// 判断购物车中是否已有该商品,有则累加数量 if (isset($_SESSION['cart'][$product['id']])) $_SESSION['cart'][$product['id']]['num']++; else $_SESSION['cart'][$product['id']] = $product;
If you write your code like this (BAD PRACTICE): php id 1 shopping top
try $pdo = new PDO("mysql:host=$host;dbname=$dbname;charset=utf8", $username, $password); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); catch(PDOException $e) die("Connection failed: " . $e->getMessage()); else $_SESSION['cart'][$product['id']] = $product
Now we output the HTML. We’ll embed PHP variables, but always escape output to prevent XSS (cross‑site scripting) using htmlspecialchars() . ?php // Configuration $db_host = 'localhost'
<?php // Configuration $db_host = 'localhost'; $db_username = 'your_username'; $db_password = 'your_password'; $db_name = 'your_database';