Jump to content

Apache upgrade stops PHP script working


Recommended Posts

Not sure if this is in the right area.


I have uploaded the script below to two sites with the same host, however one works and one doesn't, my host provider has said that the only difference is that the one that doesn't work has a more recent versionof Apache (2.4.4)


The code affected is below


function addToCart()
    // make sure the product id exist
    if (isset($_GET['p']) && (int)$_GET['p'] > 0) {
        $productId = (int)$_GET['p'];
    } else {
        header('Location: http://www.jasondoyleracing.com/shop');
    // does the product exist ?
    $sql = "SELECT pd_id, pd_qty
            FROM tbl_product
            WHERE pd_id = $productId";
    $result = dbQuery($sql);
    if (dbNumRows($result) != 1) {
        // the product doesn't exist
        header('Location: http://www.jasondoyleracing.com/shop/cart.php');
    // current session id
    $sid = session_id();
    // check if the product is already
    // in cart table for this session
    $sql = "SELECT pd_id
            FROM tbl_cart
            WHERE pd_id = $productId AND ct_session_id = '$sid'";
    $result = dbQuery($sql);
    if (dbNumRows($result) == 0) {
        // put the product in cart table
        $sql = "INSERT INTO tbl_cart (pd_id, ct_qty, ct_session_id, ct_date)
                VALUES ($productId, 1, '$sid', NOW())";
        $result = dbQuery($sql);
    } else {
        // update product quantity in cart table
        $sql = "UPDATE tbl_cart
                SET ct_qty = ct_qty + 1
                WHERE ct_session_id = '$sid' AND pd_id = $productId";        
        $result = dbQuery($sql);        
    // an extra job for us here is to remove abandoned carts.
    // right now the best option is to call this function here
    //header('Location: ' . $_SESSION['shop_return_url']);                


How do I make this compatible with with this particular Apache version.

Link to comment
Share on other sites

There is nothing in there that depends on a particular version of Apache. Odds are the provider is wrong and that there is a difference somewhere else.


What difference should you look for? It'll be much easier to tell if you can explain what "doesn't work" means. Because we can't read your mind.


[edit] Though you should fix one thing: if you redirect with a header() then you need to exit; or die; immediately after. Otherwise PHP will keep on executing your script.

Link to comment
Share on other sites

The error I am getting is

Notice: Undefined variable: productId in /home/sites/nickmorrisracing.com/public_html/shop/library/cart-functions.php on line 38 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND ct_session_id = 'pfp18kvfo13eresqibu4dl9dv2'' at line 3


However exactly the same page has been uploaded onto a different server on a different site and there are no errors.


I have added the exit at the end of each header();, it hasn't made a difference.

Link to comment
Share on other sites

Actually there always were those errors, you just weren't seeing them on the other server. The difference is that this new server is configured to show them.


Add those exit;s I was talking about.


And FYI you're open to SQL injection via $sid. Probably. I'd have to test to see if PHP rejects invalid SIDs.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.