我有一个 if isset 语句,当我的网站在提交表单后收到我的商家帐户 API 的批准时,该语句会触发。除了表单中的订单详细信息写入我的数据库之外,一切似乎都有效。这是我的表单的代码:
<form id="input-form" class="form-inline" action="" method="post">
<?php
if($error <> '') {
echo '<div class="alert alert-danger">',$error,'</div>';
}
?>
<div id="makepayment">
<div class="form-group">
<label for="order_fname">First Name</label>
<input class="form-control" style="width: 273px;" type="text" name="order_fname" id="order_fname" value="<?php echo $user['user_fname']; ?>" placeholder="First Name" />
</div>
<div class="form-group">
<label for="order_lname">Last Name</label>
<input class="form-control" style="width: 273px;" type="text" name="order_lname" id="order_lname" value="<?php echo $user['user_lname']; ?>" placeholder="Last Name" />
</div>
<div class="form-group">
<label for="order_phone">Primary Phone</label>
<input class="form-control" style="width: 273px;" type="text" name="order_phone" id="order_phone" value="<?php echo $user['user_phone']; ?>" placeholder="Phone Number" />
</div>
<div class="form-group">
<label for="order_cell">Cell Phone</label>
<input class="form-control" style="width: 273px;" type="text" name="order_cell" id="order_cell" value="<?php echo $user['user_cell']; ?>" placeholder="Cell Phone" />
</div>
<div class="form-group">
<label for="order_email">Email</label>
<input class="form-control" style="width: 273px;" type="text" name="order_email" id="order_email" value="<?php echo $user['user_email']; ?>" placeholder="Email Address" />
</div><br/>
<div class="clear"></div>
<div class="form-group" style="width:100% !important">
<label for="company_id">Property Information</label><br/>
<br/>
<input id="company_id" type="hidden" id="company_id" name="company_id" value="<?php echo $company['company_id']; ?>" />
<input id="company_name" type="hidden" id="company_name" name="company_name" value="<?php echo $company['company_name']; ?>" />
<div class="property">
<strong><?php echo $company['company_name']; ?></strong><br/>
<?php echo $company['company_street']; ?><br/>
<?php echo $company['company_city']; ?>, <?php echo $company['company_state']; ?> <?php echo $company['company_zip']; ?>
</div>
<div class="clear"></div>
</div><br/>
<div class="clear"></div>
<div class="form-group">
<label for="order_cc">Card Number</label>
<input class="form-control" type="text" name="ssl_card_number" id="ssl_card_number" style="width:100% !important" />
</div><br/>
<div class="clear"></div>
<div class="form-group">
<label for="order_code">Security Code</label>
<input class="form-control" style="width: 75px;" type="text" name="order_code" id="order_code" placeholder="ex:123" />
</div>
<div class="form-group">
<label for="order_customernumber">Customer Number</label>
<input class="form-control" type="text" style="width: 75px;" name="order_customernumber" id="order_customernumber" />
</div>
<div class="form-group">
<label for="order_invoicenumber">Invoice Number</label>
<input class="form-control" type="text" style="width: 75px;" name="order_invoicenumber" id="order_invoicenumber" />
</div>
<div class="form-group">
<label for="order_amount">Payment Amount</label>
$ <input class="form-control" type="text" style="width: 100px" name="ssl_amount" id="ssl_amount" />
</div>
<div class="form-group" style="width:100% !important">
<input class="btn btn-primary" type="submit" name="submit" value="Submit" />
</div>
</div>
</form>
这是我的 if isset 语句,如果 api 发回批准代码,就会触发该语句。我知道这部分有效,因为它在我输入卡信息时执行此操作,并在我输入虚假信息时抛出正确的错误。
if(isset($response['ssl_result_message']) && $response['ssl_result_message'] == "APPROVAL") {
//If transaction successful write to database
$userid = $session['user_id'];
$addOrderSQL = "
INSERT INTO orders (
user_id,
company_id,
order_fname,
order_lname,
order_phone,
order_cell,
order_email,
company_name,
order_customernumber,
order_invoicenumber,
order_amount
)
VALUES (
'$userid',
'$_POST[company_id]',
'$_POST[order_fname]',
'$_POST[order_lname]',
'$_POST[order_phone]',
'$_POST[order_cell]',
'$_POST[order_email]',
'$_POST[company_name]',
'$_POST[order_customernumber]',
'$_POST[order_invoicenumber]',
'$_POST[ssl_amount]'
)";
$firstname= $_POST['order_fname'];
$lastname = $_POST['order_lname'];
$invoice = $_POST['order_invoicenumber'];
$customernum = $_POST['order_customernumber'];
$property = $_POST['company_name'];
$ordertotal = $_POST['ssl_amount'];
/* -------------------------------------------------
Send Email to Administrator
------------------------------------------------- */
$to = "web@abcprintingink.com";
$subject = "Payment for Customer # ". $customernum;
$headers = "Content-type: text/html; charset=iso-8859-1'r'n";
$headers .= "From: webmaster@turfmastersct.com" . "'r'n" .
"Reply-To: webmaster@example.com" . "'r'n" .
"X-Mailer: PHP/" . phpversion();
$message = "<p>A customer has completed a payment. Here are the payment details:</p>
Customer Name: ". $firstname ." ". $lastname ."<br/>
Customer #: ". $customernum ."<br/>
Invoice #: ". $invoice ."<br/>
Property: ". $property ."<br/>
Payment Amount: $". $ordertotal;
// Send it.
mail($to, $subject, $message, $headers);
//once executed queries redirect user
header('Location: /payments/orders.php');
exit;
}
elseif(isset($response['errorCode'])) {
$error = 'Your credit card has been declined';
}
else {
$error = 'Failed to process your payment';
}
该表单正在与 API 通信,我从它那里得到回复,我可以看到付款详细信息发布到我的模拟账户。isset 语句触发,我收到它发送的电子邮件,它会像预期的那样将我重定向到 orders.php 页面。它只是不写入数据库。您可以看到我的表单,也可以看到我正在写入数据库的字段。所有这些字段都存在于数据库本身中。我在这里错过了什么吗?
您从不运行$addOrderSQL查询。
请参阅 mysqli_query() 来执行此操作。