使用PHP将所有$ _POST数据插入mysql？

Question

再一次,我有一个关于STACKOVERFLOW hivemind的问题.这是交易,我试图将表单中的所有$ _POST数据插入到mysql表中.之前,我做过:

    INSERT INTO forms (Place, Date, Find, username, who_sponsored, hours, comments, howdiditgo, studentleader_name, studentleader_email, description)
VALUES ('$place', '$date','$where', '$username', '$who', '$hours', '$comments', '$how', '$description',)");

其中所有$值都声明为$ _POST ['Place'],$ _POST ['Date']等等.现在,每次我向表单添加一个新部件(如另一个textarea或其他东西),我想要必须在mysql中创建一个新列,而不是添加另一个$ _POST ['foo'].这是我尝试过的:

// In the previous form, I have set all input ids to "service[]", so all this data would be in a more specific array than just $POST.  Turns out all the $_POST['service'] stuff is null...  Here's an example: <input name="placeofservice" type="text" id="service[]">


$forms = serialize($_POST['service']);
var_dump($forms);

mysql_query("INSERT INTO forms VALUES('$forms')")
 or die(mysql_error()); 

我一直收到的错误是:列数与第1行的值计数不匹配.我意识到这意味着我试图将太多数据放入数据库,因为没有足够的列来适应数据.我来回检查看我是否正确(我认为我这样做).作为参考,这是我的表单和mysql表的代码:

<form name="form1" method="post" action="process_form.php">
Place of Service</br>
<input name="placeofservice" type="text" id="service[]"></br>

Date of Service</br>
<input name="dateofservice" type="text" id="service[]"></br>

Where did you find this opportunity?</br>
<input name="where" type="text" id="service[]"></br>

What organization sponsored this opportunity?</br>
<input name="who_sponsored" type="text" id="service[]"></br>

How many hours did you work?</br>
<input name="hours" type="text" id="service[]"></br>

How did it go?</br>
<input type="text" id="service[]" name="howdiditgo" maxlength="100" /></br>

Description of Service:
<textarea name="description" id="service[]" COLS=40 ROWS=6></textarea></br>

Comments:
<textarea name="comments" id="service[]" COLS=40 ROWS=6></textarea></br>

Student Leader Name (If Applicable)</br>
<input name="studentleader_name" type="text" id="service[]"></br>

Student Leader Email(If Applicable)</br>
<input name="studentleader_email" type="text" id="service[]"></br>
<input type="submit" name="Submit" value="Submit">
</form>

Mysql表:

放置| 日期| 查找| form_id | who_sponsored | 小时| 评论| howdiditgo | 描述| studentleader_name | studentleader_email | 用户名

注意:我打算清理我的数据库内容/ $ POST数据,但出于我的目的,我把它留了出来!如果您有任何问题随时可以询问,我会在这里发布EDIT:标签:)

Answer 1

我的功能:

function i($table, $array) {
  $query = "INSERT INTO ".$table;
  $fis = array(); 
  $vas = array();
  foreach($array as $field=>$val) {
    $fis[] = "`$field`"; //you must verify keys of array outside of function;
                         //unknown keys will cause mysql errors;
                         //there is also sql injection risc;
    $vas[] = "'".mysql_real_escape_string($val)."'";
  }
  $query .= " (".implode(", ", $fis).") VALUES (".implode(", ", $vas).")";
  if (mysql_query($query))
    return mysql_insert_id();
  else return false;
}

Answer 2

不要为所有数据创建单个字段...它否定了拥有数据库的整个价值.您将失去搜索特定字段的所有灵活性(例如,所有工作小时数超过25的记录,或者服务日期为2010年7月26日的记录)您可以轻松地编写一个函数,该函数从类似于数组的值构建insert语句Riateche提供的那个.

可以通过切换到mysqli并使用绑定变量来改进它.