1. 首页
  2. 问答
  3. 获取选择的值

获取选择的值

2017-03-05 79 views
0

这是我的代码。我想获取选定选项的值并在另一个SQL查询中使用该值。获取选择的值

例如: SELECT * FROM section WHERE GradeLevel = '$GradeLevel' AND SectionName = '$GradeSection

<?php 

$servername = "localhost"; 
$username = "root"; 
$password = ""; 
$dbname = "sample"; 

// Create connection 
$conn = new mysqli($servername, $username, $password, $dbname); 
// Check connection 


if ($conn->connect_error) { 
    die("Connection failed: " . $conn->connect_error); 
} 


$GradeLevel = $_GET['glevel']; 
$StudentID = $_GET['studentID']; 

$BirthCertificate = $_POST['BirthCertificate']; 
$GoodMoral = $_POST['GoodMoral']; 
$ReportCard = $_POST['ReportCard']; 

echo 'Grade Level : '.$GradeLevel.' <br/>'; 
//Section 


$sql = "SELECT * FROM section WHERE GradeLevel='$GradeLevel'"; 
$result = $conn->query($sql); 

if ($result->num_rows > 0) { ?> 

    Section Name: 
    <select name="GradeSection" id="GradeSection" style="width:30%;"> 

    <?php 
    while($row = $result->fetch_assoc()) { 
     $Section = $row["SectionName"]; 

     echo ' 
      <option value="'.$Section.'"> '.$Section.' </option> '; 
    } 

    echo "</select>"; 
} 

$GradeSection = $_POST['GradeSection']; 
?>

来源

2017-03-05 EuniseP

+1

**你是大开[SQL注入(http://php.net/manual/en/security.database.sql-injection.php)**,应该真正**使用方法制得。语句](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)**而不是串联你的查询。特别是因为你没有逃避用户输入! –

+2

那么,你真正的问题是什么?您向我们展示了一个示例查询。你是否尝试过这样做?你卡在哪里? –

+0

什么是错误或问题? – user3526204

回答

0

尝试这个 把它高于$ GradeSection = $ _POST [ 'GradeSection'];

if ($GradeSection != "" || $GradeSection != NULL) 
{ 
$sql += "AND SectionName = '$GradeSection'"; 
}

来源

2017-03-06 06:49:38 user3604643

相关问题

 相关问题