$new_id = mysqli_insert_id($dbc)
foreach ($_POST['d_specialty'] as $key => $value) {
$q = "INSERT INTO d_specialty (d_id, s_id) VALUES ($new_id, (SELECT specialty.id FROM specialty WHERE specialty.name = $value))";
$r = mysqli_query($dbc,$q);
我想插入两个值,第一个是变量,第二个是select语句,但上面的代码不起作用...
答案 0 :(得分:3)
首先,使用insert . . . select:
INSERT INTO d_specialty (d_id, s_id)
SELECT $new_id, specialty.id
FROM specialty
WHERE specialty.name = $value;
其次,参数化查询,以便将$new_id和$value作为参数传入,而不是直接放入查询字符串。一个原因是防止SQL注入攻击。另一个非常重要的原因是防止潜在的语法错误。
答案 1 :(得分:1)
使用insert into select时,您不需要使用values。删除它,然后将$new_id变量移动到select语句中:
INSERT INTO d_specialty (d_id, s_id)
SELECT $new_id, specialty.id
FROM specialty
WHERE specialty.name = $value