插入记录

时间:2018-02-20 08:11:08

标签: php html mysql

我无法插入结算信息的记录。我不知道为什么。 SQL查询看起来不错。

我没有看到任何错误。这就是为什么我不知道发生了什么。

我该怎么做才能解决这个问题?

 
	
  <?php
	include("includes/db1.php");
	include("includes/functions1.php");
	
	error_reporting(E_ERROR);
	if($_REQUEST['command']=='update'){
		$name=$_REQUEST['name'];
		$email=$_REQUEST['email'];
		$address=$_REQUEST['address'];
		$phone=$_REQUEST['phone'];
		
		$result=mysql_query("insert into customers (name,email,phone,address,date,status) values('$name','$email','$phone','$address','Pending')");
		$customerid=mysql_insert_id();
		$date=date('Y-m-d');
		$result=mysql_query("insert into orders values('','$date','$customerid')");
		$orderid=mysql_insert_id();
		
		$max=count($_SESSION['cart']);
		for($i=0;$i<$max;$i++){
			$pid=$_SESSION['cart'][$i]['id'];
			$q=$_SESSION['cart'][$i]['qty'];
			$price=get_price($pid);
			mysql_query("insert into order_detail values ($orderid,$pid,$q,$price)");
		}
		die('Thank You! your order has been placed! <a href="customer.php">go home</a>');
	}
?>
<br> 
    </div>
<form name="form1" onsubmit="return validate()">
    <input type="hidden" name="command" />
	<div align="center">
        <h1 align="center">Billing Info</h1>
        <table border="0" cellpadding="2px">
            <tr><td>Your Name:</td><td><input type="text" name="name" required/></td></tr>
            <tr><td>Address:</td><td><input type="text" name="address" required/></td></tr>
            <tr><td>Email:</td><td><input type="text" name="email" required/></td></tr>
            <tr><td>Phone:</td><td><input type="text" name="phone" required/></td></tr>
            <tr><td>&nbsp;</td><td><input type="submit" value="Place Order" /></td></tr>
        </table>
	</div>
</form>

2 个答案:

答案 0 :(得分:0)

试试这个 mysql_error()你会得到需要解决的错误

 $result=mysql_query("insert into customers (name,email,phone,address,date,status) values('$name','$email','$phone','$address','Pending')") or die(mysql_error());

答案 1 :(得分:0)

我首先使用prepared statements。这有助于理解您的查询(i.m.o),并且从安全角度来看是必须的(永远不要相信用户输入)。

您的代码看起来与使用预准备语句时类似:

dbconnection.php

<?php
  define("Servername", "192.168.1.11"); // ip of the db server
  define('Username', 'john'); // the username to authenticate to the db server
  define('Password', '40cb6fc6bd8e760d23f257c'); // the password for authentication
  define('DBname', 'my db'); // the database to use.

  function getconn(){
    $conn = new mysqli(Servername, Username, Password, DBname);
  }
?>

main.php

<?php
  include("dbconnection.php");
  $conn = getconn();      

  if($_REQUEST["command"]=="update"){
    $name=$_REQUEST["name"];
    $email=$_REQUEST["email"];
    $address=$_REQUEST["address"];
    $phone=$_REQUEST["phone"];

    // Create the customer.
    $stmt = $conn->prepare("insert into customers (name,email,phone,address,date,status) values(?, ?, ?, ?, ?, ?)");
    $stmt->bind_param("ssssss", $name, $email, $phone, $address, $status);
    $status = "Pending";
    $stmt->execute();     
    $customerid=$stmt->insert_id;
    $date=date('Y-m-d');
    $stmt->close();

    // Create the order
    $stmt = $conn->prepare("insert into orders (col2, col3) values (?, ?);");
    $stmt->bind_param("si", $date, $customerid);
    $stmt->execute();
    $orderid = $stmt->insert_id;
    $stmt->close(); 

    // create the order details
    $stmt = $conn->prepare("insert into order_detail (col1, col2, col3, col4) values (?, ?, ?, ?)($orderid,$pid,$q,$price)")
    $stmt->bind_param("isss", $orderid, $pid, $q, $price);
    for($i=0; $i < count($_SESSION['cart']); $i++){
        $pid=$_SESSION['cart'][$i]['id'];
        $q=$_SESSION['cart'][$i]['qty'];
        $price=get_price($pid);
        $stmt->execute();
    }
    // clean up after yourself.
    $stmt->close();
    $conn->close();
    die('Thank You! your order has been placed! <a href="customer.php">go home</a>');
  }
?>

在上面的代码中,您需要将colx定义为相应的列名

我发现像这样的代码构建会给你一个很好的线索,当它不起作用时会出现什么问题。查看您的Web服务器(apache2 / nginx / etc)error.log,了解它是否会发生。

除了使用准备好的陈述外,你应该研究input validation