duanliu6083 2015-06-23 19:39
浏览 51

创建变量变量的函数不起作用

I'm trying to use a function to make all my variables for an SQL statement im making in order to reduce code length. Unfortunately, this isn't working at all.

The result I get is that $sql ends up with the value -45. I'm not sure what I'm doing wrong, but I believe there is an issue with the declaration of variables. However, the echo statement that you can see inside the function prints the variables exactly how they are supposed to be printed. Maybe I need to return something?

/*
/ Get Variables
*/
function get($fname,$disp)
{
    $NAME = $fname;
    $$NAME = $_GET[$NAME];
    echo $disp . ' : <font color="00ff00">' . $$NAME . '</font><br>';
}

get("User-ID","User-ID");
get("toon","Name");
get("C_Select","Class");
get("P-Level","P-Level");
get("Sex","Gender");
get("Race","Race");
get("P-Gs","Gearscore");
get("Str-Input","Strength");
get("Int-Input","Intelligence");
get("Con-Input","Constitution");
get("Wis-Input","Wisdom");
get("Dex-Input","Dexterity");
get("Chr-Input","Charisma");
get("HP","Health");
get("AC","Armor Class");
get("Power-S","Power");
get("Def","Defense");
get("Prof-1","Alchemy");
get("Prof-2","Artificing");
get("Prof-3","Jewelcrafting");
get("Prof-4","Leadership");
get("Prof-5","Leatherworking");
get("Prof-6","Medium Armoring");
get("Prof-7","Heavy Armoring");
get("Prof-8","Tailoring");
get("Prof-9","Weaponsmithing");
get("Crit","Critical Strike Rating");
get("Recov","Recovery");
get("AP","Armor Penetration");
get("Regen","Regeneration");
get("HS","Life Steal");
get("Defl","Deflection");
get("Move","Movement");


$sql = 'INSERT INTO def_nwgr_chars (user_id,name,race,level,sex,str,con,dex,int,wis,char,hit_points,ac,power,defense,crit,recovery,ap,regen,life_steal,deflection,movement,alchemy,artificing,jewelcrafting,leadership,leatherworking,mailsmithing,platesmithing,tailoring,weaponsmithing) VALUES (' . $User-ID . ',' . $toon . ',' . $Race . ',' . $P-Level . ',' . $Sex . ',' . $Str-Input . ',' . $Con-Input . ',' . $Dex-Input . ',' . $Int-Input . ',' . $Wis-Input . ',' . $Chr-Input . ',' . $HP . ',' . $AC . ',' . $Power-S . ',' . $Def . ',' . $Crit . ',' . $Recov . ',' . $AP . ',' . $Regen . ',' . $HS . ',' . $Defl . ',' . $Move . ',' . $Prof-1 . ',' . $Prof-2 . ',' . $Prof-3 . ',' . $Prof-4 . ',' . $Prof-5 . ',' . $Prof-6 . ',' . $Prof-7 . ',' . $Prof-8 . ',' . $Prof-9 . ');';
  • 写回答

1条回答 默认 最新

  • dpq755012465 2015-06-23 19:48
    关注

    From what I gather, there are a few issues:

    First of all, the variables that you make with $$NAME are only in scope for the length of the function, so you cannot reference them outside of it without somehow returning them.

    Second, you are trying to use variable names with operators in them. Namely, the "-" sign. This (to my best knowledge) is invalid.

    Third, you should not be putting variables directly into your SQL without in some way ensuring that someone cannot arbitrarily insert data into them.

    Lastly, do not use $$ whenever possible. It is very hard to debug, and can cause some sneaky errors and programming mistakes.

    评论

报告相同问题?

悬赏问题

  • ¥15 c语言怎么用printf(“\b \b”)与getch()实现黑框里写入与删除?
  • ¥20 怎么用dlib库的算法识别小麦病虫害
  • ¥15 华为ensp模拟器中S5700交换机在配置过程中老是反复重启
  • ¥15 java写代码遇到问题,求帮助
  • ¥15 uniapp uview http 如何实现统一的请求异常信息提示?
  • ¥15 有了解d3和topogram.js库的吗?有偿请教
  • ¥100 任意维数的K均值聚类
  • ¥15 stamps做sbas-insar,时序沉降图怎么画
  • ¥15 买了个传感器,根据商家发的代码和步骤使用但是代码报错了不会改,有没有人可以看看
  • ¥15 关于#Java#的问题,如何解决?