<?php
if(isset($_POST['add_new']))
{
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$field = $_POST['field'];
$message = $_POST['message'];
$comment1 =array($_POST['comment1'],$s_date);
$comment2 = $_POST['comment2'];
$status = $_POST['status'];
$s_date = date('Y-m-d');
$interested_in = $_POST['interested_in'];
$academic_details = $_POST['academic_details'];
$city = $_POST['city'];
$sql = "insert into enquires2(name,email,phone,field,message,comment1,comment2,status,s_date,interested_in,academic_details,city,admin_idd)values('$name','$email','$phone','$field','$message','$comment1','$comment2','$status','$s_date','$interested_in','$academic_details','$city','$admin_id')";
$result = mysqli_query($link,$sql);
if($result == true)
{
$msg .= "<p style='color:green;'>You are successfully add new enquiry</p>";
}
else
{
$msg .= "<p style='color:red;'>Error!</p>";
}
}
?>
在該代碼中,我想在單個可變即
$comment1 = array($_POST['comment1'],$s_date);
其顯示(數組)當我打印查詢($ SQL)傳遞兩個值。我如何將兩個值傳遞給單個變量?請幫幫我。
您的腳本存在[SQL注入攻擊](https://stackoverflow.com/q/60174/5914775)的風險。看看[Little Bobby Tables]發生了什麼事(http://bobby-tables.com/)。即使[如果你正在逃避投入,它不安全!](https://stackoverflow.com/q/36628418/5914775)。改用[準備好的參數化語句](https://php.net/manual/en/mysqli.quickstart.prepared-statements.php)。 –
'$ comment1 = $ _POST ['comment1']。「 - 」。$ s_date;' –
'玫瑰紅'); DROP TABLE enquires2;學會消毒,下次你的輸入。對不起,只是爲這篇文章增添些許味道。連接這些字符串是當前腳本的最新問題。 – briosheje