?>">



</form>

 

Hi
thanks for your comments.
I did think about putting them in sessions, maybe I have to do that.

The above code makes it alot cleaner but still does not solve the problem of not transferring the value when there is a value to be transferred.

 

Why do these prices have to be very secure? Are they secret?
If it's only because you're afraid someone might send false prices, just put them in a session like the others said, or better still, get them from your DB when you need them. That way you'll always have the current prices.

Where do you want to transfer these values to? To page1.php and page2.php? You can't do that with $_POST. Sending the headers to redirect your user to another page, you can only put the values in the URL query string (page1.php?field1=value1&field2=value2....)

 

Hi CreativeClans

What I originally did was attach the prices to the end of URL and send the values that way.
But what I found out was that I could then change the prices in the url, refresh the page with new numbers and hay presto, I could buy any item with any values I wanted.

So these are actually the final prices for goods that the customer buys and I will need to transfer them to other pages.

The problem with what you suggested is that there is a quantity discount break for each item and I need to save the quantity ordered with the corresponding price then store these in database, then add them later. But I have already got the final figure, all I need is to access it.

I think i will take your, and others, suggestion and use sessions.
Thanks for looking into this.

 

He jacka, yes you can take session or there be another method ca use without session is Xml http post.....