duanliu6083 2015-06-23 19:39
浏览 51

创建变量变量的函数不起作用

I'm trying to use a function to make all my variables for an SQL statement im making in order to reduce code length. Unfortunately, this isn't working at all.

The result I get is that $sql ends up with the value -45. I'm not sure what I'm doing wrong, but I believe there is an issue with the declaration of variables. However, the echo statement that you can see inside the function prints the variables exactly how they are supposed to be printed. Maybe I need to return something?

/*
/ Get Variables
*/
function get($fname,$disp)
{
    $NAME = $fname;
    $$NAME = $_GET[$NAME];
    echo $disp . ' : <font color="00ff00">' . $$NAME . '</font><br>';
}

get("User-ID","User-ID");
get("toon","Name");
get("C_Select","Class");
get("P-Level","P-Level");
get("Sex","Gender");
get("Race","Race");
get("P-Gs","Gearscore");
get("Str-Input","Strength");
get("Int-Input","Intelligence");
get("Con-Input","Constitution");
get("Wis-Input","Wisdom");
get("Dex-Input","Dexterity");
get("Chr-Input","Charisma");
get("HP","Health");
get("AC","Armor Class");
get("Power-S","Power");
get("Def","Defense");
get("Prof-1","Alchemy");
get("Prof-2","Artificing");
get("Prof-3","Jewelcrafting");
get("Prof-4","Leadership");
get("Prof-5","Leatherworking");
get("Prof-6","Medium Armoring");
get("Prof-7","Heavy Armoring");
get("Prof-8","Tailoring");
get("Prof-9","Weaponsmithing");
get("Crit","Critical Strike Rating");
get("Recov","Recovery");
get("AP","Armor Penetration");
get("Regen","Regeneration");
get("HS","Life Steal");
get("Defl","Deflection");
get("Move","Movement");


$sql = 'INSERT INTO def_nwgr_chars (user_id,name,race,level,sex,str,con,dex,int,wis,char,hit_points,ac,power,defense,crit,recovery,ap,regen,life_steal,deflection,movement,alchemy,artificing,jewelcrafting,leadership,leatherworking,mailsmithing,platesmithing,tailoring,weaponsmithing) VALUES (' . $User-ID . ',' . $toon . ',' . $Race . ',' . $P-Level . ',' . $Sex . ',' . $Str-Input . ',' . $Con-Input . ',' . $Dex-Input . ',' . $Int-Input . ',' . $Wis-Input . ',' . $Chr-Input . ',' . $HP . ',' . $AC . ',' . $Power-S . ',' . $Def . ',' . $Crit . ',' . $Recov . ',' . $AP . ',' . $Regen . ',' . $HS . ',' . $Defl . ',' . $Move . ',' . $Prof-1 . ',' . $Prof-2 . ',' . $Prof-3 . ',' . $Prof-4 . ',' . $Prof-5 . ',' . $Prof-6 . ',' . $Prof-7 . ',' . $Prof-8 . ',' . $Prof-9 . ');';
  • 写回答

1条回答 默认 最新

  • dpq755012465 2015-06-23 19:48
    关注

    From what I gather, there are a few issues:

    First of all, the variables that you make with $$NAME are only in scope for the length of the function, so you cannot reference them outside of it without somehow returning them.

    Second, you are trying to use variable names with operators in them. Namely, the "-" sign. This (to my best knowledge) is invalid.

    Third, you should not be putting variables directly into your SQL without in some way ensuring that someone cannot arbitrarily insert data into them.

    Lastly, do not use $$ whenever possible. It is very hard to debug, and can cause some sneaky errors and programming mistakes.

    评论

报告相同问题?

悬赏问题

  • ¥15 fluent的在模拟压强时使用希望得到一些建议
  • ¥15 STM32驱动继电器
  • ¥15 Windows server update services
  • ¥15 关于#c语言#的问题:我现在在做一个墨水屏设计,2.9英寸的小屏怎么换4.2英寸大屏
  • ¥15 模糊pid与pid仿真结果几乎一样
  • ¥15 java的GUI的运用
  • ¥15 Web.config连不上数据库
  • ¥15 我想付费需要AKM公司DSP开发资料及相关开发。
  • ¥15 怎么配置广告联盟瀑布流
  • ¥15 Rstudio 保存代码闪退