Variable empty without reason

Question

I am developing a shopping cart system and everything is working perfectly, except for one thing.
Well, I use PHP SESSION to store the data for each product, including ID, name, price and quantity. All variables are correctly completed, unless the price variable. I do not know why! I use jQuery to fetch the values and send them to the page that will process them in the SESSION.
I will put the relevant parts of my code to facilitate. This is the content of my products.php:

<?php
        session_start();
?>
<html>
<body>
<?php
    $connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);

    $sql = "SELECT id, name, price FROM products ORDER BY id";
    $result = $connection->query($sql);

    if ($result->num_rows > 0)
    {
            echo "<table>";
            echo "  <tr>";
            echo "      <th>ID</th>";
            echo "      <th>NAME</th>";
            echo "      <th>PRICE</th>";
            echo "      <th>QUANTITY</th>";
            echo "  </tr>";
        while($row = $result->fetch_assoc())
        {
            echo "  <tr>";
            echo "      <td><div class='id-product'>". $row["id"]."</div></td>";
            echo "      <td><div class='name-product'>". $row["name"]."</div></td>";
            echo "      <td>&#36;<div class='price-product'>". $row["price"]."</div></td>";
            echo "      <form class='add'>";
            echo "      <td><input type='number' name='quantity' value='1' min='1'/></td>";
            echo "      <td><button type='submit'>Add</button></td>";
            echo "      </form>";
            echo "  </tr>";
        }
            echo "</table>";
    }

    $connection->close();
?>
<script>
$(document).ready(function()
{
    $('.add').on('submit', function()
    {
        var id = $(this).closest('tr').find('.id-product').text();
        var name = $(this).closest('tr').find('.name-product').text();
        var price = $(this).closest('tr').find('.price-product').val();
        var quantity = $(this).closest('tr').find('input').val();
        window.location.href = "add.php?id=" + id + "&name=" + name + "&price=" + price + "&quantity=" + quantity;
        return false;
    });
});
</script>
<body>
</html>

Now in add.php I have the following:

<?php
    session_start();

    $id = isset($_GET['id']) ? $_GET['id'] : "";
    $name = isset($_GET['name']) ? $_GET['name'] : "";
    $price = isset($_GET['price']) ? $_GET['price'] : "";
    $quantity = isset($_GET['quantity']) ? $_GET['quantity'] : "";

    $cart_item = array
    (
        'id' => $id,
        'name' => $name,
        'price' => $price,
        'quantity' => $quantity
    );

    if(!isset($_SESSION['cart']))
    {
        $_SESSION['cart'] = array();
    }

    if(array_key_exists($id, $_SESSION['cart']))
    {
        header('Location: products.php?action=exists&id=' . $id . '&name=' . $name);
    }
    else if($quantity <= 0)
    {
        header('Location: products.php?action=invalidquantity&id=' . $id . '&name=' . $name);
    }
    else    
    {
        $_SESSION['cart'][$id] = $cart_item;
        header('Location: products.php?action=added&id=' . $id . '&name=' . $name);
    }
?>

To show the products that exists in the SESSION, I use foreach in my page cart.php:

$total = 0;
foreach($_SESSION['cart'] as $id)
{
    echo "<tr>";
        echo "<td>{$id['name']}</td>";
        echo "<td>&#36;{$id['price']}</td>";
        echo "<td>{$id['quantity']}</td>";
        echo "<td>";
        echo "<a href='remove.php?id={$id['id']}&name={$id['name']}'>Remove</a>";
        echo "</td>";
    echo "</tr>";

    $total += ($id['price'] * $id['quantity']);
}

As I said earlier, I have returned the values of ID, name and quantity, but the price remains empty. What's wrong?

Try changing `var price = $(this).closest('tr').find('.price-product').val();` to `var price = $(this).closest('tr').find('.price-product').text();` and see what it does. — Eda190, Mar 28 '15 at 23:38
@Eda190 Well, I have to thank you and the author of the reply beneath 'cause both helped me solve the problem. I had tried what you suggested, by changing to `text`, but as I was using `&price` instead `&price=` this not worked. Changing to `text` and adding the signal to the `&price` it worked perfectly! Thanks both! — DotNet, Mar 28 '15 at 23:49
You're letting the client send the price to the server? You're letting the user choose the price. Doesn't sound like a great idea. — Rudie, Mar 28 '15 at 23:51
@DotNet Don't trust the client, ever, with anything. Everything that's sent TO the server, is suspect. Definitely the important stuff like money =) — Rudie, Mar 29 '15 at 00:00
@Rudie I had not thought about it, I thought there would be no problem because the variable value comes through a fixed text, but I just did a test here and found out that this can actually be changed. I will take the value direct from the database! Thank you! The problem is that I do not know how to do this via jQuery. — DotNet, Mar 29 '15 at 00:01
@DotNet jQuery shouldn't do anything. The client shoud send what the user picks: a product. In this case, `id` is enough. The server knows everything from that `id`. The less the client sends, the less the server has to verify/trust, the better. — Rudie, Mar 29 '15 at 00:02
@Rudie Nice, so I assume I'll have to remove the jQuery code that gets values of inside the div. I do not know how to catch them in the database with the logic of my code. The quantity must be obtained from the input, but the values can not be recorded in the same manner. I'm a little lost. — DotNet, Mar 29 '15 at 00:09
@DotNet Yes, "which product" and "how many" are things only the client knows. Send those. Use `
` and `` to send all of it. No need for jQuery. Give the form (elements) a sensible format. Like http://jsfiddle.net/rudiedirkx/q3ewLs4L/ — Rudie, Mar 29 '15 at 00:16
@Rudie The only problem I'm facing is about the quantity. I use a loop to show all the products that I retrieve from database so I can't get the value of input in the selected row without jQuery because all input fields have the same name. — DotNet, Mar 29 '15 at 03:32

score 3 · Answer 1 · answered Mar 28 '15 at 23:24

3

You're not setting the price right in your JS i believe.

 window.location.href = "add.php?id=" + id + "&name=" + name + "&price" + price + "&quantity=" + quantity;
        return false;

Should be

 window.location.href = "add.php?id=" + id + "&name=" + name + "&price=" + price + "&quantity=" + quantity;
        return false;

answered Mar 28 '15 at 23:24

chris85

23,846
7
34
51

Even after the addition of the signal remained the same. – DotNet Mar 28 '15 at 23:31
Run a `print_r` on the `GET` is it as expected? – chris85 Mar 29 '15 at 08:50

score 2 · Answer 2 · edited May 23 '17 at 12:15

2

See difference in jquery's .val and .text

Difference between val() and text()

try this:

var price = $(this).closest('tr').find('.price-product').text();

edited May 23 '17 at 12:15

Community

1
1

answered Mar 28 '15 at 23:42

user1269942

3,772
23
33

Variable empty without reason

2 Answers2