Jump to content


Photo

Sessions and mysql recordsets problem


  • Please log in to reply
No replies to this topic

#1 Joe59101

Joe59101
  • New Members
  • Pip
  • Newbie
  • 1 posts

Posted 29 August 2006 - 03:29 PM

Hello,

what i am trying to do is to pass a product ID from a recordset finds it by a group of commands (tested and worked) using a session (fails) it works fine if i just put pure numbers in but as soon as a variable is entered into the prodid session variable it forks up. any help would be appriciated

Page one:
<?php require_once('../Connections/legz11.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
  $insertSQL = sprintf("INSERT INTO Ordernew (ProductID1, qty) VALUES (%s, %s)",
                       GetSQLValueString($_POST['proid'], "text"),
                       GetSQLValueString($_POST['qty'], "text"));

  mysql_select_db($database_legz11, $legz11);
  $Result1 = mysql_query($insertSQL, $legz11) or die(mysql_error());

  $insertGoTo = "basketcollect2.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

$colname_Recordset1 = "-1";
if (isset($_POST['Product'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['Product'] : addslashes($_POST['Product']);
}
$col2_Recordset1 = "-1";
if (isset($_POST['size'])) {
  $col2_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['size'] : addslashes($_POST['size']);
}
$col3_Recordset1 = "-1";
if (isset($_POST['colour'])) {
  $col3_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['colour'] : addslashes($_POST['colour']);
}
mysql_select_db($database_legz11, $legz11);
$query_Recordset1 = sprintf("SELECT * FROM Productsnew WHERE Productname = '%s' AND Productsnew.Availablesizes = '%s' AND Productsnew.Availablecolours = '%s'", $colname_Recordset1,$col2_Recordset1,$col3_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $legz11) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
session_start();
$_SESSION['id'] = mysql_insert_id(); 
$_SESSION['proid'] = $row_Recordset1['proid'];
$_SESSION['qty'] = $_POST['qty'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<form id="form" name="form" method="POST" action="<?php echo $editFormAction; ?>">
  <label>
  <input name="proid" type="hidden" id="proid" value="<?php echo $row_Recordset1['proid']; ?>" />
  <input name="qty" type="hidden" id="qty" value="<?php echo $_POST['qty']; ?>" />
  <input name="id" type="hidden" id="id" value="<?php echo mysql_insert_id(); ?>" />
  </label>
  <meta http-equiv="Refresh" content="1;URL=javascript:document.form.submit()" />
  <input type="hidden" name="MM_insert" value="form">
</form>
<p><strong>Debug mode</strong></p>
<p><?php echo $row_Recordset1['proid']; ?></p>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Page 2

<?php require_once('../Connections/legz11.php'); ?>
<?php
$colname_Recordset1 = "-1";
if (isset($_SESSION['id'])) {
  $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['id'] : addslashes($_SESSION['id']);
}
mysql_select_db($database_legz11, $legz11);
$query_Recordset1 = sprintf("SELECT * FROM Ordernew WHERE Legzid = %s", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $legz11) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
session_start();
$_SESSION['proid'];
$_SESSION['id']; 
$_SESSION['qty'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<form action="basket.php" method="get" name="form">
<input name="proid" type="hidden" value="<?php echo $_SESSION['proid']; ?>" />
<input name="qty" type="hidden" value="<?php echo $_SESSION['qty']; ?>" />
<meta http-equiv="Refresh" content="1;URL=javascript:document.form.submit()" />
</form>
<p><strong>Debug mode</strong> <br />
  qty = <?php echo $_SESSION['qty']; ?><br />
proid = <?php echo $_SESSION['proid']; ?></p>
<p>session id = <b><?php echo $_SESSION['id']; ?></p>
<p>proid <?php echo $row_Recordset1['ProductID1']; ?> qty <?php echo $row_Recordset1['qty']; ?></p>
<p>VAR DUMP<br /><?php echo var_dump($_SESSION) ?>
</p>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

Thanks

Joe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users