从 html 到 MYSQL 的几个名字

Question

我正在做一个基本的 HTML 表单来询问人们：姓名、姓氏和喜欢的歌曲，我让它为 1 个人工作，但我希望人们可以同时输入几个人，例如 4 个人。

这是我的工作 HTML：

<form action='guarda.php' method='post' class="form-inline">
					
					
						<div class="col-md-4 col-sm-4">
							<div class="form-group">
								<label for="name" class="sr-only">Name</label>
								<input type="text" name="name" class="form-control" id="name" placeholder="Name" required>
							</div>
						</div>
						
						<div class="col-md-4 col-sm-4">
							<div class="form-group">
								<label for="surname" class="sr-only">Surname</label>
								<input type="text" name="surname" class="form-control" id="surname" placeholder="Surname" required>
							</div>
						</div>
					
						<div class="col-md-4 col-sm-4">
							<div class="form-group">
								<label for="song" class="sr-only">Fav Song</label>
								<input type="text" name="cancion[]" class="form-control" id="name" placeholder="Your fav Song">
							</div>
						</div>
					
					<center>
							<input type="submit" class="btn btn-default btn-block" value="Send" >
						</center>
					
					
					
					</form>

这是我的 PHP 文件：

<?php
/* Attempt MySQL server connection. Assuming you are running MySQL
server with default setting (user 'root' with no password) */
$link = mysqli_connect("localhost", "root", "", "database");
 
// Check connection
if($link === false){
    die("ERROR: Could not connect. " . mysqli_connect_error());
}
 
// Escape user inputs for security
$name = mysqli_real_escape_string($link, $_REQUEST['name']);
$surname = mysqli_real_escape_string($link, $_REQUEST['surname']);
$song = mysqli_real_escape_string($link, $_REQUEST['song']);
 
// attempt insert query execution
$sql = "INSERT INTO table (name, surname, song) VALUES ('$name', '$surname', '$song')";
if(mysqli_query($link, $sql)){
    echo "Records added successfully.";
} else{
    echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
 
// close connection
mysqli_close($link);
?>

现在我希望能够同时输入 4 个人，比如：

1. 姓名、姓氏、宋
2. 姓名、姓氏、宋
3. 姓名、姓氏、宋
4. 姓名、姓氏、宋

并将所有信息同时输入到数据库中。

我该怎么做？

谢谢

Answer 1

HTML 支持数组表示法。您应该使用像 people 这样的数组名称，并使用输入名称作为索引。例如：

$persons = $_POST[persons];
foreach ($persons as $person)
{
    $person[surname] <-- you read it like an array and do stuff you need
}

但是您应该使用准备好的语句，它更安全且正确。见Prepared statements

Answer 2

将您的代码包装在一个函数中，以便您可以多次调用它并提供不同的参数

例如

function insert_query($name, $surname, $song) {

// Escape user inputs for security

$name = mysqli_real_escape_string($link, $_REQUEST['name']);

$surname = mysqli_real_escape_string($link, $_REQUEST['surname']);

$song = mysqli_real_escape_string($link, $_REQUEST['song']);

// attempt insert query execution

$sql = "INSERT INTO table (name, surname, song) VALUES ('$name', '$surname', '$song')";

    if(mysqli_query($link, $sql)){    
        echo "Records added successfully.";
    } else{
        echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);    
    }

}

现在您可以多次调用function insert_query($name, $surname, $song) 并传入所需的参数。

Answer 3

如上所述，您确实应该使用准备好的语句：

// Create connection
$db = new mysqli('localhost', 'root', '', 'database');

// Check connection
if ($db->connect_error) {
    die("Connection failed: " . $db->connect_error);
}

// Define post variables
$name = $_REQUEST['name'];
$surname = $_REQUEST['surname'];
$songs = $_REQUEST['cancion']; // This is an array, and you have both languages here (you have the label as song and the variable as cancion)

// Do some validation here
// Some validation

// Prepare SQL
$stmt = $db->prepare("INSERT INTO table (name, surname, song) VALUES (?, ?, ?)");

// Loop through songs (since first and last name aren't arrays)
foreach ($songs as $song) { // Part of the above validation should make sure this is an array
    // Bind the parameters
    $stmt->bind_param("sss", $name, $lastname, $song);
    // Execute the query for these values
    $stmt->execute();
}

$stmt->close();
$db->close();

您肯定希望确保验证是彻底的，但这是 MySQLi 中参数绑定的基础，但我个人更喜欢 PDO。

一般的想法是您的名字和姓氏保持一致，并且歌曲/cancions 是多选的。在更好的数据库设计中，这可能会被拆分为Person 表和Songs 表以维护normal form，但这超出了本问题的范围。

PHP PDO and MySQLi