[英]Storing HTML code in a variable while concatenating MySQL and PHP
我有一段代码要存储在变量中,因此可以使用dompdf将其转换为PDF
$html = '<div class="receiptContainer">
<center>
<img src="Images/logo.png" width="175px">
<h4>GOKUJOU JAPANESE RESTAURANT</h4>
<p>Total Gas Station, Hibbard Ave., Looc,<br>Dumaguete City, 6200 Negros Oriental, Philippines <br>
09985555175 | 422-1435 <br>
<?php echo date("Y-m-d h:i:sA"); ?>
</p>
<table width="90%" style="text-align: center;">
<tr>
<th>DESCRIPTION</th>
<th>QTY</th>
<th>PRICE</th>
<th>TOTAL</th>
</tr>
<tr>
<td></td>
</tr>
<?php
$query = mysqli_query($con, "SELECT * FROM orders WHERE customerID = '".$_SESSION['customer']."' AND status = '"Checked Out"'");
while($row = mysqli_fetch_row($query)){
?>
<tr>
<td><?php echo $row[3]; ?></td>
<td><?php echo $row[5]; ?></td>
<td><?php echo $row[4]; ?></td>
<td><?php echo $row[6]; ?></td>
</tr>
<?php
}
$total = mysqli_query($con, "SELECT SUM(total) AS grandTotal FROM orders WHERE customerID = '".$_SESSION['customer']."' AND status = '"Checked Out"' GROUP BY customerID");
$row = mysqli_fetch_row($total);
$sum = $row[0];
?>
<tr>
<!-- break space -->
<tr></tr><tr></tr><tr></tr><tr></tr>
<tr></tr><tr></tr><tr></tr><tr></tr>
<tr></tr><tr></tr><tr></tr><tr></tr>
<td colspan="1" style="text-align: left">GRAND TOTAL: <?php echo $sum; ?></td>
<td colspan="3"></td>
</tr>
<tr style="text-align: left">
<td colspan="1">CASH: <?php echo $_SESSION['"cash"']; ?></td>
<td colspan="3"></td>
</tr>
<tr style="text-align: left">
<td colspan="1">CHANGE: <?php echo $_SESSION['"cash"'] - $sum; ?></td>
<td colspan="3"></td>
</tr>
</table>
</center>
</div>';
//start PDF generation
$dompdf = new Dompdf();
$dompdf->loadHTML($html);
$dompdf->setPaper(array(0, 0, 1080, 500), 'landscape');
$dompdf->render();
$dompdf->stream("samplepdf");
?>
这是我构造代码的方式,它返回一个错误:
解析错误:语法错误,第107行的C:\\ xampp \\ htdocs \\ Gokujou \\ checkout.php中出现意外的“”“
这是第107行:
$query = mysqli_query($con, "SELECT * FROM orders WHERE customerID = '".$_SESSION['customer']."' AND status = '"Checked Out"'");
如何正确连接此MySQL语句?
如果使用“,则仅在使用'时,您不需要在php中具有连接运算符。然后您可以像这样转换您的赋值:
$query = mysqli_query($con, "SELECT * FROM orders WHERE customerID = '$_SESSION['customer']' AND status = 'Checked Out'");
但是我们可以将您所做的转化为此(与操作员一起解决)
$query = mysqli_query($con, "SELECT * FROM orders WHERE customerID = '".$_SESSION['customer']."' AND status = 'Checked Out'");
我认为第107行中的错误是由于您使用“”打开了字符串,但“ Checked Out”周围也有未转义的引号
逃避引号,但前面要加反斜杠。 即
$query = mysqli_query($con, "SELECT * FROM orders WHERE customerID = '".$_SESSION['customer']."' AND status = '\"Checked Out\"'");
顶部较大的$html
部分最好用Heredoc表示。 这样可以在多行代码中提供更清晰的代码,并且无需对引号进行转义。
$html = <<<HTML
<div class="receiptContainer">
<center>
...
HTML;
最后,您直接在MySQL查询中使用会话变量,而没有进行任何类型的清理。 如果您不小心,可能会导致SQL注入攻击。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.