Php 基于用户输入SQL防止值为负数
我有一个名为tblitem的表,我现在想要的是,当我添加产品时,它将检查tblitem库存,如果它大于用户输入,它将显示一个警报,如数量不足Php 基于用户输入SQL防止值为负数,php,sql,Php,Sql,我有一个名为tblitem的表,我现在想要的是,当我添加产品时,它将检查tblitem库存,如果它大于用户输入,它将显示一个警报,如数量不足 在表中添加更新之前,可以使用用户输入的数量检查库存值 if($qty<=$row['stock']){ //Check the quantity value before inserting or updating $latestinv = $row['stock'] - $qty; $updateq = mysqli_que
在表中添加更新之前,可以使用用户输入的数量检查库存值
if($qty<=$row['stock']){ //Check the quantity value before inserting or updating
$latestinv = $row['stock'] - $qty;
$updateq = mysqli_query($con, "UPDATE tblitem SET stock = '$latestinv' WHERE ItemName ='$itemname'");
$query=mysqli_query($con,"INSERT INTO tblpurchase(ItemName,Quantity,LatestInv) VALUES('$itemname','$qty','$latestinv')");
} else {
echo "<script>alert('Entered quantity is greate than available stock');</script>";
}
希望这对你有帮助 酷。到目前为止,你在这方面做过什么尝试吗?另外,你的脚本易受SQL注入的影响,请考虑使用参数化查询。在PHP SIR中,我是新手,这只是一个项目,先生,但是谢谢你的建议:
<div class="form-row">
<div class="col-md-6 mb-10">
<label for="validationCustom03">Item</label>
<select class="form-control custom-select" name="itemname" required>
<option value="">Select Item</option>
<?php
$rno=mt_rand(10000,99999);
$ret=mysqli_query($con,"select ItemName, stock from tblitem");
while($row=mysqli_fetch_array($ret))
{?>
<option value="<?php echo $row['ItemName'];?>" <?php if($row['ItemName']=='stock'){echo "selected";} ?> ><?php echo $row['ItemName'];?></option>
<?php } ?>
</select>
<div class="invalid-feedback">Please select Item.</div>
</div>
</div>
if($qty<=$row['stock']){ //Check the quantity value before inserting or updating
$latestinv = $row['stock'] - $qty;
$updateq = mysqli_query($con, "UPDATE tblitem SET stock = '$latestinv' WHERE ItemName ='$itemname'");
$query=mysqli_query($con,"INSERT INTO tblpurchase(ItemName,Quantity,LatestInv) VALUES('$itemname','$qty','$latestinv')");
} else {
echo "<script>alert('Entered quantity is greate than available stock');</script>";
}