php array sum pdo

[linda111]

currently i have develop e-commerce website for my uni project. this code are for total price in cart part.  in cart table there is 3 column which is p _id, ip_add and qty. in table product there is 6 column and on of that are product_price. so i want to get sum for total price for the item that user want to buy. the total price should get based on the total product that user add to cart. so the price should be get by product_id

function total_price () {
    $total = 0;
    global $db;
    $ip = getIp();

    $sql = $db->query("SELECT * from cart WHERE ip_add='$ip'");
    $row = $query->fetch(PDO::FETCH_ASSOC);
    if ($row) {
       
    }    

    $no=$sql->rowCount();   // number of rows affected by the last SQL statement  
    if ($no == 0) {
        echo "";                
    } else {
        foreach($sql as $row)
            $product_id = $row["p_id"];
            $sql = $db->query("SELECT product_price from product WHERE product_id='$product_id'");
            $no=$sql->rowCount();   // number of rows affected by the last SQL statement  
            if ($no == 0) {
                echo "";
            } else {
                foreach($sql as $row)
                $product_price = array($row["product_price"]);

                $values = array_sum($product_price );
                $total += $values;
            }
        }
        echo "RM" . $total;
    }
}

[Jacques1]

The code doesn't make much sense.

 

First off, nobody would ever use the IP address as a customer identifier in reality, because IP addresses are commonly shared and reused among thousands of people. Haven't you been introduced to the concept of sessions?

 

Secondly, your entire code is essentially a (bad) reinvention of basic SQL operations. Have you heard of joins? Aggregate functions?

SELECT
    SUM(cart.qty * product.product_price) AS total_price
FROM
    cart
    JOIN product ON cart.p_id = product.product_id    -- you should be consistent when naming columns; either p_id or product_id, not both
WHERE
    cart.ip_add = :ip_add    -- this is a parameter for a prepared statement; do not inject PHP values directly into query strings

[linda111]

yes i know about session. i use ip in cart function as user not confirm yet to buy the product. as they want make a payment then only need to login to paypal accout. i have try joins but there is no output for total price. 

function total_price() {
  global $db;
  $ip = getIp();

  $query = $db->prepare('
    SELECT SUM(p.product_price * c.quantity) AS total FROM cart AS c
JOIN product AS p ON p.product_id = c.p_id
WHERE c.ip_add = :ip
  ');
  $query->bindParam(':ip', $ip);
  $query->execute();

  $row = $query->fetch(PDO::FETCH_ASSOC);
  if($row) {
    $total = (float) $row['total'];
  } else {
    $total = 0;
  }

  return $total;
}

[Psycho]

 

yes i know about session. i use ip in cart function as user not confirm yet to buy the product. as they want make a payment then only need to login to paypal accout. i have try joins but there is no output for total price. 

 

So, what would you expect to happen when you have two or more concurrent users with the same IP address?

 

But, with what you have, this should work

 

SELECT c.ip_add, SUM(p.product_price * c.qty) as cart_total
 
FROM cart c
 
JOIN product p
  ON c.p_id = p.product_id
 
WHERE c.ip_add = '$ip'