while循环使用单选按钮为许多用户插入值到数据库中

时间:2022-09-25 16:30:23

This function is to insert values into the database. at first, it will list down all the students in class '$class'. the interface is like below:

此函数用于将值插入数据库。首先,它会列出班级'$ class'中的所有学生。界面如下:

//I can't post an image since i don't have much reputations. But, the interface is it will list down all students with column "NO", "Birth No", "Student Name", "Attendance". In column attendance, it will display 3 radio buttons which is, PT, AT, MC. Out of the table there is a submit button.

//我无法发布图片,因为我没有太多的声誉。但是,界面是它将列出所有学生列“NO”,“出生号”,“学生姓名”,“出勤”。在列出勤时,它将显示3个单选按钮,即PT,AT,MC。在表格外面有一个提交按钮。

The problem is, when I click submit button after I clicked on the radio button for both students, there is nothing that inserted in the database.

问题是,当我点击两个学生的单选按钮后单击“提交”按钮时,没有任何内容插入数据库中。

$id = 1;
$getdata = mysql_query("select * from student where class = '$class' order by name ")     or die(mysql_query);
while($row = mysql_fetch_assoc($getdata))
    {
        if(isset($_POST['a'.$id])) 
        {
            $status = $_POST['a'.$id];      

            if(!empty($status))
            {
                if($status == "present")
                {
                    $attend = 1;
                }
                else if($status == "absent")
                {
                    $attend = 0;
                }
                else if($status == "mc")
                {
                    $attend = 1;
                }

                $query = "INSERT INTO attendance VALUES ('$birth_no','$date','$status','$attend')";
                if($query_run = mysql_query($query))
                {
                    echo 'Insert attendance done';
                }
                else
                {
                    echo'Attendance not inserted.';
                }                   

            }
            else
            {
                echo 'Please enter all fields';
            }
        }
        else
        {
            //FORM CODE HERE
            ?>
            <form action="addattend.php" method = "POST">
            <?php

                $birth_no= $row['birth_no'];
                $name = $row['name'];

                    ?>
                    <tr>
                        <td><center><?php echo $id ?></center></td>
                        <td><center><?php echo $date ?></center></td>
                        <td><center><?php echo $birth_no ?></center></td>
                        <td><center><?php echo $name ?></center></td>
                        <?php
                    echo'<td>
                            <input type="radio" name="a'.$id.'" value="present">PT
                            <input type="radio" name="a'.$id.'" value="absent">AT
                            <input type="radio" name="a'.$id.'" value="mc">MC
                        </td>
                    </tr> ';
        }
        $id++;      
    }

            ?>

            </table>
            <center><input type="submit" value="Submit"></center>
            </form>
            <?php

Can someone help me to solve this problem? I try solved this problem for a week. But nothing came out. Really appreciate your kindness. Thank you.

有人可以帮我解决这个问题吗?我尝试解决这个问题一个星期。但没有任何结果。真的很感激你的善意。谢谢。

2 个解决方案

#1


0  

I dont really get it - you are looping an array called $_POST['a'.$id.''], but if I look at your form, there is no such array created in your inputs. You are using radio buttons like <input type="radio" name="a'.$id.'" value="mc">MC, which will create a $_POST['a1'] with "mc" as the value if its active. But $_POST['a1'] is NOT an array, it just contains this single value!

我真的不明白 - 你正在循环一个名为$ _POST ['a'。$ id。'']的数组,但如果我查看你的表单,你的输入中就没有创建这样的数组。您正在使用 MC等单选按钮,它将创建一个$ _POST ['a1'],其中“mc”为值如果它活跃。但$ _POST ['a1']不是一个数组,它只包含这个单值!

So you should kick out the foreach-loop and work mit $_POST['a'.$id] as your $status. In other works, make a

所以你应该踢出foreach循环并使用mit $ _POST ['a'。$ id]作为$ status。在其他作品中,制作一个

$status = $_POST['a'.$id] // by the way you do not need .'' in the end of the key

instead of your foreach-loop.

而不是你的foreach循环。

Additionally, it seems like your script is not secure. You are not using csrf-, xss-, and sql-injection-protection. You really really need to inform yourself about security in php applications (csrf, xss, sql-injections). This is extremly important!

此外,您的脚本似乎不安全。您没有使用csrf-,xss-和sql-injection-protection。你真的需要告诉自己php应用程序的安全性(csrf,xss,sql-injections)。这非常重要!

#2


0  

See if this helps. I made some changes to the form display/processing logic based on various comments above. I didn't get a chance to test this so there might be small formatting errors here and there. Also, it should be possible to simplify this code further.

