如何插入具有来自另一个表的名称的值

Question

我希望将用户表列名 (profile_img) 中的值与用户提交的其他信息一起插入我的新闻表到列名 (profile_img1)。

这是我目前使用的查询

$name=$_REQUEST["title"];
$stdate=$_REQUEST["sdate"];
$endate=$_REQUEST["edate"];
$staddr=$_REQUEST["staddr"];
$addr2=$_REQUEST["staddr2"];
$city=$_REQUEST["city"];
$state=$_REQUEST["state"];
$zip=$_REQUEST["zip"];
$desc=$_REQUEST["desc"];
$file=$_REQUEST['photo'];
$link=$_REQUEST["link"];
$user=$_REQUEST["user"];
$profile_img1=$_REQUEST["profile_img1"];
$rsvp=$_REQUEST["rsvp"];        

$query = "INSERT INTO news (fname,stdate,endate,addr1,addr2,city,state,zip,name,size,type,content,link,description,user,profile_img1,rsvp) VALUES('" . mysql_real_escape_string($name) . "','$stdate','$endate','" . mysql_real_escape_string($staddr) . "','" . mysql_real_escape_string($addr2) . "','" . mysql_real_escape_string($city) . "','$state','$zip','".str_replace([",",":","\"","\\", "/", "*"," ","$","&","?",";","'","!","(",")","|","~","<",">","=","[","]","{","}","#","^","%","=","@","+","è","é"],"",$name) ."-".$stdate."-".$file."','0',' ',' ','" . mysql_real_escape_string($link)."','" . mysql_real_escape_string($desc) . "','$user','" . mysql_real_escape_string($rsvp)."')";

profile_img1 的名称将在查询中的用户值之后，但我不知道如何将用户表中 profile_img 的名称获取到新闻表

这是我一直在尝试的：

$query = "INSERT INTO news (fname,stdate,endate,addr1,addr2,city,state,zip,name,size,type,content,link,description,user,profile_img1,rsvp) VALUES('" . mysql_real_escape_string($name) . "','$stdate','$endate','" . mysql_real_escape_string($staddr) . "','" . mysql_real_escape_string($addr2) . "','" . mysql_real_escape_string($city) . "','$state','$zip','".str_replace([",",":","\"","\\", "/", "*"," ","$","&","?",";","'","!","(",")","|","~","<",">","=","[","]","{","}","#","^","%","=","@","+","è","é"],"",$name) ."-".$stdate."-".$file."','0',' ',' ','" . mysql_real_escape_string($link)."','" . mysql_real_escape_string($desc) . "','$user','(SELECT profile_img FROM users WHERE username=`username`)''" . mysql_real_escape_string($rsvp)."')";

使用此方法会导致读取新闻表中的 profile_img1 列 (SELECT profile_img FROM users WHERE username=username)，而不是读取用户表中的 profile_img 列。

另外，如果我添加第二个 INSERT 查询

$q2 = mysql_query("INSERT INTO news (profile_img1) SELECT profile_img FROM users WHERE username='username'");

该查询导致在新闻表中创建一个新行，该行仅显示用户表中的 profile_img，与用户将输入的其他数据分开。

我想要的结果是让用户将数据提交到新闻表，用户表中的用户图像将插入到新闻表中与其他数据提交的行中，因此提交的数据和用户图像是一起显示。

如果您需要更多说明，请告诉我

Answer 1

您还没有 profile_img1 的值吗？

$profile_img1=$_REQUEST["profile_img1"];

但无论如何，当然如果你执行 2 次插入，它会插入 2 行。

您要查找 UPDATE 。

和 mysql_insert_id() 来获取最后执行的插入的 id。

如（最后，在你知道自己在做什么之后）：

UPDATE news SET profile_img1 = "whateveritis" where id = theidoftherowyoujustinserted

Answer 2

简短的回答是执行 INSERT (...) SELECT ...

例如

$name=$_REQUEST["title"];
$stdate=$_REQUEST["sdate"];
$endate=$_REQUEST["edate"];
$staddr=$_REQUEST["staddr"];
$addr2=$_REQUEST["staddr2"];
$city=$_REQUEST["city"];
$state=$_REQUEST["state"];
$zip=$_REQUEST["zip"];
$desc=$_REQUEST["desc"];
$file=$_REQUEST['photo'];
$link=$_REQUEST["link"];
$user=$_REQUEST["user"];
$profile_img1=$_REQUEST["profile_img1"];
$rsvp=$_REQUEST["rsvp"];        

$query = "INSERT INTO news (fname,stdate,endate,addr1,addr2,city,state,zip,name,size,type,content,link,description,user,profile_img1,rsvp) SELECT '" . 
    mysql_real_escape_string($name) . "','$stdate','$endate','" . mysql_real_escape_string($staddr) .
    "','" . mysql_real_escape_string($addr2) . "','" . mysql_real_escape_string($city) . "','$state','$zip','".
    str_replace([",",":","\"","\\", "/", "*"," ","$","&","?",";","'","!","(",")","|","~","<",">","=","[","]","{","}","#","^","%","=","@","+","è","é"],"",$name) .
    "-".$stdate."-".$file."','0',' ',' ','" . mysql_real_escape_string($link)."','" . mysql_real_escape_string($desc) .
    "',provile_img,'" . 
    mysql_real_escape_string($rsvp)."'" .
    " FROM users WHERE username = '{$username}'";

这应该变成这样的：

INSERT INTO news (fname, stdate, profile_img1, rsvp)
SELECT 'Bob', '2017-09-02', profile_img, 0
FROM users
WHERE username = 'jimbob'

长答案涉及请求不要自己转义和重新构建该位，以使其更易于阅读，并且通过扩展，以后更易于维护