dpp42324 2018-01-11 09:11
浏览 49
已采纳

如何将文本和查询结果组合为PHP变量的值

I have a variable ($html) which has some value assigned to it (Later I need to save it as PDF with MPDF). A part of it's value is generated by making query to database. Right now the code looks like...

$html = '
<html>
    <head>...</head>

    <body>
        <table>
        <thead>
        <tr>
           <td>ITEM NAME</td>
           <td>QTY</td>
           <td>PRICE</td>
           <td>TOTAL</td>
        </tr>
        </thead>

        <tbody>'.

        $items_query = "SELECT * FROM cart WHERE u_id='$u_id'"
        or die('Error Querying Database...');

        $run_items_query = mysqli_query($con, $items_query);

        while($row_query = mysqli_fetch_array($run_items_query)){

            $item = $row_query['p_name'];
            $unit_price = $row_query['price'];
            $qty = $row_query['qty'];
            $price = $unit_price*$qty;

            echo'
                <tr>
                    <td>'.$item.'</td>
                    <td>'.$qty.'</td>
                    <td>'.$unit_price.'</td>
                    <td>'.$price.'</td>
                </tr>
            ';
        }

        '<tr>
           <td>TOTAL:</td>
           <td>0000</td>
        </tr>
        </tbody>
        </table>
    </body>
</html>';

What I am doing here is - Creating simple table and adding all the <td> via SQL Query. I can't get how to concatenate simple text part and query result part as value to the $html variable. Right now it shows only the first part of the value before query start and then shows this - 'SELECT * FROM cart WHERE u_id='ee0fivtt9tq39i5mpdhtf9v051' ... not the <td> that it gets. Please let me know if you can figure out what I am doing wrong...

  • 写回答

1条回答 默认 最新

  • doutang3077 2018-01-11 09:18
    关注

    Use $html parameter to concatenate a further string with . check the answer and the query you are using is voluntary to SQL injection instead I have updated query to parameterized which will secure you from SQL injection.

    $html = '
<html>
<head>...</head>

<body>
    <table>
    <thead>
    <tr>
       <td>ITEM NAME</td>
       <td>QTY</td>
       <td>PRICE</td>
       <td>TOTAL</td>
    </tr>
    </thead>

    <tbody>';

    $items_query = "SELECT * FROM cart WHERE u_id=?";
    //or die('Error Querying Database...'); this don't needs to be here

    $query = $con->prepare($item_query);
    $query->bind_param('s', $u_id);
    //$run_items_query = mysqli_query($con, $items_query);
    $result = $query->execute();
    while($row_query = $result->fetch_assoc()){

        $item = $row_query['p_name'];
        $unit_price = $row_query['price'];
        $qty = $row_query['qty'];
        $price = $unit_price*$qty;

        $html .='
            <tr>
                <td>'.$item.'</td>
                <td>'.$qty.'</td>
                <td>'.$unit_price.'</td>
                <td>'.$price.'</td>
            </tr>
        ';
    }

    $html .= '<tr>
       <td>TOTAL:</td>
       <td>0000</td>
    </tr>
    </tbody>
    </table>
    </body>
</html>';

echo $html;

    Enjoy :-)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于#java#的问题,请各位专家解答!
  • ¥15 急matlab编程仿真二阶震荡系统
  • ¥20 TEC-9的数据通路实验
  • ¥15 ue5 .3之前好好的现在只要是激活关卡就会崩溃
  • ¥50 MATLAB实现圆柱体容器内球形颗粒堆积
  • ¥15 python如何将动态的多个子列表,拼接后进行集合的交集
  • ¥20 vitis-ai量化基于pytorch框架下的yolov5模型
  • ¥15 如何实现H5在QQ平台上的二次分享卡片效果?
  • ¥30 求解达问题(有红包)
  • ¥15 请解包一个pak文件