PHP MySQL購物車未在數據庫中更新

Question

我試圖讓用戶更新頁面上文本字段中的數量，然后使用頁面上文本字段的新值更新數據庫中購物車中的現有項目。

數量未更新，但也未生成錯誤。

我看不到我的代碼有任何問題，而對於可能導致此問題不起作用的原因我完全不知所措。

碼：

<?php


     // If post is not null, then add selected data to corresponding sessionid in database.
if($_SESSION['last_access'] != null && $_REQUEST["product"] != null)
{
   // Sanitize information.
   $info = new SimpleSanitize('post', 'both');

   $product = $info->get('product');
   $quantity = $info->get('qty');
   $price = $info->get('price');
foreach($_POST['items'] as $p=>$q)
{
 $connection =
        mysql_connect("my01.tadah.com","blah","passsword");

 if($connection)
 {
  mysql_select_db("mysql_9269_dbase", $connection);

  mysql_query(
          "UPDATE mysql_9269_dbase.sessions SET qty='".$q."' WHERE product='".$p."'")
               or die(mysql_error());
  // Assume items added successfully.
  $ItemAddedMessage = "Quantities changed.";

  // Close connection to database.
  mysql_close($connection);
 }
 else
 $ItemAddedMessage = null;
}}

?>
<?php

//Include SimpleSanitize.
include 'simplesanitize.php';

// First attempt at PHP Sessions. Wish me luck.
$ItemAddedMessage = "Adjust your quantities, then click Purchase.";
// Start the session.
session_start();

if( !isset($_SESSION['last_access']) || (time() - $_SESSION['last_access']) > 71200 )
 $_SESSION['last_access'] = time();



// Open the DB connection and select the DB - creates the function getCreativePagerLyte()
include('configurations.php');

// Gets the data
$id=isset($_POST['id']) ? $_POST['id'] : '';
$search=isset($_POST['search']) ? $_POST['search'] : '';
$multiple_search=isset($_POST['multiple_search']) ? $_POST['multiple_search'] : array();
$items_per_page=isset($_POST['items_per_page']) ? $_POST['items_per_page'] : '';
$sort=isset($_POST['sort']) ? $_POST['sort'] : '';
$page=isset($_POST['page']) ? $_POST['page'] : 1;
$extra_cols=isset($_POST['extra_cols']) ? $_POST['extra_cols'] : array();

// Uses the creativeTable to build the table
include('creativeTable.php');

$ct=new CreativeTable();

// Data Gathering
$params['sql_query']           = 'SELECT product, qty, price FROM sessions WHERE sessionid = "'.session_id().'"'; // IMPORTANT: you must specify the fields and not use *
$params['search']              = $search;
$params['multiple_search']     = $multiple_search;
$params['items_per_page']      = $items_per_page;
$params['sort']                = $sort;
$params['page']                = $page;

// Layout Configurations (Most used - the commented lines are the default values)
$params['header']                 = 'Product, Quantity, Price'; // If you need to use the comma use &#44; instead of ,
$params['width']                = ',,';
//$params['search_init']           = true;
//$params['search_html']          = '<span id="#ID#_search_value">Search...</span><a id="#ID#_advanced_search" href="javascript: ctShowAdvancedSearch(\'#ID#\');" title="Advanced Search"><img src="images/advanced_search.png" /></a><div id="#ID#_loader"></div>';
//$params['multiple_search_init']  = 'hide';
$params['items_per_page_init']  = '5000'; // default: '10*$i';
//$params['items_per_page_all']    = '#TOTAL_ITEMS#';
//$params['sort_init']              = true;
//$params['sort_order']              = 'adt';
//$params['ajax_url']              = $_SERVER['PHP_SELF'];

$ct->table($params);
//$product_id = $ct->data[$key][0];

foreach($ct->data as $key => $value){
   $ct->data[$key][0]='<p name="product">'.$ct->data[$key][0].'</p>';
   $ct->data[$key][1]='<input id="quantity" name="items[' . $ct->data[$key][1] . ']" type="text" value="'.$ct->data[$key][1].'" style="background:#FFFFFF url(qty.png) no-repeat 4px 4px;
                        padding:4px 4px 4px 30px;
                        border:1px solid #CCCCCC;
                        width:220px;
                        height:18px;" />';
   $ct->data[$key][2]='<p name="price">'.$ct->data[$key][2].'</p>';
}

// If its an ajax call
if($_POST['ajax_option']!=''){

  if(strpos($_POST['ajax_option'],'items_per_page')!==false)
    $out_ajax['items_per_page']=utf8_encode($ct->draw_items_per_page());

  if(strpos($_POST['ajax_option'],'body')!==false)
    $out_ajax['body']=utf8_encode($ct->draw_body());

  if(strpos($_POST['ajax_option'],'pager')!==false)
    $out_ajax['pager']=utf8_encode(getCreativePagerLite($page,$ct->total_items,$ct->items_per_page));

  echo json_encode($out_ajax);
  exit;

}else{

  // Insert a Pager into the table (I used this CreativePager Lite version because its very easy to use, but you may use any pager system that you like)
  $ct->pager = getCreativePagerLite($page,$ct->total_items,$ct->items_per_page);

  $out = '<form name="ct_form" action="checkout.php" method="post">' . $out;
  $out=$ct->display();

}

?>

<!DOCTYPE xhtml PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<head>



  <link rel="stylesheet" type="text/css" href="css/style.css">
  <link rel="stylesheet" type="text/css" href="css/creative.css">

