我想从 SQL-DB 中列出一些产品,它工作得很好。现在,用户应单击两个不同的按钮,将此特定产品的数量加 +1 并从中减去 -1。
这是我的前端的样子:
<?php
require_once('../system/config.php');
require_once('../system/server.php');
// Create connection
$conn = new mysqli($db_host, $db_user, $db_pass, $db_name);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT item, count, date FROM shop";
$result = $conn->query($sql);
?>
[...]
<form>
<table>
<form method="post" action="frontend.php">
<tr>
<th></th>
<th></th>
<th>Amount</th>
<th>Item</th>
<th>Date</th>
<th></th>
</tr>
<?php while($row = mysqli_fetch_array($result)):?>
<tr>
<td><button class="delete" name="delete">x</button></td>
<td><button class="minus" name="minus">-</button></td>
<td><?php echo $row['count'];?></td>
<td><?php echo $row['item'];?></td>
<td><?php echo $row['date'];?></td>
<td><button class="plus" name="plus">+</button></td>
</tr>
</form>
<?php endwhile;?>
</table>
</form>
到目前为止,这里可以正常工作,它列出了数据库中的数据。
对于我的后端代码,我认为我将使用“UPDATE”。我只发布一个功能,其他两个功能非常相似。
$db = mysqli_connect('xxx', 'xxx', 'xxx', 'xx');
//Item add
if (isset($_POST['plus'])) {
$count = mysqli_real_escape_string($db, $_POST['count']);
$query = "UPDATE `shop` SET `count` = `count` + 1 WHERE `id` = '51'";
mysqli_query($db, $query) or die(mysqli_error($db));
header('location: frontend.php');
};
如果我提供一个特定的 ID 号,它就会起作用。想要改的ID是点击按钮所在列的ID怎么办?
最佳答案
真正应该做的是:
<!-- NOTE: no <form> tags around and inside <table> -->
<table>
<tr>
<th></th>
<th></th>
<th>Amount</th>
<th>Item</th>
<th>Date</th>
<th></th>
</tr>
<?php while($row = mysqli_fetch_array($result)):?>
<tr>
<td>
<!-- form tag appears here -->
<form method="post" action="frontend.php">
<button type="submit" class="delete" name="delete">x</button>
<input type="hidden" name="item_id" value="<?php echo $row['id'];?>" />
</form>
</td>
<td>
<!-- form tag appears here -->
<form method="post" action="frontend.php">
<button type="submit" class="minus" name="minus">-</button>
<input type="hidden" name="item_id" value="<?php echo $row['id'];?>" />
</form>
</td>
<td><?php echo $row['count'];?></td>
<td><?php echo $row['item'];?></td>
<td><?php echo $row['date'];?></td>
<td>
<!-- form tag appears here -->
<form method="post" action="frontend.php">
<button type="submit" class="plus" name="plus">+</button>
<!-- also `input` with type hidden appears, which holds
the ID of current value (I assume it is `id` column) -->
<input type="hidden" name="item_id" value="<?php echo $row['id'];?>" />
</form>
</td>
</tr>
<?php endwhile;?>
在服务器端:
if (isset($_POST['plus'])) {
// you don't need $count
//$count = mysqli_real_escape_string($db, $_POST['count']);
$query = "UPDATE `shop` SET `count` = `count` + 1 WHERE `id` = ?";
// As we receive data from user input, it should be considered
// not safe that's why we use prepared statements
$stmt = $db->prepare($query);
$stmt->bind_param('s', $_POST['item_id']);
$stmt->execute();
header('location: frontend.php');
};
// similar code can be used to `delete`/`minus` actions
关于PHP/MySQL : Update int where id = column?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/59581317/