使用 PHP 和 SQL 在复选框上提交多个值

Question

I'm trying to create an web page using HTML form, which includes multiple checkbox with their respective values.我正在尝试使用 HTML 表单创建一个网页，其中包含多个带有各自值的复选框。

I want to create an array of Boolean, which sends the data to an SQL server, in other words, I want to assign the values on checkbox to a few columns in the database.我想创建一个布尔数组，它将数据发送到 SQL 服务器，换句话说，我想将复选框上的值分配给数据库中的几列。 However, even if I check some values on the check-boxes, the values in the database are always 0 or false.但是，即使我在复选框上检查了一些值，数据库中的值也始终为 0 或 false。

While debugging, I found out that the $_POST["lang_list"] works, therefore, I believe the problem must be in the foreach loop.在调试时，我发现 $_POST["lang_list"] 有效，因此，我认为问题一定出在 foreach 循环中。

I am new to PHP and SQL, so I'm fully aware my solution might be bad.我是 PHP 和 SQL 的新手，所以我完全意识到我的解决方案可能很糟糕。

HTML: HTML：

<div class="form-group>
    <div class="custom-checkbox">
        <input class="custom-control-input" name="lang_list[]" id="nj" type="checkbox" value="nj">
        <label class="custom-control-label" for="nj">NJ</label>
    </div>
    <div class="custom-checkbox">
        <input class="custom-control-input" name="lang_list[]" id="aj" type="checkbox" value="aj">
        <label class="custom-control-label" for="aj">AJ</label>
    </div>
    <div class="custom-checkbox">
        <input class="custom-control-input" name="lang_list[]" id="fj" type="checkbox" value="fj">
        <label class="custom-control-label" for="fj">FJ</label>
    </div>
</div>

PHP: PHP：

<?php

    require_once("config.php");

    if (!empty($_POST['lang_list'])) 
    {
        $checkboxes = $conn->real_escape_string($_POST['lang_list']);

        $bool_arr = array();
        $check_arr = array("aj","nj","fj");

        foreach ($check as $check_arr) 
        {
            array_push($bool_arr, in_array($check, $checkboxes) ? 1 : 0);
        }

        list ($aj, $nj, $fj) = $lang_bool;
        $sql = "INSERT INTO signups (aj, nj, fj) VALUES ('".$nj."', '".$aj."', '".$fj."')";

        if (!$result = $conn->query($sql)) 
        {
            die('There was an error running the query ['.$conn->error.']'); 
        }
        else 
        {
            echo "Thank you! We will contact you soon"; 
        }
    }
    else 
    {
        echo "Please fill Name and Email"; 
    }

?>

Can someone help me?有人能帮我吗？ Thanks谢谢

Answer 1

To me!对我来说！ I would do an if statement with in_array() to check if values exist if you dont want to add unchecked values in db like so:如果您不想在 db 中添加未经检查的值，我将使用in_array()执行 if 语句来检查值是否存在，如下所示：

$arr = array("aj", "fj", "nj"); 

if (in_array("aj", $arr, TRUE)) { 
    echo $arr[1]; 
  } else{ 
    echo "not found \n"; 
  } 

if (in_array("fj", $arr, TRUE)) { 
    echo $arr[2];  
  } else { 
    echo "not found \n"; 
  }
}
if (in_array("nj", $arr, TRUE)) { 
    echo $arr[3]; 
  } else { 
    echo "not found \n"; 
  }
}

And your codes are open to sql injections its easy to use prepare statements and make your codes safe like so :并且您的代码对 sql 注入开放，它易于使用准备语句并使您的代码安全，如下所示：

if(!empty($_POST['lang_list'])) {
    $checkboxes = $_POST['lang_list'];

    $bool_arr  = array();
    $check_arr = array("aj","nj","fj");

    foreach ($check_arr as $check) {
        array_push($bool_arr, in_array($check, $checkboxes) ? 1 : 0);
    }
    //No need list(); function but if you wanna use it then change it to
    list($aj, $fj, $nj) = $bool_arr;
    // Prepare an insert statement
    $sql = "INSERT INTO signups (aj, fj, nj) VALUES (?, ?, ?)";

    if($stmt = mysqli_prepare($conn, $sql)){
        // Bind variables to the prepared statement as parameters
        //Note : you can call values like this $check_arr[1]; $check_arr[2]; is well.
        mysqli_stmt_bind_param($stmt, "sss", $aj, $fj, $nj);
        if(mysqli_stmt_execute($stmt)){
            echo "Thank you! We will contact you soon";
        } else{
            echo "Please fill Name and Email";
        }
    }

    // Close statement
    mysqli_stmt_close($stmt);
}

I used procedural Procedural style, as I see you are using procedural too, also you can check for Object oriented style.我使用了 procedural Procedural 风格，因为我看到你也在使用 procedural，你也可以检查面向对象的风格。

See Here for more info : https://www.php.net/manual/en/mysqli.prepare.php请参阅此处了解更多信息： https : //www.php.net/manual/en/mysqli.prepare.php

Answer 2

<?php 
    require_once("config.php");

    if(!empty($_POST['lang_list'])) {
        $checkboxes = $_POST['lang_list']; // no meaning of real_escape_string on array

        $bool_arr = array();
        $check_arr = array("aj","nj","fj");

        foreach ($check_arr as $check) { // corrected loop flow & inside code
            $bool_arr[$check]  = in_array($check, $checkboxes) ? 1 : 0;
        }

        $sql = "INSERT INTO signups (aj, nj, fj) 
                VALUES ('".$bool_arr['aj']."', '".$bool_arr['nj']."', '".$bool_arr['fj']."')";

        if (!$result = $conn->query($sql)) {
            die('There was an error running the query [' . $conn->error . ']'); }
        else {
            echo "Thank you! We will contact you soon"; }
    }
    else {
        echo "Please fill Name and Email"; }
?>

使用 PHP 和 SQL 在复选框上提交多个值

问题描述

2 个解决方案

解决方案1
1 2020-02-10 13:04:20

解决方案2
-1 2020-02-10 11:32:55

使用 PHP 和 SQL 在复选框上提交多个值

问题描述

2 个解决方案

解决方案1 1 2020-02-10 13:04:20

解决方案2 -1 2020-02-10 11:32:55

解决方案1
1 2020-02-10 13:04:20

解决方案2
-1 2020-02-10 11:32:55