PHP MYSQL如果结帐成功,则从数据库中清除购物车数据
如果结帐成功,我正在尝试从数据库中清除/删除购物车数据。
这是我网站上的表格
这是继续检出按钮
的过程
<?php
function emptyCart(){
// delete query
$cID = $_SESSION['cID'];
$query = "DELETE FROM cart WHERE customer_id = $cID";
$stmt = $this->conn->prepare($query);
if($stmt->execute()){
return true;
}
return false;
}
if (isset($_POST['checkout-submit'])) {
$cID = $_POST['customer_id'];
require 'dbh.inc.php';
$order_Fname = mysqli_real_escape_string($conn, $_POST['order_Fname']);
$order_Lname = mysqli_real_escape_string($conn, $_POST['order_Lname']);
$order_name = $order_Fname .' '. $order_Lname;
$order_number = 'PSAU000';
$order_phone = mysqli_real_escape_string($conn, $_POST['order_phone']);
$order_email = mysqli_real_escape_string($conn, $_POST['order_email']);
$order_Addrs = mysqli_real_escape_string($conn, $_POST['order_Addrs']);
$order_Addrs2 = mysqli_real_escape_string($conn, $_POST['order_Addrs2']);
$pro = mysqli_real_escape_string($conn, $_POST['pro']);
$mun = mysqli_real_escape_string($conn, $_POST['mun']);
$bar = mysqli_real_escape_string($conn, $_POST['bar']);
$order_address = $order_Addrs .', '. $order_Addrs2 .', '. $pro .', '. $mun .', '. $bar;
$sql = "INSERT INTO orders (order_number, order_name, order_phone, order_email, order_address, order_date)
VALUES ('$order_number','$order_name','$order_phone','$order_email','$order_address', NOW())";
if ($conn->query($sql) === TRUE) {
$msg1 = "Item-Ordered-Succesfully.";
header("Location: ../checkout.php?msg=$msg1");
emptyCart();
exit();
} else {
$msg2 = "Please-try-again.";
header("Location: ../checkout.php?msg=$msg2");
exit();
}
}
else {
header ("Location: ../index.php");
exit();
}
此过程将在 ORDERS TABLE (订单表)上插入表格值,但购物车中仍然有商品。
1 个答案:
答案 0 :(得分:0)
因此,结帐成功后,我可以通过在$ sql中添加多个查询来删除CART列中的数据。
$sql = "INSERT INTO orders (order_number, order_name, order_phone, order_email, order_address, order_date)
VALUES ('$order_number','$order_name','$order_phone','$order_email','$order_address', NOW()); DELETE FROM cart WHERE customer_id = $cID";
并
从
if ($conn->query($sql) === TRUE) {
进入
if ($conn->multi_query($sql)) {
<?php
if (isset($_POST['checkout-submit'])) {
$cID = $_POST['customer_id'];
require 'dbh.inc.php';
$order_Fname = mysqli_real_escape_string($conn, $_POST['order_Fname']);
$order_Lname = mysqli_real_escape_string($conn, $_POST['order_Lname']);
$order_name = $order_Fname .' '. $order_Lname;
$order_number = 'PSAU000';
$order_phone = mysqli_real_escape_string($conn, $_POST['order_phone']);
$order_email = mysqli_real_escape_string($conn, $_POST['order_email']);
$order_Addrs = mysqli_real_escape_string($conn, $_POST['order_Addrs']);
$order_Addrs2 = mysqli_real_escape_string($conn, $_POST['order_Addrs2']);
$pro = mysqli_real_escape_string($conn, $_POST['pro']);
$mun = mysqli_real_escape_string($conn, $_POST['mun']);
$bar = mysqli_real_escape_string($conn, $_POST['bar']);
$order_address = $order_Addrs .', '. $order_Addrs2 .', '. $pro .', '. $mun .', '. $bar;
$sql = "INSERT INTO orders (order_number, order_name, order_phone, order_email, order_address, order_date)
VALUES ('$order_number','$order_name','$order_phone','$order_email','$order_address', NOW()); DELETE FROM cart WHERE customer_id = $cID";
// $sql. = "DELETE FROM cart WHERE customer_id = $cID";
if ($conn->multi_query($sql)) {
$msg1 = "Item-Ordered-Succesfully.";
header("Location: ../checkout.php?msg=$msg1");
exit();
} else {
$msg2 = "Please-try-again.";
header("Location: ../checkout.php?msg=$msg2");
exit();
}
}
else {
header ("Location: ../index.php");
exit();
}
感谢您的先前评论,我将尝试研究那些PDO和有关sql注入的信息。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?