function getMaxOrderId() { $maxid = 0; $query = "SELECT MAX(userID) from User;"; $result = mysql_query($query); if (noerror($result)) { $row = mysql_fetch_row($result); $maxid = $row[0]; } return $maxid; }
<body> <div class="container"> <h2>Results</h2> <p>These people are selling the book you are looking for:</p> <center> <?php $isbn = $_SESSION['isbn']; $q = "SELECT Sales.saleID, Sales.price, User.name, User.email, Product.title, Product.author, Product.edition, Product.ISBN, Product.bookCondition \n FROM Sales\n JOIN User\n ON Sales.userID = User.userID\n JOIN Product\n ON Sales.productID = Product.productID\n WHERE {$isbn}=Product.ISBN"; $result = mysql_query($q); //returning whats in the table if ($result == 0) { noerror($result); } if (noerror($result)) { $nf = mysql_num_fields($result); $nr = mysql_num_rows($result); echo "<div class=container>"; echo "<table class =table table-striped>"; echo "\n\t \t <th>Seller Name</th>\n <th>Seller Email</th>\n\t\t <th>Title</th>\n\t\t <th>Author</th>\n\t\t <th>Edition</th>\n\t\t <th>Book Condition</th>\n\t\t <th>Price </th>\n <th>ISBN</th>"; for ($i = 0; $i < $nr; $i++) { $row = mysql_fetch_array($result); //$productID= $row['productID']; //$saleID= $row['saleID']; $name = $row['name']; $email = $row['email']; $title = $row['title']; $author = $row['author']; $edition = $row['edition']; $bookCondition = $row['bookCondition'];
$bookCondition = $_POST['bookCondition']; $query = "INSERT INTO Product SET" . " title='{$title}'" . " ,author='{$author}'" . " ,edition='{$edition}'" . " ,ISBN='{$isbn}'" . " ,bookCondition='{$bookCondition}'" . " ,Sold='{$complete}'" . " ;"; $result = mysql_query($query); if ($result == 0) { noerror($result); } $isbn = @addslashes($_POST['isbn']); $_SESSION['isbn'] = $isbn; $price = addslashes($_POST['price']); $userID = $_SESSION['userID']; // echo $userID; $productID = "SELECT productID FROM Product WHERE Product.ISBN= '{$isbn}' limit 1"; $productID2 = mysql_query($productID); if (noerror($productID2)) { $obj = mysql_fetch_object($productID2); } //echo $obj->productID; $price = addslashes($_POST['price']); //echo mysql_fetch_row($productID2); $now = time(); //the current time $whenPosted = date("Y-m-d", $now); $query = "INSERT INTO Sales SET userID='{$userID}'," . "productID={$obj->productID}," . "price='{$price}'," . "whenPosted='{$whenPosted}';"; //$result= mysql_query($query); if ($result == 0) { noerror($result); } $_SESSION['isbn'] = $isbn; header('Location:http://mcbitlab.com/thebookclub/sellMatch.php'); exit;
session_start(); include "includeMe.php"; //include these files include "openDB.php"; openDB(); //imported functions $email = $_POST['email']; $password1 = $_POST['password']; $password2 = $_POST['passwordCheck']; $userId = "1"; //initialize userId to something other than null $getuserID = "SELECT MAX(userID) FROM User;"; $resultID = mysql_query($getuserID); //get a table (last row of Question's table) //if there is an existing userID(user) in the table, get next highest userID, otherwise, userId is 1 if (noerror($resultID)) { $userId = makeMax($resultID); //get the actual number to be added to this new post } //Check to see if the email already exists in system (in other words, the email is already in use) $findEmail = "SELECT * FROM User WHERE email='{$email}';"; $resultingTable = mysql_query($findEmail); if (isEmpty($resultingTable)) { if ($password1 != $password2) { //if any passwords do not match each other, print notice to screen echo "<!DOCTYPE> <html> <body>"; echo "Your passwords do not match.\n"; echo "Return to <a href=\"midiate_reg.php\">registration</a> and try again."; echo "</body> </html>"; } else { //change this later so that after registration user gets an email to finish registration?