我在 Xampp 中使用 phpmyadmin,我在其中创建了两个表; 表 1:类别,其属性为 cat_id 和 cat_name(其中 cat_id 是主键) 表 2:项目,其属性为 item_id、item_name、item_price ... cat_id(其中 item_id 是主键,cat_id 是外键) 我也在phpmyadmin中建立了正确的关系。 问题是在 php.ini 内的 select 标记中使用所选 cat_name 的值,即 cat_id。 附:我意识到自己是 SQL 注入(inject)的对象。
PHP
<?php
require ('config.php');
if(isset($_POST['check']))
{
if(isset($_POST['button']))
{
$catname = $_POST['cat'];
$que1 = "SELECT * FROM category WHERE cat_name = '$catname'";
$res1 = mysql_query($que1);
$row = mysql_fetch_array($res1);
$cat_db = $row['cat_name'];
if($catname == $cat_db || $catname == "")
{
echo "Catergory: $catname already exits. Failed to be inserted.";
}
else
{
$que = "INSERT INTO category (cat_name) VALUES('$catname')";
$res = mysql_query($que);
echo "Catergory: $catname inserted successfully.";
}
die();
}
if(isset($_POST['item_name']))
{
$i_id = $_POST['item_id'];
$i_name = $_POST['item_name'];
$i_quan = $_POST['item_quantity'];
$i_size = $_POST['item_size'];
$i_price = $_POST['item_price'];
$cat_id = $_POST['cat_id'];
$que = "INSERT INTO item(item_name, item_quantity, item_size, item_price, cat_id) VALUES('$i_name','$i_quan','$i_size','$i_price', '$cat_id')";
$run = mysql_query($que);
if(!$run)
echo "Item Details failed to Update.";
}
}
?>
HTML
<!DOCTYPE html>
<html>
<head>
<link rel = "stylesheet" href = "login.css">
</head>
<body>
<form action = "" method = "POST">
<p><label class = "field">Add Category:</label></p>
<input type = "text" name = "cat" class = "textbox-300" pattern = "[a-zA-Z0-9\. ]+" title = "Please enter your Category Name">
<button type= "submit" onclick = "location.href = '';" id = "savebutton" name = "button">Add Now</button>
<p><label class = "field">Add Item:</label></p>
<select name="cate">
<?php
$que1 = "SELECT * FROM category";
$res1 = mysql_query($que1);
while($row = mysql_fetch_array($res1))
{
$cat_id_db = $row['cat_id']; //use array over here
$cat_db = $row['cat_name']; //use array over here
?>
<option value="<?php echo $cat_id_db; ?>" ><?php echo $cat_db;?></option>
<?php } ?>
</select>
<?php
$que1 = "SELECT * FROM category WHERE cat_name = '$cat_db'"; //yahan masla hai bhai, how do i set '$cat_db' into a static variable?
$res1 = mysql_query($que1);
$row = mysql_fetch_array($res1);
$cat_db_id = $row['cat_id'];
?>
<p><label class = "field">Category ID:</label></p>
<input type = "text" name = "cat_id" value = "<?php echo $cat_id_db; ?>" class = "textbox-300" pattern = "[a-zA-Z0-9\. ]+"> <!-- this is the PROBLEM how do i use the value of a selected option ONLY? -->
<p><label class = "field">Item ID:</label></p>
<input type = "text" name = "item_id" class = "textbox-300" pattern = "[a-zA-Z0-9\. ]+"title = "Please enter your Item ID">
<p><label class = "field">Item Name:</label></p>
<input type = "text" name = "item_name" class = "textbox-300" pattern = "[a-zA-Z ]+"title = "Please enter your Item Name">
<p><label class = "field">Item Quantity:</label></p>
<input type = "text" name = "item_quantity" class = "textbox-300" pattern = "[a-zA-Z0-9\. ]+"title = "Please enter your Item Quantity">
<p><label class = "field">Item Size:</label></p>
<input type = "text" name = "item_size" class = "textbox-300" pattern = "[a-zA-Z0-9\.\, ]+"title = "Please enter your Item Size">
<p><label class = "field">Item Price:</label></p>
<input type = "text" name = "item_price" class = "textbox-300" pattern = "[a-zA-Z0-9\.\, ]+"title = "Please enter your Item Price">
<input type = "hidden" name = "check">
<input type = "submit" class = "button" name = "sub" value = "Save">
</form>
</body>
</html>
最佳答案
您将获得所选子猫的 ID。因此编写一个查询来获取 cat_id。
select * from sub_category where item_id = "posted id",您将获得主类别 ID。
关于php - 如何使用输入字段内选择选项的当前值,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31723050/