my add to cart does not seem to work

[markthephpnoob]

Hello all, so I'm in sort of a pickle here. I've been using a php tutorial on Youtube and I got to a point where i have to add products to cart using a users IP address. So far I've got no error pop up or anything. The scripts I've typed out in my functions.php are working well no error. But when I get to adding products using the website, the page only blinks , no items are added to the cart database and even the script alert which I'd set to echo doesn't display. Can  you find a way to help me out of this?  Below is my code...

 

 function getRealIpUser(){
    
    switch(true){
            
            case(!empty($_SERVER['HTTP_X_REAL_IP'])) : return $_SERVER['HTTP_X_REAL_IP'];
            case(!empty($_SERVER['HTTP_CLIENT_IP'])) : return $_SERVER['HTTP_CLIENT_IP'];
            case(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) : return $_SERVER['HTTP_X_FORWARDED_FOR'];
            
            default : return $_SERVER['REMOTE_ADDR'];
            
    }
    
}


  function add_cart(){

    global $db;

    if (isset($_GET['add_cart'])) {
      
      $ip_add =getRealIpUser();

      $p_id = $_GET['add_cart'];

      $product_qty = $_POST['product_qty'];

      $product_size = $_POST['product_size'];

      $check_product = "SELECT * FROM cart WHERE ip_add='$ip_add' AND p_id='$p_id'";

      $run_check = mysqli_query($db,$check_product);

      if (mysqli_num_rows($run_check)>0) {

       echo "<script>alert('This product has already added in cart')</script>";
       echo "<script>window.open('details.php?pro_id=$p_id','_self')</script>";
         
       } else {
        $query = "INSERT INTO cart (p_id,ip_add,qty,size) VALUES ('$p_id','$ip_add','$product_qty','$product_size')";

        $run_query = mysqli_query($db,$query);

         echo "<script>window.open('details.php?pro_id=$p_id','_self')</script>";
       }
    }
  }

I am using php 7 , Apache,  MySQL.... Any help will be much appreciated.
 

 

[ginerjm]

Try using proper coding practices such as checking the results of your query calls to be sure they ran.

PS - Why use JS to display your messages?  Simply echo the message out and avoid the extra layer of code. And instead of using JS to open a new window, why not simply use a header to redirect to THAT script?

Lastly (or firstly!) please use a prepared query instead of your current method of embedding user input values that need to be sanitized.

 

[gizmola]

I'm sorry but this is an idiotic approach to handling carts.  IP addresses are shared, sometimes en masse.  There is no way that a shopping cart should be based upon a user's IP address.

The IP address code is dumb.  

PHP has sessions built in, and they are easy to use and solve this problem.

I don't know where you found this tutorial, but it's apparently old, outdated, and has a number of poor and/or obsolete practices.  You know when you have code that requires global, this is php3 level sophistication. 

I'm also on the same bandwagon as most of the long time established developers who frequent phpfreaks, in being a firm proponent of the "use PDO, it's a better db API" camp.

It might help to let people know what you are trying to get out of this:  (learning exercise?, building a site for a small business or personal project?, homework?) as that might help people modulate their responses.

The obvious issue with the code you provided is that you didn't show us the code that actually calls add_cart() function, so it's anyone's guess why it isn't working, although ginerjm already pointed out the way you bypass potential db errors and assume your connections and queries are functioning.

[ginerjm]

OP - lest you think that you have woken some forum user who has nothing good to say to you let me point out that you couldn't be further from the truth.  Gizmola is a tried and true provider of much help for almost any topic.  Her/His response to you was more spot on than any 'real' answer could ever have been to you on this topic.  Re- read it and take it point by point as good advice in every way.

[gizmola]

Just to elaborate on my comment "The IP address code is dumb" that is beyond the matter of using an IP address to identify a user for the purposes of a shopping cart application.

If you look at the code it essentially degrades to REMOTE_ADDR, however, were this server to be behind a proxy or load balancer, the other variables being prioritized may very well degrade to any array.  The code does nothing to attempt to actually extract the user IP in that case.

There's more picking apart of the code, but there are just so many better examples and tutorials out there, not to mention frameworks and libraries you can build a robust shopping app out of.   For example, here's a Symfony4 based "simple cart" with unit tests, a nice UI, administration system, twig templates and solid basic "getting started" that even provides docker support -> https://github.com/krybc/cart