-1

在我的 tableX 中有一些数据看起来像这样

<h1>ghhhhhh!</h1>
http://twitter.com/USERNAME
<h1></h1>
       http://3.bp.blogspot.com/_fqPQy3jcOwE/TJhikN8s5lI/AAAAAAAABL0/3Pbb3EAeo0k/s1600/Srishti+Rai1.html
<h1></h1>
http://4.bp.blogspot.com/_fqPQy3jcOwE/TJhiXGx1RII/AAAAAAAABLc/XNp_y51apks/s1600/anus7.html
<h1></h1>
http://cyz.com/_fqPQy3jcOwE/TJhh1ILX47I/AAAAAAAABKk/gX-OKEXtLFs/s1600/4r-2.html
<h1></h1>
http://cyz.com/_fqPQy3jcOwE/TJhiHGgb-KI/AAAAAAAABK8/zEv_41YzMhY/s1600/19+(1).html
<h1></h1>
http://cyz.com/_fqPQy3jcOwE/TJhihkpZZKI/AAAAAAAABLs/zDnlZkerBd8/s1600/Pooja+Gurung.html

当我回显相同的 php 代码时,它会给出正确的输出,但是当我将这些详细信息存储在 mysql 中时,只有一行存储在 mysql 行中。我的代码是这个

<?php 

include('connect.php'); 



 $idmg=$_POST["id"];
 $res =mysql_query("select * from tablea");
 $row = mysql_fetch_array($res);

if(sus== '0'){ 

  $output=''.$row['content'].''; 


 echo $output;//this output gives the above result but when i store in db it stores first row


mysql_query ("INSERT INTO tablea (content) VALUES ('$output')");


}    ?>
4

3 回答 3

2

您的插入失败,因为您在$output. 参考上面 DCoder 的建议,使用 PDO 或 mysqli。

于 2012-08-15T19:16:13.363 回答
2

Is there a reason you have sql_fetch_array() and not mysql_fetch_array() ?

You also need to iterate through your results if you want more than one row. 

<?php  
include('connect.php');   
$idmg =$_POST["id"]; 
$res  =mysql_query("select * from tablea"); 
$row  = sql_fetch_array($res)
  if($sus== '0'){  
   $output=mysql_real_escape_string($row['content']); 
   echo $output;
   mysql_query ("INSERT INTO tablea (content) VALUES ('$output')");  
}
?>

And as @DCoder said, you should be using prepared statements, the code you have now is vulnerable to SQL injection.

于 2012-08-15T19:07:53.493 回答
1

您的代码进行了一些更正:

<?php
    include('connect.php'); 

    $idmg=$_POST["id"];
    $res = mysql_query("select * from tablea");
    $row = mysql_fetch_array($res);

    if($sus== '0'){  // what is sus? If variable.. should be $sus
        $output = $row['content']; // .'' is literally nothing.. 
        echo $output;

        mysql_query ("INSERT INTO tablea (content) VALUES ('$output')");
    }
?>

我认为您正在尝试做的事情:

<?php
    include('connect.php'); 

    $idmg = $_POST["id"]; // not actually used
    $res = mysql_query('SELECT * FROM tablea');
    while($row = mysql_fetch_array($res)) {
        $output = $row['content'];
        echo $output;
        // do anything else you want.. in your case ?enter the data back in?
        mysql_query("INSERT INTO tablea(content) VALUES('$output')");
    }
?>

你应该使用什么:

<?php
    $idmg = $_POST['id']; // <-- not actually used
    $res = $mysqli_connection->query('SELECT * FROM tablea');
    while($row = $res->fetch_array(MYSQLI_ASSOC)) {
        $output = mysqli_connection->real_escape_string($row['content']);
        echo $output;
        // Do whatever else you like
        $mysqli_connection->query("INSERT INTO tablea(content) VALUES('$output')");
    }
    $res->free();
    $mysqli_connection->close();
?>
于 2012-08-15T19:14:10.830 回答