0
<?php
if (isset($_POST["submit"])) {
foreach($_POST["id"] AS $id) {
$may_tc_s1 = mysql_real_escape_string($_POST["may_tc_s1"][$id]);
$may_ac_s1 = mysql_real_escape_string($_POST["may_ac_s1"][$id]);
$jun_tc_s1 = mysql_real_escape_string($_POST["jun_tc_s1"][$id]);
$jun_ac_s1 = mysql_real_escape_string($_POST["jun_ac_s1"][$id]);
$jul_tc_s1 = mysql_real_escape_string($_POST["jul_tc_s1"][$id]);
$jul_ac_s1 = mysql_real_escape_string($_POST["jul_ac_s1"][$id]);
$aug_tc_s1 = mysql_real_escape_string($_POST["aug_tc_s1"][$id]);
$aug_ac_s1 = mysql_real_escape_string($_POST["aug_ac_s1"][$id]);
$sep_tc_s1 = mysql_real_escape_string($_POST["sep_tc_s1"][$id]);
$sep_ac_s1 = mysql_real_escape_string($_POST["sep_ac_s1"][$id]);
$oct_tc_s1 = mysql_real_escape_string($_POST["oct_tc_s1"][$id]);
$oct_ac_s1 = mysql_real_escape_string($_POST["oct_ac_s1"][$id]);
$nov_tc_s1 = mysql_real_escape_string($_POST["nov_tc_s1"][$id]);
$nov_ac_s1 = mysql_real_escape_string($_POST["nov_ac_s1"][$id]);
$s1_t1 = mysql_real_escape_string($_POST["s1_t1"][$id]);
$s1_t2 = mysql_real_escape_string($_POST["s1_t2"][$id]);
$s1_t3 = mysql_real_escape_string($_POST["s1_t3"][$id]);
$update = " UPDATE `attendence` SET
`may_tc_s1` = '$may_tc_s1',
`may_ac_s1` = '$may_ac_s1',
`jun_tc_s1` = '$jun_tc_s1',
`jun_ac_s1` = '$jun_ac_s1',
`jul_tc_s1` = '$jul_tc_s1',
`jul_ac_s1` = '$jul_ac_s1',
`aug_tc_s1` = '$aug_tc_s1',
`aug_ac_s1` = '$aug_ac_s1',
`sep_tc_s1` = '$sep_tc_s1',
`sep_ac_s1` = '$sep_ac_s1',
`oct_tc_s1` = '$oct_tc_s1',
`oct_ac_s1` = '$oct_ac_s1',
`nov_tc_s1` = '$nov_tc_s1',
`nov_ac_s1` = '$nov_ac_s1',
`s1_t1` = '$s1_t1',
`s1_t2` = '$s1_t2',
`s1_t3` = '$s1_t3'
WHERE `idatten` =$id LIMIT 1 ; ";
mysql_query($update) or die(mysql_error());
}
}
$sql = "SELECT * FROM attendence WHERE branch = 'cs' AND attendence.semester=1 ORDER BY attendence.rollno";
$res = mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($res) > 0) {
echo '<form method="post">';
echo' <table border="1" align="center">';
echo' <tr>';
echo' <th><div align="center">ID</div></th>';
echo' <th><div align="center">Student Name</div></th>';
echo' <th><div align="center">Roll No</div></th>';
echo' <th colspan="2"><div align="center">May</div></th>';
echo' <th colspan="2"><div align="center">Jun</div></th>';
echo' <th colspan="2"><div align="center">Jul</div></th>';
echo' <th colspan="2"><div align="center">Aug</div></th>';
echo' <th colspan="2"><div align="center">Sep</div></th>';
echo' <th colspan="2"><div align="center">Oct</div></th>';
echo' <th colspan="2"><div align="center">Nov</div></th>';
echo' <th><div align="center">T1</div></th>';
echo' <th><div align="center">T2</div></th>';
echo' <th><div align="center">T3</div></th>';
echo' </tr>';
echo' <tr>';
echo' <th><div align="center"></div></th>';
echo' <th><div align="center"></div></th>';
echo' <th><div align="center"></div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center">TC</div></th>';
echo' <th><div align="center">AC</div></th>';
