PDO插入,foreach($ _ POST) [英] PDO insert, foreach($_POST)
本文介绍了PDO插入,foreach($ _ POST)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我下面的代码不会插入我的数据库.我不知道我的错误发生在哪里. (感谢有关sql注入的通知,稍后将介绍该信息< 3)
My code below will not insert into my database. I do not know where my misstake is being made. (Thanks for the notifications regarding sql injections, will read about that laters <3)
到目前为止,这是我的php代码:
This is my php code so far:
$sqlArray = array();
$nameArray = array();
$valueArray = array();
foreach($_POST as $name => $value) {
//$sqlArray[] = "':".$name."'=>$".$name;
$nameArray[] = $name;
$valueArray[] = "'".$value."'";
}
$names = implode(', ', $nameArray);
$values = implode(', ', $valueArray);
$sql = "INSERT INTO random ( ".$names." ) VALUES ( ".$values." )";
$addRandom = $dbh->prepare( $sql );
$addRandom->execute();
$ sql的输出如下:
And the output by $sql looks like:
INSERT INTO random ( random1, random2, zipCode) VALUES ( 'Namn', 'Adress', 'Zipcode' )
我应该更改或添加什么?
What should I change or add?
推荐答案
正确准备查询,并设置连接错误模式,其他一切似乎都没问题:
Prepare your query properly, and set you connection error mode, everything else seem okay:
/* Very very important !!*/
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$names = implode(', ', $nameArray);
$values = implode(', ', ':'.$nameArray);
$sql = "INSERT INTO random ( ".$names." ) VALUES ( ".$values." )";
$addRandom = $dbh->prepare( $sql );
foreach($_POST as $name => $value) {
$addRandom->bindValue($name, $value);
}
$addRandom->execute();
if($addRandom->rowCount > 0){
echo 'INSERTED';
}else{
echo 'FAILED';
}
注释
您的$_POST键应与您要绑定到的字段名称匹配,否则它将不起作用.
note
Your $_POST keys should match the field name you are binding to, otherwise it wont work.
这篇关于PDO插入,foreach($ _ POST)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
