1. ホーム
  2. 質問と答え
  3. 値をモーダルに取得/渡す方法

値をモーダルに取得/渡す方法

2017-09-07 18 views
0

order.idの値をorder.phpからordermodal.phpに渡すにはどうすればよいですか。値をモーダルに取得/渡す方法

これはorder.php

UI of order.php

<?php 
session_start(); 

$order_id = $_SESSION['order_id']; 


if (!isset($_SESSION['user_id'])) 
{ 
    header("Location: index.php"); 
    } 
    $_SESSION['navMenu'] = "order"; 
ini_set('display_errors', 'On'); 
require_once 'includes/database.php'; 
include_once 'system_menu.php'; 
include_once 'ordermodal.php'; 
$sql2 = "SELECT * FROM cart_tbl"; 
$sql = "SELECT * FROM order_tbl WHERE order_status = 'Accepted' or order_status = 'Dispatched' or order_status = 'Pending' ORDER BY order_datetime DESC"; 
/*** * SET UP COMBO BOX FOR SEARCH */ 
$comboBox = isset($_REQUEST['comboBoxVal']) ? trim($_REQUEST['comboBoxVal']) : ''; 
$search_by = isset($_REQUEST['search_by']) ? addslashes($_REQUEST['search_by']) : 0; 
$users = null; 

if ($comboBox != '') { switch ($search_by) { 
case 1://Order ID 
$sql .= " WHERE order_id LIKE '%{$comboBox}%' "; 
    break; 
    } 
} 
$carts = mysqli_query(connection(), $sql2); 
$orders = mysqli_query(connection(), $sql); 
$search_filters = array(1 => 'Order ID'); 
/*** * END SET UP COMBO BOX */ ?> 
<html> 
<head> 
<title>ORDERS</title> 
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> 
<link href="css/bootstrap.css" rel="stylesheet"> 
<link href="css/style.css" rel="stylesheet"> 
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> 
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script> 
<!-- Include all compiled plugins (below), or include individual files as needed --> 
<script src="js/bootstrap.min.js"></script> 
    <style type="text/css"> 
body { 

    background:url(images/jerica.jpg)fixed no-repeat center; 
    background-size:cover; 
} 

.asd { 
    color: white; 
} 
</style> 
</head> 
<body> 
<?php 
    if (isset($_SESSION['message'])) { 
    $message = $_SESSION['message']; unset($_SESSION['message']); 
} 
else { 
    $message = ""; 
} 
?> <div class="container" > 
<h1 class="asd">Orders</h1> 
</div> <div class="container" > 
<div class="panel panel-default" > 
<div class="panel-heading"> <form method="post"> <div class="input-group"> 
<div class="input-group-addon"> <select name="search_by"> 
<?php 
foreach ($search_filters as $key => $value): ?> 
<option value="<?= $key ?>" <?= $key == $search_by ? 'selected' : '' ?> > <?= $value ?> </option> 
<?php 
endforeach; 
?> 
</select> 
</div> 
<input type="search" name="comboBoxVal" value="<?= $comboBox ?>" class="form-control" placeholder="Search"> 
</div> 
</form> 
</div> 
<div class="panel-body"> 
<?php 
if ($message != ''): ?> 
<div class="alert alert-success alert-dismissible" role="alert"> 
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true"> &times;</span></button> 
<?= $message ?> </div> 
<?php endif; ?> 
<table class="table table-hover table-bordered"> 
<thead> 
<tr> 
<th>Order ID</th> 
<th>User ID</th> 
<th>Order Date</th> 
<th>Order Time</th> 
<th>Delivery Charge</th> 
<th>Total Amount</th> 
<th>Address</th> 
<th>Coordinates</th> 
<th>Driver Number</th> 
<th>Order Status</th> 
<th>Action</th> 
</tr> 
</thead> 
<?php 
/*** * DISPLAY TABLE */ 
?> 
<tbody> 
<?php if ($orders): ?> 
<?php 
while ($order = mysqli_fetch_array($orders, MYSQLI_BOTH)): 
?> 
<?php 
$order_datetime = $order['order_datetime']; 
$date = date('Y-m-d', strtotime($order_datetime)); 
$time = date('H:i:s', strtotime($order_datetime)); 

