从foreach循环插入mysqli多个值

时间:2016-03-20 20:42:05

标签: php mysqli

如何在foreach循环中的sql中插入多个值?

(它只插入我的最后一个值并不是全部,如果我在sql中添加更多值,那么当在foreach循环中只有一个值时它会复制我的插入数据。 如何在我的sql中添加唯一编号作为每个插入的订单ID? 这是我的代码...... 

<?php include'header_nav.php'; ?>


<div class="mainContent_u">
<h1> Your shopping Chart<br/>contains ...</h1>

<table class="show_cart">
<tr>
<th><strong><h3>Book Title</strong></h3></th>
<th><strong><h3>Quantity</strong></h3></th>
<th><strong><h3>Price</strong></h3></th>
<th><strong><h3>Total</strong></h3></th>
</tr>

<?php

require 'connect_db.php';
$totalPrice = 0;

foreach($_POST as $name => $value){

    if(is_numeric($value) && $value != 0 && $name != "submit"){

        $sql = "SELECT id,book, price from add_item  WHERE id = ".$name;
        $result=mysqli_query($con,$sql);    
        $row = mysqli_fetch_assoc($result);
        $price = $row['price'] * $value;
        $price = number_format($price,2);
        $totalPrice = $totalPrice + $price;
        $totalPrice = number_format($totalPrice,2);
        $qty = $value;
            $sql = "INSERT INTO orders (order_id,book_name, quantity, price_pb, price_total) VALUES ('" . $row['id'] . "','" . $row['book'] . "','" . $qty . "','" . $row['price'] . "','" . $price . "')";

    echo "<tr>";
    echo "<td>".$row['book']."</td><td>".$value."</td><td>€".$row['price']."</td><td>€".$price."</td>";
    echo "</tr>";
    }
}
    echo "</table>";
    echo "<strong><h3>Total Price: €".$totalPrice."</h3></strong>";

?>
    <p><strong>Review your shopping cart and then proceed to checkout.</strong></p>


    <a href="checkout.php"><button class="submit" >Proceed to Checkout</button></a>


     </div>
<?php include'footer.php'; ?>

如果您需要任何其他信息,请告知。

并且,为什么这个其他声明不起作用。

 foreach($_POST as $name => $value){

if(is_numeric($value) && $value != 0 && $name != "submit"){

    $sql = "SELECT id,book, price from add_item  WHERE id = ".$name;
    $result=mysqli_query($con,$sql);    
    $row = mysqli_fetch_assoc($result);
    $price = $row['price'] * $value;
    $price = number_format($price,2);
    $totalPrice = $totalPrice + $price;
    $totalPrice = number_format($totalPrice,2);
    $qty = $value;
        $sql = "INSERT INTO orders (order_id,book_name, quantity, price_pb, price_total) VALUES ('" . $row['id'] . "','" . $row['book'] . "','" . $qty . "','" . $row['price'] . "','" . $price . "')";

echo "<tr>";
echo "<td>".$row['book']."</td><td>".$value."</td><td>€".$row['price']."</td><td>€".$price."</td>";
echo "</tr>";
}else {header('location:all_books.php');}
}

谢谢,

3 个答案:

答案 0 :(得分:0)

您正在做的是对数据库执行大量请求。我会做这样的事情:

//first create something like: $id_seq= '(1,2,3,56,7674,234)';
$id_seq = implode(',',$POST);
//okay I didn't clean up the Post, but you'll get the picture hopefully :)

//Then pull your request in one go:
$sql = 'SELECT id,book, price from add_item  WHERE id IN (' . $id_seq . ')';

这样就可以为数据库保存一堆工作。我不确定它是否比使用foreach方法更便宜(如在数据库性能方面),但它是一个更整洁的编码。

然后在你的foreach中计算一个新的数据列表:

foreach ($list as $rec){
    $price = $rec['price'] * $_POST[$rec['id']];
    //complete your price and insert it in the orders-table
}

至于你的重定向问题:

else {header('location:all_books.php');}
}

它不会起作用,因为你可能在循环中早先打印了html。打印html或使用重定向,但不是两者。在重定向之前,您必须进行检查。 编辑:由于您在脚本的顶部打印了html,因此重定向无法正常工作。

答案 1 :(得分:0)

请改用PDO。它可以为您节省SQL注入攻击的麻烦。

<?php include'header_nav.php'; ?>

<div class="mainContent_u">
<h1> Your shopping Chart<br/>contains ...</h1>

<table class="show_cart">
<tr>
    <th><strong><h3>Book Title</strong></h3></th>
    <th><strong><h3>Quantity</strong></h3></th>
    <th><strong><h3>Price</strong></h3></th>
    <th><strong><h3>Total</strong></h3></th>
</tr>

<?php

    require 'connect_db.php';
    $totalPrice = 0;

    foreach($_POST as $name => $value){

    if(is_numeric($value) && $value != 0 && $name != "submit"){

    $sql = "SELECT id,book, price from add_item  WHERE id = ".$name;
    $result=mysqli_query($con,$sql);    
    while($row = mysqli_fetch_assoc($result)) {
        $price = $row['price'] * $value;
        $price = number_format($price,2);
        $totalPrice = $totalPrice + $price;
        $totalPrice = number_format($totalPrice,2);
        $qty = $value;
        $sql = "INSERT INTO orders (order_id,book_name, quantity, price_pb, price_total) VALUES ('" . $row['id'] . "','" . $row['book'] . "','" . $qty . "','" . $row['price'] . "','" . $price . "')";
        mysqli_query($con, $sql);
        echo "<tr>";
        echo "<td>".$row['book']."</td><td>".$value."</td><td>€".$row['price']."</td><td>€".$price."</td>";
        echo "</tr>";
      }
    }
}
echo "</table>";
echo "<strong><h3>Total Price: €".$totalPrice."</h3></strong>";

  ?>
  <p><strong>Review your shopping cart and then proceed to checkout.     </strong></p>


<a href="checkout.php"><button class="submit" >Proceed to Checkout</button></a>


 </div>
<?php include'footer.php'; ?>

答案 2 :(得分:0)

$sql = "SELECT id,book, price from add_item WHERE id = ".$name;如果您手动提出请求,这会给您多行吗?

相关问题
最新问题