存储到 PHP 会话中的对象存储了错误的值
The object stored into a PHP session gets the wrong value stored
我创建了一个有效的购物车对象。但是当我尝试将对象保存到会话中时,存储了该对象的错误内容。正在保存的值是对象从购物车中清除后的值,空的。
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Testing the Shopping Cart</title>
</head>
<body>
<?php # cart.php
// This script uses the ShoppingCart and Item classes.
//error_reporting(0);
// Create the cart:
session_start();
try {
require('ShoppingCart.php');
require('userMenu.php');
$cart = new ShoppingCart();
// Create some items:
require('Item.php');
require ('Connect.php');
$conn=Connect::doConnect();
$query = "SELECT product_id, product_name, product_price from product";
$result = mysqli_query($conn, $query);
$i=0;
$w = array();
$new_cart;
if ($result->num_rows > 0) {
// output data of each row
echo '<table border='."1".'><form action="cart.php" method="post"><tr><td>';
echo '<b>'."Id produs".'</td><td><b>'."Denumire".'</td><td><b>'."Pret".'</td><td>'."Numar de bucati solicitate".'</td></tr><tr>';
while($row = $result->fetch_assoc()) {
echo '<td>'.$row["product_id"].'</td><td>'. $row["product_name"].'</td><td>'. $row["product_price"]. '</td><td>
<input type="input" value="0" name="quantity[]"><input type="hidden" value="'.$row["product_id"].'" name="item_adjust[]"></td>';
echo '</tr>';
$i++;
$w[$i]=new Item($row["product_id"], $row["product_name"],$row["product_price"]);
$cart->addItem($w[$i]);
//$cart->deleteItem($w[$i]);
}
echo '</td></tr><tr><td colspan="3"><input type="submit" value="Adauga in cosul de cumparaturi" name="adjQ"></td></tr></table>';
//foreach ()
} else {
echo "0 results";
}
$conn->close();
if($_POST["adjQ"]){
echo "In stoc avem ".$i." tipuri de produse";
// Update some quantities:
$cart_items_new = array_combine($_POST['item_adjust'],$_POST['quantity']);
foreach ($cart_items_new as $product_id=>$quantity){
//$item=new Item($product_id,Item->);
//Item $it;
//->updateItem($item->getId($product_id), $qty);
//$cart->updateItem(getId($product_id), $quantity);
$conn=Connect::doConnect();
$query1 = "SELECT product_id, product_name, product_price from product where
product_id='$product_id'";
$result1 = mysqli_query($conn, $query1);
$row1=mysqli_fetch_array($result1);
if($quantity>0){
$cart->updateItem($w[$product_id], $quantity);
echo $product_id.$quantity."+".$row1["product_name"];
}
else{
$cart->deleteItem($w[$product_id]);
}
}
// Show the cart contents:
echo '<h2>Continutul cosului de cumparaturi (' . count($cart) . ' tipuri de produse)</h2>';
echo "The user is " . $_SESSION["user"] . ".<br>";
echo "User type is " . $_SESSION["user_type"] . ".";
$new_cart = unserialize(serialize($cart));
if (!$cart->isEmpty()) {
foreach ($cart as $arr) {
// Get the item object:
$item = $arr['item'];
// Print the item:
printf('<p><strong>%s</strong>: %d @ $%0.2f bucata.<p>', $item->getName(), $arr['qty'], $item->getPrice());
} // End of foreach loop!
} // End of IF.
}
echo '</td></tr><tr><td colspan="2"><input type="submit" value="Salveaza" name="session"></td><td></td></tr></form></table>';
if ($_POST['session'])
{
echo "You entered the number ";
$serialize_cart=serialize($new_cart);
$_SESSION["cart"]=$serialize_cart;
}
}
catch (Exception $e) {
}
?>
</body>
</html>
当我按下第二个提交按钮时我做错了什么。
嘿,我试过了
我无法测试它,因为我没有额外的文件和购物车对象,但它应该接近无错误
我有一个会话变量 'cart' 如果存在,我们将其反序列化并完成,然后可以编辑值并将其保存回来,依此类推
如果不存在,即第一次点击或购物车被删除,我们从数据库构建一个新购物车(这不适合测试,因为目前您将数据库中的每个项目都添加到购物车?)
