Hello, what i am trying to do is to pass a product ID from a recordset finds it by a group of commands (tested and worked) using a session (fails) it works fine if i just put pure numbers in but as soon as a variable is entered into the prodid session variable it forks up. any help would be appriciated [b]Page one:[/b] [code]<?php require_once('../Connections/legz11.php'); ?> <?php function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue; switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) { $insertSQL = sprintf("INSERT INTO Ordernew (ProductID1, qty) VALUES (%s, %s)", GetSQLValueString($_POST['proid'], "text"), GetSQLValueString($_POST['qty'], "text")); mysql_select_db($database_legz11, $legz11); $Result1 = mysql_query($insertSQL, $legz11) or die(mysql_error()); $insertGoTo = "basketcollect2.php"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } $colname_Recordset1 = "-1"; if (isset($_POST['Product'])) { $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['Product'] : addslashes($_POST['Product']); } $col2_Recordset1 = "-1"; if (isset($_POST['size'])) { $col2_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['size'] : addslashes($_POST['size']); } $col3_Recordset1 = "-1"; if (isset($_POST['colour'])) { $col3_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['colour'] : addslashes($_POST['colour']); } mysql_select_db($database_legz11, $legz11); $query_Recordset1 = sprintf("SELECT * FROM Productsnew WHERE Productname = '%s' AND Productsnew.Availablesizes = '%s' AND Productsnew.Availablecolours = '%s'", $colname_Recordset1,$col2_Recordset1,$col3_Recordset1); $Recordset1 = mysql_query($query_Recordset1, $legz11) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?> <?php session_start(); $_SESSION['id'] = mysql_insert_id(); $_SESSION['proid'] = $row_Recordset1['proid']; $_SESSION['qty'] = $_POST['qty']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <form id="form" name="form" method="POST" action="<?php echo $editFormAction; ?>"> <label> <input name="proid" type="hidden" id="proid" value="<?php echo $row_Recordset1['proid']; ?>" /> <input name="qty" type="hidden" id="qty" value="<?php echo $_POST['qty']; ?>" /> <input name="id" type="hidden" id="id" value="<?php echo mysql_insert_id(); ?>" /> </label> <meta http-equiv="Refresh" content="1;URL=javascript:document.form.submit()" /> <input type="hidden" name="MM_insert" value="form"> </form> <p><strong>Debug mode</strong></p> <p><?php echo $row_Recordset1['proid']; ?></p> </body> </html> <?php mysql_free_result($Recordset1); ?>[/code] [b]Page 2 [/b] [code]<?php require_once('../Connections/legz11.php'); ?> <?php $colname_Recordset1 = "-1"; if (isset($_SESSION['id'])) { $colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['id'] : addslashes($_SESSION['id']); } mysql_select_db($database_legz11, $legz11); $query_Recordset1 = sprintf("SELECT * FROM Ordernew WHERE Legzid = %s", $colname_Recordset1); $Recordset1 = mysql_query($query_Recordset1, $legz11) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1); $totalRows_Recordset1 = mysql_num_rows($Recordset1); ?> <?php session_start(); $_SESSION['proid']; $_SESSION['id']; $_SESSION['qty']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <form action="basket.php" method="get" name="form"> <input name="proid" type="hidden" value="<?php echo $_SESSION['proid']; ?>" /> <input name="qty" type="hidden" value="<?php echo $_SESSION['qty']; ?>" /> <meta http-equiv="Refresh" content="1;URL=javascript:document.form.submit()" /> </form> <p><strong>Debug mode</strong> <br /> qty = <?php echo $_SESSION['qty']; ?><br /> proid = <?php echo $_SESSION['proid']; ?></p> <p>session id = <b><?php echo $_SESSION['id']; ?></p> <p>proid <?php echo $row_Recordset1['ProductID1']; ?> qty <?php echo $row_Recordset1['qty']; ?></p> <p>VAR DUMP<br /><?php echo var_dump($_SESSION) ?> </p> </body> </html> <?php mysql_free_result($Recordset1); ?> [/code] Thanks Joe