1. 首頁
  2. 問答
  3. 我的代碼顯示沒有errmsg,但沒有向數據庫中插入任何數據

我的代碼顯示沒有errmsg,但沒有向數據庫中插入任何數據

2017-01-19 40 views
1

所以我試圖做一個簡單的電子商務網站。提交表單(btn-submit)後,我無法將任何數據插入到我的數據庫中。只有地址和聯繫電話驗證有效。我的代碼顯示沒有errmsg,但沒有向數據庫中插入任何數據

這裏是我的代碼:

if (isset($_POST['btn-submit'])) { 

    // clean user inputs 
    $oadd = trim($_POST['oadd']); 
    $oadd = strip_tags($oadd); 
    $oadd = htmlspecialchars($oadd); 

    $contact = trim($_POST['contact']); 
    $contact = strip_tags($contact); 
    $contact = htmlspecialchars($contact); 


    // address validation 
    if (empty($oadd)) { 
     $error = true; 
     $oaddError = "Please enter a valid address."; 
    } else if (strlen($oadd) < 5) { 
     $error = true; 
     $oaddError = "Please enter a valid address."; 
    } 

    // contact number validation 
    if (empty($contact)) { 
     $error = true; 
     $contactError = "Please enter your contact number."; 
    } else if (strlen($contact) < 7) { 
     $error = true; 
     $contactError = "Contact number must have atleast 7 digits."; 
    } else if (!preg_match("/^[0-9 ]+$/",$lname)) { 
     $error = true; 
     $lnameError = "Please enter a valid contact number."; 
    } 

    // if there's no error, continue to place order 
    if(!$error) { 
     $query = 'INSERT INTO cust_order(Order_Date, Order_Status, Order_Total , Address, Contact_No) VALUES (CURDATE(), "in process" , (SELECT SUM(p.Product_Price) FROM cart c, product p WHERE c.Prod_ID = p.Product_ID and c. User_ID = "'.$userRow['User_ID'].'"),"'.$oadd.'","'. $contact.'")'; 
     $res = mysql_query($query); 

     if ($res) { 
      $errTyp = "success"; 
      $errMSG = "Your order has been placed. To view the details, go to your order history"; 
      unset($oadd); 
      unset($contact); 
     } else { 
      $errTyp = "danger"; 
      $errMSG = "Something went wrong. Please try again later."; 
     } 

    } 

}

怎麼可能是錯我的代碼?我在其他頁面做了類似的查詢,但這是唯一不能正常工作的。任何幫助將不勝感激!提前致謝!

來源

2017-01-19 angelica

+0

'$ userRow [ 'USER_ID' ]'我找不到userRow的價值? –

+0

對不起。這裏是我的代碼前 $ res = mysql_query(「SELECT * FROM users WHERE User_ID =」。$ _ SESSION ['user']); $ userid = $ _ SESSION ['user']; $ userRow = mysql_fetch_array($ res); $ error = false;如果(isset($ _ POST ['btn-submit'])){ – angelica

+1

**警告**:如果您剛學習PHP,請不要使用['mysql_query'](http:// php .net/manual/en/function.mysql-query.php)接口。這是非常可怕和危險的,它在PHP 7中被刪除了。[PDO的替代品並不難學](http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps -pdo-for-database-access /)以及[PHP The Right Way](http://www.phptherightway.com/)等指南介紹了最佳實踐。你的用戶數據是**不是** [正確轉義](http://bobby-tables.com/php.html),並有[SQL注入漏洞](http://bobby-tables.com/),並且可以被利用。 – tadman

回答

0

試圖瞭解代碼流:

if(!$error) { 
    // This will only works when **$error is false and the not of false is true**, otherwise this block does not execute 
}

所以這個代碼的工作只有當你的代碼沒有出現驗證錯誤和$error包含false

來源

2017-01-19 06:06:17

+0

所以我不知道這部分是如此愚蠢。你是對的。我剛剛刪除它,一切正常。謝謝@Mayank,謝謝大家。 :) – angelica

0 
//$userRow is not define any where... 
//to check error occur or not : 
echo $error; 
if(!$error) 
{ 
    echo "IN IF"; 
    //also go with die.. 
    $res = mysql_query($query) or die(); 
} 
else 
{ 
    echo "IN ELSE"; 
}

來源

2017-01-19 06:19:08 pAsh

+1

'if()'?解釋你的建議。 – chris85

相關問題

 相關問題