I have recently changed servers and things arent working like they did before
I have pin pointed that the session information is not tranferring from one page to the next
this is half of the first page
<?php include 'header.php';?>
<?php
session_start();
$id = isset($_GET['id']) ? $_GET['id'] : "";
$con = mysqli_connect("*","*","*","*");
// SELECT DATABASE
$db = mysqli_select_db("images", $con);
function GetCartId()
{
// This function will generate an encrypted string and
// will set it as a cookie using set_cookie. This will
// also be used as the cookieId field in the cart table
if(isset($_COOKIE["cartId"]))
{
return $_COOKIE["cartId"];
}
else
{
// There is no cookie set. We will set the cookie
// and return the value of the users session ID
setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
return session_id();
}
}
// Get data from the database depending on the value of the id in the URL
$id = $_GET["id"];
$strSQL = "SELECT * FROM images WHERE image= '$id'";
$rs = mysqli_query($con,$strSQL);
while($row = mysqli_fetch_array($rs)) {
$name = $row['image_name'];
echo '<h1 style="font-size:2em;">';
echo $name;
echo'</h1>';
echo '<div id = "galpic">';
$thispic = $row['image'];
echo '<div id = "pic">';
echo '<br /> <img src="'.$thispic.'" style = "max-width:100%;"/> ';
echo '</div>';
$description = $row['image_description'];
echo ' <h3>about</h3>';
echo ' <h3>card</h3>';
echo ' <h3>small</h3>';
echo ' <h3>big</h3>';
echo ' <h3>limited</h3>';
echo ' <h3>share</h3>';
echo '</div>';
}
$_SESSION['name'] = $name;
$_SESSION['thispic'] = $thispic;
THESE LAST TWO LINES ARE THE SESSION INFORMATION THAT WORKS FOR THE REST OF THIS PAGE BUT DOES NOT PASS THROUGH TO THE NEXT PAGE
then the next page is............
<?php include 'header.php';?>
<?PHP
session_start();
$con = mysqli_connect("*","*","*","*");
$_SESSION['name'] = '$name';
$_SESSION['thispic'] = '$thispic';
echo '<div id = "foodbowl">';
echo '<h1>ORDER FORM</h1>';
echo '</div>';
echo '<div id = "checkout">';
echo '<table style = "font-size:0.7em;margin-top:3%;line-height:100%;">';
echo '<tr>';
echo '<td>checkout progress bar:</td>';
echo '<td>check your order</td>';
echo '<td style = "background-color:#e8d9d9">fill in details</td>';
echo '<td>choose payment option</td>';
echo '<td>final check?</td>';
echo '</tr>';
echo '</table>';
echo '</div>';
function GetCartId()
{
// This function will generate an encrypted string and
// will set it as a cookie using set_cookie. This will
// also be used as the cookieId field in the cart table
if(isset($_COOKIE["cartId"]))
{
return $_COOKIE["cartId"];
}
else
{
// There is no cookie set. We will set the cookie
// and return the value of the users session ID
setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
return session_id();
}
}
$checkout = mysqli_query($con,"SELECT * FROM cart where cookieId = '".GetCartId()."'");
echo '<div id = "checkout">';
echo '<table>
<tr>
<th colspan = "4"><b>YOUR CHOICE</b></th>
<th><b>PRICE</b></th>
</tr>
';
while ($row = mysqli_fetch_array($checkout)){
$pic = $row['image'];
echo '<tr><td>';
echo $row['name'];
echo '</td><td>';
echo '<img src="'.$pic.'" style ="height:33px;"/>' ;
echo '</td><td >';
echo $row['product'];
echo '</td><td >';
echo '$'. $row['price'].'.00 au';
echo '</td></tr>';
}
echo '<tr><td colspan ="4">';
echo '<p>TOTAL</P>';
echo '</td><td>';
$result = mysqli_query($con,"select sum(price) as total from cart where cookieId = '".GetCartId()."'");
while($row = mysqli_fetch_assoc($result)){
echo '$'.$row['total'].'.00 au';
}
echo '</td></tr>';
echo '</table>';
echo '</div>';
$name = $row['name'];
$product = $row['product'];
?>
<form id="buyer" method="post" action="email.php" >
<p> these are the details Mandy will need to send your product -</p>
<?php
$checkout = mysqli_query($con,"SELECT * FROM cart where cookieId = '".GetCartId()."'");
while ($row = mysqli_fetch_array($checkout)){
echo '<br / >';
echo 'a '.$row['product'];
echo ' of '.$row['name'];
}
?>
You cannot have any - any - output before you call session_start(). That includes the blank line between ?> and <?php, as well as anything in header.php. When you do have output, it prevents you from sending a session cookie with session_start(). No cookie, no session.
