Question

大家晚上好，我有一个php中的每个循环只发布一条记录到数据库表。我的html代码如下;

<html>
<input type="hidden" name="username[]" value="<?php echo $userRow['username']; ?>" readonly />
<input type="hidden" name="school[]" value="<?php echo $userRow['school']; ?>" readonly />
<SELECT name='cand_name[]' class='form-control'>
<option></option>
<option>Ahmed MUSA</option>
<option>Ahmed Arinze</option>
<option>NOsa Igiebor</option>
</SELECT>
<SELECT name='cand_name[]' class='form-control'>
<option></option>
<option>Ahmed MUSA</option>
<option>Ahmed Arinze</option>
<option>NOsa Igiebor</option>
</SELECT>
</html>

以下代码;

<?php
include_once 'dbcon.php';

{
$username = $_POST['username'];
    $cand_name = $_POST['cand_name'];
        $school = $_POST['school'];

            for ($i = 0; $i < count($username); $i++) {

        $username = ($username[$i]);
        $cand_name = ($cand_name[$i]);
        $school = ($school[$i]);

        mysqli_query($con, "INSERT INTO parlia (username, cand_name, school) VALUES ('$username', '$cand_name', '$school')");
    } 
}

我检查了其他SO答案，但似乎没有一个对我有用。我已经编辑了它仍然无法正常工作。当我使用输入尝试此代码时，它工作得很好，但不想使用选项

Answer 1

<?php echo $userRow['username']; ?>和<?php echo $userRow['school']; ?>来自哪里？这来自dbase表中的字段..只有登录用户才能访问我正在处理的页面

Answer 2

这段代码对我有用..但是你很容易受到sql注入

<?php
$username = $_POST['username'][0];
    $school = $_POST['school'][0];
        $candname = $_POST['candname'];
            foreach ($_POST['candname'] as $candname) {
     $query = sprintf(
            "INSERT INTO parlia_votes (username, school, candname) VALUES ('%s', '%s', '%s')",
            $username,
            $school,
            $candname
        );
        $con->query($query);
    }
?>

每个循环只发布一条带有

2 个答案: