在 PHP 问题中使用 $_POST
我正在尝试通过 PHP 中的 $_POST 获取一些信息,基本上现在我正在使用这个:
$item_name1 = $_POST['item_name1'];
$item_name2 = $_POST['item_name2'];
$item_name3 = $_POST['item_name3'];
$item_name4 = $_POST['item_name4'];
我想使用 mysql 将每个项目名称插入表字段中,所以我正在尝试使用 while php 循环所以我没有很多 $item_name 变量:
$number_of_items = $_POST['num_cart_items'];
$i=1;
while($i<=$number_of_items)
{
$test = $_POST['item_name'. $i''];
$i++;
}
上面的代码失败了,解释起来相当棘手,但代码应该找到所有 item_name $_POST 并将其作为 mysql 插入的变量。
$_POST['num_cart_items'] 是商品总数。
该代码适用于正在进行的购物车的 PayPal IPN 侦听器。
帮助表示赞赏。
编辑:
我在我刚刚意识到的文档中进一步提到了这一点:
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
How can i insert $_POST['item_name1'], $_POST['item_name2'] 作为 mysql 插入的变量?
I'm trying get some information via $_POST in PHP, basically at the moment i'm using this:
$item_name1 = $_POST['item_name1'];
$item_name2 = $_POST['item_name2'];
$item_name3 = $_POST['item_name3'];
$item_name4 = $_POST['item_name4'];
I want to insert each of the item names in a table field with mysql so i'm trying to experiment with the while php loop so i dont have lots of $item_name variables:
$number_of_items = $_POST['num_cart_items'];
$i=1;
while($i<=$number_of_items)
{
$test = $_POST['item_name'. $i''];
$i++;
}
The above code fails, its pretty tricky to explain but the code should find all the item_name $_POST and make it as a variable for mysql insertion.
The $_POST['num_cart_items'] is the total number of items.
The code is for a PayPal IPN listener for a shopping cart that is underway.
Help appreciated.
EDIT:
I have this further up the document which i just realised:
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
How can i insert $_POST['item_name1'], $_POST['item_name2'] as a variable for mysql insertion?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您的循环在每次迭代中有效地覆盖
$test变量:如果您想将它们放入数组中,请更改为
$test[]。它还包含brian_d提到的解析错误。与表单一起发送的变量
num_cart_items听起来有点可怕。你是用 JavaScript 设置的吗?用户可以操纵它。你不应该依赖它。我相信您需要的是将表单字段设置为:注意名称末尾的方括号。这将在
$_POST数组中创建一个数组:$_POST['item_name']将包含所有项目的名称。那么,您的数据库是如何构建的?我猜你想将它们插入到一个查询中,如下所示:
如果是这样,你可以从数组中生成一个字符串:
请注意,使用
addslashes不足以保护你免受 SQL 注入。Your loop is effectively overriding the
$testvariable on each iteration:If you want to put them in an array, change to
$test[]. Also it contains the parse error as mentioned bybrian_d.It sounds a little scary to have a variable
num_cart_itemsthat is sent with the form. Are you setting it with JavaScript? The user can manipulate it. You should not rely on it. I belive what you need is to make the form feilds as:Note the square brackets at the end of the name. This will create an array in the
$_POSTarray:$_POST['item_name']will contain the names of all the items.Then, how is your DB structured? I guess you want to insert them in one query as:
If so you can make a string out of the array:
Note that the use of
addslashesis not enough to protect you from SQL injection.$test = $_POST['item_name'. $i''];是一个语法错误。删除末尾的
'',使其变为:$test = $_POST['item_name'. $i];$test = $_POST['item_name'. $i''];is a syntax error.remove the end
''so it becomes:$test = $_POST['item_name'. $i];