从多个sql表中获取信息,并使用php将其放入一个表中
目前,此代码更新MYSQLTABLE1中的用户信息。我还希望将用户信息复制到WMYSQLTABLE,我可以这样做,但我也希望将MYSQLTABLE2中的代码复制到WMYSQLTABLE中的列中。以下是我需要更改的部分:从多个sql表中获取信息,并使用php将其放入一个表中,php,sql,Php,Sql,目前,此代码更新MYSQLTABLE1中的用户信息。我还希望将用户信息复制到WMYSQLTABLE,我可以这样做,但我也希望将MYSQLTABLE2中的代码复制到WMYSQLTABLE中的列中。以下是我需要更改的部分: $sql_insert2 = "INSERT INTO ".WMYSQLTABLE2."(ip,date,address)values ('','$ip','$date','$address')"; $res_insert2 = mysql_qu
$sql_insert2 = "INSERT INTO ".WMYSQLTABLE2."(ip,date,address)values
('','$ip','$date','$address')";
$res_insert2 = mysql_query($sql_insert2)or die(mysql_error());
//Need to also insert code from first row from column named 'codes' in MYSQLTABLE2.
实际的代码,目前有点混乱,而if/else语句此时也做同样的事情。它可以工作,但我得到错误“列计数与第1行的值计数不匹配”,因为我无法用MYSQLTABLE2中的代码填充最后一列
<?php
include("includes/config.php");
include("includes/mysql.php");
include("amount.php");
if(isset($_POST['func']))
{
$address = $_POST['address'];
$ip = $_POST['ip'];
$date = $_POST['date'];
$time = $_POST['time'];
$price = $_POST['price'];
$increment = $_POST['increment'];
$id = $_POST['id'];
$num = 0;
$sql_check_address = "SELECT * FROM ".MYSQLTABLE1." WHERE address='$address'";
$res_check_address = mysql_query($sql_check_address)or die(mysql_error());
$num = mysql_num_rows($res_check_address);
$row = mysql_fetch_assoc($res_check_address);
if($num > 0)
{
$address = $row['address'];
$ip = $row['ip'];
$date = $row['date'];
$oldprice = $row['price'];
$id = $row['id'];
$newprice = $oldprice - $payAmount*200;
$newinc = $increment - 200;
$sql_update1 = "UPDATE ".MYSQLTABLE1." SET ip='$ip',date='$date',price='$newprice',increment='$newinc',address='$address' WHERE id='$id'";
$res_update1 = mysql_query($sql_update1)or die(mysql_error());
/////////////////Insert user info and copy code from MYSQLTABLE2 to WMYSQLTABLE2
$sql_insert2 = "INSERT INTO ".WMYSQLTABLE2."(ip,date,address)values
('','$ip','$date','$address')";
$res_insert2 = mysql_query($sql_insert2)or die(mysql_error());
}
else{
$address = $row['address'];
$ip = $row['ip'];
$date = $row['date'];
$oldprice = $row['price'];
$id = $row['id'];
$newprice = $oldprice - $payAmount*200;
$newinc = $increment - 200;
$sql_update = "UPDATE ".MYSQLTABLE1." SET ip='$ip',date='$date',price='$newprice',increment='$newinc',address='$address' WHERE id='$id'";
$res_update = mysql_query($sql_update)or die(mysql_error());
/////////////////Insert user info and copy code from MYSQLTABLE2 to WMYSQLTABLE2
$sql_insert2 = "INSERT INTO ".WMYSQLTABLE2."(ip,date,address)values
('','$ip','$date','$address')";
$res_insert2 = mysql_query($sql_insert2)or die(mysql_error());
e
}
}
查询的一般形式是:
$sql_insert = "INSERT INTO " . WMYSQLTABLE2 . "(code, ip, date, address)
SELECT code, '$ip', '$date', '$address'
FROM OtherTable
WHERE <put something here to select the row>";
$sql\u insert=“插入”。WMYSQL2。“(代码、ip、日期、地址)
选择代码“$ip”、“$date”、“$address”
从其他表格
何处”;
您的代码易受SQL注入攻击。看见也。它们不再得到维护。相反,学习,并使用or-将帮助您决定哪一个。如果选择PDO,.$sql_insert2=“插入到“.WMYSQLTABLE2.”(ip、日期、地址)值(“$ip”、“$date”、“$address”)代码>请仔细查看,您正在为3列传递4个值。。。[''在“$ip”之前是额外的,用户输入是有限的,并且必须遵守规则,但是是的,我可能应该更改它,因为这对我来说是一个学习过程。sql注入可以用输入框以外的其他方式执行吗?看起来我还有很多工作要做^^