MySQL 如何在 INSERT INTO SELECT 查询中使用动态 PHP 变量？

Question

Say I have a PHP function that generates a unique robot name, eg:

$rname = generateRobotName();   

I would like to duplicate all the robots with REMOTE controller AND assign a unique Robot Name to each new one (generated by the above function).

How do I go about that?

INSERT INTO robots values (origin, name, color, position, controller)
SELECT origin, '".$rname."', color, position, controller
FROM robots
WHERE controller = 'remote'

Answer 1

In order to avoid SQL injections and other vulnerabilities that come with the integration of variables straight in the SQL statement (not a huge problem in this case, but it's good practice), you can use PDO with prepared statements. The following code loops through each of the steps for each MySQL query and updates the robot name:

$SQLInsert = "INSERT INTO robots (origin, name, color, position, controller) values (:origin, :name, :color, :position, :controller)";
$SQLSelect = "SELECT origin, name, color, position, controller FROM robots WHERE controller = 'remote'";

foreach ($pdo->query($SQLSelect) as $row){
    $params = [
            ':origin' => $row['origin'],
            ':name' => generateRobotName(),
            ':color' => $row['color'],
            ':position' => $row['position'],
            ':controller' => $row['controller']
        ];
    $SQLInsert = $pdo->prepare($SQLInsert);
    $SQLInsert->execute($params);
}

The above code does the SQL Select query, and for each row it finds, $row , It inserts the old data using the second defined query while still adding the robot name. DO keep in mind $pdo is defined as the PDO object, and you will need PDO support in your PHP install. Working example can be found here . Cheers!

Answer 2

You can split the task for 2 parts:

• get data from MySQl

• nsert new data updated by PHP

  $sql = "SELECT origin, name, color, position, controller FROM robots WHERE controller = 'remote'"; $stmt= $pdo->prepare("insert into robots (origin, name, color, position, controller) values (?, ?, ?, ?, ?);"); foreach ($pdo->query($sql) as $row) { $stmt->execute([ $row['origin'], generateRobotName(), $row['color'], $row['position'], $row['controller'] ]); }

Here the live code PHPize.online

Another example with named parameters:

$sql = "SELECT origin, name, color, position, controller
        FROM robots WHERE controller = 'remote'";

$stmt= $pdo->prepare(
    "insert into robots (origin, name, color, position, controller) 
        values (:origin, :name, :color, :position, :controller);"
);

foreach ($pdo->query($sql, PDO::FETCH_ASSOC) as $row) {
    $row['name'] = generateRobotName();
    $stmt->execute($row);
}

PHPize it here