douyanguo7964 2008-11-16 06:52
浏览 26
已采纳

MySQL,PHP - 表单帮助

Greetings,

I have the following code

          <?       
        include("conn.php");
        $sn=$_GET["sn"];
        $sql="select * from kpi where no='$sn'";

        $result=mysql_query($sql,$connection) or die(mysql_error());
        while($row=mysql_fetch_array($result)) {
            $sn=$row['id'];
            $no=$row['no'];
            $pdetails=$row['pdetails'];
            $kpistatus=$row['kpistatus'];
            $status=$row['status'];
            $cols=$row['cols'];
            $rows=$row['rows'];
        }
    ?>

    <form name="form1" method="post" action="formsubmit.php?mode=addtable">
        <table width="100%" border="1" align="center" cellpadding="2" cellspacing="2">
          <tr>
            <td colspan="2"><strong>Add Table</strong></td>
               </td>
          </tr>
          <tr>
            <td>NO</td>
            <td><input name="no" type="text" id="no" value="<? echo $no; ?>"></td>
          </tr>
          <tr>
            <td>PROJECT DETAILS</td>
            <td><textarea name="pdetails" rows="10" cols="100"><? echo $pdetails; ?></textarea></td>
          </tr>
                        <tr>
            <td>KPISTATUS</td>
            <td>
            <?
            echo "<table border=\"1\" align=\"left\">
";
            $j=0;
            while ($j < $rows) 
            {
            echo "<tr>
";
            $i=0;
            while ($i < $cols) 
            {
            ?>
            <td><input type="text" name="kpistatus" id="kpistatus"></td>
            <?
            $i++;
            }       
            echo "</tr>
";
            $j++;
            }
            echo "</table>
";
            ?>
            </td>
            </tr>
            <tr>
            <td>STATUS</td>
            <td><textarea name="status" rows="10" cols="100"><? echo $status; ?></textarea></td>
          </tr>
          <tr>
            <td colspan="2"><input type="submit" name="Submit" value="ADD TABLE"></td>
          </tr>
        </table>
      </form>

        elseif($mode=="addtable") {
        $no=$_POST["no"];
        $pdetails=$_POST["pdetails"];
        $kpistatus=$_POST["kpistatus"];
        $status=$_POST["status"];
        $sn=$_POST["id"];
        $sql="update kpi set pdetails='$pdetails',kpistatus='$kpistatus',status='$status' where no='$no'";
        //echo $sql;
        $result=mysql_query($sql,$connection) or die(mysql_error());
        //header("location: index.php");
      }
      ?>

Screenshot of the form : http://img395.imageshack.us/my.php?image=1226818203913yi6.png

Users can input how many rows and column they need to insert data. In screenshot my rows is 10 whereas column is 5.

Now the part where i stuck is, how can i make sure, all inputted data in < input type="text" name="kpistatus" id="kpistatus"> get saved in kpistatus mysql table..

Please help me.

Thanks.

  • 写回答

1条回答 默认 最新

  • dougan1465 2008-11-16 07:51
    关注

    If you put square brackets in an input name, php will automatically turn them into an array for you in the post array. Then you can just iterate through that and save them as needed. In your form, you would put

    <input type="text" name="kpistatus[]" id="kpistatus">

    (Note the addition of the two brackets).

    Then, in your form handling code, you would have $_POST['kpistatus'] as an array. You could use PHP's implode function to turn this into a comma-seperated list by doing something like implode(',', $_POST['kpistatus'].

    A quick note:

    In your code, you need to use mysql_real_escape_string on all of your variables before you insert them. Otherwise, a user could enter SQL code into one of the inputs and be able to do whatever they wanted (this is called SQL injection).

    Imagine what would happen if someone had a single-quote in their status string. At best it would cause an error, at worst they could overwrite or erase your data.

    Sorry if this is obvious to you, but I just want to make sure to cover it.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效