Hi all, i decided to try and make a php shopping cart with sessions and manged to do so with the help of online turorials and references. However, i decided to try and pass over multiple items form a table, but i must have gone wrong somewhere, as some of them work and others don't! The ones that work display the cart, quantity and price, the others display a blank screen with no error messages
I pass over the id's using the following code;
<td>$row[product_1_name]</td> <td><a href='cart.php?action=add&id=".$row['id1']."'>BUY</a></td> <td>$row[product_2_name]</td> <td><a href='cart.php?action=add&id=".$row['id2']."'>BUY</a></td>
My cart code then GETs the id's using;
$product_id = $_GET[id]; $product_id = mysql_real_escape_string($product_id); $action = $_GET[action]; $action = mysql_real_escape_string($action);
Is this correct? This is my first attempt at security issues.
To display the contents i am using the following query;
$query = sprintf("SELECT * FROM products_table WHERE product_number = '%s';",$product_id); $result = mysql_query($query)or die(mysql_error()); $num = mysql_num_rows($result); //number of messages
Is this the best way to do this sort of thing? Any help or advice would be greatly appreciated. I can also provide the full code on request.
Edited by jpknoob: n/a