【发布时间】:2020-08-05 07:56:49
【问题描述】:
情景
我有一张计分卡,它是从 MTSQL 中的另一个表填充的,其中包含未知数量的玩家。每周需要对球员进行评分,并且这些分数需要输入到 mySQL。
为 Mysql 表调用成员创建的动态 html 表。
<form method="post" action="scores-add" id="member-add-form" enctype="multipart/form-data">
<div class="table-responsive">
<table id="data-table-1" class="table table-striped table-bordered">
<thead>
<tr>
<th class="align-middle">Name</th>
<th class="align-middle">Team</th>
<th class="align-middle">Week</th>
<th class="align-middle">Score 1</th>
<th class="align-middle">Score 2</th>
<th class="align-middle">Score 3</th>
<th class="align-middle">Score 4</th>
<th class="align-middle">Score 5</th>
<th class="align-middle">Score 6</th>
<th class="align-middle">Score 7</th>
<th class="align-middle">Score 8</th>
</tr>
</thead>
<tbody>
<?php
$sql = "SELECT * FROM member ORDER BY member_name ASC";
$result = mysqli_query($db,$sql) or die("Database access failed: " . mysqli_error());
while ($team = mysqli_fetch_assoc($result)) {
?>
<tr >
<td class="align-middle"><input type="text" name="scoring_1" value="<?php echo $team["member_name"]; ?>" readonly hidden> <?php echo $team["member_name"]; ?></td>
<td class="align-middle"><input type="text" name="scoring_2" value="<?php echo $team["member_team"]; ?>" readonly hidden> <?php echo $team["member_team"]; ?></td>
<td class="align-middle"><input type="text" name="scoring_3" value="" readonly hidden> </td>
<td class="align-middle"><input type="checkbox" name="scoring_4" value="5"></td>
<td class="align-middle"><input type="checkbox" name="scoring_5" value="10"></td>
<td class="align-middle"><input type="checkbox" name="scoring_6" value="5"></td>
<td class="align-middle"><input type="checkbox" name="scoring_7" value="5"></td>
<td class="align-middle"><input type="checkbox" name="scoring_8" value="5"></td>
<td class="align-middle"><input type="checkbox" name="scoring_9" value="5"></td>
<td class="align-middle"><input type="checkbox" name="scoring_10" value="20"></td>
<td class="align-middle"><input type="checkbox" name="scoring_11" value="50"></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<div class="form-row mb-3">
<button type="submit" class="btn btn-primary btn-block" name="score_add_btn">Add Score</button>
</div>
</form>
将表添加到 SQL 的函数
/ call the team_edit() function if team_edit_btn is clicked
if (isset($_POST['score_add_btn'])) {
score_add();
}
// LOGIN USER
function score_add(){
global $db, $errors, $member_id, $member_name_edit, $member_team_edit, $members_view_url;
// grap form values
$scoring_1 = $_POST['scoring_1'];
$scoring_2 = $_POST['scoring_2'];
$scoring_3 = $_POST['scoring_3'];
$scoring_4 = $_POST['scoring_4'];
$scoring_5 = $_POST['scoring_5'];
$scoring_6 = $_POST['scoring_6'];
$scoring_7 = $_POST['scoring_7'];
$scoring_8 = $_POST['scoring_8'];
$scoring_9 = $_POST['scoring_9'];
$scoring_10 = $_POST['scoring_10'];
$scoring_11 = $_POST['scoring_11'];
// make sure form is filled properly
if (empty($scoring_1)) {
array_push($errors, "Name is required");
}
if (count($errors) == 0) {
$query = "INSERT INTO scoring (scoring_1, scoring_2, scoring_3, scoring_4, scoring_5, scoring_6, scoring_7, scoring_8, scoring_9, scoring_10, scoring_11 )
VALUES ('$scoring_1', '$scoring_2', '$scoring_3', '$scoring_4', '$scoring_5', '$scoring_6', '$scoring_7', '$scoring_8', '$scoring_9', '$scoring_10', '$scoring_11')";
mysqli_query($db, $query);
$_SESSION['success'] = "<h4>Done</h4>";
header("location: $leaderboard_menmber_url");
}else {
$_SESSION['failure'] = "Error updating record: " . $db->error;
header("location: $leaderboard_menmber_url");
}
$db->close();
}
问题
该函数只将动态html表的最后一行添加到数据库中。
期望的结果。
动态 HTML 表中的每个条目都需要作为自己的条目添加到 MySQL。
【问题讨论】:
-
你有一个错误。
mysqli_error()需要一个参数。请考虑打开错误模式。 How to get the error message in MySQLi? -
警告:您对SQL Injections 持开放态度,应该使用参数化的prepared statements,而不是手动构建查询。它们由PDO 或MySQLi 提供。永远不要相信任何形式的输入!即使您的查询仅由受信任的用户执行,you are still in risk of corrupting your data。 Escaping is not enough!
标签: php mysql sql-insert