0

Here is the code

<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="description" content="PHP Shopping Cart Using Sessions" /> 
<meta name="keywords" content="shopping cart tutorial, shopping cart, php, sessions" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" media="all" href="/style/style.css" type="text/css" />
<title>Cart</title>


<?php
    include("header_1.php");
    include ("Connections/databse.php");
    include("header.php");
    include("heading.php");
?>


</head>
<body>
<div id='content'><div id='output'>

<?php

    $product_id = $_GET['id'] ;  //the product id from the URL 
    $action     = $_GET['action']; //the action from the URL 

    //if there is an product_id and that product_id doesn't exist display an error message
    if($product_id && !productExists($product_id)) {
        die("Error. Product Doesn't Exist");
    }

    switch($action) {   //decide what to do 

        case "add":
            $_SESSION['cart'][$product_id]++; //add one to the quantity of the product with id $product_id 
        break;

        case "remove":
            $_SESSION['cart'][$product_id]--; //remove one from the quantity of the product with id $product_id 
            if($_SESSION['cart'][$product_id] == 0) unset($_SESSION['cart'][$product_id]); //if the quantity is zero, remove it completely (using the 'unset' function) - otherwise is will show zero, then -1, -2 etc when the user keeps removing items. 
        break;

        case "empty":
            unset($_SESSION['cart']); //unset the whole cart, i.e. empty the cart. 
        break;

    }

?>


<?php    

    if(isset($_SESSION['cart'])) {  //if the cart isn't empty
        //show the cart

        echo "<table border=\"1\" padding=\"3\" width=\"100%\">";    //format the cart using a HTML table

            //iterate through the cart, the $product_id is the key and $quantity is the value
            foreach($_SESSION['cart'] as $product_id => $quantity) {    

                //get the name, description and price from the database - this will depend on your database implementation.
                //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
                $sql = sprintf("SELECT horse, text, price FROM database WHERE id = %d;",
                                $product_id); 

                $result = mysql_query($sql);

                //Only display the row if there is a product (though there should always be as we have already checked)
                if(mysql_num_rows($result) > 0) {

                    list($name, $description, $price) = mysql_fetch_row($result);




                    echo "<tr>";
                        //show this information in table cells
                        echo "<td align=\"center\">$name</td>";
                        //along with a 'remove' link next to the quantity - which links to this page, but with an action of remove, and the id of the current product
                        echo "<td align=\"center\">$price</td>";
                        echo "<td align=\"center\"> <a href=\"$_SERVER[PHP_SELF]?action=remove&id=$product_id\">Remove from shortlist</a></td>";

                    echo "</tr>";

                }

            }

            //show the total


            //show the empty cart link - which links to this page, but with an action of empty. A simple bit of javascript in the onlick event of the link asks the user for confirmation
            echo "<tr>";
                echo "<td colspan=\"3\" align=\"right\"><a href=\"$_SERVER[PHP_SELF]?action=empty\" onclick=\"return confirm('Are you sure?');\">Empty Cart</a></td>";
            echo "</tr>";        
        echo "</table>";



    }else{
        //otherwise tell the user they have no items in their cart
        echo "You have no items in your shortlist.";

    }

    //function to check if a product exists
    function productExists($product_id) {
            //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
            $sql = sprintf("SELECT * FROM database WHERE id = %d;",
                            $product_id); 

            return mysql_num_rows(mysql_query($sql)) > 0;
    }
?>

<a href="products_test.php">Continue Browsing</a>




</div></div>
 <?php include ("footer.php"); ?>
</body>
</html>

Works perfectly but when I go to the empty cart I get this message
Notice: Undefined index: id in /home/xxxx/public_html/cart_test.php on line 26

line 26 is

$product_id = $_GET['id'] ;

When I add something to the cart I get this message.
Notice: Undefined index: cart in /home/xxxx/public_html/cart_test.php on line 37

Notice: Undefined offset: 2361 in /home/xxxx/public_html/cart_test.php on line 37
line 37 is

$_SESSION['cart'][$product_id]++;

I'm thinking I have to do some kind of isset thing but everything I've tried so far just creates other errors.
Some suggestions would be appreciated.
Thanks

6
Contributors
13
Replies
47
Views
2 Years
Discussion Span
Last Post by matrixdevuk
Featured Replies
0

This should work:

If isset($_GET['id']){
        $productID = $_GET['id']
    }

What errors are you getting if you check the $_GET variable exists before calling it?

0

Sorry hericles how do I do that I'm a part timer here.

Tried your code and got the following error

Parse error: syntax error, unexpected 'isset' (T_ISSET), expecting '(' in /home/xxxxx/public_html/shortlist.php on line 29

0

Now I get a new error
Parse error: syntax error, unexpected '{' in /home/xxxx/public_html/shortlist.php on line 38

Edited by razar63: remove website reference

0

work through the code and correct all the definitions, as gabrielcastillo indicated
or check the existence of all appropriate variables at the start of the script, and output plain html if not set

sanitise the uri before using it, $_get variables are visible to the user, and can be selectively modified by malicious persons to create sql injection attacks
post is safer

0

Thanks matrixdevuk your suggestion did the trick.
Now what do I need to do with the $_SESSION clauses.
My new error is:
Notice: Undefined offset: 4394 in /home/xxxx/public_html/shortlist.php on line 49

Line 49 reads is the second line in this clause:

case "add":
            $_SESSION['cart'][$product_id]++; 
        break;
0

likely: you have reached the end of the database, and do not catch the limit as an error
ie there are 4393 items and it cannot find 4394 to add one to

0

Ok I've changed the code:

$_SESSION['cart'][$product_id]++;

to:

$_SESSION['cart'][$product_id] = (array_key_exists($product_id, $_SESSION['cart'])) ? $_SESSION['cart'][$product_id] +1 : 1;

No more error message !! and everything working fine.!!!

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.