Put session_start() at the very top of your scripts and don't open and close PHP tags (<?php ... ?>) without reason.
Related
I have made a website for a university unit with mysqli and php - (beginner) -www.mandyevansartist.com
-where i have a database of different images. When you click on 'gallery' in the menu bar it uses a select statement to display the catagory head . When you click a picture it uses a select statement to display the images in that catagory. When you click on an image it takes you to a full sized display of that image with different options to buy it in a card/small print/big print/poster (each option being a link to a seperate query sending the image to the cart)
The problem is that when a new user sends something to the cart for the first time - the image will not turn up in the cart...every time after that it works perfectly. I suspect it is the cookie or the sessions but cant pinpoint why.
The relevant code for the images page is
function GetCartId()
{
// This function will generate an encrypted string and
// will set it as a cookie using set_cookie. This will
// also be used as the cookieId field in the cart table
if(isset($_COOKIE["cartId"]))
{
return $_COOKIE["cartId"];
}
else
{
// There is no cookie set. We will set the cookie
// and return the value of the users session ID
session_start();
setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
return session_id();
}
}
// Get data from the database depending on the value of the id in the URL
$id = $_GET["id"];
$strSQL = "SELECT * FROM images WHERE image= '$id'";
$rs = mysqli_query($con,$strSQL);
while($row = mysqli_fetch_array($rs)) {
$name = $row['image_name'];
echo '<h1 style="font-size:2em;">';
echo $name;
echo'</h1>';
echo '<div id = "galpic">';
$thispic = $row['image'];
echo '<div id = "pic">';
echo '<br /> <img src="'.$thispic.'" style = "max-width:100%;"/> ';
echo '</div>';
$description = $row['image_description'];
echo ' <h3>about</h3>';
echo ' <h3>card</h3>';
echo ' <h3>small</h3>';
echo ' <h3>big</h3>';
echo ' <h3>limited</h3>';
echo ' <h3>share</h3>';
echo '</div>';
}
$_SESSION['name'] = $name;
$_SESSION['thispic'] = $thispic;
echo '<div id="about" class="reveal-modal">';
echo '<br /> <img src="'.$thispic.'" /> ';
echo '<h1>';
echo $description;
echo '</h1>';
echo '</div>';
echo '<div id="card" class="reveal-modal">';
echo '<br /> <img src="'.$thispic.'" /> ';
echo '<img src="images/cards.png" /> ';
echo '<h1>a card of -'.$name.'</h1>';
echo '<p>click this button and we will hand make you this card. Using spray glue on recycled card and a crystal archive photograph. Individually wrapped with a c5 envelope. </p>';
echo '<h1>$7 each</h1><br />';
echo '<form action = "cart.php" method = "post">';
echo '<input type="image" src = "images/sendtocart.png" >';
echo '</form>';
echo '<p> you can remove it from the cart later if you like</p>';
echo '</div>';
and the code for 'card.php' (an example of one of the querys that send stuff to the cart)
<?php
session_start();
$_SESSION['name'] = $name;
$_SESSION['thispic'] = $thispic;
$con = mysqli_connect("mandyevansartistcom.ipagemysql.com","x32167022","x32167022","x32167022");
function GetCartId()
{
// This function will generate an encrypted string and
// will set it as a cookie using set_cookie. This will
// also be used as the cookieId field in the cart table
if(isset($_COOKIE["cartId"]))
{
return $_COOKIE["cartId"];
}
else
{
// There is no cookie set. We will set the cookie
// and return the value of the users session ID
session_start();
setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
return session_id();
}
}
mysqli_query($con,"insert into cart(product,name,image,price,cookieId) values('card','$name','$thispic',7,'".GetCartId()."')");
header("Location: image.php?id=$thispic");
?>
thanks very much for any help
Not 100% sure if it's the solution but i think it's the core of your problem. First of all session_start(); does't have any effect and is only provoking an error or warning. I'm talking here about the session_start(); in your else statement.
