I am trying to add pricing to an existing website database, but when I enter a price for an item, it removes it on its own.
Please assist me in finding the error? All the files and coding is that of a previous developer..
This is the only file with the price code i can find... The disp.php file...
<?php
if (!isset($_GET['lim'])) {
$_GET['lim'] = 0;
} // end if
if (isset($_GET['crit'])) {
echo "<h2>Searching: ".stripslashes($_GET['crit'])."</h2>\n";
} else {
echo "<h2>".stripslashes(get_cate($_GET['Category']))."</h2>\n";
} // end if
if (isset($_GET['Item'])) {
echo "<div style='background-color: #FFFFFF; position:relative;'>\n";
$query = "SELECT * FROM prod WHERE plink='".$_GET['Category']."' AND ptitl='".$_GET['Item']."'";
$result = mysql_query($query)
or die(mysql_error()."<br><b>error</b>: failed to execute query <i>$query</i>");
if ($myrow = mysql_fetch_array($result)) {
$path = "scripts/upload/img/";
$file = "prod_".$myrow['pseqn'].".jpg";
if (file_exists($path.$file)) {
$img = "<a href='".$path.$file."' rel='prettyPhoto'><img src='".$path."tn_".$file."' border='0' alt='' /></a>";
} else {
$img = "<div style='background-color: #FFFFFF; height: 110px; margin-left: 10px; width: 110px;'></div>";
} // end if
if (isset($_SESSION['web_user_id'])) {
$price = "R ".number_format($myrow['preta'], 6, '.', '')."<br />";
}
if (!empty($myrow['ppack'])) {
$pp = $myrow['ppack']." per pack";
} else {
$pp = "";
} // end if
echo "
<table border='0' cellpadding='0' cellspacing='0' width='100%'>
<tr>
<td align='center' height='130px' width='130px'>
".$img."
</td>
<td valign='top'>
<div style='height: 130px; position:relative; text-align:left;'>
<h3>".$myrow['ptitl']."</h3>
<br />
".$myrow['pdesc']."<br />
".$price."
".$pp."<br />
<div id='disp' style='bottom:10px; position:absolute; left: 10px;'>
Qty: <input id='i_qty' maxlength='3' name='i_qty' size='2' type='text' value='1' />
<a onclick=\"load_cart('Add',".$myrow['pseqn'].",document.getElementById('i_qty').value)\" style='cursor: pointer;'><img alt='' border='0' height='17px' src='images/add-to-cart.jpg' width='93px' /></a>
</div>
<div style='bottom:10px; position:absolute; right: 10px;'>
<a href='?page=Products&Category=".urlencode($myrow['plink'])."' title=''>> Back<!-- <img src='images/btn_back_acti.jpg' border='0' alt='' /> --></a>
</div>
</div>
</td>
</tr>
</table>\n";
} // end if
echo "
</div>\n";
} else {
if (isset($_GET['crit'])) {
$where_sql = "ptitl LIKE '%".$_GET['crit']."%' OR pdesc LIKE '%".$_GET['crit']."%'";
} else {
$where_sql = "plink='".$_GET['Category']."'";
} // end if
$querys = "SELECT * FROM prod WHERE ".$where_sql;
$results = mysql_query($querys)
or die(mysql_error()."<br><b>error</b>: failed to execute query <i>$querys</i>");
$max_rec = mysql_num_rows($results);
$query = "SELECT * FROM prod WHERE ".$where_sql." LIMIT ".$_GET['lim'].",5";
$result = mysql_query($query)
or die(mysql_error()."<br><b>error</b>: failed to execute query <i>$query</i>");
if ($myrow = mysql_fetch_array($result)) {
$f = true;
echo "<div style='background-color: #FFFFFF; position:relative;'>
<table border='0' cellpadding='20' cellspacing='20' width='100%'>\n";
do {
if ($f) {
$f=false;
} else {
echo " <tr><td colspan='2'><hr style='margin: 10px;' /></td></tr>\n";
} // end if
$path = "scripts/upload/img/";
$file = "prod_".$myrow['pseqn'].".jpg";
if (file_exists($path.$file)) {
$img = "<a href='".$path.$file."' rel='prettyPhoto'><img src='".$path."tn_".$file."' border='0' alt='' /></a>";
} else {
$img = "<div style='background-color: #FFFFFF; height: 110px; margin-left: 10px; width: 110px;'></div>";
} // end if
if (isset($_SESSION['web_user_id'])) {
$price = "R".number_format($myrow['preta'], 6, '.', '')."<br />";
}
if (!empty($myrow['ppack'])) {
$pp = $myrow['ppack']." per pack";
} else {
$pp = "";
} // end if
echo "
<tr>
<td align='center' height='130px' width='130px'>
".$img."
</td>
<td valign='top'>
<div style='height: 130px; position:relative; text-align:left;'>
<h3>".$myrow['ptitl']."</h3>
<br />
".$myrow['pdesc']."<br />
".$price."
".$pp."<br />
<div style='bottom:10px; position:absolute; right: 10px;'>
<a href='?page=Products&Category=".urlencode($myrow['plink'])."&Item=".urlencode($myrow['ptitl'])."' title=''><img src='images/details.jpg' border='0' alt=''></a>
</div>
</div>
</td>
</tr>\n";
} while($myrow = mysql_fetch_array($result));
echo "</table>
</div>\n";
} // end if
// ---------------------- page nav -- start
$nav = " <div style='clear: both; text-align: center; width: 100%;'>\n";
$calc = 0;
$rec_num = 5;
if (!empty($_GET['crit'])) {
$nav_disp = "page=Products&crit=".urlencode($_GET['crit']);
} else {
$nav_disp = "page=Products&Category=".urlencode(stripslashes($_GET['Category']));
} // end if
if ($_GET['lim']!=0) {
$_GET['lim'] = $_GET['lim'] - $rec_num;
$nav.= "<a href=\"?".$nav_disp."&lim=".$_GET['lim']."\" class='arrowLeft'>< prev page</a> | ";
$_GET['lim'] = $_GET['lim'] + $rec_num;
} else {
$nav.= " | ";
} // end if
$aot = 5;
for ($nav_cnt=0;$nav_cnt<$aot;$nav_cnt++) { // run $aot = {amount of times} only
$calc = (($_GET['lim']/$rec_num)+($rec_num/2))-$aot; // calculate if number is less than 0 default to 0
$calc = ceil($calc);
if ($calc<0)
$calc = 0;
$nav_dis = $nav_cnt + 1 + $calc;
if ($_GET['lim']==(($nav_dis*$rec_num)-$rec_num)) {
$nav.= "<a href=\"?".$nav_disp."&lim=".(($nav_dis*$rec_num)-$rec_num)."\"> <font color='red'>".$nav_dis." Page </font></a> | ";
} else {
$nav.= "<a href=\"?".$nav_disp."&lim=".(($nav_dis*$rec_num)-$rec_num)."\"> ".$nav_dis." Page </a> | ";
} // end if
if ($max_rec<=($rec_num*$nav_dis)) {
break;
} // end if
} // end for
$_GET['lim'] = $_GET['lim'] + $rec_num;
if ($max_rec>$_GET['lim']) {
$nav.= "<a href=\"?".$nav_disp."&lim=".$_GET['lim']."\" class='arrowRight'>next page ></a>";
} // end if
$_GET['lim'] = $_GET['lim'] - $rec_num;
$nav.= "\n </div>\n";
// ---------------------- page nav -- end
echo "<p style='padding: 10px;'>".$nav."</p>\n";
} // end if
?>