开发者

concatenating two variable into one [closed]

This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center. Closed 12 years ago.

I'm new here and kind pretty new to PHP and I'm no sure as to why this is not working.

If I echo $ordernum1, I get the value I look for, but echoing echo ${"ordernum".$x}; gives me nothing.

I have also echoed $attempts and I get the value I'm looking for. Any help would be great thank you

$update=$_POST['update']; //echo $update;
$attempts=$_POST['attempts'];//echo $attempts;

if($update==2){
    for($x=0; $x<=$attempts; $x++){
        ${"ordernum".$x} = $POST["ordernum".$x.""]; echo ${"ordernum".$x};
        $query="UPDATE OrderTrack
 开发者_高级运维       SET applicationID='--junk($appid)'
        WHERE OrderNum='".${"ordernum".$x}."'";
    }
}


You missed _ in

${"ordernum".$x} = $_POST["ordernum".$x.""];
             here --^


Just $ordernum.$x is all that is required to append one var to another


Try

$update = $_POST['update']; //echo $update; $attempts=$_POST['attempts'];//echo $attempts;

if ($update == 2) {
  for ($x = 0; $x <= $attempts; $x++) {
    $ordernum = $_POST["ordernum" . $x];
    echo $ordernum;
    $query = "UPDATE OrderTrack SET applicationID='--junk($appid)' WHERE OrderNum = '$ordernum'";
  }
}

You dont need to set a new variable in the loop, you can just reuse the $ordernum

Hope this helps

Luke


I wouldn't pollute your local scope with tons of related variables like this... Create an array to store that info

$ordernums = array();
if($update==2){
    for($x=0; $x<=$attempts; $x++){
        $ordernums[$x] = $_POST["ordernum".$x.""];

Not to mention that you have a massive SQL injection vulnerability in there. You need to escape any varaibles using something like mysql_real_escape_string() or mysqli::real_escape_string(). Or use a parameterized query (which is the best alternative).

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