I want to list some products out of an SQL-DB, which works perfectly. Now the user should click on two different buttons to add +1 to the amount of this specific product and subtract -1 of this.
This is how my front-end looks like:
<?php
require_once('../system/config.php');
require_once('../system/server.php');
// Create connection
$conn = new mysqli($db_host, $db_user, $db_pass, $db_name);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT item, count, date FROM shop";
$result = $conn->query($sql);
?>
[...]
<form>
<table>
<form method="post" action="frontend.php">
<tr>
<th></th>
<th></th>
<th>Amount</th>
<th>Item</th>
<th>Date</th>
<th></th>
</tr>
<?php while($row = mysqli_fetch_array($result)):?>
<tr>
<td><button class="delete" name="delete">x</button></td>
<td><button class="minus" name="minus">-</button></td>
<td><?php echo $row['count'];?></td>
<td><?php echo $row['item'];?></td>
<td><?php echo $row['date'];?></td>
<td><button class="plus" name="plus">+</button></td>
</tr>
</form>
<?php endwhile;?>
</table>
</form>
Here works everything so far, it lists the datas out of the DB.
For my backend-code I thought I will work with 'UPDATE'. I post only one function, the two others are quiet similar.
$db = mysqli_connect('xxx', 'xxx', 'xxx', 'xx');
//Item add
if (isset($_POST['plus'])) {
$count = mysqli_real_escape_string($db, $_POST['count']);
$query = "UPDATE `shop` SET `count` = `count` + 1 WHERE `id` = '51'";
mysqli_query($db, $query) or die(mysqli_error($db));
header('location: frontend.php');
};
It works if I give a specific ID-number. What can I do if I want the ID who should be changed is the ID the column where the button is clicked?
What really should be done is:
<!-- NOTE: no <form> tags around and inside <table> -->
<table>
<tr>
<th></th>
<th></th>
<th>Amount</th>
<th>Item</th>
<th>Date</th>
<th></th>
</tr>
<?php while($row = mysqli_fetch_array($result)):?>
<tr>
<td>
<!-- form tag appears here -->
<form method="post" action="frontend.php">
<button type="submit" class="delete" name="delete">x</button>
<input type="hidden" name="item_id" value="<?php echo $row['id'];?>" />
</form>
</td>
<td>
<!-- form tag appears here -->
<form method="post" action="frontend.php">
<button type="submit" class="minus" name="minus">-</button>
<input type="hidden" name="item_id" value="<?php echo $row['id'];?>" />
</form>
</td>
<td><?php echo $row['count'];?></td>
<td><?php echo $row['item'];?></td>
<td><?php echo $row['date'];?></td>
<td>
<!-- form tag appears here -->
<form method="post" action="frontend.php">
<button type="submit" class="plus" name="plus">+</button>
<!-- also `input` with type hidden appears, which holds
the ID of current value (I assume it is `id` column) -->
<input type="hidden" name="item_id" value="<?php echo $row['id'];?>" />
</form>
</td>
</tr>
<?php endwhile;?>
On server side:
if (isset($_POST['plus'])) {
// you don't need $count
//$count = mysqli_real_escape_string($db, $_POST['count']);
$query = "UPDATE `shop` SET `count` = `count` + 1 WHERE `id` = ?";
// As we receive data from user input, it should be considered
// not safe that's why we use prepared statements
$stmt = $db->prepare($query);
$stmt->bind_param('s', $_POST['item_id']);
$stmt->execute();
header('location: frontend.php');
};
// similar code can be used to `delete`/`minus` actions
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.