如果存在 post 或 adjQ 的获取值,我们修改购物车对象的一些值并将其保存回会话变量
如果 showCart 的 post 或 get 值存在,我们输出当前购物车
要完成这项工作,您可能需要调整 Shopping_Cart 对象以支持被调用的变量以及 getCount 函数和 getAllRows 函数
我已经从购物车中删除了一组项目的额外存储 (w) 不确定那是什么,因为您将数据存储在对象中,不需要复制它
应该清理所有请求变量以防止注入攻击等等
我添加了一个隐藏字段来触发 showCart 请求
无论如何希望这对您有所帮助
<?php
session_start();
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Testing the Shopping Cart</title>
</head>
<body>
<?php # cart.php
// This script uses the ShoppingCart and Item classes.
//error_reporting(0);
// Create the cart:
require('ShoppingCart.php');
require('userMenu.php');
$rowCount = 0;
if(isset($_SESSION['cart']))
{
echo "We have a stored cart in a Session variable, retrieving data ...";
$cart = unserialize($_SESSION["cart"]);
$rowCount = $cart->getCount();
}
else
{
$cart = new ShoppingCart();
// Create some items:
require('Item.php');
require ('Connect.php');
$conn=Connect::doConnect();
$query = "SELECT product_id, product_name, product_price from product";
$result = mysqli_query($conn, $query);
$rowCount = $result->num_rows;
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$cart->addItem(new Item($row["product_id"], $row["product_name"],$row["product_price"]));
}
}
$conn->close();
}
if(isset($_REQUEST['adjQ']))
{
echo "In stoc avem ".$rowCount." tipuri de produse";
// Update some quantities:
$cart_items_new = array_combine($_POST['item_adjust'], $_POST['quantity']);
foreach ($cart_items_new as $product_id=>$quantity) {
if($quantity > 0) {
$cart->updateItem($product_id, $quantity);
$conn=Connect::doConnect();
$query1 = "SELECT product_id, product_name, product_price from product where product_id='$product_id'";
$result1 = mysqli_query($conn, $query1);
$row1 = mysqli_fetch_array($result1);
echo $product_id." ".$quantity." + ".$row1["product_name"];
}
else {
$cart->deleteItem($product_id);
}
}
// Show the cart contents:
echo '<h2>Continutul cosului de cumparaturi (' . $rowCount . ' tipuri de produse)</h2>
The user is ' . $_SESSION["user"] . '.<br>
User type is ' . $_SESSION["user_type"] . '.';
if (!$cart->isEmpty()) {
foreach ($cart as $arr) {
// Get the item object:
$item = $arr['item'];
// Print the item:
printf('<p><strong>%s</strong>: %d @ $%0.2f bucata.<p>', $arr['item']->getName(), $arr['item']->getQuantity(), $arr['item']->getPrice());
} // End of foreach loop!
echo "Saving card to Session variable";
//New_cart is only set in adjQ request prehaps this code should be there?
$_SESSION["cart"] = serialize($cart);
} // End of IF.
}
if(isset($_REQUEST['showCart']))
{
if ($cart->getCount() > 0) {
// output data of each row
echo '<table border='."1".'><form action="cart.php" method="post">';
echo '<tr><td><b>'."Id produs".'</td><td><b>'."Denumire".'</td><td><b>'."Pret".'</td><td>'."Numar de bucati solicitate".'</td></tr>';
foreach ($cart->getAllRows() as $row) {
echo '
<tr>
<td>'. $row->getProductId() . '</td>
<td>'. $row->getName() . '</td>
<td>'. $row->getPrice() . '</td>
<td><input type="input" value="0" name="quantity[]"><input type="hidden" value="' . $row->getProductId() . '" name="item_adjust[]"/><input type="hidden" value="showCart" name="showCart"/></td>
</tr>';
}
echo '<tr><td colspan="3"><input type="submit" value="Adauga in cosul de cumparaturi" name="adjQ"></td></tr></table>';
} else {
echo "Cart is empty";
}
}
?>
</body>
</html>
我创建了一个有效的购物车对象。但是当我尝试将对象保存到会话中时,存储了该对象的错误内容。正在保存的值是对象从购物车中清除后的值,空的。
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Testing the Shopping Cart</title>
</head>
<body>
<?php # cart.php
// This script uses the ShoppingCart and Item classes.
