使用 PHP 将文本框中的多值插入 MySQL 数据库

发布于 2024-12-23 18:58:27 字数 1201 浏览 1 评论 0原文

我的 PHP 和 MySQL 项目有问题。我想将多列值插入数据库，但事实是，我已经对代码感到困惑了。如果您想看一下，就像这样：

    if(!empty($_POST['brando'])){
        $A="brand = '$brando'";}
        else{
        $A=" ";}    

    if(!empty($_POST['prnameo'])){
        $B="product_name = '$prnameo'";}
        else{
        $B=" ";}    

    if(!empty($_POST['prido'])){
        $C="product_id = '$prido'";}
        else{
        $C=" ";}    

    if(!empty($_POST['prcolo'])){
        $D="color = '$prcolo'";}    
        else{
        $D=" ";}    

    if(!empty($_POST['priceo'])){
        $E="price = '$priceo'";}
        else{
        $E=" ";}    



        $sqlq="UPDATE $tbl_name2 SET $A $B $C $D $E  where id='$id'";


        mysql_query($sqlq);

我注意到在数据库中查询多值命令需要逗号，例如：

mysql_query("UPDATE $tablename SET collumn1='value', collum2='value' where id='value'");

现在我不能在任何这些代码中放置任何逗号或“，”，从而使 PHP 页面无法发送其他变量值传入服务器。

即使我将编码更改为：

$sqlq="UPDATE $tbl_name2 SET $A , $B , $C , $D , $E  where id='$id'";

它还会产生除了该死的错误之外的其他内容。

所以如果你知道我在说什么的话我想寻求帮助。我知道，听起来编码给我带来了压力。

哦，这个代码也是，我忘了把它放在这些上。

    for ($help_given=1, $help_given++)
    {
    echo "Thanks";
    }

原文

I'm having a problem with my PHP and MySQL project . I wanted to insert multi collumn value into the database but the truth is, im already confused by the codes. it's like this if you would like to take a look:


    if(!empty($_POST['brando'])){
        $A="brand = '$brando'";}
        else{
        $A=" ";}    

    if(!empty($_POST['prnameo'])){
        $B="product_name = '$prnameo'";}
        else{
        $B=" ";}    

    if(!empty($_POST['prido'])){
        $C="product_id = '$prido'";}
        else{
        $C=" ";}    

    if(!empty($_POST['prcolo'])){
        $D="color = '$prcolo'";}    
        else{
        $D=" ";}    

    if(!empty($_POST['priceo'])){
        $E="price = '$priceo'";}
        else{
        $E=" ";}    



        $sqlq="UPDATE $tbl_name2 SET $A $B $C $D $E  where id='$id'";


        mysql_query($sqlq);

I noticed that querying multivalue command into a database requires comma such as:

mysql_query("UPDATE $tablename SET collumn1='value', collum2='value' where id='value'");

and now i cant put any comma or "," in any of those codes, making the PHP page unable to send other variable values into the server.

even if i change the coding to this:

$sqlq="UPDATE $tbl_name2 SET $A , $B , $C , $D , $E  where id='$id'";

it'll produce what else but damn errors.

so i would like to ask for help if you know what i'm talking about. i know, it sounds like i've been stressed out by the codings.

ooh, this code too, i forgot to put it for these.


    for ($help_given=1, $help_given++)
    {
    echo "Thanks";
    }

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

葵雨 2024-12-30 18:58:27

尝试用“,”来implode()一个数组，如下所示：

<?php
if(!empty($_POST['brando'])){
    $value[] ="brand = '$brando'";
}

if(!empty($_POST['prnameo'])){
    $value[] ="product_name = '$prnameo'";
}

if(!empty($_POST['prido'])){
    $value[] ="product_id = '$prido'";
}

if(!empty($_POST['prcolo'])){
    $value[] ="color = '$prcolo'";
}

if(!empty($_POST['priceo'])){
    $value[] ="price = '$priceo'";
}

$sqlq="UPDATE $tbl_name2 SET " . implode(",",$value)."  where id='$id'";
mysql_query($sqlq);
?>

然后，你最好使用“mysql_escape_string”或“PDO::prepare”方法来防止SQL注入。

Try to implode() an array with "," ，like this:

<?php
if(!empty($_POST['brando'])){
    $value[] ="brand = '$brando'";
}

if(!empty($_POST['prnameo'])){
    $value[] ="product_name = '$prnameo'";
}

if(!empty($_POST['prido'])){
    $value[] ="product_id = '$prido'";
}

if(!empty($_POST['prcolo'])){
    $value[] ="color = '$prcolo'";
}

if(!empty($_POST['priceo'])){
    $value[] ="price = '$priceo'";
}

$sqlq="UPDATE $tbl_name2 SET " . implode(",",$value)."  where id='$id'";
mysql_query($sqlq);
?>

Then, you'd better to use "mysql_escape_string" or "PDO::prepare" method to prevent SQL injection.

回复收藏 0 原文

幽梦紫曦～ 2024-12-30 18:58:27

    if(isset($_POST['brando']))
    {
        $brando=mysql_escape_string($_POST['brando']);
        $A="brand = ".$brando;
    }
    else
    {
        $A=" ";
    }


    if(isset($_POST['prnameo']))
    {
        $prnameo=mysql_escape_string($_POST['prnameo']);
        $B="product_name = ".$prnameo;
    }
    else
    {
        $B=" ";
    }

    if(isset($_POST['prido']))
    {
        $prido=mysql_escape_string($_POST['prido']);
        $C="product_id = ".$prido;
    }
    else
    {
        $C=" ";
    }

    if(isset($_POST['prcolo']))
    {
        $prcolo=mysql_escape_string($_POST['prcolo']);
        $D="color= ".$prcolo;
    }
    else
    {
        $D=" ";
    }

    if(isset($_POST['priceo']))
    {
        $priceo=mysql_escape_string($_POST['priceo']);
        $E="price = ".$brando;
    }
    else
    {
        $E=" ";
    }

    $tbl_name="mytable";//to set
    $id='primary_key';//to set

    $sqlq="UPDATE $tbl_name SET $A, $B, $C, $D, $E  where id='$id'";

    mysql_query($sqlq);

只需将值放在我注释为 // 的位置即可设置...

    if(isset($_POST['brando']))
    {
        $brando=mysql_escape_string($_POST['brando']);
        $A="brand = ".$brando;
    }
    else
    {
        $A=" ";
    }


    if(isset($_POST['prnameo']))
    {
        $prnameo=mysql_escape_string($_POST['prnameo']);
        $B="product_name = ".$prnameo;
    }
    else
    {
        $B=" ";
    }

    if(isset($_POST['prido']))
    {
        $prido=mysql_escape_string($_POST['prido']);
        $C="product_id = ".$prido;
    }
    else
    {
        $C=" ";
    }

    if(isset($_POST['prcolo']))
    {
        $prcolo=mysql_escape_string($_POST['prcolo']);
        $D="color= ".$prcolo;
    }
    else
    {
        $D=" ";
    }

    if(isset($_POST['priceo']))
    {
        $priceo=mysql_escape_string($_POST['priceo']);
        $E="price = ".$brando;
    }
    else
    {
        $E=" ";
    }

    $tbl_name="mytable";//to set
    $id='primary_key';//to set

    $sqlq="UPDATE $tbl_name SET $A, $B, $C, $D, $E  where id='$id'";

    mysql_query($sqlq);

Just put values where I have commented as //to set...

回复收藏 0 原文

~没有更多了~