<?php
session_start();
$userid=$_SESSION['userid'];

if (! $userid) {
  echo "<h3>You are not logged in</h3>\n";
  echo "<h3><a href=login.php>Go to login page</h3>\n";
  exit;
}
// here is the code that connects to the database. Note that the username
// and password are "hard-coded".

$username="php"; /* Your MySQL username/password goes here! */
$password="php";
$database="dbintro";

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

echo "<h3>Your shopping cart</h3>\n";

// here we define the SQL command
$query = "SELECT * FROM cartentries,products WHERE cartentries.userid=$userid AND cartentries.productid=products.productid";

// submit the query to the database
$res=mysql_query($query);

// make sure it worked!
if (!$res) {
  echo mysql_error();
  exit;
}

// find out how many records we got
$num = mysql_numrows($res);
if ($num==0) {
  echo "<h3>Your cart is empty</h3>\n";
  exit;
}

// display everything in the cart as an HTML table
?>
<table border=0>
  <tr>
      <th>Product</th>
      <th>Unit Price</th>
      <th>Quantity</th>
      <th>Item total</th>
  </tr>
<?php

for ($i=0;$i<$num;$i++) {
  echo "<tr>\n";
  echo "  <td>" . mysql_result($res,$i,'Name') . "</td>\n";
  echo "  <td>" . mysql_result($res,$i,'Price') . "</td>\n";
  echo "  <td>" . mysql_result($res,$i,'Quantity') . "</td>\n";
  echo "  <td>" . mysql_result($res,$i,'Quantity') * 
                  mysql_result($res,$i,'Price') . "</td>\n";
  echo "</tr>\n";
}
echo "</table>\n";
?>