原始 PHP 代码
$sql = "SELECT * FROM products WHERE id IN(";
foreach($_SESSION['cart'] as $id => $value){
$sql .=$id. ",";
}
$sql=substr($sql,0,-1) . ") ORDER BY id ASC";
$query = mysql_query($sql);
$totalprice=0;
$totalqunty=0;
if(!empty($query)){
while($row = mysql_fetch_array($query)){
$quantity=$_SESSION['cart'][$row['id']]['quantity'];
$subtotal= $_SESSION['cart'][$row['id']]
['quantity']*$row['productPrice'];
$totalprice += $subtotal;
$_SESSION['qnty']=$totalqunty+=$quantity;
我试过这样
$sql = $conn->prepare("SELECT * FROM products WHERE id IN(");
foreach($_SESSION['cart'] as $id => $value){
$sql .= $id . ","; }
$sql.=substr($sql,0,-1) . ") ORDER BY id ASC";
$query = $conn->prepare($sql);
$query->execute();
$totalprice=0;
$totalqunty=0;
if(!empty($query)){
while($row = $query->fetch(PDO::FETCH_ASSOC) ){
$quantity=$_SESSION['cart'][$row['id']]['quantity'];
$subtotal= $_SESSION['cart'][$row['id']]
['quantity']*$row['productPrice'];
$totalprice += $subtotal;
$_SESSION['qnty']=$totalqunty+=$quantity;
但这不起作用,这是一个购物车部分 code.so 请谁告诉我如何在 PDO 中更改此代码以及我在 PDO 中编写的代码有什么问题。
您必须添加要执行的参数
$query->execute(array_values($_SESSION['cart']));
但是,您不应该直接使用超全局变量。您应该始终过滤这些值并注意变量不是安全威胁。
For $conn->prepare you need to pass string as parameter. Pleas check the syntax of $sql string you are passing to conn->prepare.
I think it should be like :
'$sql = "SELECT * FROM products WHERE id IN(";
foreach($_SESSION['cart'] as $id => $value){
$sql .= $id . ","; }
$sql.=substr($sql,0,-1) . ") ORDER BY id ASC";
$query = $conn->prepare($sql);
$query->execute();
$totalprice=0;
$totalqunty=0;
if(!empty($query)){
while($row = $query->fetch(PDO::FETCH_ASSOC) ){
$quantity=$_SESSION['cart'][$row['id']]['quantity'];
$subtotal= $_SESSION['cart'][$row['id']]
['quantity']*$row['productPrice'];
$totalprice += $subtotal;
$_SESSION['qnty']=$totalqunty+=$quantity;`