Ray
I really appreciate your help.
I made changes based on your suggestion and i must not be filtering properly.
I am getting this error
Parse error: syntax error, unexpected ';', expecting ',' or ')' in C:\vhosts\farrington-enterprises\rain-gutters.php on line 164
could you look at my code?
Here is code i used for setting fake variable
it is on line 2
<?php
$_POST['myfakevar'] = $row_rs_colors['items.item_colorID'];
?>
here is the recordset code
it starts on line 107
<?php do { ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$currentPage = $_SERVER["PHP_SELF"];
$maxRows_rs_itemscat3 = 10;
$pageNum_rs_itemscat3 = 0;
if (isset($_GET['pageNum_rs_itemscat3'])) {
$pageNum_rs_itemscat3 = $_GET['pageNum_rs_itemscat3'];
}
$startRow_rs_itemscat3 = $pageNum_rs_itemscat3 * $maxRows_rs_itemscat3;
mysql_select_db($database_connstore, $connstore);
$query_rs_itemscat3 = "SELECT * FROM items WHERE items.itemCatID = 3 ORDER BY itemName ASC";
$query_limit_rs_itemscat3 = sprintf("%s LIMIT %d, %d", $query_rs_itemscat3, $startRow_rs_itemscat3, $maxRows_rs_itemscat3);
$rs_itemscat3 = mysql_query($query_limit_rs_itemscat3, $connstore) or die(mysql_error());
$row_rs_itemscat3 = mysql_fetch_assoc($rs_itemscat3);
if (isset($_GET['totalRows_rs_itemscat3'])) {
$totalRows_rs_itemscat3 = $_GET['totalRows_rs_itemscat3'];
} else {
$all_rs_itemscat3 = mysql_query($query_rs_itemscat3);
$totalRows_rs_itemscat3 = mysql_num_rows($all_rs_itemscat3);
}
$totalPages_rs_itemscat3 = ceil($totalRows_rs_itemscat3/$maxRows_rs_itemscat3)-1;
//this is line 162
$myfakevar_rs_colors = "-1";
if (isset($_POST['myfakevar'];)) {
$myfakevar_rs_colors = (get_magic_quotes_gpc()) ? $_POST['myfakevar']; : addslashes($_POST['myfakevar'];);
}
mysql_select_db($database_connstore, $connstore);
$query_rs_colors = sprintf("SELECT * FROM color_lookup, colors, items WHERE color_lookup.item_colorID = %s", GetSQLValueString($myfakevar_rs_colors, "int"));
$rs_colors = mysql_query($query_rs_colors, $connstore) or die(mysql_error());
$row_rs_colors = mysql_fetch_assoc($rs_colors);
$totalRows_rs_colors = mysql_num_rows($rs_colors);
$queryString_rs_itemscat3 = "";
if (!empty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_rs_itemscat3") == false &&
stristr($param, "totalRows_rs_itemscat3") == false) {
array_push($newParams, $param);
}
}
if (count($newParams) != 0) {
$queryString_rs_itemscat3 = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_rs_itemscat3 = sprintf("&totalRows_rs_itemscat3=%d%s", $totalRows_rs_itemscat3, $queryString_rs_itemscat3);
?>
<table width="90%" cellpadding="10" id="products">
<tr>
<td width="30%"><img src="<?php echo $row_rs_itemscat3['itemThumb']; ?>" /></td>
<td align="left" width="40%" valign="top"><h1><?php echo $row_rs_itemscat3['itemName']; ?></h1><br />
<br /><h2><?php echo $row_rs_itemscat3['itemShortDesc']; ?></h2><br />
<br /><?php echo $row_rs_itemscat3['itemLongDesc']; ?></td>
<td width="30%"> </td>
</tr>
<tr>
<td>
<form id="form1" method="post" action="">
<p>Choose Color:
<select name="colors" id="colors">
<?php
do {
?>
<option value="<?php echo $row_rs_colors['color']?>"><?php echo $row_rs_colors['color']?></option>
<?php
} while ($row_rs_colors = mysql_fetch_assoc($rs_colors));
$rows = mysql_num_rows($rs_colors);
if($rows > 0) {
mysql_data_seek($rs_colors, 0);
$row_rs_colors = mysql_fetch_assoc($rs_colors);
}
?>
</select>
</p>
</form></td>
<td align="left"></td>
<td><h1>$<?php echo $row_rs_itemscat3['itemPrice']; ?></h1></td>
</tr>
</table>
<?php } while ($row_rs_itemscat3 = mysql_fetch_assoc($rs_itemscat3)); ?>
<p> </p>
</div>
<br class="clearFloat" />
</div>
<div id="footer">Footer</div>
</div>
</body>
</html>
<?php
mysql_free_result($rs_itemscat3);
mysql_free_result($rs_colors);
?>