Escaping Variables / Arrays in MySQL Strings
Okay so I am currently attempting to make a mock-up of an eCommerce site and I noticed that on more than one occasion I have had issues trying to figure out the correct syntax for using arrays (multi-dimensional or otherwise) within MySQL query strings. Specifically the use of quotes (single or double) causes some confusion for me.
I want to put together a cart in the $_SESSION namespace that should have this form:
$_SESSION['cart']['item_' . $n], where $n starts from 0 and increases by one during every instance of the loop. For every 'item_n' there will be an associated 'item_n_qty' that holds the associated quantity in the cart for each item.
If I wanted to include this multi-dimensional array in a MySQL query, what is the best way to do this? Currently I have the following:
And that query is giving me errors when I try running it in my PHP script. Any help would be appreciated and I think the issue has to do with the fact that typically an array element name has to be in quotes, but when I tried that earlier ('cart' instead of $cart) NetBeans identified it as incorrect code.
$index = "item_" . $m;
$item_quantity = "item_" . $m . "_qty";
$cart = 'cart';
$current_cart_query = "SELECT product_id, product_name, price, product_description, image_path, category
FROM products WHERE product_id = $_SESSION[$cart][$index] LIMIT 1"; //need to do a join? why am I using product_id?