0
我試圖將searchschoolsthis.php中的搜索值傳遞給excel.php。當我點擊'Cetak'時,它會生成excel文件,但沒有搜索到的數據。我試圖把這個檢查excel.php:如何將搜索值從一個php文件傳遞到另一個
$strSQL = "SELECT * FROM schools WHERE kod_sekolah='Q'";
它打印出我想要的數據是包含「Q」的任何數據kod_sekolah。這意味着excel.php正在工作。但是,如何通過點擊'Cetak'將searchschools.php中輸入和搜索的數據傳遞給excel.php?
searchschoolsthis.php
<body>
<form method="post" action="searchschoolsthis.php">
<input type="hidden" name="submitted" value="true" />
<label><span class="style2">Pilih Kategori:</span>
<span class="style1">
<select name="category">
<option value="negeri">NEGERI</option>
<option value="daerah">DAERAH</option>
<option value="kod_sekolah">KOD SEKOLAH</option>
</select>
</span></label>
<span class="style1">
<span class="style2">Taip Kriteria
<label>:</label>
</span>
<label>
<input type="text" name="criteria" onKeyUp="this.value = this.value.toUpperCase();"/>
</label>
<input type="submit" value="Cari" />
</form>
<form action="excel.php" method="post" name="criteria" target="_blank" id="cetak">
<input type="submit" name="cetak" id="cetak" value="Cetak" />
</form>
</span>
<table width='100%' color='black' id='header'>
<thead>
<tr>
<td width="40%" scope="col"><div align="center"><span class="style2">Kod Sekolah</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Nama Sekolah</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">PTJ</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Server</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">PC</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">NB</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Mono Laser</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Color Laser</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Dot Matrix</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">LCD</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Set LAN</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Jumlah Kos</span></div></td>
<td width="40%" scope="col"><div align="center"><span class="style2">Dibayar</span></div></td>
<td width="50%" scope="col"><div align="center"><span class="style2">Tanggungan</span></div></td>
</tr>
</thead>
</table>
<?php
if(isset($_POST['submitted'])){
include('connect.php');
$category=$_POST['category'];
$criteria=$_POST['criteria'];
$query="SELECT * FROM schools WHERE $category = '$criteria'";
$result=mysqli_query($dbcon,$query) or die('error getting data');
echo "<table width='120%' border='2' color='black' id='header'>";
while ($row = mysqli_fetch_array($result,MYSQL_ASSOC)){
echo"<tr><td>";
echo $row['kod_sekolah'];
echo"</td><td>";
echo $row['nama_sekolah'];
echo"</td><td>";
echo $row['ptj'];
echo"</td><td>";
echo $row['server'];
echo"</td><td>";
echo $row['pc'];
echo"</td><td>";
echo $row['nb'];
echo"</td><td>";
echo $row['mono_laser'];
echo"</td><td>";
echo $row['color_laser'];
echo"</td><td>";
echo $row['dot_matrix'];
echo"</td><td>";
echo $row['lcd'];
echo"</td><td>";
echo $row['set_lan'];
echo"</td><td>";
echo $row['jumlah_kos'];
echo"</td><td>";
echo $row['dibayar'];
echo"</td><td>";
echo $row['tanggungan'];
//echo"</td><td style='text-align:right'>";
echo"</td></tr>";
}
echo "</table>";
}
?>
</body>
excel.php
<body>
<?
include("connect.php");
$objDB = mysqli_select_db($dbcon,$strSQL);
$strSQL = "SELECT * FROM schools WHERE kod_sekolah='Q'";
//$strSQL = "SELECT * FROM schools WHERE negeri== '$criteria'";
$objQuery = mysqli_query($dbcon,$strSQL);
if($objQuery)
{
$strPath = realpath(basename(getenv($_SERVER["SCRIPT_NAME"])));
$strFileName = "Excel.xls";
$xlApp = new COM("Excel.Application");
$xlBook = $xlApp->Workbooks->Add();
$xlBook->Worksheets(1)->Name = "Rekod";
$xlBook->Worksheets(1)->Select;
$xlApp->ActiveSheet->Range("A1:A1")->ColumnWidth = 10.0;
$xlApp->ActiveSheet->Range("B1:B1")->ColumnWidth = 13.0;
$xlApp->ActiveSheet->Range("C1:C1")->ColumnWidth = 23.0;
$xlApp->ActiveSheet->Range("D1:D1")->ColumnWidth = 12.0;
$xlApp->ActiveSheet->Range("E1:E1")->ColumnWidth = 13.0;
$xlApp->ActiveSheet->Range("F1:F1")->ColumnWidth = 12.0;
$xlApp->ActiveSheet->Range("A1:F1")->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Range("A1:F1")->MergeCells = True;
$xlApp->ActiveSheet->Range("A1:F1")->Font->Bold = True;
$xlApp->ActiveSheet->Range("A1:F1")->Font->Size = 20;
$xlApp->ActiveSheet->Range("A1:F1")->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(1,1)->Value = "Rekod Penyelenggaraan ICT di Sekolah-Sekolah";
$xlApp->ActiveSheet->Cells(3,1)->Value = "Kod Sekolah";
$xlApp->ActiveSheet->Cells(3,1)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,1)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,1)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,1)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,2)->Value = "Nama Sekolah";
$xlApp->ActiveSheet->Cells(3,2)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,2)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,2)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,2)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,3)->Value = "PTJ";
$xlApp->ActiveSheet->Cells(3,3)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,3)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,3)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,3)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,4)->Value = "Server";
$xlApp->ActiveSheet->Cells(3,4)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,4)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,4)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,4)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,5)->Value = "PC";
