Question
I need help inputting the values from $_SESSION to the database, i get no errors but nothing is added to the database table. please help
Here are my codes.
https://stackoverflow.com/questions/22178261
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<?php
session_start();
$conn = @mysql_connect("localhost","root","12148qx3er");
$db = @mysql_select_db("buybranded");
include("includes/functions.php");
mysql_set_charset("UTF8");
if(isset($_REQUEST['command']) && $_REQUEST['command']=='update'){
$first_name=$_SESSION['first_name'];
$email=$_SESSION['email'];
$home_address=$_SESSION['home_address'];
$mobile_number=$_SESSION['mobile_number'];
$result=mysql_query("insert into customers(name,email,address,phone) values('','$first_name','$email','$home_address','$mobile_number')");
$customerid=mysql_insert_id();
$date=date('Y-m-d');
$result=mysql_query("insert into orders values('','$date','$customerid')");
$orderid=mysql_insert_id();
$max=count($_SESSION['cart']);
for($i=0;$i<$max;$i++){
$pid=$_SESSION['cart'][$i]['productid'];
$q=$_SESSION['cart'][$i]['qty'];
$price=get_price($pid);
mysql_query("insert into order_detail values ($orderid,$pid,$q,$price)");
}
die('Thank You! your order has been placed!');
}
?>
Here is the checklogin.php where i place the values of $_SESSION.
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="12148qx3er"; // Mysql password
$db_name="buybranded"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$email=$_POST['email'];
$password=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$email = stripslashes($email);
$password = stripslashes($password);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM $tbl_name WHERE email='$email' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_start();
$_SESSION["email"] = $email;
$_SESSION["password"] = $password;
$_SESSION["first_name"] = $first_name;
$_SESSION["middle_name"] = $middle_name;
$_SESSION["last_name"] = $last_name;
$_SESSION["gender"] = $gender;
$_SESSION["birth_date"] = $birth_date;
$_SESSION["home_address"] = $home_address;
$_SESSION["mobile_number"] = $mobile_number;
$_SESSION["home_phone"] = $home_phone;
$_SESSION["postal_code"] = $postal_code;
$_SESSION["city"] = $city;
$_SESSION["province"] = $province;
while($row = mysql_fetch_array($result)){
//remove this line ******header("location:customer_home.php");
if($row['type'] == 'admin'){
header("location: admin.php");
} else if($row['type'] == 'customer'){
header("location: customer_home.php");
}
}
}
else {
header('refresh: 0.1; url=sign-in.php');
$message = "Invalid Email or Password, Redirecting..";
die("<script type='text/javascript'>alert('$message');</script>"); // To prevent evil people manipulating the page, kill the script using die.
}
?>
No correct solution
OTHER TIPS
On what looks like line 14 (this one:)
$result=mysql_query("insert into customers(name,email,address,phone) values('','$first_name','$email','$home_address','$mobile_number')");
you have 5 values listed when you are only inserting into 4 columns. Removing the empty string for the first value should help match it up. perhaps a query error and not a session issue?
Try this, wrap ' in $price and $q column values
"insert into order_detail values ($orderid,$pid,'$q','$price')"
instead of
"insert into order_detail values ($orderid,$pid,$q,$price)"
Also, column count mismatched
$result=mysql_query("insert into customers(name,email,address,phone) values('$first_name','$email','$home_address','$mobile_number')");
instead of
$result=mysql_query("insert into customers(name,email,address,phone) values('','$first_name','$email','$home_address','$mobile_number')");
