0

As the title says i'm developing shopping cart for a website and the cart contains all the products that been ordered from different companies like this :- screenshot

so as you see i'm trying to sort all products that is from the same company underneath each other as the specific company bill my question how can i accomplish that ?

what i have tried :- nothing to mention actually i'm really so confused here i don't now what i'm going to (loop for or something like that .. ) i hope i explained what i want to accomplish, if not (screenshot) code :- php PDOquery

<?
$accountid = '8';
require_once '..\Config.php';
 // WHERE chemicalcom='$variable' OR name='$variable'
$dbCon = "mysql:host=$host;dbname=$db_name";
$variable = "Efexor";
$PDOCon = new PDO($dbCon, $username, $password);
$query = $PDOCon->prepare("SELECT * FROM basket WHERE accountid ='$accountid'");
$query->execute();
$basketItems = $query->fetchAll();
?>

code :- index.php

        <? foreach($basketItems as $item){
        echo'<h3>Bill('.$item['companyexported'].')</h3>
        <div class="card">
        <div class="row">
            <div class="col-6"><img src="'.$item['imgpath'].'" class="productimg" alt=""></div>
            <div class="col-auto">
                <div class="card-title">
                    <div class="row">'.$item['name'].'</div>
                    <div class="row">'.$item['chemicalcom'].'</div>
                    <div class="row">'.$item['concentration'].'</div>
                    <br>
                    <div class="row">'.$item['price'].' $
                    </div>
                    <span class="badge badge-info qty">'.$item['qty'].'</span>
                </div>
            </div>
        </div>
    </div>';}?>

Thanks .

Community
  • 1
  • 1
MrObscure
  • 475
  • 3
  • 17
  • Some tips for posting here that you might find helpful: (1) omit square/angle/curly brackets in your titles for the purposes of rendering home-made tags (use the tag system for that); (2) write titles in plain English, either as a short statement or a question; (3) avoid chatty and conversational material, like you're confused (readers know this) or how grateful you are (it is assumed); (4) run your written work through an English spell-checker; (5) observe the usual case rules for English, with special attention paid to the personal pronoun "I". – halfer Apr 22 '20 at 19:53
  • Also note that your code is probably vulnerable to (1) SQL injections, and (2) XSS vulnerabilities. – halfer Apr 22 '20 at 19:53
  • @halfer Thanks for the advice halfer can you tell me how to prevent those attacks? and how they work? – MrObscure Apr 22 '20 at 20:37
  • Yep, (1) parameter binding, [see here](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) and (2) output escaping, [see here](https://stackoverflow.com/questions/1996122/how-to-prevent-xss-with-html-php). – halfer Apr 22 '20 at 20:49

1 Answers1

0

First, you will need to update your sql to order by the company, that will make the php simpler.

SELECT * FROM basket WHERE accountid ='$accountid' order by companyexported

then in your php, you only want to show the company once, so you create an empty variable and check it. If that variable doesn't contain a matching company name, show the company and set that variable to the current company name.

        <?
    $curr_co = "";

foreach($basketItems as $item){
    if($curr_co != $item['companyexported']){
           echo '<h3>Bill('.$item['companyexported'].')</h3>';
           $curr_co = $item['companyexported'];
    }
           echo '<div class="card">
                <div class="row">
                    <div class="col-6"><img src="'.$item['imgpath'].'" class="productimg" alt=""></div>
                    <div class="col-auto">
                        <div class="card-title">
                            <div class="row">'.$item['name'].'</div>
                            <div class="row">'.$item['chemicalcom'].'</div>
                            <div class="row">'.$item['concentration'].'</div>
                            <br>
                            <div class="row">'.$item['price'].' $
                            </div>
                            <span class="badge badge-info qty">'.$item['qty'].'</span>
                        </div>
                    </div>
                </div>
            </div>';}?>
imvain2
  • 15,480
  • 1
  • 16
  • 21
  • Trapping big blocks of HTML inside PHP is not an ideal practice, since it prevents the editor/IDE from syntax checking and fragment colouration. Consider keeping all of this HTML, and then opening PHP fragments where they are required, e.g. ``. – halfer Apr 22 '20 at 19:56
  • @halfer, I agree, actually I use a custom templating engine. I was just answering the question itself not trying to fix all of their programming issues. But this question was closed anyway. – imvain2 Apr 22 '20 at 20:02
  • Fair enough, and yes it is hard to fix everything. One thing one can do in lieu of all that effort is to add some notes at the end, to make sure the question author is aware of these things. For example, I would suspect SQL injection and XSS vulnerabilities here, but it is impractical to fix these things (especially since that is not the focus of the question). I would thus tend to put some notes at the end about these things, in case the author is motivated to learn new things. – halfer Apr 22 '20 at 20:08
  • @imvain2 Thanks, for your response but the code, doesn't work see https://imgur.com/jk02QUs – MrObscure Apr 22 '20 at 21:28
  • @MrObscure, I apologize, this was kind of what halfer mentioned. You will need to modify you echoes since you really shouldn't be including html/php like that. I have updated my answer accordingly. – imvain2 Apr 22 '20 at 21:49