如何循环遍历 php 中的一组 GET 值

2022-01-04 00:00:00 loops get php

我正在制作一个简单的在线商店,例如程序.你有什么建议我会这样做,以便我可以遍历我在我的程序中所做的输入.

I'm making a simple online store like program. What can you suggest that I would do so that I can loop through the inputs I've made in my program.

我仍在使用 get 以便我可以看到数据的样子,我将更改它以稍后发布.这是 url 的样子,当我承诺购买添加到购物车中的所有产品时:http://localhost/pos/php/checkout.php?ids=2;&qoh=12;&qbuys=&ids=6;&qoh=2304;&qbuys=304&ids=4;&qoh=699;&qbuys=99

I'm still using get so that I could see how the data looks like, I'll change it to post later. This is what the url looks like, when I commit the buying of all the products added in the cart: http://localhost/pos/php/checkout.php?ids=2;&qoh=12;&qbuys=&ids=6;&qoh=2304;&qbuys=304&ids=4;&qoh=699;&qbuys=99

这是我仅用于提交一个产品的代码,当我在上面的 url 中有类似内容时它不起作用:

This is the code that I'm using to commit only one product, it doesn't work when I had something like in the above url:

<?php

$id=$_GET['ids'];
$qtyhnd=$_GET['qoh'];
$qtytbuy=$_GET['qbuys'];
$left=$qtyhnd-$qtytbuy;



if($qtyhnd>=$qtytbuy){
$update=query_database("UPDATE prod_table SET  QTYHAND='$left' WHERE PID='$id'", "onstor", $link);
}


?>

如果您需要更多详细信息,请发表评论,谢谢

Please comment if you need more details,thanks

推荐答案

您在某些值后面有分号,也许您应该只传递整数,即 qohqbuys.除此之外,您应该在整数值之前使用 mysql_real_escape_string() 和 (int) 以防止 SQL 注入,例如:

You have semicolons after some values maybe you should pass just the integer this are qoh and qbuys. Apart of that you should use mysql_real_escape_string() and (int) before integer values to prevent SQL injection e.g.:

$int = (int)$_GET['price'];
$string = $_GET['val'];
mysql_real_escape_string($string);

另外,如果你想传递多个值,你必须为它们使用数组:

Also if you want to pass multiple values you have to use array for them:

HTML

<input type="hidden" name="ids[]" value="1">
<input type="hidden" name="ids[]" value="2">
<input type="hidden" name="ids[]" value="3">

PHP

$ids = $_GET['ids'];
foreach($ids as $id) {
    $sql = 'UPDATE table SET field=? WHERE id='.(int)$id;
    ....
}

相关文章