在 php 中需要关于调节值的帮助 [英] Need help on conditioning value in php
问题描述
如果该 idno 已在 2015 年完成注册,我希望我收到一条错误消息,无需唯一该 idno,因为我必须冗余,因为每年该 idno 都可以在数据库中保存或注册,但问题是我想查看他是否已经在 2015 年或 2016 年或 2017 年注册.
I want that I have an error message if that idno has finish to registered in 2015, No need to unique the idno cause I have to redundant because every year that idno can be save or register on the database but the problem is I want to check if he already registered in 2015 or 2016 or 2017.
这是我保存学生信息的代码:
Here is my code in saving student information:
<?php
if (isset($_POST['save'])){
$stud_id= $_POST['stud_id'];
$idno = $_POST['idno'];
$lastname = $_POST['lastname'];
$firstname = $_POST['firstname'];
$middlename= $_POST['middlename'];
$year= $_POST['year'];
$dept_id = $_POST['dept_id'];
$progid = $_POST['progid'];
$user_type = $_POST['user_type'];
$password= $_POST['password'];
$syear= $_POST['syearid'];
$YearNow=Date('Y');
$sql = mysql_query("SELECT * FROM student where idno = '$idno'")or die(mysql_error());
$count = mysql_num_rows($sql);
$sql1 = mysql_query("SELECT * FROM student,school_year where student.syearid = school_year.syearid AND school_year.from_year like $YearNow")or die(mysql_error());
$count1 = mysql_num_rows($sql1);
if (don't know what to condition on this part ) {
echo"idno $idno has already registered in that year";
}
else{
// query
$sql = "INSERT INTO student VALUES ('$stud_id','$idno','$dept_id','$progid','$syear','0','$lastname','$firstname','$middlename','$year','$password','$user_type')";
$result = mysql_query($sql) or die(mysql_error());
echo "<script type='text/javascript'>\n";
echo "alert('Successfully Added.');\n";
echo "window.location = 'addusers.php';";
echo "</script>";
}
?>
我需要帮助来调节,我需要帮助.谢谢
I need help to condition please I need help. Thanks
School_year 表有(syearid(unique), from_year(2015), to_year(like 2016))
School_year table has(syearid(unique), from_year(2015), to_year(like 2016))
推荐答案
在将变量绑定到查询之前先清理它,以防止某些 SQL 注入.您可以使用 *_real_escape_string
一个>:
Sanitize first your variables before you bind it to your query to prevent some of the SQL injections. You can use *_real_escape_string
:
$lastname = mysql_real_escape_string($_POST['lastname']);
为其余传递的数据执行此操作.
Do it for the rest of the passed on data.
对于你的 if()
条件,你可以这样做(正如@chris85 已经指出的):
And for your if()
condition, you can do this (as pointed out already by @chris85):
if($count >= 1 || $count1 >= 1){
echo "idno $idno has already registered in that year";
}
并且请不要使用 mysql_*
API 因为它已经是 已弃用,应使用 mysqli_*
或 PDO
代替.
And please refrain from using mysql_*
API because it is already deprecated, and should use mysqli_*
or PDO
instead.
这篇关于在 php 中需要关于调节值的帮助的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!