0
我正在购物车,我不确定在哪里或哪些页面编码我的INSERT INTO语句。将数据插入购物车的数据库中
viewProducts.php
<?php
if (isset($_SESSION['cartCity'])) {
$sql = "SELECT * FROM productsc WHERE id_product IN (";
foreach ($_SESSION['cartCity'] as $id => $value) {
$sql .= $id . ",";
}
$sql = substr($sql, 0, -1) . ") ORDER BY id_product ASC";
$query = mysql_query($sql);
if (!empty($query)) {
while ($row = mysql_fetch_assoc($query)) {
?>
<p><?php echo $row['name']; ?><?php echo " x " . $_SESSION['cartCity'][$row['id_product']]['quantity']; ?></p>
<?php
}
} else {
echo "<i>You need to add an item to your cart for it to be visible here</i><br />";
}
} else {
echo "<p>Your cart is empty. <br/> Please add some products</p>";
}
echo "<a href='viewProductsCity.php?page=cartCity'>Go to Cart</a>";
echo "<a href='checkout.php'>Checkout</a>";
?>
,或者我应该在购物车或viewAdd增加(这是对码当客户点击添加到购物车按钮运行)的网页?
有点偏离主题,但您的代码易受SQL注入攻击。 – Jeremy1026 2013-04-11 15:22:06
的含义? @ Jeremy1026 – nur 2013-04-11 15:23:09
而不是努力与boilerplate通用php代码,为什么不采取像http://codeigniter.com库?它有一个集成的购物车功能。 – Jakub 2013-04-11 15:23:22