Also, you are talking about "The relevant code for the images page is". Ok, but be sure you are not echo anything else before you call the setcookie. You will get a Cannot modify header information warning and the cookie won't be set. E.g.
echo "blabla";
setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
//Cookie isn't set!
Correct:
setcookie("cartId", session_id(), time() + ((3600 * 24) * 30));
//Cookie is set correctly!
I'm working with our project and I noticed that whenever I refresh my page the mysql query repeats itself. When I click a submit button It will go to same page and it will perform the query. Even though i used isset() method to the submitting button, still the query repeats when I refresh/reload the page. Thank you :) !
<html>
<body>
<head>
<link rel="stylesheet" type="text/css" href="Homepagestyle.css">
</head>
<form method = "POST" action = "Forum.php">
<?php
session_start();
mysql_connect("127.0.0.1", "root", "toor");
mysql_select_db("matutorials");
echo "Welcome " . "<a href = 'UserProf.php'>". $_SESSION['username'] . "</a> <br>";
if (isset($_POST['btnProg'])){
echo $_SESSION['prog'] . "<br>";
} else if (isset($_POST['btnNet'])){
echo $_SESSION['net'] . "<br>";
}
?>
<center><font face = 'verdana'><textarea cols = 70 rows = 6 name = 'txtpost'></textarea></font></center><br>
<center><input type = 'submit' name = 'btnPost'></center><br> <br>
<center><table>
<?php
if (isset($_POST['btnProg'])){
$_SESSION['pasamoto'] = 1;
$capRows = "SELECT * FROM page_post WHERE category_id = 1 ORDER BY timestamps DESC";
$iQuer = mysql_query($capRows);
while ($getRows = mysql_fetch_array($iQuer)){
echo "<tr>";
echo "<td><div id = 'postsdiv'>" . $getRows['post'] . "</div><br>";
echo "</tr>";
}
}
?>
</table> </center>
<?php
session_start();
if(isset($_POST['btnPost'])){
$post_content = $_POST['txtpost'];
$dttime = date("Y-m-d") . " " . date("h:i:sa");
$var = $_SESSION['pasamoto'];
if ($var == 1){
$addpost = "INSERT INTO page_post(post,timestamps,category_id) VALUES ('$post_content','$dttime','$var')";
mysql_query($addpost);
$capRows = "SELECT * FROM page_post WHERE category_id = '".$var."' ORDER BY timestamps DESC";
$iQuer = mysql_query($capRows);
while ($getRows = mysql_fetch_array($iQuer)){
echo "<tr>";
echo "<td><div id = 'postsdiv'>" . $getRows['post'] . "</div><br>";
echo "</tr>";
}
}
//}
if ($var == 2){
$addpost = "INSERT INTO page_post(post,timestamps,category_id) VALUES ('$post_content','$dttime','$var')";
mysql_query($addpost);
$capRows = "SELECT * FROM page_post WHERE category_id = '".$var."' ORDER BY timestamps DESC";
$iQuer = mysql_query($capRows);
while ($getRows = mysql_fetch_array($iQuer)){
echo "<tr>";
echo "<td><div id = 'postsdiv'>" . $getRows['post'] . "</div><br>";
echo "</tr>";
}
}
//}
?>
</form>
</body>
</html>
If you refresh a page after submitting you form, the POST will still be recognised by some browsers and will cause a second POST to the code. You should update your code to trigger the SQL query on a separate page or function, and then redirect the user to the success / thanks page, where refreshing won't duplicate the query.
Alternatively, you can have a hidden field on your page which contains a unique token and compare it with a cookie. On page load, you save the token to a cookie and to the hidden field on the form. When you submit the form, validate that the token in the hidden form field matches the cookie, then delete the cookie. Refreshing the page after submission will cause the token validation to fail, preventing a duplicate SQL insert.
Just wash out the form data by redirecting the page after insert query
like header('location:home.php')
As #PeeHaa suggested in the comments above use Post-Redirect-Get concept.
