Jump to content

Possible SQL injection error?


Recommended Posts

2 different sections of code needed fixed for the cart to work correctly.


Firstly, the displaying of the cart was not selecting any of the items from the database that associated with the cart ID. It was re-written to select only the details needed to keep code to a minimum and also to be a lot cleaner with correct error debugging.


Secondly, the updating of the cart when the "Update" button was pressed. It was taking the long way around a short simple task, it was performing updates on items that hadn't changed quantities, it was re-written as follows:

- Quantities are changed to between 0-10 and update is submitted.

- Script checks to see which quantities have changed (if any).

- If there are changes to the quantities, the script selects which items have been changed.

- It then loops through all of the quantity changes and either removes the row (if the value is 0) or updates the row (i the values is 1 or more).

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.