我有我的PHP代码的情况。在上一页中,用户输入其用户名。现在,当他们提交表单时,会在当前页面上发布用户名并回显。
E.G如果老师输入“j.lu”作为用户名,则会在当前页面上发布“j.lu”。
但我想要做的是我希望在数据库中插入教师的ID。为此,我设置了一个查询,通过查找用户名来选择教师的ID。因此'j.lu'有一个TeacherId'T1',但它不会显示这是插入时的字段。相反,它在现场陈述'SEL'。
所以我的问题是'SEL'是什么意思,我怎么能解决它而不是说'SEL'它会说出教师的id,在这个例子中是'T1'。
下面是查询代码,插入和echo:
$teacherid = "SELECT TeacherId FROM Teacher WHERE (TeacherUsername = '".mysql_real_escape_string($_SESSION['teacherusername'])."')";
echo $_SESSION['teacherusername'];
$sql="INSERT INTO Session (TeacherId)
VALUES
(' ". mysql_real_escape_string( $teacherid ) . "')";
mysql_query($sql);
答案 0 :(得分:3)
SEL是SELECT单词的前三个字符,因为您运行的查询是
INSERT INTO Session (TeacherId) VALUES ('SELECT TeacherId FROM Teacher WHERE ...
您需要更改$ teacherid内容:
$teacherid =mysql_real_escape_string($_SESSION['teacherusername']);
// the escape is already done
$sql = "INSERT INTO Session (TeacherId) VALUES ('$teacherid')";
mysql_query($sql);
到目前为止,您有一个名为Session ...的表
修改强>
您必须执行第一个查询,而不是按原样使用用户名:
$sql = "SELECT TeacherId FROM Teacher WHERE (TeacherUsername = '"
. mysql_real_escape_string($_SESSION['teacherusername'])."')";
$rs = mysql_query($sql);
$record = mysql_fetch_array($rs);
$teacherid = $record['TeacherId'];
$sql = "INSERT INTO Session (TeacherId) VALUES ('$teacherid')";
mysql_query($sql);
答案 1 :(得分:1)
您将$ teacherid设置为字符串“SELECT TeacherId FROM Teacher WHERE(TeacherUsername ='mysql_real_escape_string($ _ SESSION ['teacherusername'])')”,而不是查询结果。