?> 

<tr> 
<td><?= $order['order_id'] ?></td> 
<td><?= $order['user_id'] ?></td> 
<td><?= $date ?></td> 
<td><?= $time ?></td> 
<td><?= $order['order_deliveryCharge'] ?></td> 
<td><?= $order['order_totalAmount'] ?></td> 
<td><?= $order['address'] ?></td> 
<td><?= $order['coordinates'] ?></td> 
<td><?= $order['driver_number'] ?></td> 
<td><?= $order['order_status'] ?></td> 
<td><button type="button" class="btn btn-success" data-toggle="modal" data-target="#myModal" onclick="viewOrder('<?= $order['order_id'] ?>', '<?= $order['order_id'] ?>', '<?= $date ?>', '<?= $time ?>', '<?= $order['order_deliveryCharge'] ?>', '<?= $order['order_totalAmount'] ?>', '<?= $order['address'] ?>', '<?= $order['coordinates'] ?>', '<?= $order['driver_number'] ?>', '<?= $order['order_status'] ?>')"> View Order </button> 
</td> 
</tr> 
<?php endwhile; ?> 
<?php endif; ?> 
</tbody> 
</table> 
</div> 
<div class="panel-footer"> 
</div> 
</div> 
</div> 
<script> 
function viewOrder(order_id, user_id, order_date, order_time, order_deliveryCharge, order_totalAmount, address, coordinates, driver_number, order_status) { 
document.getElementById("titleModal").innerHTML = "viewOrder"; 
document.getElementsByName("order_id")[0].setAttribute("value", order_id); 
document.getElementsByName("user_id")[0].setAttribute("value", user_id); 
document.getElementsByName("order_date")[0].setAttribute("value", order_date); 
document.getElementsByName("order_time")[0].setAttribute("value", order_time); 
document.getElementsByName("order_deliveryCharge")[0].setAttribute("value", order_deliveryCharge); 
document.getElementsByName("order_totalAmount")[0].setAttribute("value", order_totalAmount); 
document.getElementsByName("address")[0].setAttribute("value", address); 
document.getElementsByName("coordinates")[0].setAttribute("value", coordinates); 
document.getElementsByName("driver_number")[0].setAttribute("value", driver_number); 
document.getElementsByName("order_status")[0].setAttribute("value", order_status); 
document.getElementsByName("viewOrder")[0].setAttribute("name", "viewOrder"); 


/*x = document.getElementsByName("order_status").value; 

if(x == "Accepted"){ 
    document.getElementsByName("submitAccept").disabled = true; 
}*/ 

} 
</script? 
</body> 
</html>

であり、これはordermodal.php瞬間として

UI of ordermodal.php

<?php 

/** *ordermodal.php **/ 

$id = ""; 
$order_date = ""; 
$order_time = ""; 
$order_id = ""; 
$order_deliverCharge = ""; 
$order_status = ""; 
$order_totalAmount= ""; 
$coordinates = ""; 
$driver_number = ""; 
$address = ""; 


$food_name=""; 
$special_request=""; 
$quantity=""; 
$amount=""; 
$orders=""; 

     ?> 

     <!-- MODALS --> <!-- DETAILS --> 
     <div id="myModal" class="modal fade" role="dialog"> 
     <div class="modal-dialog modal-lg"> 
     <div class="modal-content"> 
     <form action="" method="post" class="form-horizontal"> 
     <div class="modal-header"> 
     <button type="button" class="close" data-dismiss="modal"><center>&times;</button> 
    <h4 class="modal-title" id="titleModal"></h4> 
    </div> 
     <div class="modal-body"> 

    <div class="form-group"> 
<label for="order_id" class="col-sm-2 control-label">Order ID</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="order_id" id="order_id" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

<div class="form-group"> 
<label for="id" class="col-sm-2 control-label">ID</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="user_id" id="user_id" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

    <div class="form-group"> 
<label for="order_date" class="col-sm-2 control-label">Order Date</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="order_date" id="order_date" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

    <div class="form-group"> 
<label for="order_time" class="col-sm-2 control-label">Order Time</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="order_time" id="order_time" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

<div class="form-group"> 
<label for="order_deliverCharge" class="col-sm-2 control-label">Delivery Charge</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="order_deliveryCharge" id="order_deliveryCharge" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

    <div class="form-group"> 
<label for="order_totalAmount" class="col-sm-2 control-label">Total Amount</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="order_totalAmount" id="order_totalAmount" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

<div class="form-group"> 
<label for="address" class="col-sm-2 control-label">Address</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="address" id="address" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

<div class="form-group"> 
<label for="coordinates" class="col-sm-2 control-label">Coordinates</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="coordinates" id="coordinates" placeholder="" value="" required="required" maxlength="11" readonly> 
</div> 
</div> 

<div class="form-group"> 
<label for="driver_number" class="col-sm-2 control-label">Driver Number</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="driver_number" id="driver_number" placeholder="" value="" required="required" readonly> 
</div> 
</div> 

<div class="form-group"> 
<label for="order_status" class="col-sm-2 control-label">Order Status</label> 
<div class="col-lg-3"> 
<input type="text" input style="width:500px" class="form-control" name="order_status" id="order_status" placeholder="" value="" required="required" readonly> 
</div> 
</div>  

    <?php 
// This is where I want to get the value of oder_id from order.php page 
$sql = "SELECT food_name, special_request, quantity, amount 
FROM cart_tbl 
WHERE order_id=$order_id"; 
$result = mysqli_query(connection(), $sql); 
?> 

