dongzhuonao8429 2018-11-02 23:58
浏览 20
已采纳

添加到购物车按钮不是在数据库中添加项目

I'm new to php and I'm trying to add items to my DB table (cart) but when I click on 'add to cart' nothing happens. The button is displayed through the function getPro, which is below. 

function cart(){
if(isset($_GET['add_cart'])){

    global $con;    

    $ip = getIp();

    $pro_id = $_GET['add_cart'];

    $check_pro = "SELECT * FROM cart where ip_add='$ip' and p_id='$pro_id'";

    $run_check = mysqli_query($con, $check_pro);

    if(mysqli_num_rows($run_check)>0){
        echo "";
    }
    else {

        $insert_pro = "insert into cart(p_id,ip_add) values ('$pro_id','$ip')";

        $run_pro = mysqli_query($con, $insert_pro);

            echo "<script>window.open('index.php','_self')</script>";

    }
}}

Add to cart button is echoed by this function. 

function getPro(){

    global $con;

    $get_pro = "select * from products order by RAND() LIMIT 0,6";

    $run_pro = mysqli_query($con, $get_pro);

        while ($row_brand_pro=mysqli_fetch_array($run_pro)) {

            $pro_id = $row_brand_pro['product_id'];
            $pro_cat = $row_brand_pro['product_cat'];
            $pro_brand = $row_brand_pro['product_brand'];
            $pro_title = $row_brand_pro['product_title'];
            $pro_price  = $row_brand_pro['product_price'];
            $pro_image = $row_brand_pro['product_image'];

            echo "
               <a href='index.php?add_cart=$pro_id'><button style='float:right;'>Add to Cart</button></a>
                </div>
            ";

        }
    }
}
  • 写回答

1条回答 默认 最新

  • dongsuichi6529 2018-11-03 04:53
    关注

    I can't really solve this for you because the problem could be anywhere, but you have some issues that should be resolved, hopefully some of what I am demonstrating will be useful:

    1) If at all possible, use a framework instead, a lot of what you are doing is already solved (securely) by free frameworks. If you are dead-set on this:

    2) Try to avoid using global, you can inject the database instead:

    cart($con);

    3) Split out your functions a bit more, each function is doing too much:

    # Try to make this more flexible by adding the limits as variables
# Also, you might decide that random is not a great idea, so this allows you
# to change that at each instance
# Also, if you leave the columns flexible, you will make your function that
# much more useful
function getProducts($con, $cols = '*', $page = 0, $limit = 6, $rand = true)
{
    # Perhaps you don't want to limit one day
    $limitSql = (!empty($page) || !empty($limit))? "LIMIT {$page}, {$limit}" : "";
    # This allows you to insert an array and only select certain columns
    $cols  = (is_array($cols))? implode(", ", $cols) : $cols;
    # Only add the randomness if you want to (default is to randomize)
    $sql   = ($rand)? "ORDER BY RAND()" : '';
    # Create your dynamic statement
    $stmnt = "SELECT {$cols} FROM products {$sql} {$limitSql}";
    $query = mysqli_query($con, $stmnt);
    # Have this just assemble the values, don't echo anything
    while ($result = mysqli_fetch_array($query)) {
        $row[] = $result;
    }
    # Send back the results
    return (!empty($row))? $row : [];
}

    Using this function:

    # This would give you results with just the two columns with 10 results, no random
$products = getProducts($con, array("product_id", "product_title"), 0, 10, false);
# This should just return the count
$products = getProducts($con, "COUNT(*) as count", false, false, false);

    So, now that you have this function, you write the loop in the view:

    <?php foreach(getProducts($con, 'product_id') as $row): ?>

<!-- Now you have only pulled the one column required for this use -->
<a href="index.php?add_cart=<?php echo $row['product_id'] ?>">Add to Cart</a>

<?php endforeach ?>

    4) This cart function is more problematic, it has a few issues. a) You need to bind parameters if your values from the user are not numeric, what you have is an sql injection and is a security issue b) You should split this function into two, c) You should leave the echoing outside in the view. d) If you are storing carts by ip, I would maybe not do that, more than one computer can have the same ip if they are using a VPN or on the same network. A cookie may be a better solution:

    function itemExists($con, $pid, $ip)
{
    $stmnt = "SELECT * FROM cart WHERE ip_add = '{$ip}' and p_id = '{$pid}'";
    $query = mysqli_query($con, $stmnt);

    return (mysqli_num_rows($query) > 0);
}

function addToCart($con, $pid, $qty = 1)
{
    # Since you aren't binding, you need some sort of safeguard here, I am assuming
    # your product id values are numeric. If not, you definitely need to bind parameters
    if(!is_numeric($pid))
        return false;
    # Same here, you need to make sure nothing but numbers get through (or bind)
    if(!is_numeric($qty))
        $qty = 1;
    # Pass on your connection and pid, inject the getIp() function if you choose 
    # to keep using it
    $itemExists = itemExists($con, $pid, getIp());
    # Confirm the item has no row in database
    if($itemExists)
        # Stop if it does
        return false;
    # You may want to echo here to see if this is what you expect
    $stmnt = "insert into cart(p_id, ip_add) values ('{$pid}', '{$ip}')";
    # I use PDO, but I am sure you can get an error back on this if the sql
    # fails for whatever reason, that is a good place to start for your issue
    $query = mysqli_query($con, $stmnt);
    # Run this again to make sure it inserted
    return itemExists($con, $pid, getIp());
}

    Now in your view:

    if(!empty($_GET['add_cart'])) {
    # When you add to cart, there should be some feed back to whether it was successful
    $success = addToCart($con, $_GET['add_cart']);
    # If not you can echo it
    if(!$success)
        echo '<div class="msg error">An error occurred adding item to cart.</div>';
}

    Anyway, hopefully this is useful, but you should think about 1) using a framework and if not, then use the OOP version of mysqli (or PDO) because the binding of parameters is much easier (I find) than the functional mysqli library.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效