Jump to content

simple shopping cart - "expects parameter 1 to be..."


CherryLips

Recommended Posts

I think my cart is almost finished. I'm just getting this message when I try to change the quantity of an item in my shopping cart (the table is appearing empty):

 

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\skel\co_handler.php on line 24

 

I have attached the co_handler (checkout handler), the qty_handler and the checkout file.

 

I read in the FAQ's for this thread that this is because my query failed. This confuses me because it works in other aspects of my cart. I have been looking over the code and I'm lost. I think this might have something to do with my qty handler? Any insight on where to start for reconciling this issue would be much appreciated.

co_handler.php

qty_handler.php

checkout.php

Link to comment
Share on other sites

 

 

 read in the FAQ's for this thread that this is because my query failed.

To find out why it is failing your need to retrieve the error message from mysqli_error

 

Line 23 of co_handler.php

$result = mysqli_query($conn, $sql);
if(!$result)
    trigger_error('MySQL Error: ' . mysqli_error($conn), E_USER_ERROR);
Link to comment
Share on other sites

Hi,

 

there are several other issues in the code.

 

First of all, there's no security at all. You blindly trust the user input and insert it into your queries and your HTML markup. This can be used by attackers to manipulate your queries and steal arbitrary data from your database (e-mail addresses, password hashes etc.) or even take over the entire server. In addition to that, they can inject arbitrary JavaScript code into your page and, for example, steal the session IDs of your users to trick them into handing out their password.

 

Never trust user input. If you actually plan to build a shop, such carelessness will get you into serious trouble. But even if you do this just for fun, you need to starting thinking about security. Attackers won't spare your server just because you're new to PHP.

 

See this overview of common security vulnerabilities. In addition to that, you'll want to learn how to use MySQLi correctly.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.