<title>Mild Steel Products | One Stop Fasteners</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="style.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="js/jquery.js" ></script>
<script type="text/javascript" src="js/jquery.tools.min.js"></script>
<script type="text/javascript" src="js/cufon.js"></script>
<script src="js/Kozuka_Gothic.js" type="text/javascript"></script>
<!-- Fix for Internet Explorer 9 Beta -->
<!--[if gte IE 9]>
<script type="text/javascript">
Cufon.set('engine', 'canvas');
</script>
<![endif]-->
<script type="text/javascript" charset="utf-8">
// <![CDATA[
$(document).ready(function(){
Cufon.replace('h1,h2,h3',  {    
});

        $(function() { 
                     $("h3.message").delay(3000).fadeOut(); 
        });

});
// ]]>
</script>
<script type="text/javascript" src="js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="js/creative_table.min.js"></script>
<script type="text/javascript" src="js/creative_table_ajax.min.js"></script>

</head>
<body>
<script language="javascript" type="text/javascript">
        function submit() {
                 document.getElementById('ct_form').submit();
                 }
</script>
<div class="main">
 <div class="header">
     <div class="logo"><a href="index.php"><img src="images/logo.png" border="0" alt="logo" /></a></div>
      <div class="menu">
        <ul>
<li><a href="index.php">Home</a></li>
<li><a href="products.php">Order Online</a></li>
<li><a href="products.php" class="active">Products</a></li>
<li><a href="about.php">About us</a></li>
<li><a href="contact.php">Contact us</a></li>
</ul>
      </div>
      <div class="clr"></div>
    </div>
    <div class="header_text2">
      <h2> Checkout</h2>
      <p>Adjust your quantities, then click purchase. </p>
      <div class="clr"></div>
    </div>
  <div class="clr"></div>
    <div class="top_sup_resize">
    <div class="menu2">
        <ul>
          <!--<li><a href="mildsteel_allthread.php" style="font-size:x-small; color:white;">Allthread</a></li>
          <li><a href="mildsteel_hexnuts.php" style="font-size:x-small; color:white;">Hex Nuts</a></li>
          <li><a href="mildsteel_washers.php" style="font-size:x-small; color:white;">Washers</a></li>
          <li><a href="mildsteel_hnbkss.php" style="font-size:x-small; color:white;">Hex Bolt &amp; Nut Kits, Setscrews</a></li>
          <li><a href="mildsteel_screws.php" style="font-size:x-small; color:white;">Screws</a></li>
          <li><a href="mildsteel_last.php" style="font-size:x-small; color:white;">Cup Head Bolts &amp; Nuts</a></li>-->
        </ul>
      </div>
      <div class="clr"></div>
    </div>
    <div class="clr"></div>
  <div class="body">
   <div class="body_left">
   <h2><?php echo '<a href="javascript:submit();">Purchase</a>'; ?></form></h2>
   <h3 class="message"><?php echo $ItemAddedMessage . $_REQUEST["quantity"]; ?></h3>
   <p></p>
   <div id="container">
  <?php echo $out;?>
</div>

   <p>&nbsp;</p></div>
     <div class="clr"></div>
  </div>
</div>
<div class="footer">
  <div class="footer_resize">
    <ul>
      <li><a href="index.php">home</a></li>
      <li><a href="products.php">order online</a></li>
      <li><a href="products.php">products</a></li>
      <li><a href="about.php">about</a></li>
      <li><a href="contact.php">contact</a></li>
    </ul>
    <p>Copyright © 2010, <a href="http://www.onestopfasteners.com.au/">One Stop Fasteners&reg;</a>. All Rights Reserved</p>
    <div class="clr"></div>
  </div>
</div>
</body>
</html>

有人可以告訴我我做錯了什么嗎？

任何幫助都非常感謝。

謝謝！

Answer 1

這不是你的答案，但你應該看看，真的......

http://en.wikipedia.org/wiki/SQL_injection

Answer 2

由於您沒有收到任何錯誤消息，因此這里有三個選項：

您的$_SESSION["last_action"]或$_REQUEST["product"]為空（請使用is_null（）檢查空值）

您的$_POST["items"]可能是空的，因為在執行此操作之前您的代碼中沒有檢查。

要么

您的$connection不正確。

這三個選項是最合乎邏輯的選項。 但是用這種代碼很難確定。

除了這些可能性之外，我完全理解您無法找出為什么這不起作用。 代碼真的不清楚，您應該考慮使用任何一種設計模式。 這段代碼將成為維護的噩夢。

只是我的兩分錢。

祝好運！

Answer 3

此代碼是程序上的意大利面亂七八糟。 我不知道從哪里開始閱讀它，我需要在我的機器上運行代碼來調試它。 我認為您需要在這里和那里粘貼一些var_dump ，以找出數據與您期望的數據不匹配的地方。

然而，看起來問題可能在foreach($_POST['items'] as $p=>$q) ，我懷疑它應該是這樣的：

foreach($_POST['items'] as $item) {
    $q = $item['q'];
    $p = $item['p'];
}

Answer 4

風格提示：絕對不需要在循環中創建/關閉mysql句柄。 單個連接可用於運行多個查詢，您將節省重復連接/斷開連接的開銷。 所以，而不是

while(...) {
   $con = msyql_connect(...);
   if (!$con) {
      ...
   }
   ... do stuff
   mysql_close($con);
}

改成

$con = mysql_connect(...);
if (!$con) {
   ...
}
while(...) {
    ... do stuff
}
mysql_close($con);