//error_reporting(0);
// Create the cart:
session_start();
try {
require('ShoppingCart.php');
require('userMenu.php');
$cart = new ShoppingCart();
// Create some items:
require('Item.php');
require ('Connect.php');
$conn=Connect::doConnect();
$query = "SELECT product_id, product_name, product_price from product";
$result = mysqli_query($conn, $query);
$i=0;
$w = array();
$new_cart;
if ($result->num_rows > 0) {
// output data of each row
echo '<table border='."1".'><form action="cart.php" method="post"><tr><td>';
echo '<b>'."Id produs".'</td><td><b>'."Denumire".'</td><td><b>'."Pret".'</td><td>'."Numar de bucati solicitate".'</td></tr><tr>';
while($row = $result->fetch_assoc()) {
echo '<td>'.$row["product_id"].'</td><td>'. $row["product_name"].'</td><td>'. $row["product_price"]. '</td><td>
<input type="input" value="0" name="quantity[]"><input type="hidden" value="'.$row["product_id"].'" name="item_adjust[]"></td>';
echo '</tr>';
$i++;
$w[$i]=new Item($row["product_id"], $row["product_name"],$row["product_price"]);
$cart->addItem($w[$i]);
//$cart->deleteItem($w[$i]);
}
echo '</td></tr><tr><td colspan="3"><input type="submit" value="Adauga in cosul de cumparaturi" name="adjQ"></td></tr></table>';
//foreach ()
} else {
echo "0 results";
}
$conn->close();
if($_POST["adjQ"]){
echo "In stoc avem ".$i." tipuri de produse";
// Update some quantities:
$cart_items_new = array_combine($_POST['item_adjust'],$_POST['quantity']);
foreach ($cart_items_new as $product_id=>$quantity){
//$item=new Item($product_id,Item->);
//Item $it;
//->updateItem($item->getId($product_id), $qty);
//$cart->updateItem(getId($product_id), $quantity);
$conn=Connect::doConnect();
$query1 = "SELECT product_id, product_name, product_price from product where
product_id='$product_id'";
$result1 = mysqli_query($conn, $query1);
$row1=mysqli_fetch_array($result1);
if($quantity>0){
$cart->updateItem($w[$product_id], $quantity);
echo $product_id.$quantity."+".$row1["product_name"];
}
else{
$cart->deleteItem($w[$product_id]);
}
}
// Show the cart contents:
echo '<h2>Continutul cosului de cumparaturi (' . count($cart) . ' tipuri de produse)</h2>';
echo "The user is " . $_SESSION["user"] . ".<br>";
echo "User type is " . $_SESSION["user_type"] . ".";
$new_cart = unserialize(serialize($cart));
if (!$cart->isEmpty()) {
foreach ($cart as $arr) {
// Get the item object:
$item = $arr['item'];
// Print the item:
printf('<p><strong>%s</strong>: %d @ $%0.2f bucata.<p>', $item->getName(), $arr['qty'], $item->getPrice());
} // End of foreach loop!
} // End of IF.
}
echo '</td></tr><tr><td colspan="2"><input type="submit" value="Salveaza" name="session"></td><td></td></tr></form></table>';
if ($_POST['session'])
{
echo "You entered the number ";
$serialize_cart=serialize($new_cart);
$_SESSION["cart"]=$serialize_cart;
}
}
catch (Exception $e) {
}
?>
</body>
</html>
当我按下第二个提交按钮时我做错了什么。
嘿,我试过了 我无法测试它,因为我没有额外的文件和购物车对象,但它应该接近无错误
我有一个会话变量 'cart' 如果存在,我们将其反序列化并完成,然后可以编辑值并将其保存回来,依此类推
如果不存在,即第一次点击或购物车被删除,我们从数据库构建一个新购物车(这不适合测试,因为目前您将数据库中的每个项目都添加到购物车?)
