Hi all, i decided to try and make a php shopping cart with sessions and manged to do so with the help of online turorials and references. However, i decided to try and pass over multiple items form a table, but i must have gone wrong somewhere, as some of them work and others don't! The ones that work display the cart, quantity and price, the others display a blank screen with no error messages
I pass over the id's using the following code;
<td>$row[product_1_name]</td>
<td><a href='cart.php?action=add&id=".$row['id1']."'>BUY</a></td>
<td>$row[product_2_name]</td>
<td><a href='cart.php?action=add&id=".$row['id2']."'>BUY</a></td>
My cart code then GETs the id's using;
$product_id = $_GET[id];
$product_id = mysql_real_escape_string($product_id);
$action = $_GET[action];
$action = mysql_real_escape_string($action);
Is this correct? This is my first attempt at security issues.
To display the contents i am using the following query;
$query = sprintf("SELECT * FROM products_table WHERE product_number = '%s';",$product_id);
$result = mysql_query($query)or die(mysql_error());
$num = mysql_num_rows($result); //number of messages
Is this the best way to do this sort of thing? Any help or advice would be greatly appreciated. I can also provide the full code on request.