PHP Help Needed

[webstudio]

Hello Forum, please can someone help me solve this error in the code below, thanks

 

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\XAMPP\xampp\htdocs\testingSite\addtobasket.php on line 10

 

Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in C:\XAMPP\xampp\htdocs\testingSite\addtobasket.php on line 11

 

<?php

session_start();

 

require("db.php");

require("function.php");

 

$validid = pf_validate_number($_GET['id'], "redirect", $config_basedir);

$prodsql = "SELECT * FROM products WHERE id =" .$_GET['id'] . "'";

$prodres = mysql_query($prodsql);

$numrows = mysql_num_rows($prodres);

$prodrow = mysql_fetch_assoc($prodres);

 

if($numrows == 0)

{

header("Location: ". $config_basedir);

}

else

{

if($_POST['submit'])

{

if($_SESSION['SESS_ORDERNUM'])

{

$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES (" . $_SESSION['SESS_ORDERNUM'] . "," . $_GET['id'] . ","

. $_POST['amountBox'] .")";

mysql_query($itemsql);

}

else

{

if($_SESSION['SESSION_LOGGEDIN'])

{

$sql = "INSERT INTO orders(customer_id, registered, date) VALUES (" . $_SESSION['SESS_USERID'] . ", 1, NOW())";

mysql_query($sql);

session_register("SESS_ORDERNUM");

$_SESSION['SESS_ORDERNUM'] = mysql_insert_id();

 

$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES (" . $_SESSION['SESS_ORDERNUM'] .",". $_GET['id']

. "," . $_POST['amountBox'] . ")";

mysql_query($itemsql);

}

else

{

$sql = "INSERT INTO orders(registered, date, session) VALUES(" ."o, NOW(),'" . session_id() . "')";

mysql_query($sql);

session_registered("SESS_ORDERNUM");

$_SESSION['SESS_ORDERNUM'] = mysql_insert_id();

 

$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES(" . $_SESSION['SESS_ORDERNUM'] . "," .$_GET['id'] . ","

. $_POST['amountBox'] . ")";

 

mysql_query($itemsql);

}

}

 

$totalprice = $prodrow['price'] * $_POST['amountBox'];

 

$updsql = "UPDATE orders SET total + ". $totalprice . " WHERE id = " . $_SESSION['SESS_ORDERNUM'] . ";";

mysql_query($updres);

 

header("Location: " . $config_basedir . "showcart.php");

}

else

{

require("header.php");

 

echo "<form action='addtobasket.php?id=" .$_GET['id'] . "' method='POST'>";

echo "<table cellpadding='10'>";

 

echo "<tr>";

if(empty($prodrow['image'])) {

echo "<td><img src='./images.dummy.jpg' width='50' alt='" . $prodrow['name'] . "'></td>";

}

else

{

echo "<td><img src=' ./images/" . $prodrow['image'] . "' width='50' alt='" . $prodrow['name'] . "'></td>";

}

echo "<td>" . $prodrow['name'] ."</td>";

echo "<td>Select Quantity <select name='amountBox'>";

 

for($i=1;$i<=100;$i++)

{

echo "<option>" . $i . "</option>";

}

echo "</select></td>";

echo "<td><strong>£" . sprintf('%.2f', $prodrow['price']) . "</strong></td>";

echo "<td><input type='submit' name='submit' value='Add to basket'></td>";

echo "</tr>";

echo "</table>";

echo "<form>";

}

}

require("footer.php");

 

?>

[Rifts]

$prodsql = "SELECT * FROM products WHERE id =" .$_GET['id'] . "'";

to

$prodsql = " SELECT * FROM products WHERE id ='$_GET[id]'  ";

[trq]

$prodsql = "SELECT * FROM products WHERE id =" .$_GET['id'] . "'";

to

$prodsql = " SELECT * FROM products WHERE id ='$_GET[id]'  ";

 

Please. Integers do not need quotes, and even if they did, that is poor syntax.

 

$prodsql = " SELECT * FROM products WHERE id ='{$_GET['id']}'";

 

Complex variables (array & objects) should be surrounded by curly braces when within double quoted strings.

[webstudio]

Thank you for the quick response to my coding error, i have amended the script to what was advised i do not see the error any longer, but the page does not load anymore, am new to php and am following an example in practical  php and mysql by jono bacon. please below is the codes for the product.php and bar.php, thanks again.

 

products.php code

<?php

require ("db.php");
require("function.php");

$validid = pf_validate_number($_GET['id'], "redirect", $config_basedir);

require("header.php");

$prodcatsql = "SELECT * FROM products WHERE cat_id = '$_GET[id]'";
$prodcatres = mysql_query($prodcatsql);
$numrows = mysql_num_rows($prodcatres);

if($numrows == 0) 
{
echo "<h1>No Products</h1>";
echo "There is no products in this category.";
}
else {
echo "<table cellpadding='10'>";
while($prodrow = mysql_fetch_assoc($prodcatres)) {
echo "<tr>";
if(empty($prodrow[image])) {
echo "<td><img src='./images/dummy.jpg' alt='" . $prodrow[name] . "'></td>";
}
else {
echo "<td><img src='./images/" . $prodrow ['image'] ."' alt='" . $prodrow['name'] . "'></td>";
}
echo "<td>";
echo "<h2>" . $prodrow['name'] . "<h2>";
echo "<p>" . $prodrow['decsription'];
echo "<p><strong>OUR PRICE: £" . sprintf('%.2', $prodrow['price']) . "</strong>";
echo "<p>[<a href='addtobasket.php?id=" . $prodrow['id'] . "'>buy</a>]";
echo "</td>";
echo "</tr>";
}
echo "</table>";
}
require("footer.php");
?>

 

bar.php

<h1>Product categories</h1>
<ul>
<?php
$catsql = "SELECT * FROM categories;";
$catres = mysql_query($catsql);

while($catrow = mysql_fetch_assoc($catres))
{
echo "<li><a href='" . $config_basedir . "/products.php?id=" . $catrow[id] . "'>"
. $catrow[name] . "</a></li>";

}
?>
</ul>