<table class="table table-hover table-bordered"> 
<thead> 
<tr> 
<th>Food</th> 
<th>Special Request</th> 
<th>Quantity</th> 
<th>Amount</th> 
</tr> 
</thead> 
<?php 
if(mysqli_num_rows($result)>0) 
{ 
    while($row = mysqli_fetch_array($result)) 
    { 
?> 
<tr> 
<td><?php echo $row["food_name"];?></td> 
<td><?php echo $row["special_request"];?></td> 
<td><?php echo $row["quantity"];?></td> 
<td><?php echo $row["amount"];?></td> 
</tr> 
<?php 
    } 
} 
?> 

</table> 
<tbody> 

</div> 
<div class="modal-footer"> 
<button type="submit" name="showOrder" id="showOrder" class="btn btn-secondary" onclick="" > Show Order </button> 
<button type="submit" name="submitAccept" id="submitAccept" class="btn btn-primary" onclick="if(!confirm('Are you sure you want to accept order?')){return false;}" > Accept </button> 
<button type="submit" name="submitSent" class="btn btn-primary"onclick="if(!confirm('Are you sure you want to send order?')){return false;}" >Sent</button> 
<button type="submit" name="submitCancel" class="btn btn-danger" onclick="if(!confirm('Are you sure you want to cancel order?')){return false;}">Cancel</button> 
    <?php 
if(isset($_POST['showOrder'])){ 
    $order_id = trim(addslashes($_POST['order_id'])); 
} 
    if(isset($_POST['submitAccept'])){ 
    $order_id = trim(addslashes($_POST['order_id'])); 
    $query = "UPDATE order_tbl SET `order_status`='Accepted' WHERE `order_id` = $order_id"; 
    if (mysqli_query(connection(), $query)) { 
     mysqli_query(connection(), "COMMIT"); 
     $_SESSION['message'] = "Order Accepted"; } 
     else { 
     $_SESSION['message'] = mysqli_error(connection()); 
     mysqli_query(connection(), "ROLLBACK"); 
     } 
    } 

    if(isset($_POST['submitSent'])){ 
    $order_id = trim(addslashes($_POST['order_id'])); 
    $query = "UPDATE order_tbl SET `order_status`='Dispatched' WHERE `order_id` = $order_id"; 
    if (mysqli_query(connection(), $query)) { 
     mysqli_query(connection(), "COMMIT"); 
     $_SESSION['message'] = "Order Dispatched"; } 
     else { 
     $_SESSION['message'] = mysqli_error(connection()); 
     mysqli_query(connection(), "ROLLBACK"); 
     } 
    } 

    if(isset($_POST['submitCancel'])){ 
    $order_id = trim(addslashes($_POST['order_id'])); 
    $query = "UPDATE order_tbl SET `order_status`='Cancelled' WHERE `order_id` = $order_id"; 
    if (mysqli_query(connection(), $query)) { 
     mysqli_query(connection(), "COMMIT"); 
     $_SESSION['message'] = "Order Cancelled"; } 
     else { 
     $_SESSION['message'] = mysqli_error(connection()); 
     mysqli_query(connection(), "ROLLBACK"); 
     } 
    } 

    ?> 


</div> 
</form> 
</div> 
</div> 
</div>

だから、これの関数であります表示順序をクリックすると、ordeの値order.phpのr_idが取得できなかった場合は、order_idの値を取得するためにordermodal.php(accept、send、cancel)内のボタンを最初にクリックする必要があります。

"表示順序をクリックすると、すぐにorder_idの値が取得され、SQLクエリで使用できるようになります。これが実際の出力であるはずです。"

あなたが私を助けてくれることを願っています。このエラーは数日前にスタックしました。 TIA!

出典

2017-09-07 Blank

+1

あなたのコードは[** SQLインジェクション**](https://en.wikipedia.org/wiki/SQL_injection)攻撃の脆弱性があります。あなたは[** mysqli **](https://secure.php.net/manual/en/mysqli.prepare.php)または[** PDO **](https ://secure.php.net/manual/en/pdo.prepared-statements.php)ドライバ。 [**この記事**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)には、いくつかの良い例があります。 –

答えて

0

最初のチャンクで行ったセッション変数をまだ使用できませんでした。その値をリセットしない限り - それは見えませんでした... または、あなたが取得しようとしているURLあなたはOID =#のクエリのparamを入れて、典型的な操作を行うよりも可能性がモーダルのURL ...また

$orderID = $_GET['old'] ? $_GET['old'] : $_POST['old']; // not sure if your posting or just doing a get....

あなたはインラインフレームを介してこれを引っ張ったりない場合はどうノー確認が、いずれかの方法でクエリのparamかセッション変数は動作するはずです。

これが役に立ちます。

出典

2017-09-07 13:06:21 Joe

関連する問題

 関連する問題