1. 首页
  2. 问答
  3. 如何使用数组更新表列并在php和mysql中循环?

如何使用数组更新表列并在php和mysql中循环?

2015-10-07 93 views
4 
for ($key=0; $key < count($_POST['marks']); $key++) { 

      $from_marks = $_POST['from'][$key]; 
      $get_marks = $_POST['marks'][$key]; 

      //echo $from_marks." "; 
      if($get_marks > $from_marks){ 
       // header("location: ../../pages/marks.php?over=err"); 
       // break; 

       echo "Cant add more marks <br/>"; 

      } 
      else{ 
       echo $get_marks."<br/>"; 

       $update_marks_query = $db->prepare(
        "UPDATE sc_marks SET get_marks='" 
        .$get_marks 
        ."' WHERE _sid='$sc_foreign_id' AND exam_type='$select_exam_type' "); 
       $update_marks_query -> execute(); 
      } 
}

当我执行代码时,发生了这个问题,我得到了表中每一行的最后一个提取值。更新后如何使用数组更新表列并在php和mysql中循环?

数据结果:

Data result after update

来源

2015-10-07 i_m_mahii

+1

事实上,所有行最终都包含相同的数据,这表明您的UPDATE语句的WHERE子句总是匹配表中的每一行。如果不知道在哪里以及如何定义已使用变量$ sc_foreign_id和$ select_exam_type,以及它们相关字段包含在数据库中的数据类型,我无法给出更准确的答案。 – Thernys

+0

顺便说一句,你应该在'for'循环之前准备你的update语句'$ query = $ db-> prepare(“UPDATE sc_marks SET get_marks =?WHERE _sid =?AND exam_type =?”);'然后附加使用'$ query-> execute($ get_marks,$ sc_foreign_id,$ select_exam_type)''进行每次迭代时的参数。除了效率低下之外,您目前的方法存在安全风险。阅读[SQL注入](http://www.unixwiz.net/techtips/sql-injection.html)。 – Thernys

回答

4 
<?php 
    include "./connection/config.php"; 

    if(isset($_POST['btn_update_marks'])){ 

     $sc_foreign_id = $_POST['sc_foreign_id']; 
     $select_exam_type = $_POST['select_exam_type']; 

     for($key=0; $key<count($_POST['marks']); $key++){ 

      $from_marks = $_POST['from'][$key]; 
      $get_marks = $_POST['marks'][$key]; 

      echo $from_marks." "; 


      if($get_marks > $from_marks){ 
       // header("location: ../../pages/marks.php?over=err"); 
       // break; 

       echo "Marks Vadhu Chhe <br/>"; 

      } 
      else{ 
       echo $get_marks."<br/>"; 

       $update_marks_query = $db->query("UPDATE sc_marks SET get_marks='".$get_marks."' WHERE _sid='$sc_foreign_id' AND exam_type='$select_exam_type' "); 
      } 
      // else{ 
       // $update_marks_query = $db->prepare("UPDATE sc_marks SET get_marks='$get_marks' WHERE _sid='$sc_foreign_id' "); 
       // $update_done = $update_marks_query -> execute(); 
      // } 
     } 

     // if($update_done){ 
      // echo "Successfully Updated"; 
      // header("location: ../../pages/marks.php?add-marks=yes"); 
     // } 
     // else{ 
      // echo "Error"; 
      // header("location: ../../pages/marks.php?add-marks=error"); 
     // } 
    } 
?>

来源

2015-10-07 06:29:19

0

我建议你之前准备您的更新语句for循环

$query = $db->prepare("UPDATE sc_marks SET get_marks=? WHERE _sid=? AND exam_type=?"); 

for ($key=0; $key < count($_POST['marks']); $key++) { 

      $from_marks = $_POST['from'][$key]; //add some validation here 
      $get_marks = $_POST['marks'][$key]; //e.G with regex 

      //echo $from_marks." "; 
      if($get_marks > $from_marks){ 
       // header("location: ../../pages/marks.php?over=err"); 
       // break; 

       echo "Cant add more marks <br/>"; 

      } 
      else{ 
       echo $get_marks."<br/>"; 

       $query->execute($get_marks, $sc_foreign_id, $select_exam_type); 

      } 
} 

//Then attach the parameters during each iteration within the loop

你目前的方法是安全风险,除了由于效率低于它可能。阅读关于SQL注入。

来源

2015-10-16 14:22:26 inetphantom

相关问题

 相关问题