-2

hello i have a form that converts decimal points to whole numbers.where could there be a problem

 <td>
    <input type='text' name='item[$i][Price]' id='Pquantity' value='".htmlspecialchars($row['Price'])."' readonly>

this is the form below, the data is beign pulled from a form filled above it 

<?php
$submit = $_POST['Add'];

//form data
$Sname = mysql_real_escape_string(htmlentities(strip_tags($_POST['Sname'])));
$Pname = mysql_real_escape_string(htmlentities(strip_tags($_POST['Pname'])));
$Pidno = mysql_real_escape_string(htmlentities(strip_tags($_POST['Pidno'])));
$Psize = mysql_real_escape_string(htmlentities(strip_tags($_POST['Psize'])));
$Pcolour = mysql_real_escape_string(htmlentities(strip_tags($_POST['Pcolour'])));
$Pquantity = $_POST['Pquantity'];
$Weblink = mysql_real_escape_string(htmlentities(strip_tags($_POST['Weblink'])));
$Price = mysql_real_escape_string(htmlentities(strip_tags($_POST['Price'])));
$date = date("Y-m-d");


//echo " ('','$Sname','$Pname','$Pidno','$Psize','$Pcolour','$Pquantity','$Weblink','$Price','$Uname')";
if('POST' === $_SERVER['REQUEST_METHOD']) 

{
if ($Sname&&$Pname&&$Pidno&&$Weblink&&$Price)
{
if (is_numeric($Price))
{
    $repeatheck = mysql_query("SELECT * FROM repplac WHERE Uname = '{$_SESSION['username']}' AND Pidno ='$Pidno' AND Sname='$Sname'");
    $count = mysql_num_rows($repeatheck);
if($count!=0)
{
    die ('PRODUCT ALREADY IN BASKET YOU CAN INCREASE OR DECREASE QUANTITY');
}
else
//echo'$Price';
$tprice = $Price * $Pquantity;
//echo"$tprice";
$queryreg = mysql_query("
INSERT INTO repplac VALUES ('','$Sname','$Pname','$Pidno','$Psize','$Pcolour','$Pquantity','$Weblink','$Price','$tprice','$date','{$_SESSION['username']}','')
")or die(mysql_error());
}
else
echo 'price field requires numbers';
}
else
echo 'please fill in all required * fields ';
}
?>
<form action='youraccount.php' method='Post' class='ilistbar'>
    <!--<div>
    <label for='shoppinglist' class='fixedwidth'></label>
    <textarea type='text' name='shoppinglist' id='username' cols='100' rows='15'></textarea>
    </div> -->
    <div>
    <label for='Sname' class='fixedwidth'> * Shop name</label>
    <input type='text' name='Sname' id='Sname'/>
    </div>
    <div>
    <label for='Pname' class='fixedwidth'> * Product name</label>
    <input type='text' name='Pname' id='Pname'/>
    </div>
    <div>
    <label for='Pidno' class='fixedwidth'> * Product id no /ad reference</label>
    <input type='text' name='Pidno' id='Pidno'/>
    </div>
    <div>
    <label for='Psize' class='fixedwidth'>Product size</label>
    <input type='text' name='Psize' id='Psize'/>
    </div>
    <div>
    <label for='Pcolour' class='fixedwidth'>Product colour</label>
    <input type='text' name='Pcolour' id='Pcolour'/>
    </div>
    <div>
    <label for='Pquantity' class='fixedwidth'>Product quantity</label>
    <select name="Pquantity" id="Pquantity">
      <option value="1">1</option>
      <option value="2">2</option>
      <option value="3">3</option>
      <option value="4">4</option>
      <option value="5">5</option>
      <option value="6">6</option>
      <option value="7">7</option>
      <option value="8">8</option>
      <option value="9">9</option>
      <option value="10">10</option> 
</select>
(You can update quantity in excess of 10 on the shopping list below)
    </div>
    <div>
    <label for='Weblink' class='fixedwidth'> * Web link</label>
    <input type='text' name='Weblink' id='Weblink'/>
    </div>
    <div>
    <label for='Price' class='fixedwidth'> * Price GBP</label>
    <input type='text' name='Price' id='Price'/>
    </div>
    <div>

    <div class='buttonarea'>
            <p>
            <input type='submit' name='submit' value='Add'>
            </p>
            </div>
            </p>
    </form>
</div>
</div>
</div>
<div class="primary">
<div class="action-box rounded">
<div class="titlebar">
<h2>Shopping List</h2>
<!--<a href='totalprice.php'>Update</a>-->
</div>
<div class="listbar">

