dongpengyu1363 2010-03-28 12:32
浏览 30
已采纳

使用PHP表单将外键数据插入表时出现问题

I am newbee with PHP and MySQL and need help...

I have two tables (Staff and Position) in the database. The Staff table (StaffId, Name, PositionID (fk)). The Position table is populated with different positions (Manager, Supervisor, and so on). The two tables are linked with a PositionID foreign key in the Staff table. I have a staff registration form with textfields asking for the relevant attributes and a dynamically populated drop down list to choose the position. I need to insert the user's entry into the staff table along with the selected position. However, when inserting the data, I get the following error (Cannot add or update a child row: a foreign key constraint fails). How do I insert the position selected by the user into the staff table?
Here is some of my code...

...
echo "<tr>";
echo "<td>";
echo "*Position:"; 
echo "</td>";
echo "<td>";

//dynamically populate the staff position drop down list from the position table
$position="SELECT PositionId, PositionName
            FROM Position
            ORDER BY PositionId";
$exeposition = mysql_query ($position) or die (mysql_error());
echo "<select name=position value=''>Select Position</option>";
while($positionarray=mysql_fetch_array($exeposition))
{
echo "<option value=$positionarray[PositionId]>$positionarray[PositionName]</option>";
}
echo "</select>";   
echo "</td>";
echo "</tr>"

//the form is processed with the code below

$FirstName = $_POST['firstname'];
$LastName = $_POST['lastname'];
$Address = $_POST['address'];
$City = $_POST['city'];
$PostCode = $_POST['postcode'];
$Country = $_POST['country'];
$Email = $_POST['email'];
$Password = $_POST['password'];
$ConfirmPass = $_POST['confirmpass'];
$Mobile = $_POST['mobile'];
$NI = $_POST['nationalinsurance'];
$PositionId = $_POST[$positionarray['PositionId']];

//format the dob for the database
$dobpart = explode("/", $_POST['dob']);
$formatdob = $dobpart[2]."-".$dobpart[1]."-".$dobpart[0];
$DOB = date("Y-m-d", strtotime($formatdob));

$newReg = "INSERT INTO Staff (FirstName, LastName, Address, City, PostCode,     
Country, Email, Password, Mobile, DOB, NI, PositionId) VALUES ('".$FirstName."', 
'".$LastName."', '".$Address."', '".$City."', '".$PostCode."', '".$Country."',  
'".$Email."', '".$Password."', ".$Mobile.", '".$DOB."', '".$NI."', '".$PostionId."')";

Your time and help is surely appreciated.

  • 写回答

2条回答 默认 最新

  • douyanjing0822 2010-03-28 12:38
    关注

    In your insert SQL query, you are using this :

    , '".$PostionId."')"

    While, a few lines before, you are declaring :

    $PositionId = $_POST[$positionarray['PositionId']];

    The variable used in the insert query is not the same as the one containing the data : it lacks a i -- which, I suppose, is bad.


    If this not enough to solve your problem, echoing your SQL query before executing it might help you figure out what is wrong in it.

    This kind of error, about foreign keys, is generally caused by inserting a wrong id -- that doesn't have a corresponding row in the referenced table.


    Aside from that, your code is vulnerable to SQL injections : you should escape and filter your data.

    For string values, you can use mysql_real_escape_string :

    $FirstName = mysql_real_escape_string($_POST['firstname']);

    For integer values, you can make sure you are injecting integers in the SQL query, using, for instance, intval :

    $data = intval($_POST['data']);

    (Not sure you have an integer value here, so I just took 'data' as an example)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 vscode的问题提问
  • ¥50 切换TabTip键盘的输入法
  • ¥15 可否在不同线程中调用封装数据库操作的类
  • ¥15 微带串馈天线阵列每个阵元宽度计算
  • ¥15 keil的map文件中Image component sizes各项意思
  • ¥20 求个正点原子stm32f407开发版的贪吃蛇游戏
  • ¥15 划分vlan后,链路不通了?
  • ¥20 求各位懂行的人,注册表能不能看到usb使用得具体信息,干了什么,传输了什么数据
  • ¥15 Vue3 大型图片数据拖动排序
  • ¥15 Centos / PETGEM