echo' <th><div align="center"></div></th>';
echo' <th><div align="center"></div></th>';
echo' <th><div align="center"></div></th>';
echo' </tr>';
while ($row = mysql_fetch_assoc($res)) {
echo' <tr>';
echo' <td>'.$row["idatten"] . '</td>';
echo' <td>'.$row["username"] . '</td>';
echo' <td>'.$row["rollno"] .'</td>';
echo' <td><input size="2" type="text" name="may_tc_s1[' . $row["idatten"] . ']" value="' . $row["may_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="may_ac_s1[' . $row["idatten"] . ']" value="' . $row["may_ac_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="jun_tc_s1[' . $row["idatten"] . ']" value="' . $row["jun_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="jun_ac_s1[' . $row["idatten"] . ']" value="' . $row["jun_ac_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="jul_tc_s1[' . $row["idatten"] . ']" value="' . $row["jul_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="jul_ac_s1[' . $row["idatten"] . ']" value="' . $row["jul_ac_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="aug_tc_s1[' . $row["idatten"] . ']" value="' . $row["aug_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="aug_ac_s1[' . $row["idatten"] . ']" value="' . $row["aug_ac_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="sep_tc_s1[' . $row["idatten"] . ']" value="' . $row["sep_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="sep_ac_s1[' . $row["idatten"] . ']" value="' . $row["sep_ac_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="oct_tc_s1[' . $row["idatten"] . ']" value="' . $row["oct_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="oct_ac_s1[' . $row["idatten"] . ']" value="' . $row["oct_ac_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="nov_tc_s1[' . $row["idatten"] . ']" value="' . $row["nov_tc_s1"] . '"></td>';
echo' <td><input size="2" type="text" name="nov_ac_s1[' . $row["idatten"] . ']" value="' . $row["nov_ac_s1"] . '"></td>';
echo' <td><input size="4" type="text" name="s1_t1[' . $row["idatten"] . ']" value="' . $row["s1_t1"] . '"></td>';
echo' <td><input size="4" type="text" name="s1_t2[' . $row["idatten"] . ']" value="' . $row["s1_t2"] . '"></td>';
echo' <td><input size="4" type="text" name="s1_t3[' . $row["idatten"] . ']" value="' . $row["s1_t3"] . '"></td>';
echo' <input type="hidden" name="id[]" value="' . $row["idatten"] . '">';
echo' </tr>';
echo' <tr>';
}}
echo' <td colspan="20"><div align="center"> <input type="submit" onblur="t1()" name="submit" value="Update Record"></div></td>';
echo' </tr>';
echo' </table>';
echo '</form>';
?>
<!-- End of cs1_s1 ---></div>
這是我上傳多個記錄的代碼。它的工作正常,但必須把所有的桌子都放在裏面,如果只有那麼麻煩的話。因爲我有多個頁面要做,並且這種類型的編碼是安全的,因爲如果它是如何使其安全的話,它很容易發生sql注入或其他任何事情。我需要在同一頁面上有七個表,但如果我放置所有七個表,它會彈出一個錯誤數據庫找不到。那麼我如何在同一頁面上調用7到8個。如何更新多行並防止SQL注入?
您的更新查詢很好。其次爲什麼你使用PHP製作整個表格?在html中製作表格,並在其中嵌入php。用這種方法你在PHP中的回聲將不需要。在你的HTML **<?php echo $ row [「idatten」]?> ** –
但你能告訴我如何做plz,因爲我是新手 – user2774977
看起來很安全,但非常容易出錯,低可維護性。表列是否修復?你能簡要描述一下這個系統是什麼嗎?所以我們可以幫助你如何提高它的效率。什麼是TC/AC? S1/S2是學期? –