开发者

Retrieve form value automatically

问答 作者:

Is t开发者_如何学Chere any way to retrieve form value automatically, then store these value into MySQL? Thanks

No. You need to:

  1. Capture the required value from either the $_POST or $_GET array.

  2. Validate it against whatever requirements you have.

  3. Insert it into (or update an existing row within) the database, using a prepared statement or mysql_real_escape_string, etc. to guard against SQL injection.

You may find some frameworks that go some way towards automating the above, but bearing in mind that the validation and database parts of the operations will be customised in all but the most simple of cases it's unlikely that you'll find a completely automated means of grabbing and storing the data.

suppose I have 20 input fields.(name,phone,upto 20). In php file I have to manually collect 20 values from a form one by one.....

you can do somthing like this . call your form name for example var1, var2 ,var3.... and then do this

$formdata[] = "";
for ($i=1;$i<=20;$i++)
{
 $index_string = "var".$i;
 formdata["$index_string"] = (isset($_GET["$index_string"]) ? $_GET["$index_string"] : "";
}

From values are passed to the server through a couple different methods (depending on the method of your form). Some forms are POST while others are GET. Using "post" allows for more data to be transferred since "get" will append the values to the URL itself.

Once the values are sent to the server (upon form submission), you can access them through $_POST if they were posted, and $_GET if they were sent via "get". Additionally, you could call $_REQUEST which will include the data regardless if it was "post" or "get".

If your form had an input with the name "firstname" and it was submitted via "post", you could access the value like this:

echo $_POST["firstname"];

With this in mind, you could run an INSERT (or UPDATE) query to place this value in your database. Please see the MySQL book on PHP.net.

// Assuming you have an open connection to MySQL
mysql_query( "INSERT INTO tbl1(field1) values('".$_POST["firstname"]."')" );

Please note that this is a very basic example and you really ought to consider the fact that some data will not be ideal for direct entry. You will want to examine the data to insure it doesn't contain illegal characters or innapropriate content. Sanitizing your data will prevent a lot of security issues as well.

Remember, when you allow people's data into your query, you are allowing the public to write your query (in part) and that can be very dangerous.

yes if the form is 

<form method="post">
  <input type="text" name="your_name"/>
</form>

then you write this code and it will automaticly Retrieve the value

$your_name = isset($_POST['your_name']) ? $_POST['your_name'] : "";

magic :) now the sql part, first we escape the string to avoid an sql injection attack and then we insert into the database.

$your_name = mysql_real_escape_string($your_name); // protect from sql injection
mysql_query("INSERT INTO table_name VALUES ($your_name) );

suppose I have 20 input fields.(name,phone,upto 20). In php file I have to manually collect 20 values from a form one by one like 

$first = $_GET['first'];
$second = $_GET['second'];
---------------------
----------------------

up to 20 its annoying me.

继续阅读:php

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9