Home/ Questions/Q 7794787
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T22:52:38+00:00

This code really made me confused. The first and second time I ran it,

  • 0

This code really made me confused.
The first and second time I ran it, it worked perfectly but after that it stopped working

Let me explain it:

I work with 2 tables.
The first table I insert to it the current date, current time and the id of the user the id I take it from the session.
Which I believe works fine.

My problem is in the second table the error I get is the error i typed in the ” print ” after the second insert.

this is my code :

session_start();

//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['con_id'])) {
    header("location: login.html");
    exit();
}



$DB_USER ='root';
$DB_PASSWORD='';
$DB_DATABASE='';

$con= mysql_connect($DB_HOST ,$DB_USER , $DB_PASSWORD);
if (!$con) {
    die('Failed to connect to server :'.mysql_error());
}

$db=mysql_select_db($DB_DATABASE);
if (!$db) {
    die("unable to select database");
}


//first table   
$qry="insert into shipment values('',NOW(),CURTIME(),'".$_SESSION['con_id']."');";
$resultop=mysql_query($qry);
//to take the id frome last insert because i need it in the second insert 
$SNo=mysql_insert_id();

if ($resultop) {
$options=$_POST['op'];//this is the name of the check boxe's 
if (empty($options)) {
    header("location: manage_itemsE.php");} 

    // this is the second table .. my reaaal problem 
    $qun=$_POST['Quantit'];
    $size =count($options);

    for ($i =0; $i<$size; $i++) {
        $qqry="insert into shipmentquantity values('".$options[$i]."','".$SNo."','".$qun[$i]."');"; // $options is array of the id's which i took from the checkbox's in the html ... $qun is array of the values i took form html ... i sure this is right ;)
        $resultqun=mysql_query($qqry);
    }

    if ($resultqun) {
        header("location: shipment_order.php");
    }
        else print "error in the Quantity";
}


else print "error in the shipmet";
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Just add some debug statements to find out what is going wrong. Something like – 

    $resultqun = mysql_query($qqry) or print mysql_error();

    You need to do some reading about SQL injection as this script is vulnerable. Checkout these pages on the use of prepared statements – PDO::prepare and mysqli::prepare

    UPDATE – here is an example using PDO to interact with your db –

    <?php
session_start();

//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['con_id'])) {
    header("location: login.html");
    exit();
}

$DB_USER ='root';
$DB_PASSWORD='';
$DB_DATABASE='';

$db = new PDO("mysql:dbname=$DB_DATABASE;host=127.0.0.1", $DB_USER, $DB_PASSWORD);

//first table
$qry = "INSERT INTO shipment VALUES(NULL, CURRENT_DATE, CURRENT_TIME, ?)";
$stmt = $db->prepare($qry);
$resultop = $stmt->execute(array($_SESSION['con_id']));

if(!$resultop){
    print $stmt->errorInfo();
} else {

    $SNo = $db->lastInsertId();

    $options = $_POST['op'];//this is the name of the check boxe's
    if (empty($options)) {
        header("location: manage_itemsE.php");
        exit;
    }

    // this is the second table .. my reaaal problem
    $qun = $_POST['Quantit'];
    $size = count($options);

    $stmt = $db->prepare("INSERT INTO shipmentquantity VALUES(?, ?, ?)");
    for($i = 0; $i < $size; $i++) {
        $resultqun = $stmt->execute(array($options[$i], $SNo, $qun[$i]));
    }

    if($resultqun) {
        header("location: shipment_order.php");
    } else {
        print $stmt->errorInfo();
    }

}
    • 0