我正在尝试在for循环中向数据库插入一些数据,其中包含将参加会议的人员列表,但我需要首先检查他们的可用性以及是否还有可以召开会议的会议室 这是我的代码
<html>
<body>
<?php
//Try using Error Reporting On
error_reporting(E_ALL);
ini_set('diplay_errors', 'on');
$dbhost = "127.0.0.1";
$dbuser = "root";
$dbpass = "";
$dbname = "mss";
$connection = mysql_connect($dbhost, $dbuser, $dbpass, $dbname);
if (mysql_errno()) {
die("Database Connection failed:" . mysql_error() . "(" . mysql_errno() . ")");
}
mysql_select_db('mss');
?>
<?php echo $id = (isset($_POST['id']) ? $_POST['id'] : "hello"); ?> <br>
<?php echo $title = (isset($_POST['title']) ? $_POST['title'] : "hello"); ?> <br>
<?php echo $employee = (isset($_POST['employee']) ? $_POST['employee'] : "hello"); ?> <br>
<?php
$participant = (isset($_POST['participant']) ? $_POST['participant'] : "hello");
$starttime = (isset($_POST['starttime']) ? $_POST['starttime'] : "hello");
$endtime = (isset($_POST['endtime']) ? $_POST['endtime'] : "hello");
$day = (isset($_POST['day']) ? $_POST['day'] : "hello");
$room = (isset($_POST['room']) ? $_POST['room'] : "hello");
$Lines = explode("\n", $participant);
foreach ($Lines as $line)
{
echo $line;
$q1 = "select Availability from E_schedule where Employee_name='$line' and StartTime='$starttime' and Day='$day'";
$q2 = "SELECT Availability from room_schedule WHERE r_name = '$room' AND StartTime='$starttime' and Day='$day'";
$result = mysql_query($q1, $connection);
$result1 = mysql_query($q2, $connection);
if ($result == FALSE)
{
die(mysql_error());
}
if ($result1 == FALSE)
{
die(mysql_error());
}
$info = mysql_fetch_array($result);
if ($info['Availability'] == 1) {
echo ("You can't make a meeting at that time, Please Select another Day or time");
break;
}
$info1 = mysql_fetch_array($result1);
if ($info1['Availability'] == 1) {
echo ("You can't make a meeting at that Room, Please Select another Room");
break;
}
else
{
$insert_meeting="insert into E_schedule (Employee_name, StartTime, EndTime, Day, Availability, Activity_Name) values ('$line', '$starttime ', '$endtime', '$day', '1', '$title')";
$insert_result = mysql_query($insert_meeting, $connection );
if($insert_result == FALSE)
{
die(mysql_error());
}
$meeting="insert into meeting (Title, StartTime, EndTime, Day, Participant, Room) values ('$title', '$starttime ', '$endtime', '$day', '$participant','$room')";
$meeting_result = mysql_query($meeting, $connection );
if($meeting_result == FALSE)
{
die(mysql_error());
}
$insert_room="insert into room_schedule (r_name,M_Title, StartTime, EndTime, Day, Availability) values ('$room','$title','$starttime ', '$endtime', '$day', '1')";
$insert_result1 = mysql_query($insert_room, $connection );
if($insert_result1 == FALSE)
{
die(mysql_error());
}
echo ("The Meeting has been Created Successfully");
}
}
?>
<br><?php echo $day = (isset($_POST['day']) ? $_POST['day'] : "hello"); ?> <br>
<?php echo $starttime = (isset($_POST['starttime']) ? $_POST['starttime'] : "hello"); ?><br>
<?php echo $endtime = (isset($_POST['endtime']) ? $_POST['endtime'] : "hello"); ?><br>
<?php echo $room = (isset($_POST['room']) ? $_POST['room'] : "hello"); ?> <br>
</body>
</html>
问题是,在创建会议时,它不会插入只输入一个参与者的所有参与者 提前谢谢
答案 0 :(得分:1)
我将从PSA开始:您需要清理您的输入。您提供的代码非常vulnerable to SQL injection。
至于你的具体问题: 您正在循环访问参与者,但是您在循环的每次迭代期间使用此行更改房间的可用性:
$insert_room="insert into room_schedule (r_name,M_Title, StartTime, EndTime, Day, Availability) values ('$room','$title','$starttime ', '$endtime', '$day', '1')";
因此,在第一个参与者之后,会考虑房间&#34;预订&#34;并且你无法增加更多的参与者。
简单的修复?将检查房间可用性($q2 = "SELECT Availability ...和公司)的代码块移动到for循环之外。
更好的解决方法?我考虑将其中的所有不同组件分解为特定功能。一个功能,用于检查参与者是否可用。一个检查房间是否可用。一个是将所有参与者添加到会议中。等等。所以你的脚本将以这种方式流动:
Check if the room is available
|
|- Room is not available. Exit and tell user.
`- Room is available. Now check if all participants are available.
|
|- One or more participants aren't available. Exit and tell user.
`- All participants are available. Create the meeting
|
|- Failed to create meeting. Exit with error.
`- Meeting created successfully with room.
|
`- Now you Loop through participants and add them to the meeting.
将其分解为函数将使调试,阅读和组织变得更加容易。如果你想真正走下兔子洞,你应该写一个班来组织每次会议以及相关的属性和方法。