在将数据插入数据库的查询之前,所有工作都会进行。我尝试过只使用一个变量插入数据库,但我仍然无法使查询正常运行。这可能只是一个我错过的简单错字,但我似乎无法找到它。
HTML选择页面
Public Sub TestMe()
Cells.Font.Color = vbBlack
ActiveSheet.UsedRange.Font.Color = vbBlue
End Sub
PHP订单概述页面
<!DOCTYPE html>
<html>
<head>
<title></title>
<style>
* {
margin: 0;
padding: 0;
}
#container {
margin: 15px auto;
width: 700px;
border: 1px solid #cccccc;
border-radius: 3px;
}
.title-container {
padding: 20px;
}
.title {
font-size: 28px;
margin: 20px;
}
.price {
color: red;
}
img {
width: 100%;
height: auto;
margin: 0;
padding: 0;
}
#submit {
width: 100%;
text-align: center;
background-color: red;
color: white;
padding: 15px;
border: 0;
margin-bottom: 20px;
font-size: 20px;
}
</style>
</head>
<body>
<div id="container">
<form action="checkout.php" method="post">
<div class="product">
<div class="title-container">
<input type="radio" name="game" value="Assassin's Creed II"><span class="title">Assassin's Creed II - <span class="price">$15.99</span><br />
</div>
<img src="assassin2.png">
</div>
<div class="product">
<div class="title-container">
<input type="radio" name="game" value="Assassin's Creed Brotherhood"><span class="title">Assassin's Creed Brotherhood - <span class="price">$19.99</span><br />
</div>
<img src="brotherhood.jpg">
</div>
<div class="product">
<div class="title-container">
<input type="radio" name="game" value="Assassin's Creed Revelations"><span class="title">Assassin's Creed Revelations - <span class="price">$24.99</span><br />
</div>
<img src="revelations.jpg">
</div>
<h4>Enter quantity: <input type="number" size="2" name="qty"></h4>
<input type="submit" value="Checkout" id="submit">
</form>
</div>
</body>
</html>
PHP插入页面
<?php
session_start();
$game = $_POST['game'];
$qty = $_POST['qty'];
$_SESSION['sale_game'] = $game;
$_SESSION['sale_qty'] = $qty;
$price;
$subtotal;
if ($game == "Assassin's Creed II") {
$price = 15.99;
} elseif ($game == "Assassin's Creed Brotherhood") {
$price = 19.99;
} elseif ($game == "Assassin's Creed Revelations") {
$price = 24.99;
}
$_SESSION['sale_price'] = $price;
$subtotal = $price * $qty;
$_SESSION['sale_subtotal'] = $subtotal;
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
<style>
* {
margin: 0;
padding: 0;
}
#container {
width: 1000px;
margin: 15px auto;
border: 1px solid black;
overflow: auto;
}
#image-container {
float: left;
padding: 10px;
}
#info-container {
float: left;
padding: 20px;
}
h3 {
margin-left: 10px;
}
p {
margin: 10px;
}
#price {
color: red;
}
#user-info-container {
clear: both;
padding: 10px;
}
h2 {
color: red;
}
table {
margin: 20px auto;
font-size: 24px;
}
input {
font-size: 18px;
}
#submit {
color: white;
background-color: red;
border: 0;
padding: 10px;
border-radius: 3px;
}
</style>
</head>
<body>
<div id="container">
<div id="image-container">
<?php
if ($game == "Assassin's Creed II") {
echo "<img src='assassin2.png' width='300' height='170'/>";
} elseif ($game == "Assassin's Creed Brotherhood") {
echo "<img src='brotherhood.jpg' width='300' height='170'/>";
} elseif ($game == "Assassin's Creed Revelations") {
echo "<img src='revelations.jpg' width='300' height='170' />";
}
?>
</div>
<div id="info-container">
<h3>Checkout Info</h3>
<p><strong>Game:</strong> <?php echo $game; ?></p>
<p><strong>Price:</strong> <span id="price">$<?php echo $price; ?></span></p>
<p><strong>Quantity:</strong> <?php echo $qty; ?></p>
<p><strong>Subtotal:</strong> $<?php echo $subtotal; ?></p>
</div>
<hr style="clear: both; margin: 10px">
<div id="user-info-container">
<h2>Enter your information</h2>
<form action="insert.php" method="post">
<table cellspacing="10">
<tr>
<td>First Name</td>
<td>Last Name</td>
</tr>
<tr>
<td><input type="text" name="fName"></td>
<td><input type="text" name="lName"></td>
</tr>
<tr>
<td>Address</td>
<td></td>
</tr>
<tr>
<td colspan="2"><input type="text" name="address" style="width: 99%"></td>
</tr>
<tr>
<td>City</td>
<td>State</td>
</tr>
<tr>
<td><input type="text" name="city"></td>
<td><input type="text" name="state"></td>
</tr>
<tr>
<td>ZIP</td>
<td>Email</td>
</tr>
<tr>
<td><input type="number" name="zip"></td>
<td><input type="text" name="email"></td>
</tr>
<tr>
<td colspan="2" style="text-align: center;"><input type="submit" value="Submit Order" id="submit"></td>
</tr>
</table>
</form>
</div>
</div>
</body>
</html>
答案 0 :(得分:0)
尝试转义字符串:
<?php
session_start();
$con = new mysqli('localhost', 'root', 'root', 'purchases');
if (!$con) {
echo "Not connected to database";
} else {
$game = mysqli_real_escape_string($con,$_SESSION['sale_game']);
$qty = mysqli_real_escape_string($con,$_SESSION['sale_qty']);
$price = mysqli_real_escape_string($con,$_SESSION['sale_price']);
$subtotal = mysqli_real_escape_string($con,$_SESSION['sale_subtotal']);
$fName = mysqli_real_escape_string($con,$_POST['fName']);
$lName = mysqli_real_escape_string($con,$_POST['lName']);
$address = mysqli_real_escape_string($con,$_POST['address']);
$city = mysqli_real_escape_string($con,$_POST['city']);
$state = mysqli_real_escape_string($con,$_POST['state']);
$zip = mysqli_real_escape_string($con,$_POST['zip']);
$email = mysqli_real_escape_string($con,$_POST['email']);
$query = "INSERT INTO orders (Game, Price, Quantity, Total, fName, lName, Address, City, State, Zip, Email) VALUES ('$game', '$price', '$qty', '$subtotal', '$fName', '$lName', '$address', '$city', '$state', '$zip', '$email')";
if ($con->query($query) === TRUE) {
echo "Inserted";
} else {
echo "Not Inserted";
}
}
?>
答案 1 :(得分:0)
你应该使用预备声明和占位符
<select class="form-control" name="category" formControlName="category">
<option value="">-</option>
<option ngfor="let cat of (categories | async); let i = index" [ngValue]="cat">c:{{i}}</option>
</select>