0
我正在購物車,我不確定在哪裏或哪些頁面編碼我的INSERT INTO語句。將數據插入購物車的數據庫中
viewProducts.php
<?php
if (isset($_SESSION['cartCity'])) {
$sql = "SELECT * FROM productsc WHERE id_product IN (";
foreach ($_SESSION['cartCity'] as $id => $value) {
$sql .= $id . ",";
}
$sql = substr($sql, 0, -1) . ") ORDER BY id_product ASC";
$query = mysql_query($sql);
if (!empty($query)) {
while ($row = mysql_fetch_assoc($query)) {
?>
<p><?php echo $row['name']; ?><?php echo " x " . $_SESSION['cartCity'][$row['id_product']]['quantity']; ?></p>
<?php
}
} else {
echo "<i>You need to add an item to your cart for it to be visible here</i><br />";
}
} else {
echo "<p>Your cart is empty. <br/> Please add some products</p>";
}
echo "<a href='viewProductsCity.php?page=cartCity'>Go to Cart</a>";
echo "<a href='checkout.php'>Checkout</a>";
?>
,或者我應該在購物車或viewAdd增加(這是對碼當客戶點擊添加到購物車按鈕運行)的網頁?
有點偏離主題,但您的代碼易受SQL注入攻擊。 – Jeremy1026 2013-04-11 15:22:06
的含義? @ Jeremy1026 – nur 2013-04-11 15:23:09
而不是努力與boilerplate通用php代碼,爲什麼不採取像http://codeigniter.com庫?它有一個集成的購物車功能。 – Jakub 2013-04-11 15:23:22