Php 付款详细信息未插入数据库中
在通过paypal付款后,我在数据库中存储付款详细信息时遇到问题。以下是支付成功的编码。它接受该值,但该值未存储在数据库中。我使用tmno作为用户idPhp 付款详细信息未插入数据库中,php,paypal,utf-8,Php,Paypal,Utf 8,在通过paypal付款后,我在数据库中存储付款详细信息时遇到问题。以下是支付成功的编码。它接受该值,但该值未存储在数据库中。我使用tmno作为用户id <?php session_start(); include 'con.php'; $cartID = $_SESSION['cartID']; $amount = $_GET['amt']; $currency = $_GET['cc']; $transactionID = $_GET['tx']; $payment_status =
<?php
session_start();
include 'con.php';
$cartID = $_SESSION['cartID'];
$amount = $_GET['amt'];
$currency = $_GET['cc'];
$transactionID = $_GET['tx'];
$payment_status = $_GET['st'];
$invoice = mt_rand();
$tmno = $_SESSION['tmno'];
$insert_payment = "INSERT INTO payment (paymentID,cartID) VALUES
('$transactionID','$cartID')";
$result_payment=mysqli_query($con,$insert_payment);
if($result_payment){
$update_query = "UPDATE cart SET status=1 WHERE cartID='$cartID' ";
$update_result = mysqli_query($con,$update_query);
if($update_result){
$sql1 = "SELECT * FROM cart WHERE tmno='$tmno' AND status=0 ";
$result1 = mysqli_query($con,$sql1);
if(mysqli_num_rows($result1)>0){
$row1 = mysqli_fetch_array($result1);
$cartID = $row1['cartID'];
}
else{ //if user doesn't have cart yet
$sql2 = "INSERT INTO cart(tmno) VALUES ('$tmno') ";
$result2 = mysqli_query($con,$sql2);
$cartID = mysqli_insert_id($con);
}
$_SESSION['cartID'] = $cartID;
echo "Your payment was successfully recorded!";
echo "<a href='UserFee.php'><h3>Click here to go back to the homepage!</h3></a>";
} else {
echo "Oh no!";
}
}else {
echo "Failed!";
}
?>
那么会发生什么?你收到“哦,不”的留言了吗?您从mysql\u error()ini\u集('display\u errors',1);ini_集(“日志错误”,1);错误报告(E_全部);mysqli_报告(mysqli_报告错误| mysqli_报告严格)到脚本的顶部。这将强制任何mysqli\uuuu
错误生成您可以在浏览器上看到的异常,其他错误也将在您的浏览器上看到。您的代码易受SQL注入攻击,您应该使用或帮助防止此类攻击。感谢您的帮助。我已经解决了。问题实际上来自数据库。它不接受cartID的值,因为其中有唯一的约束。
<?php
$con = mysqli_connect('DB_HOST', 'DB_USERNAME', 'DB_PASSWORD', 'DB_NAME') or die('Error Connect to DB');
mysqli_query($con,'utf-8');
?>