0

I am trying to learn some sort of coding and currently working on very simple products basket. With the code below:

      $r_id = '1';
  $r_site_id = 'AHLIM';
  $r_order_id = '167';  

 ////////////CHECK FOR EACH TYPE OF PRODUCT IN ORDER//////////////
 $query01 = "SELECT * FROM ra_ordered_products WHERE extras='0' AND product_type IN (1,2,3,4,5,6,7,8,9) AND order_id='$r_order_id' AND site_id='$r_site_id' GROUP BY product_type ORDER BY product_type ASC";
 $result01 = mysql_query($query01);

 while($r01 = mysql_fetch_array($result01)) {

 $g_product_type = $r01['product_type'];

////////////LIST PRODUCTS WITH THE TYPE GIVEN ABOVE/////////////////////////
 $query03 = "SELECT * FROM ra_ordered_products WHERE product_type IN ($g_product_type) AND order_id='$r_order_id' AND site_id='$r_site_id' GROUP BY product_id ORDER BY id ASC";
 $result03 = mysql_query($query03);

 while($r03 = mysql_fetch_array($result03)) {

 $p_id = $r03['id'];
 $p_product_id = $r03['product_id'];
 $p_product_type = $r03['product_type'];
 $p_product_extras = $r03['extras'];
 $p_product_comment = $r03['comment'];

 //////////////PRINT PRODUCT DETAILS FOR THE PRODUCT GIVEM///////////////
  $query04 = "SELECT * FROM ra_products WHERE id='$p_product_id'";
  $result04 = mysql_query($query04);
  $r04 = mysql_fetch_array($result04);

  $t_product_id = $r04['id'];
  $t_product_price = $r04['price'];
  $t_product_promo_price = $r04['promo_price'];
  $t_product_title = $r04['title'];

    //////////////////GIVE A COUNT OF THE PRODUCTS PER PRODUCT////////////////////////
    $counter03 = mysql_query("SELECT COUNT( * ) AS total_p_number FROM ra_ordered_products WHERE product_type NOT IN (999) AND extras='$p_product_extras' AND order_id='$r_order_id' AND product_id='$t_product_id' AND site_id='$r_site_id'"); 
    $num03 = mysql_fetch_assoc($counter03);
    $count03 = $num03['total_p_number'];


  $t_product_price=number_format((float)$t_product_price, 2, '.', '');
  $t_product_promo_price=number_format((float)$t_product_promo_price, 2, '.', '');

      if($p_product_type=='4') { $voucher_postfix='(Voucher)'; } else { $voucher_postfix=''; }  
 ///////////////CHECK FOR EXTRAS ADDED TO THIS PRODUCT//////////////////
    $query11 = "SELECT * FROM ra_ordered_products WHERE extras!='0' AND product_id='$t_product_id' AND order_id='$r_order_id' AND site_id='$r_site_id' GROUP BY extras ORDER BY date ASC";
     $result11 = mysql_query($query11);

     while($r11 = mysql_fetch_array($result11)) {

     $ep_id = $r11['id'];
     $ep_product_id = $r11['extras'];
//////////////////PRINT EXTRAS//////////////
      $query07 = "SELECT * FROM ra_products_extrass WHERE id='$ep_product_id'";     
      $result07 = mysql_query($query07);
      $r07 = mysql_fetch_array($result07);

      $e_name = $r07['extrass_name'];
      $e_price = $r07['extrass_price'];

        if($e_price!='') { $print_extras="Extras: $e_name - $e_price<br />"; } else { $print_extras=""; }

      } 

      if($p_product_type=='3' && $p_product_extras!='0')    { $t_product_price=$e_price; }      
         echo"$t_product_id - $t_product_title $voucher_postfix - $count03 - $t_product_price - $t_product_promo_price<br />$print_extras";

 }

 }
 echo"<br />";

Now this give me result:

168 - 55 Minute Full Body Swedish Massage - 1 - 83.00 - 0.00 170 - Ultimate Full Body Swedish Massage - 1 - 112.00 - 0.00 81 - Fish Finger Roll - 1 - 12.00 - 0.00 83 - Sirloin Steak - 1 - 13.05 - 12.95 96 - Burger - 2 - 14.00 - 0.00 Extras: Smoked Bacon - 1.50 8 - 34. Pinot Grigio, Italy - 1 - 8.70 - 0.00 Extras: Large - 8.70 11 - 54. Merlot, Chile - 1 - 26.00 - 0.00 Extras: Large - 8.70 24 - Cranberry - 1 - 2.25 - 0.00 Extras: Large - 8.70 50 - Absolut Raspberry - 1 - 6.75 - 0.00 Extras: Large - 8.70 26 - J2O - 1 - 3.50 - 0.00 Extras: Large - 8.70 10 - 31. Sauvignon Blanc, NZ - 1 - 9.00 - 0.00 Extras: Small - 9.00 223 - Thank You (Voucher) - 1 - 25.00 - 0.00 Extras: Small - 9.00

and here couple questions, can someone show me example of how to minimise/optimise this code and also as you can see extrass are pulled under ever item even that they dont belog to it.

In the given scenario, only Burger has Paid extras = Smoked bacon which should be listed Then Sauvignon Blanc and Pinot Grigio should have the price taken from extras but extras not to be listed.

I know this may not be brilliant coding and I hope to learn it better.

Paul
  • 27
  • 5
  • If your code is working as expected and want a code review, you have to post this question on... well.. [codereview](https://codereview.stackexchange.com/). This is the site of the Stackexchange network dedicated to that. – Cid Jun 17 '20 at 09:24
  • 2
    There are a few things - [Why shouldn't I use mysql_* functions in PHP?](https://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php), [How can I prevent SQL injection in PHP?](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) and https://www.php-fig.org/psr/psr-12/. – Nigel Ren Jun 17 '20 at 09:29
  • Why are you using the long-deprecated `mysql_` code library? It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using `mysqli` or `PDO` as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See http://bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely. – ADyson Jun 17 '20 at 09:52
  • Also, if you are running `mysql_` queries successfully, it shows you are running an unsupported version of PHP. You should upgrade your PHP version urgently to continue to receive security updates. https://www.php.net/supported-versions.php – ADyson Jun 17 '20 at 09:52

0 Answers0