Is t开发者_如何学Chere any way to retrieve form value automatically, then store these value into MySQL? Thanks
No. You need to:
Capture the required value from either the $_POST or $_GET array.
Validate it against whatever requirements you have.
Insert it into (or update an existing row within) the database, using a prepared statement or mysql_real_escape_string, etc. to guard against SQL injection.
You may find some frameworks that go some way towards automating the above, but bearing in mind that the validation and database parts of the operations will be customised in all but the most simple of cases it's unlikely that you'll find a completely automated means of grabbing and storing the data.
suppose I have 20 input fields.(name,phone,upto 20). In php file I have to manually collect 20 values from a form one by one.....
you can do somthing like this . call your form name for example var1, var2 ,var3.... and then do this
$formdata[] = "";
for ($i=1;$i<=20;$i++)
{
$index_string = "var".$i;
formdata["$index_string"] = (isset($_GET["$index_string"]) ? $_GET["$index_string"] : "";
}
From values are passed to the server through a couple different methods (depending on the method
of your form). Some forms are POST
while others are GET
. Using "post" allows for more data to be transferred since "get" will append the values to the URL itself.
Once the values are sent to the server (upon form submission), you can access them through $_POST
if they were posted, and $_GET
if they were sent via "get". Additionally, you could call $_REQUEST
which will include the data regardless if it was "post" or "get".
If your form had an input with the name "firstname" and it was submitted via "post", you could access the value like this:
echo $_POST["firstname"];
With this in mind, you could run an INSERT
(or UPDATE
) query to place this value in your database. Please see the MySQL book on PHP.net.
// Assuming you have an open connection to MySQL
mysql_query( "INSERT INTO tbl1(field1) values('".$_POST["firstname"]."')" );
Please note that this is a very basic example and you really ought to consider the fact that some data will not be ideal for direct entry. You will want to examine the data to insure it doesn't contain illegal characters or innapropriate content. Sanitizing your data will prevent a lot of security issues as well.
Remember, when you allow people's data into your query, you are allowing the public to write your query (in part) and that can be very dangerous.
yes if the form is
<form method="post">
<input type="text" name="your_name"/>
</form>
then you write this code and it will automaticly Retrieve the value
$your_name = isset($_POST['your_name']) ? $_POST['your_name'] : "";
magic :) now the sql part, first we escape the string to avoid an sql injection attack and then we insert into the database.
$your_name = mysql_real_escape_string($your_name); // protect from sql injection
mysql_query("INSERT INTO table_name VALUES ($your_name) );
suppose I have 20 input fields.(name,phone,upto 20). In php file I have to manually collect 20 values from a form one by one like
$first = $_GET['first'];
$second = $_GET['second'];
---------------------
----------------------
up to 20 its annoying me.
精彩评论