看看这是否有帮助。我根据上面的各种评论对表单显示/处理逻辑进行了一些更改。我没有机会测试这个,所以这里和那里可能会有小的格式错误。此外,应该可以进一步简化此代码。

$getdata = mysql_query("select * from student where 
         class = '$class' order by name ")     or die(mysql_query);

// form processing logic goes here
if (isset($_POST['submit'])){
    $id = 1;
    while($row = mysql_fetch_assoc($getdata)){
        if(isset($_POST['a'.$id])) {
            $status = $_POST['a'.$id];      
            if(!empty($status)){
                if(($status == "present" || $status == "mc")){
                    $attend = 1;
                }
                else if($status == "absent"){
                    $attend = 0;
                }
                $query = "INSERT INTO attendance(birth_no, date, status, attend) 
                VALUES ('$birth_no','$date','$status','$attend')";
                if($query_run = mysql_query($query)){
                    echo 'Insert attendance done';
                }
                else{
                    echo'Attendance not inserted.';
                }                   
            }
            else{
                echo 'Please enter all fields';
            }
        }
        $id ++;
    } // end while
} // end if
// show the form here
else {
?>   
    <form action="addattend.php" method = "POST">
    <table>
<?php
    $id = 1;
    while($row = mysql_fetch_assoc($getdata)){
        $birth_no= $row['birth_no'];
        $name = $row['name'];
?>
        <tr>
            <td><center><?php echo $id ?></center></td>
            <td><center><?php echo $date ?></center></td>
            <td><center><?php echo $birth_no ?></center></td>
            <td><center><?php echo $name ?></center></td>
            <td>
                <input type="radio" name="a<?php echo $id; ?>" value="present">PT
                <input type="radio" name="a<?php echo $id; ?>" value="absent">AT
                <input type="radio" name="a<?php echo $id; ?>" value="mc">MC
            </td>
        </tr>
<?php
        $id ++;
    } // end while
?>
    </table>
    <center><input type="submit" name="submit" value="Submit"></center>
    </form> <!-- end the form here -->
<?php    
} // end else
?>

#1


0  

I dont really get it - you are looping an array called $_POST['a'.$id.''], but if I look at your form, there is no such array created in your inputs. You are using radio buttons like <input type="radio" name="a'.$id.'" value="mc">MC, which will create a $_POST['a1'] with "mc" as the value if its active. But $_POST['a1'] is NOT an array, it just contains this single value!

我真的不明白 - 你正在循环一个名为$ _POST ['a'。$ id。'']的数组,但如果我查看你的表单,你的输入中就没有创建这样的数组。您正在使用 MC等单选按钮,它将创建一个$ _POST ['a1'],其中“mc”为值如果它活跃。但$ _POST ['a1']不是一个数组,它只包含这个单值!

So you should kick out the foreach-loop and work mit $_POST['a'.$id] as your $status. In other works, make a

所以你应该踢出foreach循环并使用mit $ _POST ['a'。$ id]作为$ status。在其他作品中,制作一个

$status = $_POST['a'.$id] // by the way you do not need .'' in the end of the key

instead of your foreach-loop.

而不是你的foreach循环。

Additionally, it seems like your script is not secure. You are not using csrf-, xss-, and sql-injection-protection. You really really need to inform yourself about security in php applications (csrf, xss, sql-injections). This is extremly important!

此外,您的脚本似乎不安全。您没有使用csrf-,xss-和sql-injection-protection。你真的需要告诉自己php应用程序的安全性(csrf,xss,sql-injections)。这非常重要!

#2


0  

See if this helps. I made some changes to the form display/processing logic based on various comments above. I didn't get a chance to test this so there might be small formatting errors here and there. Also, it should be possible to simplify this code further.

看看这是否有帮助。我根据上面的各种评论对表单显示/处理逻辑进行了一些更改。我没有机会测试这个,所以这里和那里可能会有小的格式错误。此外,应该可以进一步简化此代码。

$getdata = mysql_query("select * from student where 
         class = '$class' order by name ")     or die(mysql_query);

// form processing logic goes here
if (isset($_POST['submit'])){
    $id = 1;
    while($row = mysql_fetch_assoc($getdata)){
        if(isset($_POST['a'.$id])) {
            $status = $_POST['a'.$id];      
            if(!empty($status)){
                if(($status == "present" || $status == "mc")){
                    $attend = 1;
                }
                else if($status == "absent"){
                    $attend = 0;
                }
                $query = "INSERT INTO attendance(birth_no, date, status, attend) 
                VALUES ('$birth_no','$date','$status','$attend')";
                if($query_run = mysql_query($query)){
                    echo 'Insert attendance done';
                }
                else{
                    echo'Attendance not inserted.';
                }                   
            }
            else{
                echo 'Please enter all fields';
            }
        }
        $id ++;
    } // end while
} // end if
// show the form here
else {
?>   
    <form action="addattend.php" method = "POST">
    <table>
<?php
    $id = 1;
    while($row = mysql_fetch_assoc($getdata)){
        $birth_no= $row['birth_no'];
        $name = $row['name'];
?>
        <tr>
            <td><center><?php echo $id ?></center></td>
            <td><center><?php echo $date ?></center></td>
            <td><center><?php echo $birth_no ?></center></td>
            <td><center><?php echo $name ?></center></td>
            <td>
                <input type="radio" name="a<?php echo $id; ?>" value="present">PT
                <input type="radio" name="a<?php echo $id; ?>" value="absent">AT
                <input type="radio" name="a<?php echo $id; ?>" value="mc">MC
            </td>
        </tr>
<?php
        $id ++;
    } // end while
?>
    </table>
    <center><input type="submit" name="submit" value="Submit"></center>
    </form> <!-- end the form here -->
<?php    
} // end else
?>