1

我已经处理了几天的某些特定 PHP 代码有问题。它是一个报告代码,我可以在其中输入一天和一个月,它将列出该特定日期的总销售额。

但是,我似乎无法做出最后一条语句,如果查询中没有值(没有数据),它将显示“这一天没有销售”。这是我一直在处理的代码。但是最后一个 echo 语句没有执行。有任何想法吗?

    <?php
  session_start();
  if ((isset($_SESSION["admin"])) ){
   $day=@$_POST['day'];
   $month=@$_POST['month'];
  echo "<center><h2>Sales report on " .$day. "." .$month. ".2013</h2></center>";

    echo "<center><table style='border:2px solid black;' align=center width=600>";
    echo "<tr><th colspan=12><center><h2>Sales Report</h2><hr size='2' color='black' /></center></th></tr>";
    echo " <th width=400> Amount Collected</th>";
    ?>              
              <br> 
               <?php
$x = 1; //counter
//open a connection to a MySQL server using function mysql_connect 
//returns a MySQL link identifier on success, or FALSE on failure.
$conn= mysql_connect("localhost","root","");
if (!$conn)
    die ("Connection error: ".mysql_error());
else {
    //select a MySQL database
    //returns TRUE on success or FALSE on failurue.
    $db=mysql_select_db("cqfos");
    if(!$db)
        die ("DB not found: ".mysql_error());
    else {
        //put query in a variable $query
        $query= "select ROUND(sum(orderdetails.tprice),2)
                 from orders JOIN orderdetails ON orders.orderID = orderdetails.orderID WHERE DAY(orders.date) = '$day' AND MONTH(orders.date) = '$month'";
        $result=mysql_query($query);
        if(!$result)
            die ("Invalid query: ".mysql_error());
        //if record exists
        else {
            //fetch a result row as both associative array and numeric array
                if(mysql_num_rows($result)== 1){
                    while ($row=mysql_fetch_array($result,MYSQL_BOTH)){
                    echo "<tr>";
                    echo "<td align='center'>RM ".$row[0]."</td></tr>";  
                    $x++; //increase the counter
                    }
                    }
                else {
                    echo "<tr><th colspan=12>No sales made.</td></tr>";}



                }
             }
        }

echo"</table></center>";

?>
4

3 回答 3

0

只是让你知道你的代码容易受到 SQLi 的攻击,因为你没有清理 $day 和 $month。也请考虑使用 PDO

如果您还没有 - 尝试在 PHPMyAdmin 中运行 SQL 语句并查看它输出错误的位置(如果有),否则它将输出数据。*

*手动输入日/月替代变量。

于 2013-09-22T22:31:23.270 回答
0

这里有几个问题,您的 HTML 表语法不正确,并且您使用的是旧的 sql 库 - 而且看起来您的 SQL 语法不正确...试试这段代码(未测试,因为我没有您的数据)

<?php
 session_start();
 if ((isset($_SESSION["admin"])) ){
   echo '<div style="margin:auto; textalign:center;">';
   echo "<h2>Sales report on " .$_POST['day']. "." .$_POST['month']. ".2013</h2>";
   echo "<h2>Sales Report</h2>"
   echo "<table style='border:2px solid black;' align=center width=600>";
   echo "<tr><th width=400> Amount Collected</th></tr>";
   ?>              
   <br> 
   <?php

$conn = new mysqli("localhost","root","","cqfos");///use mysqli, not mysql : mysql is depricated
if ($conn->mysqli)
  exit ("Connection error: ".$conn->errno ." : " $conn->error);
else {
    //put query in a variable $query
    $eDay = $conn->mysql_real_escape_string($_POST['day']);//escape these to protect the database
    $eMonth = $conn->mysql_real_escape_string($_POST['month']);;//escape these to protect the database
    //your column name is probably not a rounded value, replaced it with * (return all columns)
    $query= "select * from orders JOIN orderdetails ON orders.orderID = orderdetails.orderID WHERE DAY(orders.date) = '"
    .$eDay."' AND MONTH(orders.date) = '".$eMonth."'";

    $result=$con->query($query);
    if($conn->errno)
      exit ("Invalid query: ".$conn->errno ." : " $conn->error);
        //if record exists
    else {
      $numericArray = $result->fetch_array(MYSQLI_NUM);     //fetch a result row as numeric array
      $associativeArray = $result->fetch_array(MYSQLI_ASSOC); //fetch as an associtive array this is not used, just an example
      $bothArray = $result->fetch_array(MYSQL_BOTH); //both associtive and numeric this is not used, just an example
    }
    if(!empty($numericArray))
    {
      foreach ($numericArray as $value) {
        echo "<tr><td>RM ".$value[0]."</td><tr>";//is there more then 1 col? if not you should consider an html list
      }
    } else {
      echo "<tr><td>No sales made</td><tr>";
    }
    echo"</table></center>";
  }

    ?>
于 2013-09-22T22:25:27.050 回答
0

您的 SQL(可能)返回不止一行,因此将我之前提到的行更改为:

if(mysql_num_rows($result)>0){
于 2013-09-22T22:08:39.060 回答