Drummin

I don't see any "pagination" in your scripting, but as far as showing only ten results add limit 10 to the end of your query. Also keep those variable names unique for each query, i.e. $gettraderads, $gettraderads2 etc. $gettraderads = mysql_query("SELECT * FROM `trade-adverts` WHERE type = 'premium' AND paid = 1 AND categoryid = 1 AND live = 1 AND approved = 1 AND dateexpired >= '".$todaysdate."' ORDER BY id DESC limit 10");

Well then you should have a clientid in your table(s) and only allow access to when client id's match. Don't rely on user name alone when it comes to company records. Have the clientid in the user table and where records are stored.

RED is the key and must be unique. The value can be anything. [key]=>this can be anything. So you can't use item_is as the key. Is that clear?

Fixed this as well? '</td></form>' to '</form></td>'

Read... what is the form supposed to do or where is it being processed. The action directs the form to the page where it is being processed. I said, you can use the # if being processed on the same page or you can put the actual page name in there.

Looks like you are also missing the action=\"processingpage.php\" on your form. If Just checking things out on the same page you can use the # sign. <form name=\"test\" method=\"post\" form id=\"form1\" action=\"#\" /> You also have nesting issue by placing </form> tag outside </td>.

Thanks PFMaBiSmAd. Looks like I've got some work to do.

I have a "Buddy Table" that simply stores the "userid" and the "buddyid". When you add someone to your buddy list it places your ID into the "userid" and the id of the buddy into the "buddyid slot. I simply select to show all buddies by querying WHERE userid=$userid. In my User table I also have a column where a person can block their name from showing in the buddy list selection area and if marked, also removes his records from the "Buddy Table" where buddyid=$userid. Works great.

Hello, I was wondering if I need to escape all get values. I often use a $_GET variable as in mypage.php?id=variable to selecting records to view etc. I usually convert this to a variable to be used in a WHERE statement. IF ($_GET['id']){ $id=$_GET['id']; } But what if someone tried to view all records resulted in all content page data being displayed somehow. Or better yet, if visiting resulted in all content being deleted. Is that even possible in the in the context of a MySQL WHERE statement? Seems like the MySQL statement wouldn't be structured correctly and wouldn't work. I use mysqli_real_escape_string" on posted content but should I also escape all GET input?

Something like this $timeoutseconds = 604 800; //get the time $timestamp = time(); $timeout = $timestamp-$timeoutseconds; $delete = mysql_query("DELETE FROM mytable WHERE timestamp<$timeout");

Try if (empty($rs)) or without space if (!$rs)

This is what I have working. session_start(); if (!isset($_SESSION["cart_keys"])){ $_SESSION["cart_keys"]=array(0); } IF ($_POST['button']=="Add to Cart"){ foreach($_POST as $ky => $val){ IF ($ky!="button"){ $key=$ky; } } // If the cart session variable is not set or cart array is empty if (!isset($_SESSION["cart_array$key"]) || count($_SESSION["cart_array$key"]) < 1) { // RUN IF THE CART IS EMPTY OR NOT SET $_SESSION["cart_array$key"] =array(1); } else { // RUN IF THE CART HAS AT LEAST ONE ITEM IN IT IF (isset($_SESSION["cart_array$key"])){ $i++; } IF ($i==1){ $v=$_SESSION["cart_array$key"][0]; $nv=$v+1; $_SESSION["cart_array$key"] = array($nv); $wasFound = true; } } $ck=$_SESSION["cart_keys"]; if (in_array($key, $ck, true)){ // echo "Got key"; } ELSE{ array_push($ck, $key); $_SESSION["cart_keys"] =$ck; } }//end post //// Display //// foreach($_SESSION["cart_keys"] as $cartitem){ IF ($cartitem>0){ $iq=$_SESSION["cart_array$cartitem"][0]; echo "Item Ordered: $cartitem Quanitity: $iq<br />"; } } //////////Clear Cart for testing//////////// IF ($_GET['end']=='t'){ session_destroy(); } echo "<a href='test9.php?end=t'>Clear Cart</a><br />"; ////////////

It's in the processing array, which you are saving to session. Where you are saving "item_id => $pid", the "item_id" is the "key" and "$pid" is the "value". This won't work because the "key" needs to be unique. I've made more than a dozen variations of the processing script but kept running into problems until I created a new session for each item. I then needed to create another session just for tracking the cart_keys and have got that working as well. Now I just need to create a usable display so you can see what is being saved, because it might be hard to understand otherwise. The cart_keys will be used in an foreach statement to extract each key id and put it in the session call statement as in $_SESSION["cart_array$key"] to then show number of items ordered. Just about got this working. I'm sure you are also trying to figure this out in your own way, but this is what I've come up with to get items and quantity saved for each item to session.

