1. 首頁
  2. 問答
  3. 如何使用數組更新表列並在php和mysql中循環?

如何使用數組更新表列並在php和mysql中循環?

2015-10-07 37 views
4 
for ($key=0; $key < count($_POST['marks']); $key++) { 

      $from_marks = $_POST['from'][$key]; 
      $get_marks = $_POST['marks'][$key]; 

      //echo $from_marks." "; 
      if($get_marks > $from_marks){ 
       // header("location: ../../pages/marks.php?over=err"); 
       // break; 

       echo "Cant add more marks <br/>"; 

      } 
      else{ 
       echo $get_marks."<br/>"; 

       $update_marks_query = $db->prepare(
        "UPDATE sc_marks SET get_marks='" 
        .$get_marks 
        ."' WHERE _sid='$sc_foreign_id' AND exam_type='$select_exam_type' "); 
       $update_marks_query -> execute(); 
      } 
}

當我執行代碼時,發生了這個問題,我得到了表中每一行的最後一個提取值。更新後如何使用數組更新表列並在php和mysql中循環?

數據結果:

Data result after update

來源

2015-10-07 i_m_mahii

+1

事實上,所有行最終都包含相同的數據,這表明您的UPDATE語句的WHERE子句總是匹配表中的每一行。如果不知道在哪裏以及如何定義已使用變量$ sc_foreign_id和$ select_exam_type,以及它們相關字段包含在數據庫中的數據類型,我無法給出更準確的答案。 – Thernys

+0

順便說一句,你應該在'for'循環之前準備你的update語句'$ query = $ db-> prepare(「UPDATE sc_marks SET get_marks =?WHERE _sid =?AND exam_type =?」);'然後附加使用'$ query-> execute($ get_marks,$ sc_foreign_id,$ select_exam_type)''進行每次迭代時的參數。除了效率低下之外,您目前的方法存在安全風險。閱讀[SQL注入](http://www.unixwiz.net/techtips/sql-injection.html)。 – Thernys

回答

4 
<?php 
    include "./connection/config.php"; 

    if(isset($_POST['btn_update_marks'])){ 

     $sc_foreign_id = $_POST['sc_foreign_id']; 
     $select_exam_type = $_POST['select_exam_type']; 

     for($key=0; $key<count($_POST['marks']); $key++){ 

      $from_marks = $_POST['from'][$key]; 
      $get_marks = $_POST['marks'][$key]; 

      echo $from_marks." "; 


      if($get_marks > $from_marks){ 
       // header("location: ../../pages/marks.php?over=err"); 
       // break; 

       echo "Marks Vadhu Chhe <br/>"; 

      } 
      else{ 
       echo $get_marks."<br/>"; 

       $update_marks_query = $db->query("UPDATE sc_marks SET get_marks='".$get_marks."' WHERE _sid='$sc_foreign_id' AND exam_type='$select_exam_type' "); 
      } 
      // else{ 
       // $update_marks_query = $db->prepare("UPDATE sc_marks SET get_marks='$get_marks' WHERE _sid='$sc_foreign_id' "); 
       // $update_done = $update_marks_query -> execute(); 
      // } 
     } 

     // if($update_done){ 
      // echo "Successfully Updated"; 
      // header("location: ../../pages/marks.php?add-marks=yes"); 
     // } 
     // else{ 
      // echo "Error"; 
      // header("location: ../../pages/marks.php?add-marks=error"); 
     // } 
    } 
?>

來源

2015-10-07 06:29:19

0

我建議你之前準備您的更新語句for循環

$query = $db->prepare("UPDATE sc_marks SET get_marks=? WHERE _sid=? AND exam_type=?"); 

for ($key=0; $key < count($_POST['marks']); $key++) { 

      $from_marks = $_POST['from'][$key]; //add some validation here 
      $get_marks = $_POST['marks'][$key]; //e.G with regex 

      //echo $from_marks." "; 
      if($get_marks > $from_marks){ 
       // header("location: ../../pages/marks.php?over=err"); 
       // break; 

       echo "Cant add more marks <br/>"; 

      } 
      else{ 
       echo $get_marks."<br/>"; 

       $query->execute($get_marks, $sc_foreign_id, $select_exam_type); 

      } 
} 

//Then attach the parameters during each iteration within the loop

你目前的方法是安全風險,除了由於效率低於它可能。閱讀關於SQL注入。

來源

2015-10-16 14:22:26 inetphantom

相關問題

 相關問題