1. 首页
  2. 问答
  3. 处理多个选择选项中的数据(使用$ _POST)

处理多个选择选项中的数据(使用$ _POST)

2017-08-03 61 views
-1

我有来自数据库的多选字段。例如我在页面中选择申请(storeform.php):

<select name="store[]" multiple="multiple"> 
<option value=1>Outlet 1</option> 
<option value=2>Outlet 2</option> 
<option value=3>Outlet 3</option> 
<option>.......</option> 
</select>

我想从上面的选择字段值使用PHP岗位数据库,并把值放入Query.This是我写的其他页面调用(storetable.php):

<?php 
$storenum=$_POST['store']; 
foreach($storenum as $snumber) 
{ 
    //this part i need to get the values and put the values into Query. 
    //for example the $storenum hold values $1 and $2, so $1,$2 i need to put in Query. 
} 

$query="SELECT sum(a.netamt) as netamt, b.store_name, 
    c.monusage,c.monusage/sum(a.netamt)*1000 as duh 
    FROM site_sales a JOIN site_store b ON b.storenum = a.storenum 
    JOIN site_salmonusage c ON b.storenum = c.storenum 
    WHERE c.month = '$date211' AND (a.storenum='$1' OR a.storenum='$2') AND a.busidate >= '$date1' AND a.busidate <='$date2' 
    GROUP BY a.storenum order by duh" 

/* code continue */

来源

2017-08-03 Azim Azman

+0

你到目前为止尝试过什么? – arielnmz

+0

我只是使用['IN'条件](https://www.techonthenet.com/sql/in.php),例如'a.storenum IN(?)'并将该参数绑定到'implode(' ,',$ _POST ['store'])''。您应该确保所有'$ _POST ['store']'值都是数字,我想是 – Phil

+0

您使用MySQLi或PDO与数据库进行交互吗? – Phil

回答

0

尝试一下这样的事情。

<?php 
$storenum=implode(",",$_POST['store']); 


$query="SELECT sum(a.netamt) as netamt, b.store_name, 
    c.monusage,c.monusage/sum(a.netamt)*1000 as duh 
    FROM site_sales a JOIN site_store b ON b.storenum = a.storenum 
    JOIN site_salmonusage c ON b.storenum = c.storenum 
    WHERE c.month = '$date211' AND a.storenum IN ($storenum) AND a.busidate >= '$date1' AND a.busidate <='$date2' 
    GROUP BY a.storenum order by duh"

来源

2017-08-03 02:34:22

+0

无法容忍对SQL注入开放的答案 – Phil

+0

感谢Zaid回答我的问题。你的代码工作。但如何防止此代码打开到SQL注入? –

+0

@AzimAzman请查看以了解SI https://www.w3schools.com/sql/sql_injection.asp –

相关问题

 相关问题