将购物车从会话转移到数据库

时间:2012-08-23 09:21:52

标签: php mysql

我正在用php / mysql编写一个程序,其中登录的用户可以通过我存储在会话中的购物车订购商品。我想要实现的是从会话中获取此购物车信息,并在用户提交订单时将其放入我的数据库中。我的系统中不涉及任何付款信息。 我的PHP知识是低中级的基础。

我的购物车页面显示了用户购物车中的商品,通过以下方式完成。

if($_SESSION['cart']) { //if the cart isn't empty
    //show the cart
    echo "<table width=\"100%\" border=\"0\" padding=\"3\" align=\"center\">";  //format the cart using a HTML table
        echo "<tr>";
            echo "<th align=\"center\"></th>";
            echo "<th align=\"center\">Quantity</th>";
            echo "<th align=\"center\">Item</th>";
            echo "<th align=\"center\">Price</th>";
        echo "</tr>";

        //iterate through the cart, the $product_id is the key and $quantity is the value
        foreach($_SESSION['cart'] as $item_id => $quantity) {   

            //get the name, description and price from the database - this will depend on your database implementation.
            //use sprintf to make sure that $product_id is inserted into the query as a number - to prevent SQL injection
            $sql = sprintf("SELECT title, price FROM food WHERE food_id = %d;", $item_id); 

            $result = mysql_query($sql);

            //Only display the row if there is a product (though there should always be as we have already checked)
            if(mysql_num_rows($result) > 0) {

                list($title, $price) = mysql_fetch_row($result);

                $line_cost = number_format($price * $quantity, 2);      //work out the line cost
                $total = number_format($total + $line_cost, 2);         //add to the total cost

                echo "<tr>";
                    //show this information in table cells
                    echo "<td align=\"center\"><a href=\"$_SERVER[PHP_SELF]?action=remove&id=$item_id\" data-role=\"button\" data-icon=\"minus\" data-iconpos=\"notext\" data-transition=\"none\">Remove Item</a></td>";
                    echo "<td align=\"center\">$quantity</td>";
                    echo "<td>$title</td>";
                    //along with a 'remove' link next to the quantity - which links to this page, but with an action of remove, and the id of the current product
                    echo "<td align=\"center\">$$line_cost</td>";
                echo "</tr>";

            }

        }

        //show the total
        echo "<tr>";
            echo "<th colspan=\"3\" align=\"right\" >Total</th>";
            echo "<td align=\"center\">$$total</td>";
        echo "</tr>";

        //show the empty cart link - which links to this page, but with an action of empty. A simple bit of javascript in the onlick event of the link asks the user for confirmation
        echo "<tr>";
            echo "<td colspan=\"4\" align=\"right\"><a href=\"/delete_cart.php\" data-role=\"button\" data-icon=\"delete\" data-iconpos=\"left\" data-rel=\"dialog\">Empty Cart</a></td>";
        echo "</tr>";

        echo "<tr>";
            echo "<td colspan=\"4\" align=\"center\"><a href=\"/order.php\" data-role=\"button\">Order</a></td>";
        echo "</tr>";
    echo "</table>";

}else{
    //otherwise tell the user they have no items in their cart
    echo "<p align=\"center\">You have no items in your shopping cart.</p>";

}

然后在订单页面上,我再次检索购物车信息,并从用户那里获得更多细节。以下是将订单信息提交到我的订单表的代码。

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "submit_order")) {
$insertSQL = sprintf("INSERT INTO orders (user_id, `date`, total, info) VALUES (%s, %s, %s, %s)",
                   GetSQLValueString($_POST['user_id'], "int"),
                   GetSQLValueString($_POST['date'], "text"),
                   GetSQLValueString($_POST['total'], "text"),
                   GetSQLValueString($_POST['info'], "text"));

mysql_select_db($database_ngs_canteen, $ngs_canteen);
$Result1 = mysql_query($insertSQL, $ngs_canteen) or die(mysql_error());

$insertGoTo = "/ngs_canteen/submit.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}

我在将数据库的购物车会话中的项目输入时遇到问题。我在这个页面上的其他表格插入用户的ID,总价,订单日期工作正常,但我不能为我的生活弄清楚如何提交购物车项目。

我尝试过这样的事情,但到目前为止还没有成功。

$result = @mysql_query($query);
if (@mysql_affected_rows($dbc) == 1) {

// Get the Order ID.
$oid = @mysql_insert_id($dbc);

// Insert the specific order contents into the database.
$query = "INSERT INTO order_items (order_id, food_id, quantity, price) VALUES (";foreach ($_SESSION['cart'] as $item_id => $value) {
$query .= "$oid, $food_id, {$value['quantity']}, {$value['price']})";
}

任何帮助都会非常感激,即使是指向正确方向的指针也是如此。 如果您需要任何额外信息,请询问。

谢谢,杰克。

1 个答案:

答案 0 :(得分:0)

对于那些在未来遇到同样问题的人,经过大量的修改后,这里的代码就是让我有用的代码。

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "submit_order")) {
$insertSQL = sprintf("INSERT INTO orders (user_id, `date`, total) VALUES (%s, %s, %s)",
                   GetSQLValueString($_POST['user_id'], "int"),
                   GetSQLValueString($_POST['date'], "text"),
                   GetSQLValueString($_POST['total'], "text"));

mysql_select_db($database_ngs_canteen, $ngs_canteen);
$Result1 = mysql_query($insertSQL, $ngs_canteen) or die(mysql_error());

$order_id = mysql_insert_id();

if ($order_id) {
foreach ($_SESSION['cart'] as $item_id => $quantity) {
    $sql = sprintf("SELECT food_id, price FROM food WHERE food_id = %d;", $item_id); 
            $result = mysql_query($sql);
            if(mysql_num_rows($result) > 0) {
                list($food_id, $price) = mysql_fetch_row($result);
                $line_cost = number_format($price * $quantity, 2);                  
            }   
$query = sprintf("INSERT INTO order_items (order_id, food_id, quantity, cost) VALUES (%s, %s, %s, %s)",
    GetSQLValueString("$order_id", "int"),
    GetSQLValueString("$food_id", "int"),
    GetSQLValueString("$quantity", "int"),
    GetSQLValueString("$line_cost", "text"));

mysql_select_db($database_ngs_canteen, $ngs_canteen);
$Result1 = mysql_query($query, $ngs_canteen) or die(mysql_error());
}}

$insertGoTo = "/ngs_canteen/submit.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}

调用此代码后,曾经存储在会话中的用户购物车现在将完美地传输到您的数据库中。