为什么我的PHP mysql代码接受购物车中零产品的客户订单?

时间:2018-07-08 20:15:01

标签: php mysql e-commerce

我用PHP和mysql开发了一个在线购物网站。当客户下订单时,首先,我要检查他的购物车中是否有任何产品。如果没有产品,他将无法下订单并向他显示购物车为空的消息,并将其重定向到主页。 但是今天,有人以某种方式设法在购物车中没有单个产品的情况下下订单。这怎么可能呢?是否有可能代码有时可能无法正确执行?如果没有,我的情况怎么发生的?

我正在发布用于保存客户订单的代码行。

<?php
session_start();
include "connection.php";

if (isset($_POST['submit'])){
$cutomer_id=$_SESSION['customer_id'];
$customer_address=$_POST['delivery_address'];
$customer_name=$_POST['customer_name'];
$session_id= session_id();

//IF CART EMPTY THEN REJECT ORDER
$strSql= "select * from cart where session_id='" .$session_id."'";

    $result= mysqli_query ($con,$strSql);
    //if nothing found in cart then opt out
    $count_prods = mysqli_num_rows($result);

                            if($count_prods==0){

                            echo "Your cart is empty";
                            exit;
                            }
//UPDATE THE DELIVERY ADDRESS OF THE CUSTOMER
$update_address="UPDATE user_info SET address1='$customer_address', first_name='$customer_name' WHERE user_id='$cutomer_id'";

$success= mysqli_query($con,$update_address);

//making order number
$strsql2="SELECT NEXTval('order_number_producer') as order_number";
    $result2=mysqli_query($con,$strsql2);
    $got_it=mysqli_fetch_assoc($result2);
    $order_number=$got_it['order_number'];

//first insert into new orders

date_default_timezone_set("Asia/Delhi");
$orderTime=date("d-m-Y h:i:s A");

$strsql3="INSERT INTO new_order (order_number, customer_id, order_status,delivery_date, delivery_time,order_time) VALUES ('$order_number','$cutomer_id','processing','$delivery_date','$delivery_time','$orderTime')";
$successfull= mysqli_query($con,$strsql3);

//Now insert order details into order_details table

$strSql= "select * from cart where session_id='" .$session_id."'";

    $result= mysqli_query($con,$strSql);
    while ($rows= mysqli_fetch_assoc($result)){
    $p_id       =$rows['p_id'];
    $qty    = $rows['qty'];
    $price  = $rows['price'];


$strsqlOrderDetails="INSERT INTO order_details(order_number, product_id, qty, price) VALUES ('$order_number','$p_id','$qty','$price')";
    $done= mysqli_query($con,$strsqlOrderDetails);

}

//New order created, ordered products inserted...NOW CLEAR THE CART OF   CUSTOMER
$clearcart=$strSql= "delete from cart where session_id='" .$session_id."'";

    $cleared= mysqli_query($con,$clearcart);
echo "Order submitted. Your order number is # $order_number";

}
?>

1 个答案:

答案 0 :(得分:0)

听起来像是臭名昭著的按钮双击问题。看起来是第一次点击完成订单,结果购物车被清空了。

然后第二次(双击)找不到订单?

也许尝试通过双击按钮来模拟这种行为,如果这是罪魁祸首,请添加一些JavaScript来防止双击按钮。