0

我对 PHP 和 MySQL 都很陌生,希望能得到一些帮助。

我想要实现的目标:使用下面的表格将时间表存储到 MySQL 表中,该表格应将每天的数据发布到单独的行中,同时为输入的每一天保持相同的员工姓名。用户可以选择在表单中添加额外的天数——最多 7 天。我已经在不使用数组的情况下测试了所有内容,并且能够毫无问题地将数据存储到表中。

HTML:

<form id="timesheet" method="post" action="timekeep.php">
        <fieldset>
        <h1>Employee Info</h1>
        <ul>
            <li>
                <label>First Name:</label>
                <input name="firstname" type="text">
            </li>
            <li>
                <label>Last Name:</label>
                <input name="lastname" type="text">
            </li>
        </ul>
        </fieldset>
        <fieldset>
        <h1>Time Info</h1>
            <h3>Day: 1</h3>
            <ul>
                <li>
                    <input name="date[]" type="text">
                </li>
                <li>
                    <input name="straighthours[]" type="number">
                </li>
                <li>
                    <input name="overtimehours[]" type="number">
                </li>
                <li>
                    <input name="premiumhours[]" type="number">
                </li>
                <li>
                    <input name="perdiem[]" type="number">
                </li>
            </ul>
            <h3>Day: 2</h3>
            <ul>
                <li>
                    <input name="date[]" type="text">
                </li>
                <li>
                    <input name="straighthours[]" type="number">
                </li>
                <li>
                    <input name="overtimehours[]" type="number">
                </li>
                <li>
                    <input name="premiumhours[]" type="number">
                </li>
                <li>
                    <input name="perdiem[]" type="number">
                </li>
            </ul>

        </fieldset>

        <input id="submit" name="submit-time" type="submit" value="Submit Time">

    </form>

PHP:

$sql_connection = mysql_connect($dbhost, $dbuser, $dbpass) OR DIE ("Unable to connect to database! Please try again later.");

mysql_select_db($dbuser, $sql_connection);

$sql = "INSERT INTO table (
            Date,
            FirstName,
            LastName,
            StraightHours,
            OvertimeHours,
            PremiumHours,
            TotalHours,
            PerDiem
        )
        VALUES (".
            PrepSQL($date) . ", " .
            PrepSQL($firstName) . ", " .
            PrepSQL($lastName) . ", " .
            PrepSQL($straightHours) . ", " .
            PrepSQL($overtimeHours) . ", " .
            PrepSQL($premiumHours) . ", " .
            PrepSQL($totalHours) . ", " .
            PrepSQL($perDiem) . "
        )";

mysql_query($sql, $sql_connection);

mysql_close($sql_connection);

function PrepSQL($value)
{

    if(get_magic_quotes_gpc())
    {
        $value = stripslashes($value);
    }

    $value = "'" . mysql_real_escape_string($value) . "'";

    return($value);
}
4

1 回答 1

0

使用 PDO 对象会使这更容易,mysql_ 无论如何都是遗留的:

$db = new PDO($hostname,$username,$password);


$qry = "INSERT INTO table (
            Date,
            FirstName,
            LastName,
            StraightHours,
            OvertimeHours,
            PremiumHours,
            TotalHours,
            PerDiem
        )
        VALUES (:date, :firstname, :lastname, :straighthours, :overtimehours, :premiumhours, :totalhours, :perdiem)"; // colon variables will be bound to actual variable

$statement = $db->prepare($query); //prevents injection

// binds variables to place holder in query
$statement->bindValue(':firstname', $firstname);
$statement->bindValue(':lastname', $lastname);
$statement->bindValue(':straighthours', $straighthours);
$statement->bindValue(':overtimehours', $overtimehours);
$statement->bindValue(':premiumhours', $premiumhours);
$statement->bindValue(':totalhours', $totalhours);
$statement->bindValue(':perdiem', $perdiem);

$statement->execute();
$statement->closeCursor();

在通过以下方式将任何内容传递给 sql 之前,您可以使用 php 进行进一步的输入检查:

trim(strip_tags(htmlentities($firstname)));

PDO 更易于使用和理解 IMO

更新:

PDO 教程

更新#2:

对于每天使用数组的附加功能,您可以执行以下操作:

<input type="text" name="firstname1">

// do this for all fields then
$workingday1 = array();
$workingday1['firstname'] = $_GET['firstname1'];
// etc. for all the other fields

然后您可以通过以下方式访问该字段:

$workingday1 = $_GET['workingDay1']; // or post or however you want to pass it
$firstname = $workingday['firstname'];

之后,您可以随意修剪数据库。您可以拥有一个包含所有值的表格,并编辑您的选择以按员工或天或 w/e 显示。您还可以为每个员工创建一个表格,然后从这些表格中获取数据并以您喜欢的方式显示数据。

于 2013-04-18T17:34:57.723 回答