Php 将值插入关系数据库
我正试图通过PHP向关系数据库(使用InnoDB引擎的MySQL)中插入一些数据,其中包含下面的表和列Php 将值插入关系数据库,php,mysql,transactions,mysqli,relational-database,Php,Mysql,Transactions,Mysqli,Relational Database,我正试图通过PHP向关系数据库(使用InnoDB引擎的MySQL)中插入一些数据,其中包含下面的表和列 测验(身份证、姓名) 问题(测验id、id、姓名) 答案(问题编号、编号、姓名) 主键ID都是自动递增的 这将允许我搜索特定的测验,然后得到属于该测验的问题,以及(反过来)属于这些问题的多选答案。每个问题至少有两个可能的答案 $dbc = @mysqli_connect($host, $user, $password, $db) or die ('Could not connect to
- 测验(身份证、姓名)
- 问题(测验id、id、姓名)
- 答案(问题编号、编号、姓名)
$dbc = @mysqli_connect($host, $user, $password, $db) or die ('Could not connect to MySQL: ' . mysqli_connect_error());
$qN= ($_POST['quizName']);
$quizName = mysqli_real_escape_string($qN);
$qu = ($_POST['question']);
$question = mysqli_real_escape_string($qu);
$questionArray = explode(',', $question);
$numberQuestions = count($questionArray);
$i = 1;
foreach ($questionArray as $variable)
{
${'q_'.$i} = $variable;
++$i;
}
$an = ($_POST['answer']);
$answer = mysqli_real_escape_string($an);
$answerArray = explode(',', $answer);
$numberAnswers = count($answerArray);
$j = 1;
foreach ($answerArray as $variable)
{
${'a_'.$j} = $variable;
++$j;
}
//turn off AUTOCOMMIT, then run the required queries
$dbc->autocommit(FALSE);
$dbc->query("INSERT INTO Quiz(name)
VALUES
(".$quizName.")");
$quizID = $dbc->insert_id;
$n = 1;
for ($x=0; $x<$numberQuestions; $x++)
{
$dbc->query("INSERT INTO Question (quiz_id, question_name)
VALUES
(".$quizID.",".${'q_'.$n}.")");
$questionID = $dbc->insert_id;
echo $questionID;
++$n;
$m = 1;
for ($y=0; $y<$numberAnswers; $y++)
{
$dbc->query("INSERT INTO Answer(question_id, name)
VALUES
(".$questionID.",".${'a_'.$m}.")");
++$m;
}
}
// commit transaction
$dbc->commit();
// close connection
$dbc->close();
我正在创建一个界面,允许用户创建一个新的测验。我已经看到了一些示例,说明了如何使用事务和LAST_INSERT_ID()来确保主键匹配,但是当存在依赖于上一个“父项”的多个插入时,无法实现这一点(可能的答案必须链接到正确的问题)
i、 e.该过程将是:
$dbc = @mysqli_connect($host, $user, $password, $db) or die ('Could not connect to MySQL: ' . mysqli_connect_error());
$qN= ($_POST['quizName']);
$quizName = mysqli_real_escape_string($qN);
$qu = ($_POST['question']);
$question = mysqli_real_escape_string($qu);
$questionArray = explode(',', $question);
$numberQuestions = count($questionArray);
$i = 1;
foreach ($questionArray as $variable)
{
${'q_'.$i} = $variable;
++$i;
}
$an = ($_POST['answer']);
$answer = mysqli_real_escape_string($an);
$answerArray = explode(',', $answer);
$numberAnswers = count($answerArray);
$j = 1;
foreach ($answerArray as $variable)
{
${'a_'.$j} = $variable;
++$j;
}
//turn off AUTOCOMMIT, then run the required queries
$dbc->autocommit(FALSE);
$dbc->query("INSERT INTO Quiz(name)
VALUES
(".$quizName.")");
$quizID = $dbc->insert_id;
$n = 1;
for ($x=0; $x<$numberQuestions; $x++)
{
$dbc->query("INSERT INTO Question (quiz_id, question_name)
VALUES
(".$quizID.",".${'q_'.$n}.")");
$questionID = $dbc->insert_id;
echo $questionID;
++$n;
$m = 1;
for ($y=0; $y<$numberAnswers; $y++)
{
$dbc->query("INSERT INTO Answer(question_id, name)
VALUES
(".$questionID.",".${'a_'.$m}.")");
++$m;
}
}
// commit transaction
$dbc->commit();
// close connection
$dbc->close();
$dbc=@mysqli_connect($host、$user、$password、$db)或die('cannotconnecttomysql:'。mysqli_connect_error());
$qN=($_POST['quizName']);
$quizName=mysqli\u real\u escape\u字符串($qN);
$qu=($_POST['question']);
$QUISE=mysqli\u real\u escape\u字符串($qu);
$questionArray=分解(“,”,$question);
$numberQuestions=count($questionArray);
$i=1;
foreach($questionArray作为$variable)
{
${'q.'$i}=$变量;
++$i;
}
$an=($_POST['answer']);
$answer=mysqli\u real\u escape\u字符串($an);
$answerArray=explode(',',$answer);
$numberTranswers=计数($answerArray);
$j=1;
foreach($answerArray作为$variable)
{
${'a.'.$j}=$变量;
++$j;
}
//关闭自动提交,然后运行所需的查询
$dbc->自动提交(错误);
$dbc->query(“插入测试(名称))
价值观
(“$quizName.”)号;
$quizID=$dbc->insert_id;
$n=1;
对于($x=0;$xquery(“插入问题(测验id,问题名称))
价值观
(“$quizID.”、“${'q.'$n}.”);
$questionID=$dbc->insert_id;
echo$questionID;
++$n;
$m=1;
对于($y=0;$yquery(“插入到答案中(问题id,名称))
价值观
(“$QUISTIONID.”、“${'a_u.'$m}.”);
++百万美元;
}
}
//提交事务
$dbc->commit();
//密切联系
$dbc->close();
我真的很感激你能提供的任何帮助-如果你需要更多的信息或任何澄清,请让我知道
$dbc->query("INSERT INTO Question (quiz_id, question_name)
VALUES
(".$surveyID.",".${'q_'.$n}.")");
应改为:
$dbc->query("INSERT INTO Question (quiz_id, question_name)
VALUES
(".$quizID.",".${'q_'.$n}.")");
与前面的代码一样,您可以执行以下操作:
$quizID = $dbc->insert_id;
事实上,
$surveyID
,在您的代码中的任何其他地方都找不到。警告!您的代码容易受到sql注入攻击!谢谢,Daniel-我在POST字符串上使用了mysqli\u real\u escape\u string()。(我知道准备好的语句更好,但感觉这个问题已经足够长了!)感谢您的建议。@DanielA.White:只有代码1.有效,2.需要改进属于代码审阅。这属于此处,因为当存在依赖于上一个“父项”的多个插入时,OP无法使其起作用