堆栈内存溢出
  简体   繁体   English

PHP / MySQL:从用户输入创建数据库

[英]PHP / MySQL: Create Database from User Input

 原文  2016-07-19 07:44:58       php/ mysql

问题描述

I would like to create a database based on user input if that database doesn't exist. 如果该数据库不存在,我想根据用户输入创建一个数据库。 Problem is, I do not understand how to check whether the database exists or not. 问题是,我不明白如何检查数据库是否存在。

Also another question is I wonder if the following code would work: 还有一个问题是我想知道以下代码是否可以工作: 

if (isset($_POST['companyName'])) {
   $companyName = $_POST['companyName'];
}

$query = "
    CREATE DATABASE 'companyName';
       USE 'companyName';
    CREATE TABLE users (
           ID int NOT NULL AUTO_INCREMENT,
           FirstName varchar(255),
           LastName varchar(255),
           user text,
           Password varchar(255),
           Email varchar(255),
           PRIMARY KEY (ID)
   );
";

$result = mysqli_query($conn, $query);

Because basically I typed the whole SQL code in and just query it, would that create any problem? 因为基本上我输入了整个SQL代码并只是对其进行查询,所以会造成任何问题吗?

I'm not really experienced in PHP and MySQL so thank you for paying attention and answer my question in advance! 我对PHP和MySQL没有真正的经验,所以感谢您的关注并提前回答我的问题!

2 个解决方案

解决方案1
 1  2016-07-19 07:52:30

You should first filter out the user inputs before putting to use in mysql queries. 在用于mysql查询之前,您应该首先过滤掉用户输入。 Use htmlspecialchars() , stripslashes() functions. 使用htmlspecialchars()stripslashes()函数。

Before creating a database you should check if it exists. 创建数据库之前,应检查数据库是否存在。 You can do it by using : CREATE DATABASE IF NOT EXISTS yourdb; 您可以使用以下方法完成此操作: CREATE DATABASE IF NOT EXISTS yourdb;

It is not advisable to create db and tables based on user inputs, but in case you have no other option, make sure to filter the user inputs. 不建议根据用户输入创建数据库和表,但是如果您没有其他选择,请确保过滤用户输入。

解决方案2
 1  2016-07-19 07:56:54

You can try this 你可以试试这个 

<?php
$servername = 'localhost';
$username = 'root';
$password = 'xxxxx';

$conn = new mysqli($servername, $username, $password);
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
// Create database
$sql = "CREATE DATABASE myDB";
if ($conn->query($sql) === TRUE) {
    $conn =  mysqli_connect($servername, $username, $password,'myDB');
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    } 
    $query = "CREATE TABLE users
          (
            ID int NOT NULL AUTO_INCREMENT,
            FirstName varchar(255),
            LastName varchar(255),
            user text,
            Password varchar(255),
            Email varchar(255),
            PRIMARY KEY (ID)
          )";
    if ($conn->query($query) === TRUE) {
        echo "Table users created successfully";
    } else {
        echo "Error creating table: " . $conn->error;
    }
} else {
    echo "Error creating database: " . $conn->error;
}

$conn->close();
?>

My result 我的结果

在此处输入图片说明

But I'm not recommend user can create new database in your sql server. 但我不建议用户在您的sql服务器中创建新数据库。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从PHP创建MySQL用户和数据库 - Create MySQL user and database from PHP 将用户输入从文本框插入数据库(使用mysql从PHP到PHPMYADMIN) - Insert user input from textbox to Database (PHP to PHPMYADMIN using mysql) 如何从 php 创建一个新的 mySQL 数据库用户 - How to create a new mySQL database user from php PHP / MySQL:将用户输入保存到数据库 - PHP/MySQL: Saving user input to Database 通过用户在php中输入的值创建数据库表 - Create database Table by user input value in php 如何使用php和html从表单输入框中检查用户的输入对应于mysql中数据库的结果 - How to check the input of a user from a form input box using php and html corresponds to a result from the database in mysql 从用户输入向MySQL数据库添加等级 - Adding ranks to mysql database from user input php来自用户输入和数据库的字符串 - php String from user input and from database 从用户输入的php更新数据库 - Update database from user input php 将用户输入从文本框插入数据库(使用mysql从PHP到PHPMYADMIN)代码由于某些原因不起作用 - Insert user input from textbox to Database (PHP to PHPMYADMIN using mysql) Code not working for some reason
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM