gpt4 book ai didi

php - 使用 SELECT 的结果填充 INSERT

转载 作者:行者123 更新时间:2023-11-30 23:17:30 25 4
gpt4 key购买 nike

我正在尝试将用户名/密码发布到一个 PHP 文件,这样我就可以使用 inner join 来使用这些详细信息从用户表。我在 INSERT 命令的 WHERE 子句中用作 payid 表的标识符。它不工作。有人可以告诉我哪里出错了吗?

if(isset($_POST['password']) && isset($_POST['username']) && isset($_POST['rates'])) {              
$con = mysql_connect("localhost","root","");
if (!$con) {
die ("Could not connect: " . mysql_error());
} else{
mysql_select_db("council", $con);
$result = mysql_query('SELECT pid FROM payid INNER JOIN user ON user.uid = payid.uid WHERE user.username = " $_POST[username]" AND user.password =" $_POST[password] "');
$pid = $result['pid'];
if(isset($pid))
$result = mysql_query("INSERT INTO fees (rates, pid) VALUES ('$rates', '$pid')");
if(!$row = mysql_fetch_array($result)) {
echo "<div id='t'>Invalid details please try again - use back arrow to return to form. </div>";
header ("Location: domRates.html");
}
if($row = mysql_fetch_array($result)) {
header ("Location: services.html");
}
}
mysql_close($con);

最佳答案

$username = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['password']);
$query = "SELECT `pid` FROM `payid` INNER JOIN `user` ON `user`.`uid` = `payid`.`uid` WHERE `user`.`username` = '".$username."' AND `user`.`password` = '".$pass."'";
$result = mysql_query($query);

用反引号包裹列名是个好主意。将 PHP 变量放入查询时,打开单引号,然后用双引号连接。

关于php - 使用 SELECT 的结果填充 INSERT,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16989700/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com