This function is to insert values into the database. at first, it will list down all the students in class '$class'. the interface is like below:
此函数用于将值插入数据库。首先,它会列出班级'$ class'中的所有学生。界面如下:
//I can't post an image since i don't have much reputations. But, the interface is it will list down all students with column "NO", "Birth No", "Student Name", "Attendance". In column attendance, it will display 3 radio buttons which is, PT, AT, MC. Out of the table there is a submit button.
//我无法发布图片,因为我没有太多的声誉。但是,界面是它将列出所有学生列“NO”,“出生号”,“学生姓名”,“出勤”。在列出勤时,它将显示3个单选按钮,即PT,AT,MC。在表格外面有一个提交按钮。
The problem is, when I click submit button after I clicked on the radio button for both students, there is nothing that inserted in the database.
问题是,当我点击两个学生的单选按钮后单击“提交”按钮时,没有任何内容插入数据库中。
$id = 1;
$getdata = mysql_query("select * from student where class = '$class' order by name ") or die(mysql_query);
while($row = mysql_fetch_assoc($getdata))
{
if(isset($_POST['a'.$id]))
{
$status = $_POST['a'.$id];
if(!empty($status))
{
if($status == "present")
{
$attend = 1;
}
else if($status == "absent")
{
$attend = 0;
}
else if($status == "mc")
{
$attend = 1;
}
$query = "INSERT INTO attendance VALUES ('$birth_no','$date','$status','$attend')";
if($query_run = mysql_query($query))
{
echo 'Insert attendance done';
}
else
{
echo'Attendance not inserted.';
}
}
else
{
echo 'Please enter all fields';
}
}
else
{
//FORM CODE HERE
?>
<form action="addattend.php" method = "POST">
<?php
$birth_no= $row['birth_no'];
$name = $row['name'];
?>
<tr>
<td><center><?php echo $id ?></center></td>
<td><center><?php echo $date ?></center></td>
<td><center><?php echo $birth_no ?></center></td>
<td><center><?php echo $name ?></center></td>
<?php
echo'<td>
<input type="radio" name="a'.$id.'" value="present">PT
<input type="radio" name="a'.$id.'" value="absent">AT
<input type="radio" name="a'.$id.'" value="mc">MC
</td>
</tr> ';
}
$id++;
}
?>
</table>
<center><input type="submit" value="Submit"></center>
</form>
<?php
Can someone help me to solve this problem? I try solved this problem for a week. But nothing came out. Really appreciate your kindness. Thank you.
有人可以帮我解决这个问题吗?我尝试解决这个问题一个星期。但没有任何结果。真的很感激你的善意。谢谢。
2 个解决方案
#1
0
I dont really get it - you are looping an array called $_POST['a'.$id.''], but if I look at your form, there is no such array created in your inputs. You are using radio buttons like <input type="radio" name="a'.$id.'" value="mc">MC, which will create a $_POST['a1'] with "mc" as the value if its active. But $_POST['a1'] is NOT an array, it just contains this single value!
我真的不明白 - 你正在循环一个名为$ _POST ['a'。$ id。'']的数组,但如果我查看你的表单,你的输入中就没有创建这样的数组。您正在使用 MC等单选按钮,它将创建一个$ _POST ['a1'],其中“mc”为值如果它活跃。但$ _POST ['a1']不是一个数组,它只包含这个单值!
So you should kick out the foreach-loop and work mit $_POST['a'.$id] as your $status. In other works, make a
所以你应该踢出foreach循环并使用mit $ _POST ['a'。$ id]作为$ status。在其他作品中,制作一个
$status = $_POST['a'.$id] // by the way you do not need .'' in the end of the key
instead of your foreach-loop.
而不是你的foreach循环。
Additionally, it seems like your script is not secure. You are not using csrf-, xss-, and sql-injection-protection. You really really need to inform yourself about security in php applications (csrf, xss, sql-injections). This is extremly important!
此外,您的脚本似乎不安全。您没有使用csrf-,xss-和sql-injection-protection。你真的需要告诉自己php应用程序的安全性(csrf,xss,sql-injections)。这非常重要!
#2
0
See if this helps. I made some changes to the form display/processing logic based on various comments above. I didn't get a chance to test this so there might be small formatting errors here and there. Also, it should be possible to simplify this code further.
