存储到 PHP 会话中的对象存储了错误的值

The object stored into a PHP session gets the wrong value stored

我创建了一个有效的购物车对象。但是当我尝试将对象保存到会话中时,存储了该对象的错误内容。正在保存的值是对象从购物车中清除后的值,空的。

    <!doctype html>
<html lang="en">
<head>
 <meta charset="utf-8">
 <title>Testing the Shopping Cart</title>
</head>
<body>
<?php # cart.php
// This script uses the ShoppingCart and Item classes.
//error_reporting(0);
// Create the cart:
session_start();
try {

require('ShoppingCart.php');
require('userMenu.php');
$cart = new ShoppingCart();

// Create some items:
require('Item.php');
require ('Connect.php');

$conn=Connect::doConnect();

$query = "SELECT product_id, product_name, product_price from product";
$result = mysqli_query($conn, $query);
$i=0;
$w = array();
$new_cart;
if ($result->num_rows > 0) {
    // output data of each row
    echo '<table border='."1".'><form action="cart.php" method="post"><tr><td>';
    echo '<b>'."Id produs".'</td><td><b>'."Denumire".'</td><td><b>'."Pret".'</td><td>'."Numar de bucati solicitate".'</td></tr><tr>';
    while($row = $result->fetch_assoc()) {
        echo '<td>'.$row["product_id"].'</td><td>'. $row["product_name"].'</td><td>'. $row["product_price"]. '</td><td>
            <input type="input" value="0" name="quantity[]"><input type="hidden" value="'.$row["product_id"].'" name="item_adjust[]"></td>';
        echo '</tr>';
        $i++;
        $w[$i]=new Item($row["product_id"], $row["product_name"],$row["product_price"]);
        $cart->addItem($w[$i]);
        //$cart->deleteItem($w[$i]);    

    }
    echo '</td></tr><tr><td colspan="3"><input type="submit" value="Adauga in cosul de cumparaturi" name="adjQ"></td></tr></table>';
    //foreach ()

} else {
    echo "0 results";
}
$conn->close();

if($_POST["adjQ"]){

echo "In stoc avem ".$i." tipuri de produse";

// Update some quantities:
$cart_items_new = array_combine($_POST['item_adjust'],$_POST['quantity']);
foreach ($cart_items_new as $product_id=>$quantity){
    //$item=new Item($product_id,Item->);
    //Item $it;
    //->updateItem($item->getId($product_id), $qty);
    //$cart->updateItem(getId($product_id), $quantity);

    $conn=Connect::doConnect();

    $query1 = "SELECT product_id, product_name, product_price from product where 
    product_id='$product_id'";
    $result1 = mysqli_query($conn, $query1);
    $row1=mysqli_fetch_array($result1);

    if($quantity>0){
     $cart->updateItem($w[$product_id], $quantity);
        echo $product_id.$quantity."+".$row1["product_name"];
    }
    else{
        $cart->deleteItem($w[$product_id]);
    }


}


// Show the cart contents:
echo '<h2>Continutul cosului de cumparaturi (' . count($cart) . ' tipuri de produse)</h2>';
echo "The user is " . $_SESSION["user"] . ".<br>";
echo "User type is " . $_SESSION["user_type"] . ".";
$new_cart = unserialize(serialize($cart));
if (!$cart->isEmpty()) {

    foreach ($cart as $arr) {

        // Get the item object:
        $item = $arr['item'];

        // Print the item:
        printf('<p><strong>%s</strong>: %d @ $%0.2f bucata.<p>', $item->getName(), $arr['qty'], $item->getPrice());

    } // End of foreach loop!

} // End of IF.
}

echo '</td></tr><tr><td colspan="2"><input type="submit" value="Salveaza" name="session"></td><td></td></tr></form></table>';
if ($_POST['session'])
{
    echo "You entered the number ";
    $serialize_cart=serialize($new_cart);
    $_SESSION["cart"]=$serialize_cart;
 }

} 

catch (Exception $e) {

}
?>
</body>
</html>

当我按下第二个提交按钮时我做错了什么。

嘿,我试过了 我无法测试它,因为我没有额外的文件和购物车对象,但它应该接近无错误

我有一个会话变量 'cart' 如果存在,我们将其反序列化并完成,然后可以编辑值并将其保存回来,依此类推

如果不存在,即第一次点击或购物车被删除,我们从数据库构建一个新购物车(这不适合测试,因为目前您将数据库中的每个项目都添加到购物车?)

