使用 php ajax 在数据库中插入和更新不同的表

Question

我正在尝试将数据插入 tbl_stock 并同时更新 tbl_product。到目前为止，我已经在下面编写了一个 ajax 代码：

 <script>   
    $(document).ready(function() {
        $('#btn_stockin').click(function() {   
            event.preventDefault();

            /*Reading value from modal*/
            var newStock = $('#txt_addstock').val();
            var newPrice = $('#txt_addprice').val();
            if(newStock == '' && newPrice == ''){
                alert("Oops!, fill Text fields and try again.");
            }else{
                $.ajax({
                    method: 'POST', 
                    url: 'stock-in.php',
                    data:{stock_up: newStock, cost: newPrice,
                        <?php 
                            echo 'id: "'.$row->pid.'", oldstock: "'.$row->pstock.'", productcategory: "'.$row->pcategory.'", productname: "'.$row->pname.'", currentDate : "'.$savedate.'" '
                        ?>
                    },
                    success:function(data){
                        $('#add_stock_modal').modal('hide');
                        return data;
                    }

                });
            }

        });
    });
</script>

调用stock-in.php并包含以下SQL代码

<?php

include_once'connectdb.php';

if($_SESSION['useremail']=="" OR $_SESSION['role']=="Admin"){
    header('location:index.php');
}
if(isset($_POST['stock_up'])){
    $product_category   =   $_POST['productcategory'];
    $product_name       =   $_POST['productname'];
    $current_date       =   $_POST['currentDate'];
    $stockup            =   (int)$_POST['stock_up'];
    $newPrice           =   (int)$_POST['cost'];
    $id                 =   $_POST['id'];
    $oldstock           =   (int)$_POST['oldstock'];

    $new_stock          = $oldstock + $stockup;
    $amount_owed        = $newPrice * $stockup;
    
  try {
      //your stuff
  

    $query="insert into tbl_stock(category_name,product_name,stock_in,stock_price,total_cost,stocked_date) 
    values('$product_category','$product_name','$stockup','$newPrice','$amount_owed','$current_date')");
          $insert=$pdo->prepare($query);
          $stmt = $insert->execute();
          
          
          if($stmt){

                $sql="UPDATE `tbl_product` SET `pstock` = ?, `purchaseprice` = ? WHERE  pid= ? ";
                    $update=$pdo->prepare($sql);
                    $update->execute([$new_stock, $newPrice, $id]);

            }else{
              echo'Error in updating stock'; 
            }

          } catch(PDOException $e) {
            echo $e->getMessage();
        }
}
?>

调试窗口显示值 插入不工作并且不显示错误。我花了一个不眠之夜试图找出原因。请感谢您的帮助。

Answer 1

您开始使用 PDO 并创建准备好的语句，但随后通过将变量直接嵌入 SQL 命令中而破坏了良好的工作。我无法测试以下任何内容，但希望对您有所帮助。

<script>
    <?php
        $data=array(
            'id'                =>  $row->pid,
            'oldstock'          =>  $row->pstock,
            'productcategory'   =>  $row->pcategory,
            'productname'       =>  $row->pname,
            'currentDate'       =>  $savedate
        );
        printf('var json=%s;',json_encode($data));
    ?>
    
    $(document).ready(function() {
        $('#btn_stockin').click(function(event) {   
            event.preventDefault();

            /*Reading value from modal*/
            var newStock = $('#txt_addstock').val();
            var newPrice = $('#txt_addprice').val();
            
            if( newStock == '' && newPrice == '' ){
                alert("Oops!, fill Text fields and try again.");
            }else{
                let args={
                    stock_up:newStock,
                    cost: newPrice
                };
                
                let payload=Object.assign(args,json);
            
                $.ajax({
                    method:'POST', 
                    url:'stock-in.php',
                    data:payload,
                    success:function(data){
                        $('#add_stock_modal').modal('hide');
                        window.location.reload();
                    }
                });
            }
        });
    });
</script>

<?php
    
    #stock-in.php
    /*
        If you are using sessions you need to start a session!
    */
    error_reporting( E_ALL );
    session_start();

    
    
    if( empty( $_SESSION['useremail'] ) OR empty( $_SESSION['role'] ) OR $_SESSION['role']=="Admin" ){
        exit( header('Location: index.php') );
    }

    /*
        Check that all fields that are required in the sql have been submitted
    */
    if( isset( 
            $_POST['stock_up'],
            $_POST['productcategory'],
            $_POST['productname'],
            $_POST['currentDate'],
            $_POST['cost'],
            $_POST['id'],
            $_POST['oldstock']
        ) ){

        try{
            
            include_once 'connectdb.php';

            /*
                When inserting, updating multiple tables there is some sense in using a transaction
                so that if one part fails the db is not littered with orphan records
            */
            $pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
            $pdo->beginTransaction();
            
            
            
            
            $product_category   =   $_POST['productcategory'];
            $product_name       =   $_POST['productname'];
            $current_date       =   $_POST['currentDate'];
            $stockup            =   (int)$_POST['stock_up'];
            $newPrice           =   (int)$_POST['cost'];
            $id                 =   $_POST['id'];
            $oldstock           =   (int)$_POST['oldstock'];

            $new_stock          = $oldstock + $stockup;
            $amount_owed        = $newPrice * $stockup;
            
            
            /*
                The sql command should use placeholders rather than embedded fariables - the names are arbitrary
            */
            $sql='insert into `tbl_stock` ( `category_name`, `product_name`, `stock_in`, `stock_price`, `total_cost`, `stocked_date` ) 
                values 
            ( :cat, :prod, :in, :price, :cost, :date )';
            $stmt=$pdo->prepare( $sql );
            $args=array(
                ':cat'      =>  $product_category,
                ':prod'     =>  $product_name,
                ':in'       =>  $stockup,
                ':price'    =>  $newPrice,
                ':cost'     =>  $amount_owed,
                ':date'     =>  $current_date
            );
            if( !$stmt->execute( $args )  )echo 'stmt#1 failed';
            
            
            
            $sql='update `tbl_product` set `pstock` =:stock, `purchaseprice`=:price where `pid`=:pid';
            $stmt=$pdo->prepare( $sql );
            $args=array(
                ':stock'    =>  $new_stock,
                ':price'    =>  $newPrice,
                ':pid'      =>  $id
            );
            if( !$stmt->execute( $args ) )echo 'stmt#2 failed';
            
            
            
            /*
                If it all went well, commit these statements to the db
            */
            if( !$pdo->commit() )echo 'commit failed';
            
            
        
        }catch( PDOException $e ){
            /*
                Any problems, rollback the transaction and report issues - 
                not necessarily with the full `getMessage()` ~ perhaps just
                'Error!' etc
            */
            $pdo->rollBack();
            
            echo $e->getMessage();
        }
    }
?>