程序员最近都爱上了这个网站  程序员们快来瞅瞅吧!  it98k网:it98k.com

本站消息

站长简介/公众号

  出租广告位,需要合作请联系站长


+关注
已关注

分类  

暂无分类

标签  

暂无标签

日期归档  

暂无数据

使用 PHP 发布多个 HTML 表单字段

发布于2022-01-25 13:55     阅读(474)     评论(0)     点赞(24)     收藏(4)


我正在制作订购单,所有产品的数据都存储在 MySQL 数据库中。有一个包含 10 个项目的菜单页面,每个项目都有自己的数量(数量)下拉列表。

  • 我正在使用 PHP 生成 HTML 表单元素(例如输入文本字段)并显示项目。

  • 数据库已重新设计:Table1= User_Orders,Table2= Product_Data

  • 显示产品信息和连接 MySQL 的所有代码都正常工作

我的显示代码:

form action="process.php" method="POST" name="menu"
//PHP
$system = 'SELECT * FROM products ORDER BY id ASC';
if(!$result2=mysql_query($system)){
die('Error encountered. MySQL said: '.mysql_error());
}
while ($rows2 = mysql_fetch_array($result2)) 
{
  $id=$rows2['id'];
  $gitem=$rows2['item'];
  $gdesc=$rows2['description'];

  $menu='<input name="qty1" type="text" class="textfield" id="qty1" value="'. $gitem .'" size="25"/>
          <textarea name="desc1" cols="10" rows="3" class="textfield" id="desc1" style="width: 222px; height: 51px;">'.$gdesc .'</textarea>';
echo $menu; }
//END PHP, restart HTML
</form  >

我的提交代码

//PHP
$submit=$_POST['submit'];
$sitem=$_POST['qty1'];
$sdesc=$_POST['desc1'];
$sql = "UPDATE products SET item='$sitem' ,description='$sdesc' , WHERE `id`='".mysql_escape_string($id)."'";

if($submit) //submit button is pressed
{
mysql_query($sql);
}

问题: 当我提交表单时,仅更新最新/最新行(具有最高 ID 的行)。其他字段不受影响。

我对为什么会发生的想法: 我注意到文本字段都共享相同的名称。这是因为 PHP 生成了 HTML。

问题: 如何使用生成的 PHP 使每个文本字段都有自己的唯一名称?(例如,数量 1、数量 2)。

我的研究 我考虑过使用数组:qty[]

像这样: 如何在 php 中获取选择框的多个选定值?

http://www.shotdev.com/php/php-form/php-input-multiple-textbox/comment-page-1/#comment-42091

请帮帮我,我卡住了。


解决方案


好的,首先,您没有将项目 ID 传递到表单中,因此它知道要实际更新的项目。

让我看看我能在这里做什么:

while ($rows2 = mysql_fetch_array($result2)) 
{
  $id=$rows2['id'];
  $gitem=$rows2['item'];
  $gdesc=$rows2['description'];

  $menu='<input name="qty[' . $id . ']" type="text" class="textfield" id="qty1" value="'. $gitem .'" size="25"/>
          <textarea name="desc[' . $id . ']" cols="10" rows="3" class="textfield" id="desc1" style="width: 222px; height: 51px;">'.$gdesc .'</textarea>';
  echo $menu; 
}

这应该在提交时返回 2 个数组,qty并且desc,每个条目的键等于数据库中的 id。

然后在检查提交时:

if($_POST['submit']) //Wanna check this first off, checks whether or not form has been submitted, don't want to do anything at all concerning processing the submission if the form hasn't been sumbitted, probably better to do if(isset($_POST['submit'])) rather than checking directly. 
{
 $qty = $_POST['qty'];  //These two variable declarations assign the two form field arrays into easier to type/identify variable names, might want a little additional error checking to at least make sure that these are arrays with is_array() before going into the foreach loop.
 $desc = $_POST['desc'];

 //Loop through each entry from the form, UPDATE entries in database that correspond to array keys
 foreach($qty as $key => $value)  //Set up a loop on the $qty array from the form as array $key and $value and iterate through each entry in the array, the array keys should be the same item id from the DB that corresponds to both qty and desc value entries
 {
    $sitem = mysql_real_escape_string($value);  //Escape $qty[$key] ($value) textfield input from form, put it in an easy to type variable.  Note also, mysql_real_escape_string requires an active mysql connection to have been previously established elsewhere.  mysql_escape_string() which you were using is depreciated, mysql_real_escape_string() is better.

    $sdesc = mysql_real_escape_string($desc[$key]);  //Escape $desc[$key] textarea input from form, put it in an easy to type variable.  Since the keys should match, you can reach outside the foreach into $desc for it.

    $id = mysql_real_escape_string($key);  //Escape $key (id) from form, in case of malicious live html editing, might be best to cast to (int) instead like $id = (int)$key since id should always be an int.

    $sql = "UPDATE `products` SET `item` = '$sitem', `description` = '$sdesc' WHERE `id` = $id LIMIT 1";  //Construct SQL query from escaped variables.  Backticks around field and table names are pretty standard formal syntax.  LIMIT 1 speeds up the query and reduces db server load because it will stop when it finds a matching WHERE condition rather than continuing to look for more, and there should only be a single matching id field, so no reason to continue to look for more.

    mysql_query($sql);  //Execute Query
 }
}

哦,这是使用 PDO 执行此操作以提高安全性的代码:

if($_POST['submit']) //Wanna check this first off
{
 $qty = $_POST['qty'];
 $desc = $_POST['desc'];

 $dsn="mysql:dbname=whateveryourdbisnamed;host=localhost";  //Of course change values to appropriate ones

 $dbh = new PDO($dsn,"mysqlusername","mysqlpassword");  //Connect to DB.  Might want some error checking to make sure it connected.

 foreach($qty as $key => $value)
 {
    $sql = "UPDATE `products` SET `item` = :item, `description` = :desc WHERE `id` = :id LIMIT 1";

    $stmt = $dbh->prepare($sql);
    $stmt->bindParam(":item",$value,PDO::PARAM_INT); //Note:  Not sure if item is a number of not.  If a string of any length, change it to next line
    //$stmt->bindParam(":item",$value,PDO::PARAM_STR,128);  //Note, change last parameter to set max length of string
    $stmt->bindParam(":desc",$desc[$key],PDO::PARAM_STR,256);  //Change last parameter to set max length of desc, or remove if no max length
    $stmt->bindParam(":id",$key,PDO::PARAM_INT);

    $stmt->execute();  //Execute query
 }
}



所属网站分类: 技术文章 > 问答

作者:黑洞官方问答小能手

链接:http://www.qianduanheidong.com/blog/article/295554/43cd5ce4d3b980427469/

来源:前端黑洞网

任何形式的转载都请注明出处,如有侵权 一经发现 必将追究其法律责任

24 0
收藏该文
已收藏

评论内容:(最多支持255个字符)