-2

嘿伙计们,对于下面的代码,我很想得到您的帮助,我对 php 和 sql 还是很陌生,我正试图在订单结账过程中隐藏这些值。我需要从多个页面捕获信息......

我已经查看了这段代码几个小时,但我找不到哪里出错了……这可能是因为我真的不确定我需要在哪里解决这个问题。任何帮助或建议都会有很大帮助!

function writeOrderToDatabase(){
 // open database connection
 include 'includes/connection.php';

 // store order date in Australian format for printouts etc
 $_SESSION['orderDate'] = date('d-m-Y');

try{
 // create our sql insert orders statement
  $sql = "INSERT INTO orders SET orderNbr=: orderNbr,custNbr=:custNbr,orderDate=:orderDate, OrderNetValue=:OrderNetValue,deliverTo = :deliverTo, 
  deliveryAddress1 = :deliveryAddress1, deliveryAddress2 = :deliveryAddress2, deliverySuburb = :deliverySuburb, 
  deliveryState = :deliveryState, deliveryPostCode = :deliveryPostCode, deliverySuburb = :deliverySuburb, deliveryState = :state, deliveryPostCode = :deliveryPostCode, deliveryInstructions = :deliveryInstructions, shippingValue=:shippingValue,  
  paymentType=:paymentType, paymentRef=:paymentRef;";

 // prepare the statement
 $statement = $pdo->prepare($sql);
$orderNbr = 0;
 // bind the values

 $statement->bindValue(':orderDate', date('Y-m-d'));
 $statement->bindValue(':custNbr', $_SESSION['custNbr']);
 $statement->bindValue(':dispatchDate', $_SESSION['dispatchDate']);
 $statement->bindValue(':deliveryDate', $_SESSION['deliveryDate']);
 $statement->bindValue(':OrderNetValue', $_SESSION['OrderNetValue']);
 $statement->bindValue(':deliverTo', $_SESSION['deliverTo']);
 $statement->bindValue(':deliveryAddress1', $_SESSION['deliveryAddress1']);
 $statement->bindValue(':deliveryAddress2', $_SESSION['deliveryAddress2']);
 $statement->bindValue(':deliverySuburb', $_SESSION['deliverySuburb']);
 $statement->bindValue(':deliveryState', $_SESSION['deliveryState']);
 $statement->bindValue(':deliveryPostCode', $_SESSION['deliveryPostCode']);
 $statement->bindValue(':deliveryInstructions', $_SESSION['deliveryInstructions']);
 $statement->bindValue(':shippingValue', $_SESSION['shippingValue']);
 $statement->bindValue(':paymentType', $_SESSION['paymentType']);
 $statement->bindValue(':paymentRef', $_SESSION['paymentRef']);
 $statement->bindValue(':sellingPrice', $_SESSION['sellingPrice']);
  $statement->bindValue(':newQtyOnHand', $_SESSION['newQtyOnHand']);
 // execute the statement
 $success = $statement->execute();
 } // end try


 catch (PDOException $e) {
 echo 'Error adding order: ' . $e->getMessage();
 exit();
 } // end catch

 // test the result and get order nbr just created or display appropriate message
 if ($success) {
echo $sql = 'SELECT orderNbr FROM orders ORDER BY orderNbr';
    foreach ($conn->query($sql) as $row) {
        print $row['orderNbr'] . "\t";

   }

 }
 else {
 die("<p>Unable to retreive Order Nbr </p>");
 }

 // read cart and insert orderedItem record(s) and update stock on hand in product records
 foreach($_SESSION['cart'] as $prodNbr => $value) {
 // store required details in variables
 $qtyOrdered = $_SESSION['cart'][$prodNbr]['qtyOrdered'];
 $qtyOnHand = $_SESSION['cart'][$prodNbr]['qtyOnHand'];
 $sellingPrice = $_SESSION['cart'][$prodNbr]['price'];

 try {
 // create orderedItem table sql insert statement
  $sql = "INSERT INTO orderedItem SET orderNbr=:custNbr,prodNbr=: prodNbr, qtyOrdered=:qtyOrdered,sellingPrice = :sellingPrice;";
 } // end try

 catch (PDOException $e) {
 echo 'Error adding orderedItem: ' . $e->getMessage();
 exit();
 } // end catch

 // test the result and display appropriate message
 if (!$success) {
 die("<p>Unable to execute the orderedItem table insert</p>");
 }

 // create new quantity on hand value for the product record
 $newQtyOnHand = $qtyOnHand - $qtyOrdered;


 try {
 // create product table sql update statement
$sql="UPDATE product SET prodNbr= :prodNbr,prodName= :prodName,price= :price,qtyOnHand= :qtyOnHand,description= :description, photo= :photo,thumbNail= :thumbNail ,suppCode= :suppCode ;";
 } // end try

 catch (PDOException $e) {
 echo 'Error updating product qtyOnHand: ' . $e->getMessage();
 exit();
 } // end catch
 // test the result and display appropriate message
 if (!$success) {
 die("<p>Unable to execute the product table update</p>");
 }
 } // end of foreach
 } // end of function
4

2 回答 2

1

您首先有一个错误的占位符标记:orderNbr=: orderNbr需要orderNbr=:orderNbr;注意空白。其次,即使那是正确的,我也没有看到你:orderNbr在任何地方绑定。

我认为订单号应该是一个自动增量整数字段,如果是这种情况,您不应该将它包含在您的插入中。

于 2013-06-11T01:07:31.267 回答
1

这里:

$statement->bindValue(':dispatchDate', $_SESSION['dispatchDate']);
$statement->bindValue(':deliveryDate', $_SESSION['deliveryDate']);
$statement->bindValue(':sellingPrice', $_SESSION['sellingPrice']);
$statement->bindValue(':newQtyOnHand', $_SESSION['newQtyOnHand']);

查询中不存在这些绑定。

除了,

orderNbr=: orderNbr

应该

orderNbr = :orderNbr

请注意,您也不绑定它。此外,您在查询中有两倍以下参数:

deliveryState = :state
deliveryState = :deliveryState
deliveryPostCode = :deliveryPostCode
deliveryPostCode = :deliveryPostCode
于 2013-06-11T01:08:45.867 回答