The problem is the KEYS in the array need to be unique so you can't use item_id, quantity as in [item_id] => pid [quantity] => 1. I would suggest just using the product id as the KEY and the quantity as the value. [pid] => 1. Then you should be able to find this unique KEY[pid] and udate the VALUE for this item.

Changing the form side of things using variable names will bring it's own problems as you pointed out. You'll need to use a generic $_POST for processing and extract the key and values while also filtering out the submit button itself much like I posted the other day. Something like this. foreach($_POST as $key => $val){ IF ($key!="button"){ //DO SOMETHING WITH THIS $key ID and $Value// } } You'll then need to check if you have the $key item set to session and if you do, add +1 to the quantity. IF $key is not found in session add the item to session. This approach might work. The value saved for item_id# doesn't matter, just be constant like "in-cart" in the array you'd have the unique key in your array something like this, array([item_id#] => in_cart). So you'll be comparing foreach($_post as $key) to that item_id#.

I've been playing with the processing side of this for the past two days and adding a product and updating the quantity is not a problem for a single item_id. Even adding a second item is not a problem but from that point on everything stops because you no longer have unique $key values, i.e. item_id etc. The idea of making this work sounds cool but I think you'll need to resort to putting the values in a mysql table where you would also have a record of their order for future reference. That would be straight forward and easy and I'm not sure why you're taking the session approach. In any case, hope you get it worked out.

What is the benefit of using an array for DB constants instead of just using constants? Where I normally would use something like this on my page... require("../access.inc.php"); $link = mysqli_connect($host, $login, $pass); mysql_connect("$host","$login","$pass") OR DIE

I think you might need to quote your true false values for $wasFound = "false"; as they are resulting in 1 or 0 instead of true or false.

Hey well, sorry I wasn't much help. This topic was here for days without anyone responding so I thought I see about it. I will stay out and let those more qualified respond.

You might also want to add "style=" to your table. <table style='width: 90%; margin-right: auto; margin-left: auto; color: #00E6AA;'>

Well I don't know much about jquery but if you need the form id="bd_itm" to process, then you'll need to have a unique value. By just adding $id to the end should give you a unique id for each as in id="bd_itm'. $id . '" though not sure if that will be what you need. Personally I'd just do a straight post to a processing page and direct them back to the product page, which will re-query and show items in their cart.

Now this is what I am trying to change To get unique values in case this is my error... I don't think you need these html id's at all. You just need to process the $_POST['pid'] and add it to the cart.

I feel pretty bad about my posts as well. The white space error was my fault as I had placed your code inside a page I already had to access a DB table already defined. I messed up. You do have empty <span class=itmttl></span> and duplicate id="bd_itm", id="pid" and id="button" for each item and the form action is not defined. But as far as the original issue of id not being passed, that seems fine.

Let's back up. In both versions I see the pid value for each item. When posting, is this value not being picked up? Adding print_r($_POST); I see the id being passed.

Hey forgive me Pavlos for not reading your code carefully enough. I thought you were posting several items at a time. Please disregard my earlier posts. Just looking at your first code, I get "white space errors" because of the line returns. I removed those returns and formatted in a style I would use. Maybe this will work for you. $sql = mysql_query("SELECT * FROM products WHERE category='body' ORDER BY id ASC"); $productCount = mysql_num_rows($sql); // count the output amount if ($productCount > 0) { $i=0; $dynamicListBody = "<table width: 90%; margin-right: auto; margin-left: auto; color: #00E6AA;>"; while($row = mysql_fetch_array($sql)){ $id = $row["id"]; $product_name = $row["product_name"]; $details = $row["details"]; $price = $row["price"]; $date_added = strftime("%b %d, %Y", strtotime($row["date_added"])); $dynamicListBody .= ($i==0) ? '<tr>':''; $dynamicListBody .= "<td width=\"10%\"><img style=\"border:#666 1px solid;\" src=\"../stock_photos/$id.png\" alt=\"$product_name\" /></td><td width=\"35%\"><span class=itmttl>$product_name</span><br /><span class=\"text\">$details<br />€$price</span><br /><form id=\"bd_itm\" name=\"bd_itm\" method=\"post\" action=\"#\"><input type=\"hidden\" name=\"pid\" value=\"$id\" /><input type=\"submit\" name=\"button\" value=\"Add to Cart\" /><br /><br /></form></td>"; $dynamicListBody .= ($i==1) ? '</tr>':''; $i++; ($i==2) ? $i=0:''; } $dynamicListBody.='</table>'; } else { $dynamicListBody = "We have no products listed in our store yet"; } mysql_close();