如何插入同一分區中的多個字段

Question

我正在尋找將單個選擇插入到多個用戶的字段中。當進行選擇並輸入提交時，我有以下代碼。我沒有收到任何錯誤，我在下一頁發佈了5次郵件，這是多少用戶不是它的weekpicks表。但是沒有任何內容插入到數據庫中。

<? 
 
// This code is to use to place info into the MySQL 
 

 
$sTeam1 = $_POST['sTeam1']; 
 

 
// (WHERE username FROM authorize WHERE username not in (SELECT username FROM weekpicks WHERE whatweek='$totalnoOfWeek')" . 
 

 
//$nMemberID = (integer) Query 
 

 
$sql_events = mysql_query("SELECT username FROM authorize WHERE username not in (SELECT username FROM weekpicks WHERE whatweek='$totalnoOfWeek')") or die(mysql_error()); 
 

 
while ($row = mysql_fetch_array($sql_events)) { 
 
$username = $row["username"]; 
 

 
("INSERT INTO weekpicks SET " . "username = '" . ($username) . "'," . "date_create = NOW(), " . "whatweek = '" . ($totalnoOfWeek) . "'," . "team = '" . addslashes($sTeam1) . "'" . 'INSERT'); 
 

 
echo "<HTML> 
 

 
      <BODY> 
 
      <h2>Your pick of " . ($sTeam1) . ", for week " . ($totalnoOfWeek) . ", has been added.</h2> 
 
      
 
      <P align=left><a href=\"nopickpolicy.php\">Return to main page</a></p> 
 
      </BODY> 
 
      </HTML>"; 
 
} 
 
?>

Answer 1

您正在爲插入的文本，但你不運行它。

修復代碼它會是：

while ($row = mysql_fetch_array($sql_events)) { 
$username = $row["username"]; 
mysql_query("INSERT INTO weekpicks SET " . "username = '" . ($username) . "'," . "date_create = NOW(), " . "whatweek = '" . ($totalnoOfWeek) . "'," . "team = '" . addslashes($sTeam1) . "'"); 

//echo ... 
} 

固定字符串語法，你能做到這一點，這看起來更好。也使用mysql_real_escape_string()而不是addslashes()，因爲addslashes不像mysql的本地函數那樣安全。

$sTeam1 = mysql_real_escape_string($sTeam1); 
mysql_query("INSERT INTO weekpicks SET username = '$username', date_create = NOW(), whatweek = '$totalnoOfWeek', team = '$sTeam1'); 

另一件事我必須告訴你：

使用mysql_*停止，使用mysqli_*代替。

mysql_從PHP7移除並棄用後，PHP 5.5

它並不像mysqli_的安全，因此考慮提高你的代碼的新模式。

Follow this guide in order to change your code properly.