douyanguo7964 2008-11-16 06:52
浏览 26
已采纳

MySQL,PHP - 表单帮助

Greetings,

I have the following code

          <?       
        include("conn.php");
        $sn=$_GET["sn"];
        $sql="select * from kpi where no='$sn'";

        $result=mysql_query($sql,$connection) or die(mysql_error());
        while($row=mysql_fetch_array($result)) {
            $sn=$row['id'];
            $no=$row['no'];
            $pdetails=$row['pdetails'];
            $kpistatus=$row['kpistatus'];
            $status=$row['status'];
            $cols=$row['cols'];
            $rows=$row['rows'];
        }
    ?>

    <form name="form1" method="post" action="formsubmit.php?mode=addtable">
        <table width="100%" border="1" align="center" cellpadding="2" cellspacing="2">
          <tr>
            <td colspan="2"><strong>Add Table</strong></td>
               </td>
          </tr>
          <tr>
            <td>NO</td>
            <td><input name="no" type="text" id="no" value="<? echo $no; ?>"></td>
          </tr>
          <tr>
            <td>PROJECT DETAILS</td>
            <td><textarea name="pdetails" rows="10" cols="100"><? echo $pdetails; ?></textarea></td>
          </tr>
                        <tr>
            <td>KPISTATUS</td>
            <td>
            <?
            echo "<table border=\"1\" align=\"left\">
";
            $j=0;
            while ($j < $rows) 
            {
            echo "<tr>
";
            $i=0;
            while ($i < $cols) 
            {
            ?>
            <td><input type="text" name="kpistatus" id="kpistatus"></td>
            <?
            $i++;
            }       
            echo "</tr>
";
            $j++;
            }
            echo "</table>
";
            ?>
            </td>
            </tr>
            <tr>
            <td>STATUS</td>
            <td><textarea name="status" rows="10" cols="100"><? echo $status; ?></textarea></td>
          </tr>
          <tr>
            <td colspan="2"><input type="submit" name="Submit" value="ADD TABLE"></td>
          </tr>
        </table>
      </form>

        elseif($mode=="addtable") {
        $no=$_POST["no"];
        $pdetails=$_POST["pdetails"];
        $kpistatus=$_POST["kpistatus"];
        $status=$_POST["status"];
        $sn=$_POST["id"];
        $sql="update kpi set pdetails='$pdetails',kpistatus='$kpistatus',status='$status' where no='$no'";
        //echo $sql;
        $result=mysql_query($sql,$connection) or die(mysql_error());
        //header("location: index.php");
      }
      ?>

Screenshot of the form : http://img395.imageshack.us/my.php?image=1226818203913yi6.png

Users can input how many rows and column they need to insert data. In screenshot my rows is 10 whereas column is 5.

Now the part where i stuck is, how can i make sure, all inputted data in < input type="text" name="kpistatus" id="kpistatus"> get saved in kpistatus mysql table..

Please help me.

Thanks.

  • 写回答

1条回答 默认 最新

  • dougan1465 2008-11-16 07:51
    关注

    If you put square brackets in an input name, php will automatically turn them into an array for you in the post array. Then you can just iterate through that and save them as needed. In your form, you would put

    <input type="text" name="kpistatus[]" id="kpistatus">

    (Note the addition of the two brackets).

    Then, in your form handling code, you would have $_POST['kpistatus'] as an array. You could use PHP's implode function to turn this into a comma-seperated list by doing something like implode(',', $_POST['kpistatus'].

    A quick note:

    In your code, you need to use mysql_real_escape_string on all of your variables before you insert them. Otherwise, a user could enter SQL code into one of the inputs and be able to do whatever they wanted (this is called SQL injection).

    Imagine what would happen if someone had a single-quote in their status string. At best it would cause an error, at worst they could overwrite or erase your data.

    Sorry if this is obvious to you, but I just want to make sure to cover it.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 在获取boss直聘的聊天的时候只能获取到前40条聊天数据
  • ¥20 关于URL获取的参数,无法执行二选一查询
  • ¥15 液位控制,当液位超过高限时常开触点59闭合,直到液位低于低限时,断开
  • ¥15 marlin编译错误,如何解决?
  • ¥15 有偿四位数,节约算法和扫描算法
  • ¥15 VUE项目怎么运行,系统打不开
  • ¥50 pointpillars等目标检测算法怎么融合注意力机制
  • ¥20 Vs code Mac系统 PHP Debug调试环境配置
  • ¥60 大一项目课,微信小程序
  • ¥15 求视频摘要youtube和ovp数据集