Modified your code a bit. Try below:
Forum.php
<head>
<link rel="stylesheet" type="text/css" href="Homepagestyle.css">
</head>
<body>
<form method="POST" action="Forum.php">
<?php
session_start();
mysql_connect("127.0.0.1", "root", "toor");
mysql_select_db("matutorials");
echo "Welcome " . "<a href = 'UserProf.php'>". $_SESSION['username'] . "</a> <br>";
if (isset($_GET['show']))
{
echo $_SESSION['prog'] . "<br>";
}
else if (isset($_GET['show']))
{
echo $_SESSION['net'] . "<br>";
}
?>
<center><font face = 'verdana'><textarea cols = 70 rows = 6 name = 'txtpost'></textarea></font></center><br>
<center><input type = 'submit' name = 'btnPost'></center><br> <br>
<center><table>
<?php
if (isset($_GET['show']))
{
$_SESSION['pasamoto'] = 1;
$capRows = "SELECT * FROM page_post WHERE category_id = 1 ORDER BY timestamps DESC";
$iQuer = mysql_query($capRows);
while ($getRows = mysql_fetch_array($iQuer))
{
echo "<tr>";
echo "<td><div id = 'postsdiv'>" . $getRows['post'] . "</div><br>";
echo "</tr>";
}
}
?>
</table> </center>
<?php
if(isset($_POST['btnPost']))
{
$post_content = $_POST['txtpost'];
$dttime = date("Y-m-d") . " " . date("h:i:sa");
$var = $_SESSION['pasamoto'];
if ($var == 1)
{
$addpost = "INSERT INTO page_post(post,timestamps,category_id) VALUES ('$post_content','$dttime','$var')";
mysql_query($addpost);
$capRows = "SELECT * FROM page_post WHERE category_id = '".$var."' ORDER BY timestamps DESC";
$iQuer = mysql_query($capRows);
while ($getRows = mysql_fetch_array($iQuer))
{
echo "<tr>";
echo "<td><div id = 'postsdiv'>" . $getRows['post'] . "</div><br>";
echo "</tr>";
}
}
if ($var == 2)
{
$addpost = "INSERT INTO page_post(post,timestamps,category_id) VALUES ('$post_content','$dttime','$var')";
mysql_query($addpost);
$capRows = "SELECT * FROM page_post WHERE category_id = '".$var."' ORDER BY timestamps DESC";
$iQuer = mysql_query($capRows);
while ($getRows = mysql_fetch_array($iQuer))
{
echo "<tr>";
echo "<td><div id = 'postsdiv'>" . $getRows['post'] . "</div><br>";
echo "</tr>";
}
}
}
header("Location:Forum.php?show=true"); // <==== Note this
?>
</form>
</body>
</html>
Explanation:
The above code will follow the Post-Redirect-Get pattern. The form will post the data to the same page and whatever task you want to perform after form post should be enclosed in,
if(isset($_POST['btnPost']))
{
...
}
and then redirect the user to the same page using,
header("Location:Forum.php?show=true");
the header function will redirect the user to the same page and the GET parameter show will decide what to show after the redirection. The content to show after redirection (or any other time) should be enclosed in,
if(isset($_GET['show']))
{
...
}
this file is included in my index file, i want not more than 5 posts on page and under posts 1 2 3 4... and etc. (links to the next pages) and that it look like this index.php?page=2
Sorry for my bad grammar.
<?php
if(isset($_GET['post_edit'])) {
$p_id = $_GET['post_edit'];
$p_query = mysql_query("SELECT title, post FROM posts WHERE id='$p_id'");
$p_array = mysql_fetch_array($p_query);
$title = $p_array['title'];
$post = $p_array['post'];
}
?>
<?php
if(isset($_POST['edit'])){
$title_edit = $_POST['titleedit'];
$post_edit = $_POST['postedit'];
if(empty($title) or empty($post)){
echo "<p>Fields empty!</p>";
} else {
mysql_query("UPDATE posts SET title='$title_edit', post='$post_edit' WHERE id='$p_id'");
echo "Edit succesful!</br>";
header('location: index.php');
}
}
?>
<?php
if(isset($_GET['post_edit']) && !empty($_GET['post_edit'])){
include 'edit_post.php';
} else {
?>
<?php
$query = mysql_query("SELECT * FROM posts ORDER BY date DESC");
while($row = mysql_fetch_array($query)){
echo "<div class='poststitle'>";
echo "<div style='font-weight: bold;'>";
echo $row['title'];
echo "</div>";
echo "</div>";
echo "<div class='posts'>";
echo $row['post'];
echo "</br>";
echo "<hr>";
$user_name = mysql_query("SELECT username FROM users WHERE id = '".$row['user']."' ");
$user_name_array = mysql_fetch_array($user_name);
$post_id = $row['id'];
echo "Posted by: <b>";
echo $user_name_array['username'];
echo "</b> | ";
echo "Views: <b>";
echo $row['views'];
echo "</b> | ";
echo "Posted on: ";
echo "<b>";
echo $row['date'];
echo "</b><hr>";
echo '</div>';
if (loggedin()){
if($user_level == 1){
echo "<div class='postoptions'>";
echo "<a href='index.php?post_edit=$post_id'><img src='img/optionicons/edit.png' width='15' height='15' alt='edit' /></a>";
echo "<a href='del_post.php?del=$post_id'><img src='img/optionicons/cancel.png' width='15' height='15' alt='Delete' /></a>";
echo "</div>";
} else {
echo "";
}
}
}
}
?>
SELECT * FROM table_name LIMIT N, M
Where N - number of limited rows and M(offset) = N * (PAGE -1)
You should use the LIMIT clause in your MySQL query, see the docs
in order to calculate the numbe rof pages, you also need the total number of rows, this can be found using SQL_CALC_FOUND_ROWS, see the docs or this question
I have a myList.php which should list all products added to my favourites and compute the total price of products.
