PHP:使用变量保存表名,并在查询中使用该变量
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13656667/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP : Using a variable to hold a table name, and using that variable in queries
提问by ransan32
I am currently learning PHP, and I'm working on a Registration Form. Somewhere in my code I have these statements
我目前正在学习 PHP,并且正在编写注册表。在我的代码中的某个地方,我有这些语句
$query = "SELECT `stud_no` FROM `tb_registered_users` WHERE `stud_no`='$studno'";
and
和
$query = "INSERT INTO `tb_registered_users`
VALUES ('".$studno."','".$firstname."','".$lastname."')";
but instead I want to declare this variable and use it in the queries mentioned above
但是我想声明这个变量并在上面提到的查询中使用它
$mysql_tb = 'tb_registered_users';
So what is the correct syntax for this?
那么正确的语法是什么?
回答by nickb
$query = "INSERT INTO `" . $mysql_tb . "`
VALUES ('".$studno."','".$firstname."','".$lastname."')";
回答by Yueyu
<?php
$mysql_tb = 'tb_registered_users';
$query = "SELECT `stud_no` FROM `{$mysql_tb}` WHERE `stud_no`='$studno'";
$query = "INSERT INTO `{$mysql_tb}` VALUES ('".$studno."','".$firstname."','".$lastname."')";
回答by aheit123456
Also worked for me if using double quotes:
如果使用双引号也对我有用:
$newDataInput = "INSERT INTO $mysql_tb (Date,Time) VALUES ('$date','$time')";
回答by mohitesachin217
BTW you can also use sprintf function to do the same thing as show below
顺便说一句,你也可以使用 sprintf 函数来做同样的事情,如下所示
(PHP 4, PHP 5, PHP 7) sprintf — Return a formatted string
(PHP 4, PHP 5, PHP 7) sprintf — 返回一个格式化的字符串
$mysql_tb = 'tb_registered_users';
$query1 = sprintf("SELECT `stud_no` FROM `%s` WHERE `stud_no`='$studno'",$mysql_tb);
$query2 = sprintf("INSERT INTO `%s` VALUES ('".$studno."','".$firstname."','".$lastname."')",$mysql_tb);
Just put %s in place where you want to replace the value and then use second parameter as variable as shown in here. It works as same as function in c language and c++. You can replace multiple values also with multiple parameters. Here is php manual help
只需将 %s 放在要替换值的位置,然后使用第二个参数作为变量,如下所示。它的工作原理与 c 语言和 c++ 中的函数相同。您也可以用多个参数替换多个值。这是php手册帮助
https://www.php.net/manual/en/function.sprintf.phpHope that helps
回答by Elijan Sejic
$mysql_tb = 'tb_registered_users';
$query = "SELECT `stud_no` FROM `".$mysql_tb."` WHERE `stud_no`='$studno'";
回答by qooplmao
You can just do it as
你可以这样做
$query = "SELECT `stud_no` FROM " . $mysql_tb . " WHERE `stud_no`='$studno'";
but I would recommend looking into PDO ( http://www.php.net/manual/en/book.pdo.php&& http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/).
但我建议研究 PDO ( http://www.php.net/manual/en/book.pdo.php&& http://net.tutsplus.com/tutorials/php/why-you-should-be-使用-phps-pdo-for-database-access/)。
回答by Jenga
$query = "SELECT `stud_no` FROM `".$mysql_tb."` WHERE `stud_no`='$studno'";
and
和
$query = "INSERT INTO `".$mysql_tb."` VALUES ('".$studno."','".$firstname."','".$lastname."')";
You may also want to look into using something like PDOwhich will allow you to use named parameters and avoid SQL injections.
您可能还想考虑使用PDO 之类的东西,它允许您使用命名参数并避免 SQL 注入。