$xlApp->ActiveSheet->Cells(3,5)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,5)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,5)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,5)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,6)->Value = "NB";
$xlApp->ActiveSheet->Cells(3,6)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,6)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,6)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,6)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,7)->Value = "Mono Laser";
$xlApp->ActiveSheet->Cells(3,7)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,7)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,7)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,7)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,8)->Value = "Color Laser";
$xlApp->ActiveSheet->Cells(3,8)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,8)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,8)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,8)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,9)->Value = "Dot Matrix";
$xlApp->ActiveSheet->Cells(3,9)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,9)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,9)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,9)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,10)->Value = "LCD";
$xlApp->ActiveSheet->Cells(3,10)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,10)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,10)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,10)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,11)->Value = "Set LAN";
$xlApp->ActiveSheet->Cells(3,11)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,11)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,11)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,11)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,12)->Value = "Jumlah Kos";
$xlApp->ActiveSheet->Cells(3,12)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,12)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,12)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,12)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,13)->Value = "Dibayar";
$xlApp->ActiveSheet->Cells(3,13)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,13)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,13)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,13)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells(3,14)->Value = "Tanggungan";
$xlApp->ActiveSheet->Cells(3,14)->Font->Bold = True;
$xlApp->ActiveSheet->Cells(3,14)->VerticalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,14)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells(3,14)->BORDERS->Weight = 1;
$intRows = 4;
while($objResult = mysqli_fetch_array($objQuery))
{
$xlApp->ActiveSheet->Cells($intRows,1)->Value = $objResult["kod_sekolah"];
$xlApp->ActiveSheet->Cells($intRows,1)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,1)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells($intRows,2)->Value = $objResult["nama_sekolah"];
$xlApp->ActiveSheet->Cells($intRows,2)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,3)->Value = $objResult["ptj"];
$xlApp->ActiveSheet->Cells($intRows,3)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,4)->Value = $objResult["server"];
$xlApp->ActiveSheet->Cells($intRows,4)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells($intRows,4)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,5)->Value = $objResult["pc"];
$xlApp->ActiveSheet->Cells($intRows,5)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,5)->HorizontalAlignment = -4108;
$xlApp->ActiveSheet->Cells($intRows,6)->Value = $objResult["nb"];
$xlApp->ActiveSheet->Cells($intRows,6)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,7)->Value = $objResult["mono_laser"];
$xlApp->ActiveSheet->Cells($intRows,7)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,8)->Value = $objResult["color_laser"];
$xlApp->ActiveSheet->Cells($intRows,8)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,9)->Value = $objResult["dot_matrix"];
$xlApp->ActiveSheet->Cells($intRows,9)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,10)->Value = $objResult["lcd"];
$xlApp->ActiveSheet->Cells($intRows,10)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,11)->Value = $objResult["set_lan"];
$xlApp->ActiveSheet->Cells($intRows,11)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,12)->Value = $objResult["jumlah_kos"];
$xlApp->ActiveSheet->Cells($intRows,12)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,13)->Value = $objResult["dibayar"];
$xlApp->ActiveSheet->Cells($intRows,13)->BORDERS->Weight = 1;
$xlApp->ActiveSheet->Cells($intRows,14)->Value = $objResult["tanggungan"];
$xlApp->ActiveSheet->Cells($intRows,14)->BORDERS->Weight = 1;
$intRows++;
}
@unlink($strFileName);
$xlBook->SaveAs($strPath."/".$strFileName);
$xlApp->Application->Quit();
$xlApp = null;
$xlBook = null;
$xlSheet1 = null;
}
?>
Fail Excel Telah Berjaya Dijana. <a href="<?=$strFileName?>">Klik Disini</a> Untuk Muat Turun.
</body>
我只是想downvote因爲SQL注入漏洞的答案,但因爲你警告說,我是不會這樣做的。我也不會支持你,因爲你沒有說完全防止SQL注入,有人可能會最終使用你的解決方案而沒有防止SQL注入...... – Tadeck 2012-01-05 04:20:38
我只是專注於手頭的問題,我並不是針對硬件企業解決方案。但是,謝謝我的猜測。 – 2012-01-05 04:34:10
這實際上不是「強硬的企業解決方案_」,這相當於「常見的網站公開實踐」(甚至是非公開的網站)。我不瞭解你,但我會真正關心我的個人數據被泄露(即使沒有什麼是真正的祕密)。無論如何,使用SQL注入預防相當簡單,但非開發人員應該避免的非常重要的事情。當PHP框架使用查詢構建器時,默認情況下這是一種標準。總結一下:不要低估SQL注入。 – Tadeck 2012-01-05 04:55:51