Sessions-Cookies..need help

Anon

Please read the questions below the codes, thanks!

Store Script:

$host = "";
$user = "";
$pass = "";
$database = "";

$tablestore = "shopping";

include( "shoppingcart2.php3");

$cart = new Cart;

//connect to db
$db= mysql_connect("$host","$user","$pass");
mysql_select_db("$database", $db);

<body>

if($add)
{

 if($cookie1)
 $session = $cookie1;

 $result = mysql_query(  "SELECT * FROM car_record WHERE id='$add'");
 $row = mysql_fetch_array($result);

 $cart->add_item($tablestore,$session,$row[id]);

}

function sortfunc($result,$var)
{
global $REQUEST_URI,$session,$cookie1;

		while($row = mysql_fetch_array($result))
		{ 


		echo "<tr><FORM ACTION='ecs_database.php3' METHOD=post><td bgcolor=$color><center><font face=verdana size=1>$row[counter]</font></center></td>\n";


		echo "<td bgcolor=$color><CENTER><A HREF=\"$REQUEST_URI&add=".urlencode($row[id]);

if (!$cookie1)
echo "&session=$session\">";
else
echo "\">";

		echo "<td bgcolor=$color><center><font face=verdana size=1>$row[id]</font></center></td></form></tr>\n";	
		}		
	}

?>

shoppingcart script:

<?
if(!$session && !$cookie1) //make sure this hasn't already been established
{
$session = md5(uniqid(rand())); //creates a random session value
Setcookie( "cookie1", "$session",time()+7200);
}
class Cart
{

function add_item($tablestore, $session,$id)
{
// Checks to see if they already have that id in their list
$in_list = "SELECT * FROM $tablestore WHERE session='$session' ";
$in_list .= "AND id='$id'";
$result = mysql_query( "$in_list");
$num_rows = mysql_num_rows($result);

        // they don't have that id in their cart?  Put it in. 
       if($num_rows == 0)
       {
          $sql =  "INSERT INTO $tablestore (session,id) VALUES ";
          $sql .=  "('$session','$id')";
          mysql_query( "$sql");


       }
        // They have the id in their cart already?  Add the made they specified 
        // to the id they have in their cart 
       else;
    }
  ?>

=======================================

1) from the store script , it shows that the first time a user click on the
link, the session number should be shown.. it doesnt.

2) from the shoppingcart script, it shows that if id and session numbers
match, the script shouldnt add the record again.. but it DOES!!! I have no
idea why.

3) in the store script, i use request_uri .. but you see the problem is that
the url gets larger and larger (with &add=#).. I tried ereg_replace function
to replace add and session.. but the problem is that if the use already set a
session, then &session=$session shouldnt appear, then the replace function
wont work..

what I tried was

ereg_replace("&add=([0123456789]+)&session=([0123456789]+)",
"&add=$row[id]&session=$session", "$REQUEST_URI")

Do you have any advice on how to code it so the url doesnt increase?

Thanks a lot!

Anon

Also, another problem is that the first time (when an user doesnt have the cookies set) everything works fine..

but then when I try again and with my 2nd computer (to try another user), all the session becomes 0 (it's not set..since the field type for session is NOT NULL default=0)

why does this happen?

why can't the user's cookie check for the session id?

thanks.