我的目标是将一个html表单中的多个选定选项作为php查询中的变量发布。我认为将select标签id设置为使用括号的数组应允许多个选择通过,但我担心的是它们的格式不是查询将数据识别为数组。当前结果仅显示帖子中最后一个选定选项的响应。
以下是表单中的select标签(请注意,它是由单独的查询填充的,也许有人可以说明如何在此处将格式添加到菜单变量中......应该格式化为这样......'COMM_0001% ','COMM_0002%',等等:
<select multiple name="userMedia" class="form-control" id="userMedia[]"
style="height:350px;">
<?php
$conn = pg_connect("database login data deleted");
if (!$conn) {
echo "Did not connect.\n";
exit;
}
$sql = "SELECT medias.name FROM public.medias where medias.startdate > '2015-01-01'";
$rs = pg_query($conn, $sql);
if (pg_num_rows($rs) > 0) {
// output data of each row
while($row = pg_fetch_assoc($rs)) {
$menu .= "<option value=".$row['name'].">" . $row['name']. "</option>";
}
}
echo $menu;
pg_close($conn);
?>
</select>
以下是此数据发布到...的查询
$datea= $_POST["userDatea"];
$media= $_POST['userMedia'];
$datez= $_POST["userDatez"];
if( !empty($_SERVER['REQUEST_METHOD']) &&
(strcasecmp($_SERVER['REQUEST_METHOD'], 'post')===0) ) {
// Create connection
$conn = pg_connect("Connect Info Deleted");
// Check connection
if (!$conn) {
echo "Did not connect.\n";
exit;
}
$result = pg_query($conn,
"SELECT
date (b.starttime),
Count(b.starttime) as Plays,
Count(distinct(b.playerid)) as Stores
FROM
public.billing b,
public.medias m,
public.players p
WHERE
b.mediaitemid = m.id and
p.id = b.playerid and
m.name LIKE any (array['$media%']) and
b.starttime >= date('$datea') and
b.starttime < date('$datez')+1 and
m.startdate > '2015-01-01'
GROUP BY
date (b.starttime)
ORDER BY
date (b.starttime);");
if (!$result) {
echo "Query failed.\n";
exit;
}
答案 0 :(得分:2)
$media是一个数组。您不能将数组直接替换为字符串(它只是将单词Array放在那里)。您应该使用implode()将其转换为以逗号分隔的列表。您还需要在每个名称周围加上引号,并将其转义以防止SQL注入。
$media_names = implode(',', array_map(function($n) use ($conn) {
return "'" . pg_escape_string($conn, $n) . "'";
}, $media);
然后,您可以将media_names替换为$media而不是httplib。