未使用 mysqli_real_escape_string() 在表单提交方法中获取数组值
Not getting array value in form submit method using mysqli_real_escape_string()
提交页面
<form id='frmFeePayment' action="payment-obj.php" method="post">
<input type='hidden' name='hdnStudentDbKey[]' id='hdnStudentDbKey' value='$StudentDbKey'/>
<input type='hidden' name='hdnFeeAmountDbKey[]' id='hdnFeeAmountDbKey' value='$FeeAmountDbKey'/>
<input type='hidden' name='hdnFeeNameDbKey[]' id='hdnFeeNameDbKey' value='$FeeNameDbKey'/>
</form>
在我的数据接收页面。付款-obj.php
$conn = mysqli_connect("localhost", "root", "", "TestDB");
if (mysqli_connect_errno($conn)) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$StudentDbKey = mysqli_real_escape_string($conn,$_POST['hdnStudentDbKey']);
$FeeAmountDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeAmountDbKey']);
$FeeNameDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeNameDbKey']);
我没有使用上面的代码获得价值。
但是如果我使用直接的 $_POST 方法,我会得到价值。
$StudentDbKey = $_POST['hdnStudentDbKey'];
$FeeAmountDbKey = $_POST['hdnFeeAmountDbKey'];
$FeeNameDbKey = $_POST['hdnFeeNameDbKey'];
谁能告诉我 mysqli_real_escape_string()
有什么问题
谢谢
你必须得到如下值
$StudentDbKey = $_POST['hdnStudentDbKey'][0];
$FeeAmountDbKey = $_POST['hdnFeeAmountDbKey'][0];
$FeeNameDbKey = $_POST['hdnFeeNameDbKey'][0];
这种数组对于输入类型具有相同的名称很有用。
只需尝试打印 $_POST 数组,您就会得到它
PHP 使用方括号语法将表单输入转换为数组,因此当您在 html 表单中使用 name="hdnStudentDbKey[]" 时,您将得到一个数组。
当你这样做时:
$StudentDbKey = $_POST['hdnStudentDbKey']; // Returns an array
print_r($StudentDbKey); // Shows you all the values in the array
但是对于 mysqli_real_escape_string() 函数,您必须插入字符串值。不是数组值。
所以你可以这样做:
$StudentDbKey = mysqli_real_escape_string($conn,$_POST['hdnStudentDbKey'][0]);
$FeeAmountDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeAmountDbKey'][0]);
$FeeNameDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeNameDbKey'][0]);
或mysql_real_escape_string整个数组,简单的方法:
$_POST['hdnStudentDbKey'] = array_map("mysql_real_escape_string", $_POST['hdnStudentDbKey']);
$_POST['hdnFeeAmountDbKey'] = array_map("mysql_real_escape_string", $_POST['hdnFeeAmountDbKey']);
$_POST['hdnFeeNameDbKey'] = array_map("mysql_real_escape_string", $_POST['hdnFeeNameDbKey']);
提交页面
<form id='frmFeePayment' action="payment-obj.php" method="post">
<input type='hidden' name='hdnStudentDbKey[]' id='hdnStudentDbKey' value='$StudentDbKey'/>
<input type='hidden' name='hdnFeeAmountDbKey[]' id='hdnFeeAmountDbKey' value='$FeeAmountDbKey'/>
<input type='hidden' name='hdnFeeNameDbKey[]' id='hdnFeeNameDbKey' value='$FeeNameDbKey'/>
</form>
在我的数据接收页面。付款-obj.php
$conn = mysqli_connect("localhost", "root", "", "TestDB");
if (mysqli_connect_errno($conn)) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$StudentDbKey = mysqli_real_escape_string($conn,$_POST['hdnStudentDbKey']);
$FeeAmountDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeAmountDbKey']);
$FeeNameDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeNameDbKey']);
我没有使用上面的代码获得价值。 但是如果我使用直接的 $_POST 方法,我会得到价值。
$StudentDbKey = $_POST['hdnStudentDbKey'];
$FeeAmountDbKey = $_POST['hdnFeeAmountDbKey'];
$FeeNameDbKey = $_POST['hdnFeeNameDbKey'];
谁能告诉我 mysqli_real_escape_string()
有什么问题谢谢
你必须得到如下值
$StudentDbKey = $_POST['hdnStudentDbKey'][0];
$FeeAmountDbKey = $_POST['hdnFeeAmountDbKey'][0];
$FeeNameDbKey = $_POST['hdnFeeNameDbKey'][0];
这种数组对于输入类型具有相同的名称很有用。
只需尝试打印 $_POST 数组,您就会得到它
PHP 使用方括号语法将表单输入转换为数组,因此当您在 html 表单中使用 name="hdnStudentDbKey[]" 时,您将得到一个数组。
当你这样做时:
$StudentDbKey = $_POST['hdnStudentDbKey']; // Returns an array
print_r($StudentDbKey); // Shows you all the values in the array
但是对于 mysqli_real_escape_string() 函数,您必须插入字符串值。不是数组值。
所以你可以这样做:
$StudentDbKey = mysqli_real_escape_string($conn,$_POST['hdnStudentDbKey'][0]);
$FeeAmountDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeAmountDbKey'][0]);
$FeeNameDbKey = mysqli_real_escape_string($conn,$_POST['hdnFeeNameDbKey'][0]);
或mysql_real_escape_string整个数组,简单的方法:
$_POST['hdnStudentDbKey'] = array_map("mysql_real_escape_string", $_POST['hdnStudentDbKey']);
$_POST['hdnFeeAmountDbKey'] = array_map("mysql_real_escape_string", $_POST['hdnFeeAmountDbKey']);
$_POST['hdnFeeNameDbKey'] = array_map("mysql_real_escape_string", $_POST['hdnFeeNameDbKey']);