    <form action='orderpplac.php' method='Post' class='shlistbar'>
    <table border='1'>
    <tr>
    <th>SHOP NAME</th>
    <th>PRODUCT NAME</th>
    <th>PRODUCT SIZE</th>
    <th>PRODUCT COLOUR</th>
    <th>PRODUCT QUANTITY</th>
    <th>PRICE</th>
    <th>TOTAL</th>
    <th></th>
    </tr>
    <?php
    // Get DB results and loop, outputting table rows with counter
    $pplresult = mysql_query("SELECT * FROM repplac WHERE Uname = '{$_SESSION['username']}'") or die(mysql_error());
   for ($i = 0; $row = mysql_fetch_assoc($pplresult); $i++) {
    echo "
    <tr>
    <td>".htmlspecialchars($row['Sname'])."</td>
    <td>".htmlspecialchars($row['Pname'])."</td>
    <td>".htmlspecialchars($row['Psize'])."</td>
    <td>".htmlspecialchars($row['Pcolour'])."</td>
    <td>
    <input type='text' name='item[$i][Pquantity]' id='Pquantity' value='".htmlspecialchars($row['Pquantity'])."' />
    <input type='hidden' name='item[$i][Pidno]' id='Pidno' value='".htmlspecialchars($row['Pidno'])."' />
    </td>
    <td>
    <input type='text' name='item[$i][Price]' id='Pquantity' value='".htmlspecialchars($row['Price'])."' readonly>
    </td>
    <td>".htmlspecialchars($row['Tprice'])."</td>
    <td><a href='deleteproduct.php?del=".htmlspecialchars($row['Pidno'])."'>delete</a></td>
    </tr>";
    }
   $pplresult = mysql_query("SELECT * FROM repplac WHERE Uname = '{$_SESSION['username']}'") or die(mysql_error());
  while ($row = mysql_fetch_assoc($pplresult)) 
   //echo $row['Pquantity'] * $row['Price'];
  {
  $totalprice += $row['Tprice'];
  }
  //echo "$totalprice";

         ?>
         <tr>
                <th>Total Price</th>
                <th><?php echo $totalprice; ?></th>

            </tr>
    <!--Close table and form-->

    </table>
    <input type='submit' name='submit1' value='UPDATE' />
    <input type='submit' name='submit2' value='SUBMIT' />
    </form>
lostty84
  • 79
  • 8
  • What [locale](http://stackoverflow.com/a/3386589/1220835) are you using? Where does the variable `$Price` come from? Do you still use [`register_globals`](http://php.net/manual/en/security.globals.php)? Converting a float to integer won't round the float, so `(int)3.85 == 3`. – Basti Apr 10 '12 at 10:22
  • @Basti I Didnot want the script to be to long but i have edited it , it was pulled from the form submited – lostty84 Apr 10 '12 at 10:27
  • So there is `$Price = $_POST["Price"]` somewhere in your code? Is the price inserted correctly into the table? Also read http://stackoverflow.com/questions/7302834/phps-floatval-is-not-locale-aware – Basti Apr 10 '12 at 10:30
  • yes there is $Price = mysql_real_escape_string(htmlentities(strip_tags($_POST['Price']))); – lostty84 Apr 10 '12 at 10:35
  • Oh I got a lead: The column that holds the price is not by any chance of type integer? If it would be, inserting `3.85` will round the value to `4` and throw a warning. – Basti Apr 10 '12 at 10:36
  • please explain further"Oh I got a lead: The column that holds the price is not by any chance of type integer? If it would be, inserting 3.85 will round the value to 4 and throw a warning" – lostty84 Apr 10 '12 at 10:38
  • To store "3.85" in mysql you cannot use `INT`. If you do, inserting "3.85" will lead to MySQL rounding your float and inserting `4`. To store floats use `DECIMAL` or `FLOAT`. But if you did have a column of type `INT`, you wouldn't have a correct price inserted into your table., so if the price is inserted correctly, this cannot be the problem. – Basti Apr 10 '12 at 10:41
  • @Basti please where will i make the change to decimal, will it be in the insert command – lostty84 Apr 10 '12 at 10:48
  • To change the `Price`-column's type, use an `ALTER TABLE`-statement. See my answer for an example. – Basti Apr 10 '12 at 10:54

1 Answers1

0

Using the table

CREATE TABLE `test` (
  `int` int(11) NOT NULL,
  `float` float NOT NULL,
  `decimal` decimal(2,1) NOT NULL
)

and inserting the value "3.85" in each column

INSERT INTO `test` (`int`, `float`, `decimal`) VALUES ('3.85', '3.85', '3.85');

will lead to the output

int   float   decimal
4     3.85    3.9

When inserting, you will get a 

Note: #1265 Data truncated for column 'decimal' at row 1

To repair this, do

ALTER TABLE `repplac` CHANGE `Price` `Price` DECIMAL(12, 2) NOT NULL

The type DECIMAL(12, 2) can store values up to 9999999999,99.

See MySQL's manual on DECIMAL for more information.

Beware that inputting "3,85" (with a comma instead of a dot) will cause MySQL to ignore any decimal place. You may want to str_replace(',', '.', $Price) and convert , to . before inserting, or show a warning to the user, that he uses an invalid format.

Basti
  • 3,998
  • 1
  • 18
  • 21
  • ok i will have a read and get back, thanks – lostty84 Apr 10 '12 at 11:03
  • Didn't get that last comment. The first number (12) is the total length of the number, i.e. `12.34` has length `4`. The second number (2) is the number of decimal places, i.e. `2` for `12.34` and `4` for `1.2345`. – Basti Apr 10 '12 at 11:25
  • Great! Don't let those downvotes get to you. It seems to be the wrong time of the day to be on stackoverflow. ;-) – Basti Apr 10 '12 at 11:32