here is the code:
<?php
include 'navigation.php'
?>
<div class='sectionContents'>
<?php
if (isset($_GET['action']) && $_GET['action'] == 'removed') {
echo "<div>" . $_GET['prod_name'] . " was removed from favourites.</div>";
}
if (isset($_SESSION['fav'])) {
$ids = "";
foreach($_SESSION['fav'] as $prod_id) {
$ids = $ids . $prod_id . ",";
}
// remove the last comma
$ids = rtrim($ids, ',');
include "db_connect.php";
$query = mysql_query("SELECT prod_id, prod_name, prod_price FROM tbl_product WHERE prod_id IN ('$ids')") or die(mysql_error());
$num = mysql_num_rows($query);
if ($num > 0) {
echo "<table border='0'>"; //start table
// our table heading
echo "<tr>";
echo "<th class='textAlignLeft'>Product Name</th>";
echo "<th>Price (MUR)</th>";
echo "<th>Action</th>";
echo "</tr>";
//also compute for total price
$totalPrice = 0;
while ($row = mysql_fetch_assoc($query)) {
extract($row);
$totalPrice += $prod_price;
//creating new table row per record
echo "<tr>";
echo "<td>{$prod_name}</td>";
echo "<td class='textAlignRight'>{$prod_price}</td>";
echo "<td class='textAlignCenter'>";
echo "<a href='remove_favourite.php?prod_id= {$prod_id}&prod_name={$prod_name}' class='customButton'>";
echo "<img src='shopping-cart-in-php/images/remove-from- cart.png' title='Remove from favourite' />";
echo "</a>";
echo "</td>";
echo "</tr>";
}
echo "<tr>";
echo "<th class='textAlignCenter'>Total Price</th>";
echo "<th class='textAlignRight'>{$totalPrice}</th>";
echo "<th></th>";
echo "</tr>";
echo "</table>";
echo "<br /><div><a href='#' class='customButton'>Home</a></div>";
} else {
echo "<div>No products found in your favourites. :(</div>";
}
} else {
echo "<div>No products in favourites yet.</div>";
}
?>
I use the add_to_fav.php below to add the products to my favourites:
<?php
session_start();
// get the product id
$prod_id = $_GET['prod_id'];
$prod_name = $_GET['prod_name'];
/*
* check if the 'fav' session array was created
* if it is NOT, create the 'fav' session array
*/
if (!isset($_SESSION['fav'])) {
$_SESSION['fav'] = array();
}
// check if the item is in the array, if it is, do not add
if (in_array($prod_id, $_SESSION['fav'])) {
// redirect to product list and tell the user it was added to favourites
header('Location: prod_list.php?action=exists&prod_id' . $prod_id . '&prod_name=' . $prod_name);
}
// else, add the item to the array
else {
array_push($_SESSION['fav'], $prod_id);
// redirect to product list and tell the user it was added to cart
header('Location: prod_list.php?action=add&prod_id' . $prod_id . '&prod_name=' . $prod_name);
}
?>
I am having "No products found in your favourites. :(" when i try to view the favourites
I have a counter like thing which shows the number of products in my favourites as well and it stays to 0.
Have I erred somewhere? Which mistake should I correct?
There are a few things that could be happening.
