在我的代码中,我试图使代码在数据库中的两个表之间切换,具体取决于用户从下拉列表中选择的内容。如果用户选择“学生”,那就绝对没问题,并且可以毫无问题地从CSV上传数据。如果用户选择“Staff”它不起作用,但在仔细检查数据库和变量中的名称,尝试不同的CSV文件,并重新编写代码后,我真的想不起为什么。这是我的代码:
<?php
if(ISSET($_POST['submit'])) {
$hostname = "localhost";
$db_username = "root";
$db_password = "";
$database = "project_cherrypicker";
$db_connection = mysqli_connect($hostname, $db_username, $db_password) or die ("Unable to connect to database." . mysqli_error($db_connection));
mysqli_select_db($db_connection, $database) or die ("Unable to connect to database." . mysqli_error($db_connection));
$db_choice = $_POST['database_choice'];
$file = $_FILES['file']['tmp_name'];
$handle = fopen($file, "r");
$count = 0;
$skippedfirstline = false;
while(($csvdata = fgetcsv($handle, 1000, ",")) !== FALSE) {
if(!$skippedfirstline) {$skippedfirstline = true; continue;}
switch($db_choice) {
case "students":
$student_id = $csvdata[0];
$forename = $csvdata[1];
$surname = $csvdata[2];
$dob = $csvdata[3];
$course = $csvdata[4];
$department = $csvdata[5];
$campus = $csvdata[6];
$level = $csvdata[7];
$tutor = $csvdata[8];
$sql = "INSERT INTO students (student_id, forename, surname, dob, course, department, campus, level, tutor)
VALUES ('$student_id', '$forename', '$surname', '$dob', '$course', '$department', '$campus', '$level', '$tutor')";
break;
case "staff":
$staff_id = $csvdata[0];
$forename = $csvdata[1];
$surname = $csvdata[2];
$course = $csvdata[3];
$department = $csvdata[4];
$number_of_students = $csvdata[5];
$campus = $csvdata[6];
$level = $csvdata[7];
$a_cherries = $csvdata[8];
$b_cherries = $csvdata[9];
$c_cherries = $csvdata[10];
$sql = "INSERT INTO staff (staff_id, forename, surname, course, department, number_of_students, campus, level, a_cherries_complete, b_cherries_complete, c_cherries_complete)
VALUES ('$staff_id', '$forename', '$surname', '$course', '$department', '$number_of_students', $campus', '$level', '$a_cherries', '$b_cherries', $c_cherries')";
break;
}
$query = mysqli_query($db_connection, $sql);
$count = $count + 1;
}
if($query) {
echo "<script>alert('Data uploaded succesfully.')</script>";
}
else {
echo "<script>alert('An error has occured. Data not uploaded.')</script>";
}
}
&GT;
<head>
<title>Project Cherrypicker</title>
<!-- Bootstrap & CSS -->
<link rel = "stylesheet" href = "https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css">
<link rel = "stylesheet" href = "../CSS/home-page.css">
<link rel = "stylesheet" href = "../CSS/sidebar.css">
</head>
<body>
<div class = "row reduce-margin">
<!-- Sidebar -->
<div class = "col-md-2">
<div class = "container-fluid">
<div class = "sidebar">
<h4>PROJECT CHERRYPICKER</h4>
<!-- Search Box -->
<input type = "text" name = "menu-search" class = "search-bar" placeholder = " Search Databases">
<!-- Divider -->
<hr>
<!-- Navigation Buttons -->
<a href = "home-page.php"><button name = "btnHome" class = "menu-button">Home</button></a>
<hr>
<a href = "students-database.php"><button name = "btnStudents" class = "menu-button">Students</button></a>
<a href = "staff-database.php"><button name = "btnStaff" class = "menu-button">Staff</button></a>
<button name = "btDepartments" class = "menu-button">Departments</button>
<button name = "btnUpload" class = "menu-button">Upload</button>
<hr>
<button name = "btnHelp" class = "menu-button">Log Out</button>
</div>
</div>
</div>
<!-- Main Content -->
<div class = "col-md-10">
<div class = "container-fluid margin">
<!-- Banner Display -->
<div class = "jumbotron">
<h4>UPLOAD .CSV FILE</h4>
<p> Select the table you wish to update and upload the .csv file.</p>
<form name = "upload-form" method = "POST" role = "form" enctype = "multipart/form-data"> <!-- enctype needed to upload files -->
<div>
<select name = "database_choice">
<option value = "students">Students</option>
<option value = "staff">Staff</option>
</select>
</div>
<br>
<div>
<input type = "file" name = "file" id = "file" size = "150"/>
<span><input type = "submit" name = "submit" value = "Submit" /></span>
</div>
</form>
</div>
</div>
</div>
</div>
</body>
答案 0 :(得分:0)
$sql案例的staff变量缺少$campus和$c_cherries的几个引号。
更改
$sql = "INSERT INTO staff (staff_id, forename, surname, course, department, number_of_students, campus, level, a_cherries_complete, b_cherries_complete, c_cherries_complete)
VALUES ('$staff_id', '$forename', '$surname', '$course', '$department', '$number_of_students', $campus', '$level', '$a_cherries', '$b_cherries', $c_cherries')";
break;
到
$sql = "INSERT INTO staff (staff_id, forename, surname, course, department, number_of_students, campus, level, a_cherries_complete, b_cherries_complete, c_cherries_complete)
VALUES ('$staff_id', '$forename', '$surname', '$course', '$department', '$number_of_students', '$campus', '$level', '$a_cherries', '$b_cherries', '$c_cherries')";
break;
另外,我建议你使用准备好的陈述。您的用户通过电子表格上传这一事实也不会使其安全。
请阅读manual如何实施准备好的陈述