1
我有一個表tracker_item看起來像這樣無法創建MySQL表
tracker_item
id heading trackerid
1 name 1
2 location 1
3 age 1
4 candidate 2
5 area 2
我希望能按照使用低於標題參數trackerid創建不同的數據庫表。 例如ACC上表tracker_item我想,兩個表應獲得創建
table1
id name location age
table 2
id candidate area
,我試過的代碼是
$sql="SELECT * FROM `tracker_item` where trackerid='".$trackerid."' ";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result)>0)
{
while($row = mysqli_fetch_assoc($result))
{
echo $sql1 = "CREATE TABLE item (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
".
$row['heading']
." VARCHAR(30) NOT NULL,
resume VARCHAR(50)
)";
}
if (mysqli_query($con, $sql1))
{
echo "Table created successfully";
}
else
{
echo "Error creating table: " . mysqli_error($con);
}
}
輸出$ SQL1,我得到的是
CREATE TABLE item (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, name VARCHAR(30) NOT NULL, resume VARCHAR(50))
CREATE TABLE item (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, location VARCHAR(30) NOT NULL, resume VARCHAR(50))
CREATE TABLE item (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, age VARCHAR(30) NOT NULL, resume VARCHAR(50))
而不是多個表我想獲得$ sql1的o/p看起來像下面這樣一個表可以在數據庫中創建一個表
CREATE TABLE item (id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY, name VARCHAR(30) NOT NULL, location VARCHAR(30) NOT NULL, age VARCHAR(50))
誰能請告訴它如何可以做到
[Little Bobby](http://bobby-tables.com/)說*** [您的腳本存在SQL注入攻擊的風險。](http://stackoverflow.com/questions/60174/how- ***)瞭解[MySQLi](http://php.net)的[prepared](http://en.wikipedia.org/wiki/Prepared_statement)語句/manual/en/mysqli.quickstart.prepared-statements.php)。即使[轉義字符串](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string)是不安全的! –
@Jay Blanchard這只是一個虛擬工作的邏輯,我會在以後照顧安全,將不勝感激,如果你能幫助我的主要問題 – sammy001
[這就是爲什麼我們不斷重複SQL注入攻擊警告。] (http://stackoverflow.com/questions/38297105/mysql-real-escape-string-not-working-for-this-specific-example-mysql-real-escap) –