PDO插入，foreach($

本文介绍了PDO插入，foreach($ _ POST)的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我下面的代码不会插入我的数据库.我不知道我的错误发生在哪里. (感谢有关sql注入的通知，稍后将介绍该信息< 3)

My code below will not insert into my database. I do not know where my misstake is being made. (Thanks for the notifications regarding sql injections, will read about that laters <3)

到目前为止，这是我的php代码:

This is my php code so far:

$sqlArray = array(); $nameArray = array(); $valueArray = array(); foreach($_POST as $name => $value) { //$sqlArray[] = "':".$name."'=>$".$name; $nameArray[] = $name; $valueArray[] = "'".$value."'"; } $names = implode(', ', $nameArray); $values = implode(', ', $valueArray); $sql = "INSERT INTO random ( ".$names." ) VALUES ( ".$values." )"; $addRandom = $dbh->prepare( $sql ); $addRandom->execute();

$ sql的输出如下:

And the output by $sql looks like:

INSERT INTO random ( random1, random2, zipCode) VALUES ( 'Namn', 'Adress', 'Zipcode' )

我应该更改或添加什么?

What should I change or add?

推荐答案

正确准备查询，并设置连接错误模式，其他一切似乎都没问题:

Prepare your query properly, and set you connection error mode, everything else seem okay:

/* Very very important !!*/ $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $names = implode(', ', $nameArray); $values = implode(', ', ':'.$nameArray); $sql = "INSERT INTO random ( ".$names." ) VALUES ( ".$values." )"; $addRandom = $dbh->prepare( $sql ); foreach($_POST as $name => $value) { $addRandom->bindValue($name, $value); } $addRandom->execute(); if($addRandom->rowCount > 0){ echo 'INSERTED'; }else{ echo 'FAILED'; }

注释 您的$_POST键应与您要绑定到的字段名称匹配，否则它将不起作用.

note Your $_POST keys should match the field name you are binding to, otherwise it wont work.