PHP提交输入的Foreach（）ID

Question

I'm trying to submit a form that contains a schedule for each user ID. So far it looks like this:

$sql = "SELECT * FROM dbtable";
    $result = $conn->query($sql);
    $name_info = "SELECT udidId, name FROM udid";
    $name_result = $conn->query($name_info);
    if ($result->num_rows > 0) {
        while($row = $result->fetch_assoc()) {
            $udidId = $row["udidId"];
            echo "<label for='hours' class='schedule'><strong>I want <span>".$row["name"]."</span>";
            echo "<input type='text' name='udidId' class='hidden' value='".$row["udidId"]."' />";
            echo " to be <br />allowed out between <input type='text' name='outAllowedStartHour' placeholder='8' value='" . $row["outAllowedStartHour"] . "'> - <input type='text' name='outAllowedEndHour' placeholder='8' value='" . $row["outAllowedEndHour"] . "'><br />allowed in between <div class='padd_left'></div><input type='text' name='inAllowedStartHour' placeholder='8' value='" . $row["inAllowedStartHour"] . "'> - <input type='text' name='inAllowedEndHour' placeholder='8' value='" . $row["inAllowedEndHour"] . "'></strong></label>";
        }
}    


if(isset($_POST["update_schedule"])) {
        foreach($_POST as $key => $value) {
          echo "POST parameter '$key' has '$value' <br />"; 
          while($row = $result->fetch_assoc()) {
              foreach($value as $x => $x_value) {
                echo "Key=" . $x . ", Value=" . $x_value;
                echo "<br>";
                $update_pets = "UPDATE v_spottData SET $x_value = $x_value WHERE udidId = $x";
$conn->execute($update_pets);
              }
            }
        }

However is only updating inputs from the last ID in the database, and is not updating the input values at all. Any suggestions?

Answer 1

1. Execute doesn't execute a query, it executes a prepared statement. You need to use prepare to prepare the query.
2. Prepared statements should use placeholders. The quoting/escaping will be handled by the driver.
3. Note columns can't be bound/placeheld.
4. Your current query is trying to update a column with the same value, that can't be right. Change $updating_column below to whatever column you are trying to update.

---

$columns = array('outAllowedStartHour', 'outAllowedEndHour', 'inAllowedStartHour', 'inAllowedEndHour'); // whitelist columns
if(in_array($updating_column, $columns)) {
     $update_pets = "UPDATE v_spottData SET `$updating_column` = ? WHERE udidId = ?";
     $stmt = $con->prepare($update_pets);
     $stmt->bind_param("ii", $x_value, $x);
     $stmt->execute();
} else {
     echo 'Using a Not Allowed Column';
}

You can read more about prepared statements here, http://php.net/manual/en/mysqli.quickstart.prepared-statements.php .

Answer 2

I feel really silly, but for anyone else dealing with the issue, my solution was simple.

Try putting the PHP to handle the form submission at the top of your document, instead of at the bottom. Everything worked fine once I moved it up!

Thank you for all of your help everyone, especially @chris85!