我有两个表格页面和上载
页:
page_id, page_name, page_parent
( 4, test, 0)
( 5, test-sub, 4)
( 6, test-sub2, 4)
上载:
upload_id, upload_name, upload_root
(1, test, 4)
(2, test-sub, 4)
(3, test-sub2, 4)
我非常成功地将page_id放入upload_root,但是当页面具有子菜单并输入到page_parent时出现了问题。
$name = $_POST['name'];
$root = $_POST['root'];
$insert_sql = "INSERT INTO tbl_upload VALUES ('' , \"$name\", \"$root\")";
$root = $_POST['page_id'];?>
<form action="" enctype="multipart/form-data" method="post">
<div>Name: <input name="title" type="text" size="50"/></div>
<input name="page_id" type="hidden" value= "<?php echo"$page_id"; ?>"
<input type="submit" value="Upload" id="upload" class="upload"/>
</form>
$fetch_sql = "SELECT upload_id, upload_name, upload_root from tbl_upload WHERE upload_root = \"$page_id\"";
我无法获得页面的正确网址。我没有用正确的词来描述我的问题。但是,我非常希望能将page_id的确切值(自动递增)检索到upload_id中(如果不可能的话),然后再返回upload_root。
上载:
upload_id, upload_name, upload_root
(4, test, 4)
(5, test-sub, 4)
(6, test-sub2, 4)
<?php
if (isset($_GET['submit']))
{
$name = $_POST['title'];
$pageid = $_POST['page_id'];
$insert_sql = "INSERT INTO tbl_upload (upload_id, upload_name, upload_root) VALUES ('".$pageid."','".$name."','')";
mysql_query($insert_sql);
}
?>
<form action="your_page.php?submit=yes" enctype="multipart/form-data" method="post">
<div>Name: <input type="text" name="title" size="50"></div>
<input type="hidden" name="page_id" value= "<?php echo $page_id; ?>">
<input type="submit" value="Upload" id="upload" class="upload">
</form>
显然,在显示“ your_page.php”的页面上插入页面名称
您的代码容易受到SQL注入的攻击。请查看如何为将来的项目实施PDO。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句