Question

以下是我的结帐页面的一些代码。我是php的新手，这是我的第一个学期，我仍然在苦苦挣扎。此页面收集添加到购物车的订单，并完美显示和合计订单。这是我的问题。

有时会有OrderIn产品，并且可能没有或多于一个，也可能有OrderOut产品，或者没有。很复杂，我知道。我可能想做太多。当我按下付款此发票按钮时，我想收集订单ID，无论多少或什么样的，（out或in）并将订单ID付费设置为是，并插入OrderId＆＃39;进入相应的发票，invoice_in或invoice_out，并设置为NO。

这是否可能，它正在更改OrderId_in，第一个产品仅更改为yes，现在我收到了＃34的MySQL错误;您的SQL语法出错了;查看与您的MySQL服务器版本相对应的手册，以便在＆＃39; 75.18＆＃39;＆＃39; No＆＃39;）附近使用正确的语法。在第2行和第34行。我可以在这里使用一些方向。

<div class="tablecheckOut">
<form action='checkout.php' method='post'>
<p><strong>Purchases this invoice: </strong><br><br>
<?php
echo "<table class='middlecheckOut'> 
<tr>
<td class='td2'><b>Order ID: </b></td>
<td class='td2'><b>Product Name: </b></td>
<td class='td2'><b>Quantity: </b></td>
<td class='td2'><b>Price: </b></td>
</tr>";

if (isset($_GET['user_id'])) {     
    $user_id = $_GET['user_id']; 
} elseif (isset($_POST['user_id']))  {    
    $user_id = $_POST['user_id'];
} 

$display="SELECT * 
    FROM order_instate JOIN in_Product ON 
    order_instate.ip_id = in_product.ip_id
    WHERE user_id = '$user_id'; " ; 

$displayResult = @mysqli_query($dbhandle, $display)
            or die(mysqli_error($dbhandle));

$priceIn = 0;
while($row = mysqli_fetch_array($displayResult, MYSQLI_ASSOC)) { 
    if($row['orderIn_paid'] == "No") {      
echo "<tr>
<input type='hidden' name='ip_id' value='" . $row['ip_id'] . "' />
<td class='td2'>" . $row['orderIn_id'] . " &nbsp&nbsp</td>
<td class='td2'>" . $row['ip_name'] . " &nbsp&nbsp</td>
<td class='td2'>" . $row['orderIn_quantity'] . " &nbsp&nbsp</td>
<td class='td2'>$" . $row['orderIn_total'] . " &nbsp&nbsp</td>
 </tr>";

 $priceIn += $row['orderIn_total'];
 $orderIn_id = $row['orderIn_id'];
 $_SESSION['orderIn'] = $orderIn_id;
    }
 }

 if (isset($_GET['user_id'])) {     
    $user_id = $_GET['user_id']; 
} elseif (isset($_POST['user_id']))  {    
    $user_id = $_POST['user_id'];
} 

$display2="SELECT * 
    FROM order_outstate JOIN op_Product ON 
    order_outstate.op_id = op_product.op_id
    WHERE user_id = '$user_id'; " ; 

$displayResult2 = @mysqli_query($dbhandle, $display2)
            or die(mysqli_error($dbhandle));

 $priceOut = 0;
while($row2 = mysqli_fetch_array($displayResult2, MYSQLI_ASSOC)) { 
    if($row2['orderOut_paid'] == "No") {        
echo "<tr>
<input type='hidden' name='op_id' value='" . $row2['op_id'] . "' />
<td class='td2'>" . $row2['orderOut_id'] . " &nbsp&nbsp</td>
<td class='td2'>" . $row2['op_name'] . " &nbsp&nbsp</td>
<td class='td2'>" . $row2['orderOut_quantity'] . " &nbsp&nbsp</td>
<td class='td2'>$" . $row2['orderOut_total'] . " &nbsp&nbsp</td>
 </tr>";

 $priceOut += $row2['orderOut_total'];
 $orderOut_id = $row['orderOut_id'];
 $_SESSION['orderOut'] = $orderOut_id;

    }
 }
echo "</table>";

