0

My shopping cart is not completely working. The database connection is working and the products and their data show up in a table. However, I can't add anything to my cart. The shopping cart is consists of index.php, cart.php, products.php.

Index.php looks like this:

<?php

 error_reporting(E_ALL); ini_set('display_errors', 1);
 
 session_start();
 require("includes/connection.php");
 if(isset($_GET['page'])){
  
  $pages=array("products", "cart");
  
  if(in_array($_GET['page'], $pages)) {
   
   $_page=$_GET['page'];
   
  }else{
   
   $_page="products";
   
  }
  
 }else{
  
  $_page="products";
  
 }

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
 
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 <link rel="stylesheet" href="css/reset.css" />
 <link rel="stylesheet" href="css/style.css" />
 
 <title>Shopping Cart</title>
 

</head>

<body>
 
 <div id="container">

  <div id="main">
   
   <?php require($_page.".php"); ?>

  </div><!--end of main-->
  
  <div id="sidebar">
   <h1>Cart</h1>
   <?php
   
    if(isset($_SESSION['cart'])){
     
     $sql="SELECT * FROM products WHERE productCode IN (";
     
     foreach($_SESSION['cart'] as $id => $value) {
      $sql.=$id.",";
     }
     
     $sql=substr($sql, 0, -1).") ORDER BY productName ASC";
     $query=mysql_query($sql) or die(mysql_error());
     while($row=mysql_fetch_array($query)){
      
     ?>
      <p><?php echo $row['productName'] ?> x <?php echo $_SESSION['cart'][$row['productCode']]['quantity'] ?></p>
     <?php
      
     }
    ?>
     <hr />
     <a href="index.php?page=cart">Go to cart</a>
    <?php
     
    }else{
     
     echo "<p>Your Cart is empty. Please add some products.</p>";
     
    }
   
   ?>
   
  </div><!--end of sidebar-->

 </div><!--end container-->

</body>
</html>

Cart.php looks like this:

<?php

 error_reporting(E_ALL); ini_set('display_errors', 1);

 if(isset($_POST['submit'])){
  
  foreach($_POST['quantity'] as $key => $val) {
   if($val==0) {
    unset($_SESSION['cart'][$key]);
   }else{
    $_SESSION['cart'][$key]['quantity']=$val;
   }
  }
  
 }

?>

<h1>View cart</h1>
<a href="index.php?page=products">Go back to products page</a>
<form method="post" action="index.php?page=cart">
    
 <table>
     
  <tr>
      <th>Name</th>
      <th>Quantity</th>
      <th>Price</th>
      <th>Items Price</th>
  </tr>
  
  <?php
  
   $sql="SELECT * FROM products WHERE productCode IN (";
     
     foreach($_SESSION['cart'] as $id => $value) {
      $sql.=$id.",";
     }
     
     $sql=substr($sql, 0, -1).") ORDER BY productName ASC";
     $query=mysql_query($sql) or die(mysql_error());
     $totalprice=0;
     while($row=mysql_fetch_array($query)){
      $subtotal=$_SESSION['cart'][$row['productCode']]['quantity']*$row['buyPrice'];
      $totalprice+=$subtotal;
     ?>
      <tr>
          <td><?php echo $row['productName'] ?></td>
          <td><input type="text" name="quantity[<?php echo $row['productCode'] ?>]" size="5" value="<?php echo $_SESSION['cart'][$row['productCode']]['quantity'] ?>" /></td>
          <td><?php echo $row['buyPrice'] ?>$</td>
          <td><?php echo $_SESSION['cart'][$row['productCode']]['quantity']*$row['buyPrice'] ?>$</td>
      </tr>
     <?php
      
     }
  ?>
     <tr>
         <td>Total Price: <?php echo $totalprice ?></td>
     </tr>
  
 </table>
 <br />
 <button type="submit" name="submit">Update Cart</button>
</form>
<br />
<p>To remove an item set it's quantity to 0. </p>

And products.php looks like this:

<?php

 error_reporting(E_ALL); ini_set('display_errors', 1);

 if(isset($_GET['action']) && $_GET['action']=="add"){
  
  $id=intval($_GET['id']);
  
  if(isset($_SESSION['cart'][$id])){
   
   $_SESSION['cart'][$id]['quantity']++;
   
  }else{
   
   $sql_s="SELECT * FROM products
    WHERE productCode={$id}";
   $query_s=mysql_query($sql_s) or die(mysql_error());
   if(mysql_num_rows($query_s)!=0){
    $row_s=mysql_fetch_array($query_s);
    
    $_SESSION['cart'][$row_s['productCode']]=array(
      "quantity" => 1,
      "price" => $row_s['buyPrice']
     );
    
    
   }else{
    
    $message="This product id it's invalid!";
    
   }
   
  }
  
 }

?>
 <h1>Product List</h1>
 <?php
  if(isset($message)){
   echo "<h2>$message</h2>";
  }
 ?>
   <table>
       <tr>
           <th>Name</th>
           <th>Description</th>
           <th>Price</th>
           <th>Action</th>
       </tr>
       
    <?php
    
     $sql="SELECT * FROM products ORDER BY productName ASC";
     $query=mysql_query($sql) or die(mysql_error());
     
     while ($row=mysql_fetch_array($query)) {
      
    ?>
      <tr>
          <td><?php echo $row['productName'] ?></td>
          <td><?php echo $row['productDescription'] ?></td>
          <td><?php echo $row['buyPrice'] ?>$</td>
          <td><a href="index.php?page=products&action=add&id=<?php echo $row['productCode'] ?>">Add to cart</a></td>
      </tr>
    <?php
      
     }
    
    ?>
       
   </table>

I turned error reporting on and I'm getting the following error:

Unknown column 'S10_1678' in 'where clause'

The table 'products' in my database looks like this: https://i.stack.imgur.com/KrB8a.png

In my opinion everything in the code is correct, but what is going wrong here?

Jesper Provoost
  • 67
  • 1
  • 9
  • Is `S10_1678` a `productCode`? If yes, the you need to quote your `productCode` vars in all your queries, as that is a string and without quotes mysql will treat the value as a literal and will look for a column with that name. - ie. `$sql.= "'".$id."',";` && `...WHERE productCode='{$id}'";` – Sean May 12 '15 at 21:31

1 Answers1

0

Please try adding quotes to your sql statement around $id - I understand it is a string (productCode) in your case, like this:

foreach($_SESSION['cart'] as $id => $value) {
                        $sql.="'".$id."',";
                    }
Anastasia Sitnina
  • 551
  • 8
  • 24