Insert sql by loop in php
Question
I am still learning PHP. I am trying to get a value from input in HTML to insert new data into the database by loop and array. I am trying to set up flexible number of array that match columns. There is no error in PHP, but it could not insert into table. I think there is flaw program in
foreach ($array as $row6) area.
Can anyone help? Please forgive me, I'm Deaf, ASL is my primary language, english is my second language. Thank you for patient.
<!--doctype html-->
<html>
<head>
<title>Add name and number</title>
<link href="defaultdatabase.css" rel="stylesheet" type="text/css">
</head>
<h2>Add any DSDJ information to database</h2>
<?php
require ("require2.php");
$sql = "show tables from XXXX";
$list = mysqli_query($GaryDB, $sql);
while ($row = mysqli_fetch_array($list)) {
$table[] = $row[0];
$option = '';
foreach ($table as $rows) {
$option .= "<option value='{$rows}'>{$rows}</option>";
}
}
?>
<form action="addname.php" method="post">
<table>
<tr><th>Select the table</td><td>
<select name="subject">
<?php
echo $option;
?>
</select></td><td><input type="submit" name="selected" value="select"></td></tr>
</table>
</form>
<form>
<table>
<?php
if (isset($_POST['selected'])) {
$selected = $_POST['subject'];
$column = "select column_name from information_schema.columns where table_name = '" . $selected . "'";
$list5 = mysqli_query($GaryDB, $column);
while ($array = mysqli_fetch_array($list5)) {
$input = '';
foreach ($array as $row5) {
$input = "<tr><td>{$row5}:</td><td colspan='2'><input type='text' name='{$row5}'></td></tr>";
}
echo $input;
}
if (isset($_POST['insert'])) {
$array = mysqli_fetch_array($list5);
$label = array();
foreach($array as $row5) {
$ins = "{$row5},";
}
$i = 0;
foreach ($array as $row6) {
$label[$i] = $_POST['{$row6}'];
$value = implode("','",$label[$i]);
if ($label[$i]) {
$insert = "insert into " . $selected . "(" . $ins . ") values ('" . $label[$i]. "')";
mysqli_query($GaryDB, $insert);
echo "Successful insert in the Database";
} else {
echo "Fail to insert in the Database";
}
}
}echo "<tr><td><input type='submit' name='insert'></td></tr>";
}
mysqli_close($GaryDB);
?>
</table>
</form>
</html>
1 answers
solution1
0 2018-04-18 01:25:22
Firstly I would take some time in naming your variables. It should help you and others read and make sense of your code.
if (isset($_POST['selected'])) {
/* renamed variable from $selected to $table_name */
$table_name = $_POST['subject'];
/* you can use variables inside double quotes */
$column_name_sql = "select column_name from information_schema.columns where table_name = `$table_name`";
/* renamed variable from $list5 to $result */
$result = mysqli_query($GaryDB, $column_name_sql);
/* Don't need the $input variable or the foreach, just output the table row. */
while ($field_name = mysqli_fetch_array($result)) {
echo "<tr><td>{$field_name}:</td><td colspan='2'><input type='text' name='{$field_name}'></td></tr>";
}
if (isset($_POST['insert'])) {
/* reset the query result back to the first result */
mysqli_data_seek($result, 0);
$new_values = [];
while ($field_name = mysqli_fetch_array($result)) {
$new_values[$field_name] = $_POST['{$field_name}'];
}
$insert_sql = "insert into `$table_name` (" . implode(',', array_keys($new_values)) . ") values ('" . implode(',', $new_values . "')";
/* show the message based on the query result */
if (mysqli_query($GaryDB, $insert_sql)) {
echo "Successful insert in the Database";
} else {
echo "Fail to insert in the Database";
}
echo "<tr><td><input type='submit' name='insert'></td></tr>";
}
mysqli_close($GaryDB);
}
Another thing that I will say is be careful about adding data into the database, escaping the users input is required (see http://php.net/manual/en/mysqli.real-escape-string.php )
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.