Jump to content

Recommended Posts

Hi guys, 

 

New to both this forum and to php in general so any help is very much appreciated! My college project depends on it  :happy-04:

 

I am following what seems to be a fairly common php tutorial online and I have come across several errors which I have managed to fix but I have been stuck for the best part of 2 days on this issue and I cannot for the life of me figure out why it is not working. The issue revolved around the addtobasket function working when a user is logged in but not working when he is logged out.

 

if(isset($_SESSION['SESS_LOGGEDIN']))
{
$sql = "INSERT INTO orders(customer_id,registered, date) VALUES(". $_SESSION['SESS_USERID'] . ", 1, NOW())";
mysqli_query($db, $sql) or die(mysql_error());
$_SESSION['SESS_ORDERNUM'] = mysql_insert_id();
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES(". $_SESSION['SESS_ORDERNUM']. ", " . $_GET['id'] . ", ". $_POST['amountBox'] . ")";
mysqli_query($db, $itemsql) or die(mysql_error());
}

 

In the above code, when the user is logged in everything works fine. The ORDERS table and ORDERITEMS table are both written to as expected.

 

However when a user is not logged in the ORDERITEMS table is not written to properly.

else
{
$sql = "INSERT INTO orders(registered, date, session) VALUES(". "0, NOW(), '" . session_id() . "')";
mysqli_query($db, $sql) or die(mysql_error());
$_SESSION['SESS_ORDERNUM'] = mysql_insert_id();
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES(". $_SESSION['SESS_ORDERNUM'] . ", " . $_GET['id'] . ", ". $_POST['amountBox'] . ")";
mysqli_query($db, $itemsql) or die(mysql_error());
}

 

I think the problem is with the $_SESSION['SESS_ORDERNUM'] = mysql_insert_id(); part of the query but I could be wrong. In this scenario, the query to the ORDERS table is fine, however the ORDERITEMS table does not pick up the order_id from the ORDERS table and leads to errors when trying to view the basket - i.e. it just tells me that there are no items added to the basket. 

 

I've attached the full php file. Any help much appreciated.

addtobasket.php

Edited by mugenheimer
Link to comment
https://forums.phpfreaks.com/topic/296061-shopping-cart-session-issues/
Share on other sites

some suggestions that will help you -

 

1) set php's error_reporting to E_ALL and display_errors to ON in the php.ini on your development system to get php to help you by reporting and displaying all the errors it detects. you will save a ton of time.

 

2) all the database statements must be from the same library of functions. use all mysqli_ statements. the mysql_error() and mysql_insert_id() statements you have now are not working and are probably throwing php errors (see item #1 in this list.)

 

3) DRY - (Don't Repeat Yourself). you should not repeat code. factor out the common code and only put the code/data that's different in the conditional statement. this will result in less code that you have to type, test, and change.

 

4) don't store the cart total in a database table. this is derived information and should be calculated when needed.

 

5) all external data cannot be trusted and can be anything. external values you put into any sql query statement must be handled correctly to prevent sql injection and to prevent sql errors if the data contains sql special characters.

 

edit:

6) the semi-colon ; does not need to be on the end of sql query statements.

 

7) you can put php variables inside a double-quoted php string without using concatenation. this will result in less typing and typo errors. associative array variables used this way need to be enclosed in - { } inside the string.

 

8) all of your add to cart processing code should inside the if(isset($_POST['submit'])){ ... } conditional. If the form hasn't been submitted, there's no point in running any of the processing code.

 

once you complete items #1 and #2, you will likely be getting meaningful errors that will point to why the query is not working.

Edited by mac_gyver
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.