Shopping cart help

[mr_badger]

I have done a shopping cart tutorial and everything works fine, but in the cart there is no update cart or delete items functions, I was wondering how easy and how can I do it using the code I have?

<?php require_once('Connections/conn.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO tblOrders (orderName, orderPhone, orderEmail, orderTotal) VALUES (%s, %s, %s, %s)",
                       GetSQLValueString($_POST['orderName'], "text"),
                       GetSQLValueString($_POST['orderPhone'], "text"),
                       GetSQLValueString($_POST['orderEmail'], "text"),
                       GetSQLValueString($_POST['orderTotal'], "double"));

  mysql_select_db($database_conn, $conn);
  $Result1 = mysql_query($insertSQL, $conn) or die(mysql_error());

  $orderID = mysql_insert_id();
  
  //get the cart details
  if (isset($_SESSION['cartGuid'])) {
    $varCartGuid_rsCart = (get_magic_quotes_gpc()) ? $_SESSION['cartGuid'] : addslashes($_SESSION['cartGuid']);
  }
  $query_rsCart = sprintf("SELECT * FROM tblCart, tblProducts WHERE tblProducts.productID = tblCart.productID  AND cartGuid =  '%s'", $varCartGuid_rsCart);
  $rsCart = mysql_query($query_rsCart, $conn) or die(mysql_error());
  $row_rsCart = mysql_fetch_assoc($rsCart);
  $totalRows_rsCart = mysql_num_rows($rsCart);
  do {
  	$sql = "INSERT INTO tblOrderProducts (productName, productPrice, productCode, productQuantity, productSubtotal, orderID) VALUES ('" . $row_rsCart['productName'] ."','" . $row_rsCart['productPrice'] ."','" . $row_rsCart['productCode'] ."'," . $row_rsCart['productQuantity'] .",'" .$row_rsCart['productPrice']*$row_rsCart['productQuantity'] ."'," . $orderID .")";

$Result2 = mysql_query($sql, $conn) or die(mysql_error());

  } while ($row_rsCart = mysql_fetch_assoc($rsCart));
  
  //delete the session
  
  $deleteSQL = "DELETE FROM tblCart WHERE cartGuid = '" . $_SESSION['cartGuid'] . "'";
  $Result3 = mysql_query($deleteSQL, $conn) or die(mysql_error());
  $_SESSION['cartGuid'] = '';
  
  $insertGoTo = "thankyou.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

$varCartGuid_rsCart = "1";
if (isset($_SESSION['cartGuid'])) {
  $varCartGuid_rsCart = (get_magic_quotes_gpc()) ? $_SESSION['cartGuid'] : addslashes($_SESSION['cartGuid']);
}
mysql_select_db($database_conn, $conn);
$query_rsCart = sprintf("SELECT * FROM tblCart, tblProducts WHERE tblProducts.productID = tblCart.productID  AND cartGuid =  '%s'", $varCartGuid_rsCart);
$rsCart = mysql_query($query_rsCart, $conn) or die(mysql_error());
$row_rsCart = mysql_fetch_assoc($rsCart);
$totalRows_rsCart = mysql_num_rows($rsCart);

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Your shopping cart</title>
<link href="styles.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h1>Your Shopping Cart</h1>
<table>
  <tr>
    <th scope="col">Product name </th>
    <th scope="col">Quantity</th>
    <th scope="col">Price</th>
<th scope="col">Subtotal</th>
  </tr>
  <?php
  $total = 0;
   do { ?>
    <tr>
      <td><?php echo $row_rsCart['productName']; ?></td>
      <td><?php echo $row_rsCart['productQuantity']; ?></td>
      <td>£<?php echo $row_rsCart['productPrice']; ?></td>
      <td>£<?php echo $row_rsCart['productPrice']*$row_rsCart['productQuantity']; ?></td>
    </tr>
<?php $total = $total+($row_rsCart['productPrice']*$row_rsCart['productQuantity']); ?>
    <?php } while ($row_rsCart = mysql_fetch_assoc($rsCart)); ?>
</table>
<p>Total price: <strong>£<?php echo $total; ?></strong> </p>
<p>Return to the <a href="products.php">products listing</a> or complete your details below to check out. </p>
<form name="form1" id="checkout" method="POST" action="<?php echo $editFormAction; ?>">
  <div><label for="orderName">Name</label>
  <input type="text" name="orderName" id="orderName" /></div>
  <div><label for="orderPhone">Phone number</label>
  <input type="text" name="orderPhone" id="orderPhone" /></div>
  <div><label for="orderEmail">Email</label>
  <input type="text" name="orderEmail" id="orderEmail" /></div>
  <input type="hidden" name="orderTotal" id="orderTotal" value="<?php echo $total; ?>" />
  <div><input type="submit" name="btnSubmit" value="Checkout" /></div>
  <input type="hidden" name="MM_insert" value="form1">
</form>

</body>
</html>
<?php
mysql_free_result($rsCart);
?>