0
这是我的代码。我想获取选定选项的值并在另一个SQL查询中使用该值。获取选择的值
例如: SELECT * FROM section WHERE GradeLevel = '$GradeLevel' AND SectionName = '$GradeSection
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "sample";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$GradeLevel = $_GET['glevel'];
$StudentID = $_GET['studentID'];
$BirthCertificate = $_POST['BirthCertificate'];
$GoodMoral = $_POST['GoodMoral'];
$ReportCard = $_POST['ReportCard'];
echo 'Grade Level : '.$GradeLevel.' <br/>';
//Section
$sql = "SELECT * FROM section WHERE GradeLevel='$GradeLevel'";
$result = $conn->query($sql);
if ($result->num_rows > 0) { ?>
Section Name:
<select name="GradeSection" id="GradeSection" style="width:30%;">
<?php
while($row = $result->fetch_assoc()) {
$Section = $row["SectionName"];
echo '
<option value="'.$Section.'"> '.$Section.' </option> ';
}
echo "</select>";
}
$GradeSection = $_POST['GradeSection'];
?>
**你是大开[SQL注入(http://php.net/manual/en/security.database.sql-injection.php)**,应该真正**使用方法制得。语句](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php)**而不是串联你的查询。特别是因为你没有逃避用户输入! –
那么,你真正的问题是什么?您向我们展示了一个示例查询。你是否尝试过这样做?你卡在哪里? –
什么是错误或问题? – user3526204