Thanks Jason. That worked because my userID session is actually set as the user's email address. (Again, I purchased the DataAssist and SecurityAssist AFTER I had already purchased ecart.) It is now storing the username (email) of the person who logged in into the UserID column. HOWEVER, after following the step by step directions and completing all pages correctly, it is now displaying ALL orders for everyone, not just for that specific user. Any suggestions on what might be happening? I have a attached a screenshot of my recordset and I have pasted the code for the session here. Please advise why when I am following the tutorial, it still will not work? Thanks for your help!
<?php
// WA eCart Store Cart Summary in Db
if (($_SERVER["REQUEST_METHOD"] == "POST") && (isset($_SERVER["HTTP_REFERER"]) && strpos(urldecode($_SERVER["HTTP_REFERER"]), urldecode($_SERVER["SERVER_NAME"].$_SERVER["PHP_SELF"])) > 0) && isset($_POST)) // Trigger
{
$WA_connection = $rsmyconnect;
$WA_table = "orders";
$WA_redirectURL = "";
$WA_indexField = "OrderId";
$WA_fieldNamesStr = "OrderReferenceId|OrderVisitorID|OrderDeptCode|OrderShipping|OrderTax|OrderTotal|OrderCompany|OrderShipAddress1|OrderShipAddress2|OrderShipCity|OrderShipStateId|OrderShipZip|OrderShipCountryId|OrderUserID";
$WA_fieldValuesStr = "".session_id() ."" . "|" . "".$_SESSION['eCartCheckoutForm_email'] ."" . "|" . "".$ecart1->GetTax() ."" . "|" . "".$ecart1->GetShipping() ."" . "|" . "".$ecart1->GrandTotal() ."" . "|" . "".((isset($_POST["deptcode"]))?$_POST["deptcode"]:"") ."" . "|" . "".((isset($_POST["shipping_company"]))?$_POST["shipping_company"]:"") ."" . "|" . "".((isset($_POST["shipping_street1"]))?$_POST["shipping_street1"]:"") ."" . "|" . "".((isset($_POST["shipping_street2"]))?$_POST["shipping_street2"]:"") ."" . "|" . "".((isset($_POST["shipping_city"]))?$_POST["shipping_city"]:"") ."" . "|" . "".((isset($_POST["shipping_state_province"]))?$_POST["shipping_state_province"]:"") ."" . "|" . "".((isset($_POST["shipping_postcode"]))?$_POST["shipping_postcode"]:"") ."" . "|" . "".((isset($_POST["shipping_country"]))?$_POST["shipping_country"]:"") ."" . "|" . "".$_SESSION['MM_Username'] ."";
$WA_columnTypesStr = "',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''";
$WA_sessionName = "ecart1_OrderID";
$WA_Sql = "";
$NeedInsert = false;
$indexFieldIndex = -1;
$WA_fieldValues = explode("|", $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
$WA_connectionDB = $database_rsmyconnect;
$updateFieldValue = "";
mysql_select_db($WA_connectionDB, $WA_connection);
if (!session_id()) session_start();
if ($WA_redirectURL != "" && isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] !== "" && sizeof($_POST) > 0) {
$WA_redirectURL .= ((strpos('?', $WA_redirectURL) === false)?"?":"&").$_SERVER["QUERY_STRING"];
}
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
for ($i = 0; $i < sizeof($WA_fieldNames); $i++)
{
if ($WA_indexField == $WA_fieldNames[$i])
{
$indexFieldIndex = $i;
break;
}
}
$deleteFieldValue = "";
$updateColType = "none,none,NULL";
if ($indexFieldIndex >= 0) $updateFieldValue = $WA_fieldValues[$indexFieldIndex];
if ($updateFieldValue == "" && isset($_SESSION[$WA_sessionName])) $updateFieldValue = $_SESSION[$WA_sessionName];
if ($indexFieldIndex >= 0) $updateColType = $WA_columns[$indexFieldIndex];
if ($updateFieldValue != "") {
$updateParamsObj = WA_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, $indexFieldIndex);
$valueForWhere = WA_generateInsertParams(array($WA_indexField), array($updateColType), array($updateFieldValue), -1);
$WA_Sql = "update " . $WA_table . " SET " . $updateParamsObj->WA_setValues . " where " . $WA_indexField . " = " . $valueForWhere->WA_dbValues;
$WA_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
$_SESSION[$WA_sessionName] = $updateFieldValue;
$result = mysql_query("SELECT * FROM " . $WA_table . " where " . $WA_indexField . " = " . $valueForWhere->WA_dbValues, $WA_connection);
$num_rows = mysql_num_rows($result);
$NeedInsert = (mysql_num_rows($result) === 0);
}
if ($updateFieldValue === "" || $NeedInsert) {
$updateFieldValue = "";
$insertParamsObj = WA_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WA_Sql = "insert into " . $WA_table . " (" . $insertParamsObj->WA_tableValues . ") values (" . $insertParamsObj->WA_dbValues . ")";
$WA_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
$_SESSION[$WA_sessionName] = mysql_insert_id();
}
if ($WA_redirectURL != "") {
header("Location: ".$WA_redirectURL); exit;
}
}
?>