0

So I have to make a webshop. Is is not really working yet:(

I made a form where users can select their product color, capacity and howmany they want of them. All this info I loaded from the database into options.(First block code) Now I want to sent the selected options to the database (For the order) But for some reasons the variables are blank. So my question is how I can check which option is selected and how to sent the data of the selected option to the database.

I have tried to put the SQL code in another file, and change to action attribute in the form to that file. I tried a lot of different stuff with the SQL statement, but I think that is not the problem.

<p class="title">Choose your capacity</p>
<form action="bedankt.php" method="post" name="add_product_form">
  <select id="capacity">
    <?php foreach ($capacity as $value): ?>
    <option name="capacity"><?=$value; ?></option>
    <?php endforeach; ?>
  </select>
  <p class="title">Choose color</p>
  <select id="color">
    <?php foreach ($color as $colorvalue): ?>
    <option name="color"><?=$colorvalue; ?></option>
    <?php endforeach; ?>
  </select>
  <p class="title">Quantity</p>
  <select id="quantity">
    <?php for ($i=0; $i < $a + 1; $i++) : ?>
    <option name="quantity"><?=$i;?></option>
    <?php endfor; ?>
  </select>
  <hr>
  <input type="submit" value="Add to Cart" name="submit">Add to cart</button>
</form>

PHP

$capacitystring = $result['size'];
      $capacity = explode(', ', $capacitystring);

      $colorstring = $result['color'];
      $color = explode(', ', $colorstring);


      $i = 0;
      $a = $result['nr_available'];

      if(isset($_POST['submit']) && $_POST['quantity'] > 0) {

        $date = date('Y-m-d H:i:s');
        $product_quantity = $_POST['quantity'];

        $sql2 = "INSERT INTO aankopen(aankoopid, product_id, klantid, datum, hoeveelheid) VALUES (null, $productid, $user_id, '$date', '$product_quantity')";

        if (mysqli_query($conn, $sql2)) {
          header('Location: bedankt.php');
        } else {
            echo "Error: " . $sql2 . "<br>" . mysqli_error($conn);
        }

The result is that the variables I made are empty.

P.S If you are down to work with me on this project just hit me up on discord! dylan_0575#6733

Improve this question
1
  • 2
    Your inputs need name properties. Commented Apr 12, 2019 at 15:27

1 Answer 1

Reset to default
2

Your <select> tags need name="" properties, and the <option> tags should have value="" properties.

As an aside, your code is vulnerable to SQL Injection. You should look into using PDO and prepared statements.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Yes, I know about PDO. This project is just a little learning project, thanks for mentioning:)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.