If you want to allow file uploads on the form, or specify that a user must have a certain product before being able to use this form, or that they must not have a certain product before using the form, or if you want to add extra processing functionality to your forms, you can define all this on the Advanced tab.

Figure 4.8 - Order Form Editor - Advanced Tab

Upload Path

The path where you want to store files that users of your form upload. If you want to allow file uploads on your order form, you must first enter a valid path here, which is writable by PHP. Once you have done that, and saved or applied the form, the file upload field type will become available on the editor.

If you don't want just anyone to be able to download the files that are uploaded by your users, you should choose a location above the publicly accessible area of your hosting account (eg. above public_html, htdocs, or www). Make sure that the user PHP runs under has permission to write to the selected folder (if your server has suPHP, PHP will run under your account username. If not, it might run under its own username, or a generic user, typically called 'nobody').

Upload Max File Size

You can limit the size of files that are uploaded by entering the value in Kilobytes here.

Allowed File Types
If you leave this blank, any file type can be uploaded. If you want to restrict the file types, for example to just allow images, you can enter a list of the file extensions that are allowed, separated by the pipe character: |

For example, to just allow JPEG, PNG, and GIF images, you would enter the following:


Bear in mind though, that people can upload files of a different type but with the wrong file extension. For example, an executable file could be uploaded with a .jpg file extension - you should not trust that any file uploaded by a user is really of the type indicated by its file extension (although of course it usually will be).

Attach to Admin E-Mail?

Indicate here whether or not to send the uploaded files as attachments to the administrator when an order is placed. This will only happen if 'E-Mail Order to Admin?' is also set to 'yes' on the details tab.

Prerequisite Products

If you only want people to use this order form if they already have a particular product (eg. if this form is for a product upgrade), you can specify one or more prerequisite products here. First select the category from the first list, then click on the product from the second list, and click on the top arrow button > to add the product as a prerequisite. You can remove products from the prerequisite list by clicking on the bottom arrow button <.

The selection is done this way so that you are able to select products from different categories if you want to specify more than one. Note, however, that if you do have more than one product specified here, the order form will be available to users who have any of the selected products.

Naturally, the user will need to be logged in for nBill to be able to detect whether or not they already have a prerequisite product.

Disqualifying Products

This is similar to prerequisite products (above), but defines products that the user must not have if they are to use this order form. This is useful for things like user subscriptions, where a user is only allowed to buy the product once.

The rest of this form is for PHP and Javascript developers only. It allows you to add your own functionality to a form, but you need to already know how to use PHP and/or Javascript before you can take advantage of these settings.

Please pay attention to security, especially when dealing with $_POST values - use the nbf_common::get_param() function and validate all input. You do not need to include <?php ?> tags.

Process Code

If you have a Process Button field on your form, you can perform whatever server-side processing you need when the button is clicked by pasting in your PHP code here (check which button was pressed using the $_POST values). If you have a large amount of code, it might be better to put it in a separate file and just use an include statement here.

Validation code

When the form is submitted, nBill will perform its own validation (eg. to ensure that Numeric fields only contain numbers, that mandatory fields have been given a value, etc.), but after that is complete it will hand over to whatever code you enter here so that you can add your own validation.

This is especially useful if you have a number of fields, none of which are mandatory in themselves, but for which at least one in the group must have a value. You can check for that here, and if you want to reject the submission just give a value to the built-in $error_message variable. You can also highlight the field(s) that are in error by adding the field names to the built-in $fields_in_error[] array.

If you have a large amount of code, it might be better to put it in a separate file and just use an include statement here.

Pre-Calculate Code

When the totals are calculated for display in the order summary or when handing over to the payment gateway for payment, this code is executed immediately before the totals are calculated. This setting is often used for manipulating the $orders array to influence what items are ordered and what amount is charged (eg. see this topic). Code you enter here can be executed multiple times during a form submission.

If you have a large amount of code, it might be better to put it in a separate file and just use an include statement here.

Post-Calculate Code

Any code entered here is executed immediately after the totals have been calculated (for display in the summary table or when handing over to a gateway for payment).

If you have a large amount of code, it might be better to put it in a separate file and just use an include statement here.

Submit Code

After validation has been passed successfully, nBill will run any code that you enter here. This happens before control is passed to the payment gateway. There is a built-in variable called $suppress_payment that you can use (set to true) to stop nBill from handing over to the payment gateway.

If you have a large amount of code, it might be better to put it in a separate file and just use an include statement here.

Order Creation Code

If you need to run a process only when an order is created (so if the form has 'Pending Until Paid' set to 'yes', this will be after payment has been successfully completed), you can paste your code here. This code will be executed once for every product ordered - use the $product_id and/or $order_id variables to determine which product/order you are dealing with. If the order relates to a recurring payment schedule, and the payment gateway provides a callback for each recurring payment, this code will also be executed for each recurring payment (when a repeat payment is being processed, the $recurring variable will be set to true).

If you have a large amount of code, it might be better to put it in a separate file and just use an include statement here.

Javascript Functions

Anything entered here will be inserted between <script> tags in the <head> section of the front-end web page when the order form is displayed. This allows you to define any javascript functions that you want to call for events on the form. To attach your function calls to events on your fields, use the HTML attributes setting for the field on the advanced tab of the field properties pane in the editor. Note that you can also include javascript files on your form using its page properties which might be a better option if you have a lot of javascript code.