在一个查询中将多行唯一信息提交到MySQL数据库中

时间:2012-06-09 18:51:57

标签: php mysql html

我一直在扫描其他类似的问题,但我没有运气。

以下是我现有的网页:http://excelwrestling.com/dual.php

您将在网页上看到表格底部的三行相同,但每行都有唯一的信息。我试图让用户选择每个框,然后当他们点击提交时,它会将所有信息发送到数据库,每行都是唯一的。

Here a sample of my html:

    <select name="Weight">

<option value="Weight">Weight:</option>
    <option value="100">100</option>
        <option value="105">105</option>
        <option value="115">115</option>
        <option value="125">125</option>
        <option value="135">135</option>
        <option value="145">145</option>
        <option value="152">152</option>
        <option value="160">160</option>
        <option value="175">175</option>
        <option value="195">195</option>
        <option value="HWT">HWT</option>
        </select>
</select>

Here is the action file:

// Get values from form 
$Pool=$_POST['Pool'];
$Round=$_POST['Round'];
$Team_1=$_POST['Team_1'];
$Team_2=$_POST['Team_2'];
$Mat=$_POST['Mat'];
$Name_1=$_POST['Name_1'];
$Name_2=$_POST['Name_2'];
$Score=$_POST['Score'];
$Winner=$_POST['Winner'];
$Finished=$_POST['Finished'];


// Insert data into mysql 
$sql="INSERT INTO $tbl_name(Pool, Round, Team_1, Team_2, Mat, Weight, Name_1, Name_2, Score, Winner, Finished)

VALUES('$Pool','$Round','$Team_1','$Team_2','$Mat','$Weight','$Name_1','$Name_2','$Score','$Winner','$Finished')"

. implode ('$Pool','$Round','$Team_1','$Team_2','$Mat','$Weight','$Name_1','$Name_2','$Score','$Winner','$Finished',$query_row);

3 个答案:

答案 0 :(得分:0)

不要尝试一次插入所有记录只是尝试使用foreach语句一次使用循环或一条记录插入记录。

然后这将解决您的问题。

答案 1 :(得分:0)

首先,您需要为表单元素创建唯一的名称,以便提交多个值。 e.g:

<option value="Weight_1">Weight:</option>
...
<option value="Weight_2">Weight:</option>
...
<option value="Weight_3">Weight:</option>

在“action”文件中,您需要引用这些新变量(并且您应该在插入表格之前清理用户发布的数据,如technoTarek所说):

$Weight_1=mysql_real_escape_string($_POST['Weight_1']);
$Weight_2=mysql_real_escape_string($_POST['Weight_2']);
$Weight_3=mysql_real_escape_string($_POST['Weight_3']);
...

然后,要在同一个表中执行多次插入,您只需使用逗号分隔记录:

$sql="INSERT INTO $tbl_name
(Pool, Round, Team_1, Team_2, Mat, Weight, Name_1, Name_2, Score, Winner, Finished)
VALUES
('$Pool','$Round','$Team_1','$Team_2','$Mat','$Weight_1','$Name_1_1','$Name_2_1','$Score_1','$Winner_1','$Finished_1'),
('$Pool','$Round','$Team_1','$Team_2','$Mat','$Weight_2','$Name_1_2','$Name_2_2','$Score_2','$Winner_2','$Finished_2'),
('$Pool','$Round','$Team_1','$Team_2','$Mat','$Weight_3','$Name_1_3','$Name_2_3','$Score_3','$Winner_3','$Finished_3');"

答案 2 :(得分:0)

我一般都支持@mmxxiii提供的答案......但它应该包含一个非常重要的步骤。在插入数据库之前,您应始终确保数据安全,即使您是输入数据的数据。

通过对字符串值使用mysql_real_escape_string()或强制进行类型转换(例如,强制整数值为整数)来对数据进行SANITIZE。

// Get values from form 
$Pool=mysql_real_escape_string($_POST['Pool']);
$Round=(int)$_POST['Round'];
$Team_1=(int)$_POST['Team_1'];
$Team_2=(int)$_POST['Team_2'];
$Mat=(int)$_POST['Mat'];
$Name_1=mysql_real_escape_string($_POST['Name_1']);
$Name_2=mysql_real_escape_string($_POST['Name_2']);
$Score=mysql_real_escape_string($_POST['Score']);
$Winner=mysql_real_escape_string($_POST['Winner']);
$Finished=mysql_real_escape_string($_POST['Finished']);