我开始学习 php,但卡在某个地方。下面是我的 php 代码来展示我做了什么。我使用存储IP地址和产品ID制作了添加到购物车部分,但该值仍然没有保存数据库。如何检查代码中有什么问题?我还使用 echo mysqli_error($db) 检查了它,但没有显示。
下面是代码:
<?php
$db = mysqli_connect("localhost","root","","ecommerce");
function getIp() {
$ip = $_SERVER['REMOTE_ADDR'];
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
return $ip;
}
function cart(){
if (isset($_GET['add_cart'])) {
global $db;
$ip = getIp();
$pro_id = $_GET['add_cart'];
$check_pro = "select * from cart where ip_add='$ip' AND p_id='$pro_id'";
$run_check = mysqli_query($db, $check_pro);
if (mysqli_num_rows($run_check)>0) {
echo "";
} else {
$insert_pro = "insert into cart (p_id,ip_add) values ('$pro_id','$ip')";
$run_pro = mysqli_query($db , $insert_pro);
echo "<script>window.open('index.php','_self')</script>";
}
}
}
?>
甚至添加数据库表的图像。
最佳答案
您需要检查几乎所有 mysqli_ api 调用的状态,请参阅我添加的 2 个检查
function cart(){
if (isset($_GET['add_cart'])) {
global $db;
$ip = getIp();
$pro_id = $_GET['add_cart'];
$check_pro = "select * from cart where ip_add='$ip' AND p_id='$pro_id'";
$run_check = mysqli_query($db, $check_pro);
// test query worked and report error if it failed
if ($run_check === false) {
echo mysqli_error($db);
exit;
}
if (mysqli_num_rows($run_check)>0) {
echo "";
} else {
$insert_pro = "insert into cart
(p_id,ip_add)
values ('$pro_id','$ip')";
$run_pro = mysqli_query($db , $insert_pro);
// test query worked and report error if it failed
if ($run_pro === false) {
echo mysqli_error($db);
exit;
}
echo "<script>window.open('index.php','_self')</script>";
}
}
}
这可能会告诉您您的错误。
您可能已经使用您正在使用的 key 插入了一行
By the way: Your script is at risk of SQL Injection Attack Have a look at what happened to Little Bobby Tables Even if you are escaping inputs, its not safe! Use prepared statement and parameterized statements
关于php - 值未存储在 mysql 数据库中,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/38371965/