如果存在 post 或 adjQ 的获取值,我们修改购物车对象的一些值并将其保存回会话变量

如果 showCart 的 post 或 get 值存在,我们输出当前购物车 要完成这项工作,您可能需要调整 Shopping_Cart 对象以支持被调用的变量以及 getCount 函数和 getAllRows 函数

我已经从购物车中删除了一组项目的额外存储 (w) 不确定那是什么,因为您将数据存储在对象中,不需要复制它

应该清理所有请求变量以防止注入攻击等等

我添加了一个隐藏字段来触发 showCart 请求

无论如何希望这对您有所帮助

<?php
    session_start();
?>
<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <title>Testing the Shopping Cart</title>
    </head>
    <body>
<?php # cart.php
// This script uses the ShoppingCart and Item classes.
//error_reporting(0);

    // Create the cart:
    require('ShoppingCart.php');
    require('userMenu.php');

    $rowCount = 0;

    if(isset($_SESSION['cart']))
    {
        echo "We have a stored cart in a Session variable, retrieving data ...";

        $cart = unserialize($_SESSION["cart"]);

        $rowCount = $cart->getCount();
    }
    else
    {
        $cart = new ShoppingCart();

        // Create some items:
        require('Item.php');
        require ('Connect.php');

        $conn=Connect::doConnect();

        $query = "SELECT product_id, product_name, product_price from product";
        $result = mysqli_query($conn, $query);

        $rowCount = $result->num_rows;

        if ($result->num_rows > 0) {
            // output data of each row
            while($row = $result->fetch_assoc()) {
                $cart->addItem(new Item($row["product_id"], $row["product_name"],$row["product_price"]));
            }
        }
        $conn->close();
    }

    if(isset($_REQUEST['adjQ']))
    {
        echo "In stoc avem ".$rowCount." tipuri de produse";

        // Update some quantities:
        $cart_items_new = array_combine($_POST['item_adjust'], $_POST['quantity']);
        foreach ($cart_items_new as $product_id=>$quantity) {
            if($quantity > 0) {
                $cart->updateItem($product_id, $quantity);

                $conn=Connect::doConnect();

                $query1 = "SELECT product_id, product_name, product_price from product where product_id='$product_id'";
                $result1 = mysqli_query($conn, $query1);

                $row1 = mysqli_fetch_array($result1);
                echo $product_id." ".$quantity." + ".$row1["product_name"];
            }
            else {
                $cart->deleteItem($product_id);
            }
        }

        // Show the cart contents:
        echo '<h2>Continutul cosului de cumparaturi (' . $rowCount . ' tipuri de produse)</h2>
        The user is ' . $_SESSION["user"] . '.<br>
        User type is ' . $_SESSION["user_type"] . '.';

        if (!$cart->isEmpty()) {
            foreach ($cart as $arr) {
                // Get the item object:
                $item = $arr['item'];
                // Print the item:
                printf('<p><strong>%s</strong>: %d @ $%0.2f bucata.<p>', $arr['item']->getName(), $arr['item']->getQuantity(), $arr['item']->getPrice());
            } // End of foreach loop!

            echo "Saving card to Session variable";
            //New_cart is only set in adjQ request prehaps this code should be there?
            $_SESSION["cart"] = serialize($cart);
        } // End of IF.
    }

    if(isset($_REQUEST['showCart']))
    {
        if ($cart->getCount() > 0) {
            // output data of each row
            echo '<table border='."1".'><form action="cart.php" method="post">';
            echo '<tr><td><b>'."Id produs".'</td><td><b>'."Denumire".'</td><td><b>'."Pret".'</td><td>'."Numar de bucati solicitate".'</td></tr>';
            foreach ($cart->getAllRows() as $row) {
                echo '
                    <tr>
                        <td>'. $row->getProductId() . '</td>
                        <td>'. $row->getName() . '</td>
                        <td>'. $row->getPrice() . '</td>
                        <td><input type="input" value="0" name="quantity[]"><input type="hidden" value="' . $row->getProductId() . '" name="item_adjust[]"/><input type="hidden" value="showCart" name="showCart"/></td>
                    </tr>';
            }
            echo '<tr><td colspan="3"><input type="submit" value="Adauga in cosul de cumparaturi" name="adjQ"></td></tr></table>';
        } else {
            echo "Cart is empty";
        }

    }
?>
</body>
</html>