如果存在 post 或 adjQ 的获取值,我们修改购物车对象的一些值并将其保存回会话变量
如果 showCart 的 post 或 get 值存在,我们输出当前购物车 要完成这项工作,您可能需要调整 Shopping_Cart 对象以支持被调用的变量以及 getCount 函数和 getAllRows 函数
我已经从购物车中删除了一组项目的额外存储 (w) 不确定那是什么,因为您将数据存储在对象中,不需要复制它
应该清理所有请求变量以防止注入攻击等等
我添加了一个隐藏字段来触发 showCart 请求
无论如何希望这对您有所帮助
<?php
session_start();
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Testing the Shopping Cart</title>
</head>
<body>
<?php # cart.php
// This script uses the ShoppingCart and Item classes.
//error_reporting(0);
// Create the cart:
require('ShoppingCart.php');
require('userMenu.php');
$rowCount = 0;
if(isset($_SESSION['cart']))
{
echo "We have a stored cart in a Session variable, retrieving data ...";
$cart = unserialize($_SESSION["cart"]);
$rowCount = $cart->getCount();
}
else
{
$cart = new ShoppingCart();
// Create some items:
require('Item.php');
require ('Connect.php');
$conn=Connect::doConnect();
$query = "SELECT product_id, product_name, product_price from product";
$result = mysqli_query($conn, $query);
$rowCount = $result->num_rows;
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$cart->addItem(new Item($row["product_id"], $row["product_name"],$row["product_price"]));
}
}
$conn->close();
}
if(isset($_REQUEST['adjQ']))
{
echo "In stoc avem ".$rowCount." tipuri de produse";
// Update some quantities:
$cart_items_new = array_combine($_POST['item_adjust'], $_POST['quantity']);
foreach ($cart_items_new as $product_id=>$quantity) {
if($quantity > 0) {
$cart->updateItem($product_id, $quantity);
$conn=Connect::doConnect();
$query1 = "SELECT product_id, product_name, product_price from product where product_id='$product_id'";
$result1 = mysqli_query($conn, $query1);
$row1 = mysqli_fetch_array($result1);
echo $product_id." ".$quantity." + ".$row1["product_name"];
}
else {
$cart->deleteItem($product_id);
}
}
// Show the cart contents:
echo '<h2>Continutul cosului de cumparaturi (' . $rowCount . ' tipuri de produse)</h2>
The user is ' . $_SESSION["user"] . '.<br>
User type is ' . $_SESSION["user_type"] . '.';
if (!$cart->isEmpty()) {
foreach ($cart as $arr) {
// Get the item object:
$item = $arr['item'];
// Print the item:
printf('<p><strong>%s</strong>: %d @ $%0.2f bucata.<p>', $arr['item']->getName(), $arr['item']->getQuantity(), $arr['item']->getPrice());
} // End of foreach loop!
echo "Saving card to Session variable";
//New_cart is only set in adjQ request prehaps this code should be there?
$_SESSION["cart"] = serialize($cart);
} // End of IF.
}
if(isset($_REQUEST['showCart']))
{
if ($cart->getCount() > 0) {
// output data of each row
echo '<table border='."1".'><form action="cart.php" method="post">';
echo '<tr><td><b>'."Id produs".'</td><td><b>'."Denumire".'</td><td><b>'."Pret".'</td><td>'."Numar de bucati solicitate".'</td></tr>';
foreach ($cart->getAllRows() as $row) {
echo '
<tr>
<td>'. $row->getProductId() . '</td>
<td>'. $row->getName() . '</td>
<td>'. $row->getPrice() . '</td>
<td><input type="input" value="0" name="quantity[]"><input type="hidden" value="' . $row->getProductId() . '" name="item_adjust[]"/><input type="hidden" value="showCart" name="showCart"/></td>
</tr>';
}
echo '<tr><td colspan="3"><input type="submit" value="Adauga in cosul de cumparaturi" name="adjQ"></td></tr></table>';
} else {
echo "Cart is empty";
}
}
?>
</body>
</html>