Joe59101

Hello, what i am trying to do is to pass a product ID from a recordset finds it by a group of commands (tested and worked) using a session (fails) it works fine if i just put pure numbers in but as soon as a variable is entered into the prodid session variable it forks up. any help would be appriciated [b]Page one:[/b] [code]<?php require_once('../Connections/legz11.php'); ?> <?php function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {   $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;   switch ($theType) {     case "text":       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";       break;        case "long":     case "int":       $theValue = ($theValue != "") ? intval($theValue) : "NULL";       break;     case "double":       $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";       break;     case "date":       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";       break;     case "defined":       $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;       break;   }   return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) {   $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {   $insertSQL = sprintf("INSERT INTO Ordernew (ProductID1, qty) VALUES (%s, %s)",                       GetSQLValueString($_POST['proid'], "text"),                       GetSQLValueString($_POST['qty'], "text"));   mysql_select_db($database_legz11, $legz11);   $Result1 = mysql_query($insertSQL, $legz11) or die(mysql_error());   $insertGoTo = "basketcollect2.php";   if (isset($_SERVER['QUERY_STRING'])) {     $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";     $insertGoTo .= $_SERVER['QUERY_STRING'];   }   header(sprintf("Location: %s", $insertGoTo)); } $colname_Recordset1 = "-1"; if (isset($_POST['Product'])) {   $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['Product'] : addslashes($_POST['Product']); } $col2_Recordset1 = "-1"; if (isset($_POST['size'])) {   $col2_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['size'] : addslashes($_POST['size']); } $col3_Recordset1 = "-1"; if (isset($_POST['colour'])) {   $col3_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['colour'] : addslashes($_POST['colour']); } mysql_select_db($database_legz11, $legz11); $query_Recordset1 = sprintf("SELECT * FROM Productsnew WHERE Productname = '%s' AND Productsnew.Availablesizes = '%s' AND Productsnew.Availablecolours = '%s'", $colname_Recordset1,$col2_Recordset1,$col3_Recordset1); $Recordset1 = mysql_query($query_Recordset1, $legz11) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?> <?php session_start(); $_SESSION['id'] = mysql_insert_id(); $_SESSION['proid'] = $row_Recordset1['proid']; $_SESSION['qty'] = $_POST['qty']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <form id="form" name="form" method="POST" action="<?php echo $editFormAction; ?>">   <label>   <input name="proid" type="hidden" id="proid" value="<?php echo $row_Recordset1['proid']; ?>" />   <input name="qty" type="hidden" id="qty" value="<?php echo $_POST['qty']; ?>" />   <input name="id" type="hidden" id="id" value="<?php echo mysql_insert_id(); ?>" />   </label>   <meta http-equiv="Refresh" content="1;URL=javascript:document.form.submit()" />   <input type="hidden" name="MM_insert" value="form"> </form> <p><strong>Debug mode</strong></p> <p><?php echo $row_Recordset1['proid']; ?></p> </body> </html> <?php mysql_free_result($Recordset1); ?>[/code] [b]Page 2 [/b] [code]<?php require_once('../Connections/legz11.php'); ?> <?php $colname_Recordset1 = "-1"; if (isset($_SESSION['id'])) {   $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['id'] : addslashes($_SESSION['id']); } mysql_select_db($database_legz11, $legz11); $query_Recordset1 = sprintf("SELECT * FROM Ordernew WHERE Legzid = %s", $colname_Recordset1); $Recordset1 = mysql_query($query_Recordset1, $legz11) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?> <?php session_start(); $_SESSION['proid']; $_SESSION['id']; $_SESSION['qty']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <form action="basket.php" method="get" name="form"> <input name="proid" type="hidden" value="<?php echo $_SESSION['proid']; ?>" /> <input name="qty" type="hidden" value="<?php echo $_SESSION['qty']; ?>" /> <meta http-equiv="Refresh" content="1;URL=javascript:document.form.submit()" /> </form> <p><strong>Debug mode</strong> <br />   qty = <?php echo $_SESSION['qty']; ?><br /> proid = <?php echo $_SESSION['proid']; ?></p> <p>session id = <b><?php echo $_SESSION['id']; ?></p> <p>proid <?php echo $row_Recordset1['ProductID1']; ?> qty <?php echo $row_Recordset1['qty']; ?></p> <p>VAR DUMP<br /><?php echo var_dump($_SESSION) ?> </p> </body> </html> <?php mysql_free_result($Recordset1); ?> [/code] Thanks Joe