$subtotal = 0;
$tax = 0;
$gtotal = 0;
$subtotal = number_format($priceIn + $priceOut, 2);
$tax = number_format($subtotal * .074, 2);
$gtotal = number_format($subtotal + $tax, 2);

?>
</p>
<p><strong>Total Amount of Purchase(s): <?php echo "$" . " $subtotal " ?></strong></p>
<p><strong>Tax this invoice (7.4%): <?php echo "$" . " $tax " ?>  </strong></p>
<p><strong>Grand Total of Invoice: <?php echo "$" . " $gtotal " ?>  </strong></p>
<p>             
<input type="submit" name="submit" value="Pay This Invoice" style="width: 162px; height:   37px" >
<input type="button" name="print" value="Print This Invoice" style="width:162px; height: 37px" onclick="window.print()">
</p>
</form>
</div> 
</body>
</html>
<?php

if($_SERVER['METHOD'] == 'POST') {

    if(isset($_SESSION['orderIn'])) {
        $orderIn_id = $_SESSION['orderIn'];
        $orderIn_paid = "Yes";


    $changeVal="UPDATE order_instate
                 SET orderIn_paid = '$orderIn_paid'
                 WHERE orderIn_id = '$orderIn_id'; " ; 

    $changeCheck=mysqli_query($dbhandle, $changeVal) 
                        or die(mysqli_error($dbhandle));
     }


    if(isset($_SESSION['orderOut'])) {          
        $orderOut_id = $_SESSION['orderOut'];       
        $orderOut_paid = "Yes";


    $changeVal2="UPDATE order_outstate
                 SET  orderOut_paid = '$orderOut_paid'
                 WHERE orderOut_id = '$orderOut_id'; " ; 

    $changeCheck2=mysqli_query($dbhandle, $changeVal2) 
                        or die(mysqli_error($dbhandle));
    }

    $invoiceIn_total = 0;
    $invoiceIn_total = $gtotal;
    $invoiceIn_shipped = "No";

    $add ="INSERT INTO invoice_in(user_id, orderIn_id, invoiceIn_total, invoiceIn_shipped)
                VALUES ('$user_id', '$orderIn_id '$invoiceIn_total', '$invoiceIn_shipped')"; 

    $addCheck=mysqli_query($dbhandle, $add)
                        or die(mysqli_error($dbhandle));

    $invoiceOut_total = 0;
    $invoiceOut_total = $gtotal;
    $invoiceOut_shipped = "No";


    $add2 ="INSERT INTO invoice_out(user_id, orderOut_id, invoiceOut_total, invoiceOut_shipped)
                VALUES ('$user_id', '$orderOut_total '$invoiceOut_total', '$invoiceOut_shipped')"; 

    $addCheck2=mysqli_query($dbhandle, $add2)
                        or die(mysqli_error($dbhandle));

    header("location: userOrders.php");
}

?>

Answer 1

您的代码存在一些问题。

有＆＃39; S

VALUES ('$user_id', '$orderIn_id  '$invoiceIn_total',
                                ^^

缺少引号和逗号

DO

VALUES ('$user_id', '$orderIn_id',  '$invoiceIn_total',

同样的事情

VALUES ('$user_id', '$orderOut_total  '$invoiceOut_total',
                                    ^^

DO

VALUES ('$user_id', '$orderOut_total', '$invoiceOut_total',

是SQL错误的来源。

您的发布的代码中未定义

$orderOut_total。

另外，根据您的评论：

＆＃34; Fred，我发现为什么我的OrderOut_id没有填充，我发现语法错误，我创建并定义变量而不使用正确的$ row2来抓取它。它现在适用于OrderIn和OrderOut，虽然我没有测试多个订单。但是我得到它的工作，感谢Fred，我找到了确切的语法错误。＆＃34;

这是问题的最终解决方案。

我必须注意您的现有代码对SQL injection开放。使用prepared statements或PDO with prepared statements，他们更安全。

将error reporting添加到文件的顶部，这有助于查找错误。

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

旁注：错误报告应仅在暂存时完成，而不是生产。

php和mysql更新两个表的问题，并用一个按钮插入两个表

1 个答案: