1. 首頁
  2. 問答
  3. insert into mysql else select select?

insert into mysql else select select?

2013-02-14 152 views
0

有人可以請幫忙,我試圖讓這個腳本從我的mysql表中選擇適當的值,並在它們存在時進行更新,如果它們不存在,則插入它們。insert into mysql else select select?

有人可以告訴我我要去哪裏錯了謝謝。

<?php 
     require_once("session.php"); 
     require_once("functions.php"); 
     require('_config/connection.php'); 

     session_start(); 

     include '_config/connection.php'; 

     $height_ft = $_POST['height_ft']; 
     $height_in = $_POST['height_in']; 
     $weight_st = $_POST['weight_st']; 
     $weight_lb = $_POST['weight_lb'];  

     $result = mysql_query("SELECT height_ft FROM ptb_stats WHERE id=".$_SESSION['user_id'].""); 

     $result2 = mysql_query("SELECT height_in FROM ptb_stats WHERE id=".$_SESSION['user_id'].""); 

     $result3 = mysql_query("SELECT weight_st FROM ptb_stats WHERE id=".$_SESSION['user_id'].""); 

    $result4 = mysql_query("SELECT weight_lb FROM ptb_stats WHERE id=".$_SESSION['user_id'].""); 

    if(!$result) { 
     echo "The username you entered does not exist"; 
    } else if($height_ft != mysql_result($result, 0)) { 
     echo "";  

     $sql = mysql_query("UPDATE ptb_stats SET height_ft='$height_ft' WHERE id=".$_SESSION['user_id'].""); 

     $sql = mysql_query("UPDATE ptb_stats SET height_in='$height_in' WHERE id=".$_SESSION['user_id'].""); 

     $sql = mysql_query("UPDATE ptb_stats SET weight_st='$weight_st' WHERE id=".$_SESSION['user_id'].""); 

     $sql = mysql_query("UPDATE ptb_stats SET weight_lb='$weight_lb' WHERE id=".$_SESSION['user_id']."");  

     mysql_query("INSERT INTO ptb_stats (user_id, height_ft) VALUES (".$_SESSION['user_id'].", ".$height_ft.")"); 

     mysql_query("INSERT INTO ptb_stats (user_id, height_in) VALUES (".$_SESSION['user_id'].", ".$height_in.")"); 

     mysql_query("INSERT INTO ptb_stats (user_id, weight_st) VALUES (".$_SESSION['user_id'].", ".$weight_st.")"); 

     mysql_query("INSERT INTO ptb_stats (user_id, weight_lb) VALUES (".$_SESSION['user_id'].", ".$weight_lb.")"); 
    } 

    if($sql) { 
     $_SESSION['edit_done']="<div class=\"infobox-edit-done\"><strong>Thank You -</strong> Your Details were changed.</div>"; 
     header("Location: {$_SERVER['HTTP_REFERER']}"); 
    } else { 
     $_SESSION['edit_done2']="<div class=\"infobox-edit-done\"><strong>Oooops! -</strong> That didn't work. Try again.</div>"; 
     header("Location: {$_SERVER['HTTP_REFERER']}"); 
    } 
?>

來源

2013-02-14 Nick James

+0

如果您使用[流行的PHP框架(http://www.phpframeworks.com/top-10-php-frameworks /)它會提供一個數據庫層,這將使你很容易做到甚至不必嘗試。你在這裏做的是一堆不太容易遵循的代碼。請記住,您可以一次「更新」多個列,就像您可以用一條語句「SELECT」多列數據一樣。如果你沒有任何體面的例子可供參考,框架將通過建議最佳實踐來幫助你。 – tadman 2013-02-14 01:44:55

+0

你不從頭開始編寫你自己的PHP的原因是因爲[SQL注入漏洞](http://bobby-tables.com/),這個簡短的例子似乎充斥着。這些對於任何*應用程序可用於普通互聯網的應用程序都是非常危險的,並且如果它們被利用會產生嚴重後果。 – tadman 2013-02-14 01:46:50

回答

0

有使用ON DUPLICATE KEY UPDATE的更新MySQL中的一個選項或插入可以更簡明地解決你的問題。

http://dev.mysql.com/doc/refman/5.0/en/insert-on-duplicate.html

爲您查詢看起來是這樣的:

$sql=mysql_query("INSERT INTO ptb_stats (user_id, height_ft) 
VALUES (".mysql_real_escape_string($_SESSION['user_id']).", " 
     .mysql_real_escape_string($height_ft).") 
ON DUPLICATE KEY UPDATE user_id = ".mysql_real_escape_string($_SESSION['user_id']).");

來源

2013-02-14 01:47:24 Matthew

+1

請問,如果你打算在答案中使用'mysql_query',那麼你總是使用'mysql_real_escape_string'來跳過插入的數據。你也以某種方式歪曲了你的引用,並且弄糊塗了。 – tadman 2013-02-14 02:05:48

相關問題

 相關問題