Chrome issue

[7blake]

Hi, I'm not sure where the problem is here. Right now this site works fine in IE and FF, but then I try to load data from the database into the cart, it get's screwed up in Chroms and Safari.

 

FF loads

<img src="inventory_images/11.jpg" alt="Some item" id="11" class="cartImages" border="1">

While Chrome loads this

<img src="inventory_images/url(http://localhost/Online/inventory_images/11.jpg).jpg" alt="" id="url(http://localhost/Online/inventory_images/11.jpg)" class="cartImages" border="1">

From this

if(isset($_POST['miniCartRequest'])){
	include "/storescript/connect_to_mysql.php";	

	$cartOutput = "";
	$cartTotal = "";
	$product_name="";
	$price="";
	if(!isset($_SESSION['cart']) || count($_SESSION['cart'])<1){
		$cartOutput  = "<h2 align='center' style='color:white;'>Your cart is empty</h2>";
	}
	else {
		
	$i = 0;
		
		foreach($_SESSION['cart'] as $each_item){
			
			$item_id = $each_item['item_id'];
			$sql =  $mysqli->query("SELECT * FROM products WHERE id='$item_id' LIMIT 1");
			while($row = $sql->fetch_array()){
				$product_name = $row['product_name'];
				$price = $row['price'];
				$details = $row['details'];
				$size = $row['size'];
				
			}
			
			$pricetotal = $price*$each_item['quantity'];
			$cartTotal = $pricetotal + $cartTotal;
			
			setLocale(LC_ALL, 'en_GB.utf8', 'en_GB');
			$pricetotal = number_format($pricetotal, 2);
			$x = $i + 1;
		
                      $cartOutput .= "<img src='inventory_images/" . $item_id . ".jpg' alt='" . $product_name . "' id='" . $item_id . "' class='cartImages' border='1' />";
	
			$i++;
		}
		
		
	}
	echo $cartOutput;
}

Can I create an alternative line of code specificall for Chrome/safari to remove the excess characters?
And why exactly are they reading the files with the full source locations vs firefox reading only the local location?

It's completely unable to read the $product_name aswell. A bit strange, I take it those browsers process the specific information differently?

Edited January 5, 2015 by 7blake

[7blake]

Probably a stupid question. Just a bit unsure.. I wish they'd regulate primary "language" throughout their browsers. Though I guess no one wants to conform to the other, which is fair...

So what do I do? I can fix the URL issue with

 $item_id = str_replace("url(http://localhost/Online/inventory_images/", "", $item_id);
			 $item_id = str_replace(".jpg)", "", $item_id);

But this seems stupid. Why is it doing that? Is this normal?
And what is wrong with my $product_name... it's not registering

Edited January 5, 2015 by 7blake

[7blake]

For real? I had to put

 $item_id = str_replace("url(http://localhost/Online/inventory_images/", "", $item_id);
			 $item_id = str_replace(".jpg)", "", $item_id);

Into each one of my functions that called the ID from each item of the cart. Well, guess that solves that problem for now.

Edited January 5, 2015 by 7blake

[Jacques1]

No, it doesn't solve anything.

 

Obviously there's something very, very wrong with your application or server, because this url(...) stuff is actually present in the sessions. It does not come from the browser, because then you wouldn't be able to remove it with PHP.

 

I strongly recommend you figure out how the data got into the sessions. And you need to learn HTML-escaping.

[7blake]

Yar i found it. I was using javascripts .replace to clear the 'url(http://localhost/' portion earlier. But I had two quotes, so it was effectively doing what I wrote it to do.. nothing.

 

Thanks for the perk up. This had nothing to do with PHP, Ill ask a mod to delete or move this thread.

 

And Ill read your suggestion eventually. My heads a bit preoccupied at the moment. It looks simple, but vital if I intend to actually build sturdy secure infrastructure.
It's appriciated. Take care

Edited January 5, 2015 by 7blake