看看这是否有帮助。我根据上面的各种评论对表单显示/处理逻辑进行了一些更改。我没有机会测试这个,所以这里和那里可能会有小的格式错误。此外,应该可以进一步简化此代码。
$getdata = mysql_query("select * from student where
class = '$class' order by name ") or die(mysql_query);
// form processing logic goes here
if (isset($_POST['submit'])){
$id = 1;
while($row = mysql_fetch_assoc($getdata)){
if(isset($_POST['a'.$id])) {
$status = $_POST['a'.$id];
if(!empty($status)){
if(($status == "present" || $status == "mc")){
$attend = 1;
}
else if($status == "absent"){
$attend = 0;
}
$query = "INSERT INTO attendance(birth_no, date, status, attend)
VALUES ('$birth_no','$date','$status','$attend')";
if($query_run = mysql_query($query)){
echo 'Insert attendance done';
}
else{
echo'Attendance not inserted.';
}
}
else{
echo 'Please enter all fields';
}
}
$id ++;
} // end while
} // end if
// show the form here
else {
?>
<form action="addattend.php" method = "POST">
<table>
<?php
$id = 1;
while($row = mysql_fetch_assoc($getdata)){
$birth_no= $row['birth_no'];
$name = $row['name'];
?>
<tr>
<td><center><?php echo $id ?></center></td>
<td><center><?php echo $date ?></center></td>
<td><center><?php echo $birth_no ?></center></td>
<td><center><?php echo $name ?></center></td>
<td>
<input type="radio" name="a<?php echo $id; ?>" value="present">PT
<input type="radio" name="a<?php echo $id; ?>" value="absent">AT
<input type="radio" name="a<?php echo $id; ?>" value="mc">MC
</td>
</tr>
<?php
$id ++;
} // end while
?>
</table>
<center><input type="submit" name="submit" value="Submit"></center>
</form> <!-- end the form here -->
<?php
} // end else
?>
#1
0
I dont really get it - you are looping an array called $_POST['a'.$id.''], but if I look at your form, there is no such array created in your inputs. You are using radio buttons like <input type="radio" name="a'.$id.'" value="mc">MC, which will create a $_POST['a1'] with "mc" as the value if its active. But $_POST['a1'] is NOT an array, it just contains this single value!
我真的不明白 - 你正在循环一个名为$ _POST ['a'。$ id。'']的数组,但如果我查看你的表单,你的输入中就没有创建这样的数组。您正在使用 MC等单选按钮,它将创建一个$ _POST ['a1'],其中“mc”为值如果它活跃。但$ _POST ['a1']不是一个数组,它只包含这个单值!
So you should kick out the foreach-loop and work mit $_POST['a'.$id] as your $status. In other works, make a
所以你应该踢出foreach循环并使用mit $ _POST ['a'。$ id]作为$ status。在其他作品中,制作一个
$status = $_POST['a'.$id] // by the way you do not need .'' in the end of the key
instead of your foreach-loop.
而不是你的foreach循环。
Additionally, it seems like your script is not secure. You are not using csrf-, xss-, and sql-injection-protection. You really really need to inform yourself about security in php applications (csrf, xss, sql-injections). This is extremly important!
此外,您的脚本似乎不安全。您没有使用csrf-,xss-和sql-injection-protection。你真的需要告诉自己php应用程序的安全性(csrf,xss,sql-injections)。这非常重要!
#2
0
See if this helps. I made some changes to the form display/processing logic based on various comments above. I didn't get a chance to test this so there might be small formatting errors here and there. Also, it should be possible to simplify this code further.
看看这是否有帮助。我根据上面的各种评论对表单显示/处理逻辑进行了一些更改。我没有机会测试这个,所以这里和那里可能会有小的格式错误。此外,应该可以进一步简化此代码。
$getdata = mysql_query("select * from student where
class = '$class' order by name ") or die(mysql_query);
// form processing logic goes here
if (isset($_POST['submit'])){
$id = 1;
while($row = mysql_fetch_assoc($getdata)){
if(isset($_POST['a'.$id])) {
$status = $_POST['a'.$id];
if(!empty($status)){
if(($status == "present" || $status == "mc")){
$attend = 1;
}
else if($status == "absent"){
$attend = 0;
}
$query = "INSERT INTO attendance(birth_no, date, status, attend)
VALUES ('$birth_no','$date','$status','$attend')";
if($query_run = mysql_query($query)){
echo 'Insert attendance done';
}
else{
echo'Attendance not inserted.';
}
}
else{
echo 'Please enter all fields';
}
}
$id ++;
} // end while
} // end if
// show the form here
else {
?>
<form action="addattend.php" method = "POST">
<table>
<?php
$id = 1;
while($row = mysql_fetch_assoc($getdata)){
$birth_no= $row['birth_no'];
$name = $row['name'];
?>
<tr>
<td><center><?php echo $id ?></center></td>
<td><center><?php echo $date ?></center></td>
<td><center><?php echo $birth_no ?></center></td>
<td><center><?php echo $name ?></center></td>
<td>
<input type="radio" name="a<?php echo $id; ?>" value="present">PT
<input type="radio" name="a<?php echo $id; ?>" value="absent">AT
<input type="radio" name="a<?php echo $id; ?>" value="mc">MC
</td>
</tr>
<?php
$id ++;
} // end while
?>
</table>
<center><input type="submit" name="submit" value="Submit"></center>
</form> <!-- end the form here -->
<?php
} // end else
?>