Hi. I have a php page with three mysql queries. In its last version, the page worked fine; but I have altered the first query and conditional logic to better suit my security decision about validating $_GET info and now the second query isn't working right, even though I haven't changed it at all. I can't figure out what's wrong. Help!!
<?php
require('./inc/config.inc.php');
$stone = (INT)$_GET['stone'];
require(MYSQL1);
$queryCk = "select StoneID from stonetypes";
$resultCk = $db->query($queryCk);
$var = array();
while ($rowCk = $resultCk->fetch_assoc()){
$var[] = $rowCk['StoneID'];
}
if(!in_array($stone, $var)) {
header('Location: beadgallery.php?type=stones');
exit;
} else {
$resultCk->free();
unset($resultCk);
include('inc/header.inc.php');
include('inc/sidebar.inc.php');
include('inc/topMenuBar.inc.php');
include('inc/mainContentShell.inc.php');
?>
<div id="mainContent">
<div class="center">
<?php
$querySN = "select StoneName from stonetypes where StoneID = '$stone' ";
$resultSN = $db->query($querySN);
$rowSN = $resultSN->fetch_assoc();
echo '<table id="cartDisplayTable">';
echo '<tr>';
echo '<td colspan="2">';
echo '<table id="titleTable">';
echo '<tr>';
echo '<td id="stoneTitle">';
if (isset($rowSN['StoneName'])){
echo '<h2>'.ucwords($rowSN['StoneName']).'</h2>';}
echo '</td>';
echo '</tr>';
$resultSN->free();
unset($resultSN);
$query = "select * from organized_inventory2 where StoneID = '$stone' ";
$result = $db->query($query);
$num_beadItems = $result->num_rows;
$justused='abc';
for ($i=0; $i < $num_beadItems; $i++) {
$row = $result->fetch_assoc();
if (!isset($row['itmphoto'])) {
echo '</table>';
echo '</td>';
echo '</tr>';
echo '<tr><td colspan="2"><hr id="cartDivider"></td></tr>';
echo '<tr>';
echo '<td id="cartImgCell">';
echo '<img src="img/nophoto.gif">';
echo '</td>';
echo '<td id="cartInfoCell">';
echo '<table id="innerTable">';
include ('inc/stoneCartInfo.inc.php');
} elseif ($row['itmphoto'] == $justused) {
echo '<tr><td colspan="2"><hr id="itemDivider"></td></tr>';
include ('inc/stoneCartInfo.inc.php');
} else {
echo '</table>';
echo '</td>';
echo '</tr>'
;
echo '<tr><td colspan="2"><hr id="cartDivider"></td></tr>'
;
echo '<tr>';
echo '<td id="cartImgCell">';
echo '<img src="img/invent/'.$row['itmphoto'].'">';
$justused = $row['itmphoto'];
echo '</td>';
echo '<td id="cartInfoCell">';
echo '<table id="innerTable">';
include ('inc/stoneCartInfo.inc.php'); }
}
echo '</table>'
;
echo '</td>';
echo '</tr>'
;
echo '</table>'
;
}
$result->free();
unset($result);
$db->close();
?>
</div> <!-- div class="center" -->
</div> <!-- div id="mainContent" -->