1) You are not starting the session before loading the favorites:
<div class='sectionContents'>
<?php
if(isset($_GET['action']) && $_GET['action']=='removed'){
echo "<div>" . $_GET['prod_name'] . " was removed from favourites.</div>";
}
session_start()
if(isset($_SESSION['fav'])){
2) Your SQL query in fact is not finding any product ids. You might want to debug the SQL and run it in phpmyadmin or your mysql interface to see if it in fact does return any results.
include "db_connect.php";
$query = "SELECT prod_id, prod_name, prod_price FROM tbl_product WHERE prod_id IN ('$ids')";
echo $query; // Print query for debugging
$result = mysql_query($query) or die(mysql_error());
$num = mysql_num_rows($result);
My guess is that this query is incorrect because of the single quotes around $ids
It should be:
$query = "SELECT prod_id, prod_name, prod_price FROM tbl_product WHERE prod_id IN ($ids)";
Also this can be simplified from:
$ids = "";
foreach($_SESSION['fav'] as $prod_id){
$ids = $ids . $prod_id . ",";
}
// remove the last comma
$ids = rtrim($ids, ',');
To:
$ids = implode(",", $_SESSION['fav']);
I am posting from a form that selects products from a list, to a page with the selected products displayed. I want to have a link next to each item for removing an item from the selected list (array).
How do I do that? I seem to be losing the session once I click on the remove link.
session_start();
foreach($_SESSION['id'] as $key => $value){
$array = explode(',', $value);
if($value[0]!=''){
$id = $array[0];
$query = "SELECT * FROM products WHERE id = '$id'";
$result = mysqli_query($dbc, $query);
while ($row = mysqli_fetch_array($result)) {
$product_id = $row['id'];
echo '<tr valign="bottom">';
echo '<td>' . stripslashes($row['category']) . '</a></td>';
echo '<td>' . stripslashes($row['itemDesc']) . '</a></td>';
echo '<td class="right">' . stripslashes(number_format($row['points'], 2)) . '</a></td>';
echo '<td>Remove</td>';
echo "</tr>\n\n";
$points = stripslashes($row['points']);
#$points_total += $points;
}
}
}
$postid = $_POST['id'];
$_SESSION['id'] = $_POST['id'];
$product_id = htmlspecialchars(#$_GET['id'], ENT_QUOTES, 'UTF-8');//the product id from the URL
$s = $_SESSION['id'];
$s = htmlspecialchars(#$_GET['key'], ENT_QUOTES, 'UTF-8');//the product id from the URL
$action = htmlspecialchars(#$_GET['action'], ENT_QUOTES, 'UTF-8'); //the action from the URL
switch($action) {
case "remove":
unset($array[$id]); //remove $product_id from the array with
echo $action . $product_id;
break;
}
Here's the HTML for the form:
<form method="post" action="products_selected.php">
<?php
$query = "SELECT * FROM products ORDER BY rangeCode, category ASC";
$result = mysqli_query($dbc, $query);
while ($row = mysqli_fetch_array($result)) {
$id = $row['id'];
echo '<tr valign="bottom">';
echo '<td>' . stripslashes($row['rangeCode']) . '</td>';
echo '<td>' . stripslashes($row['category']) . '</a></td>';
echo '<td>' . stripslashes($row['itemDesc']) . '</a></td>';
echo '<td>' . number_format($row['points'], 2) . ' points ';
echo '<input type="checkbox" name="id[]" value="' . $id . '" /></td>';
echo '</tr>' . "\n\n";
}
mysqli_close($dbc);
?>
<tr><td colspan=13><input type="submit" name="submit" value="Order" /></td></tr>
Ok. After a bit of chat and co-working around this issue, we found some problems.
There's the need to insert a check around the code that uses $_GET and $_POST data, to avoid unwanted modification to other variables (an example: when the user clicks "Remove" to remove an item from his choices, the $_SESSION array will be updated with the $_POST array; since this contains nothing, the session array is emptied (and this was why the session was thought to be lost):
To find and delete the item from the session, we have to use the key retrieved from url and check if it's present into the session array. This can be seen in the code below.
if (isset($_POST['id']))
{
$_SESSION['id'] = $_POST['id'];
}
if(isset($_GET['key']) && ($_GET['action'] == 'remove'))
{
if (array_key_exists($_GET['key'], $_SESSION['id']))
{
unset($_SESSION['id'][$_GET['key']]);
}
}
Some other minor changes have been made to the code, but the main problems were the ones explained.