Creat table in database with user input and link it with table that already exists in PHP and SQL

Question

1.00/5 (2 votes)

See more:

PHP and SQL(XAMPP)

I want to create a table with user input and link the table name with another table to use it in select statement to link the pages.

I have created a code that creates table in the database with the name of the user input but I want to link it with table that exists in the database called test.

PHP

```
if(isset($_POST["submit"]))
{
                   // Step 1: Capture the user input
$input = $_POST['table']; // Assuming the form field name is "input_field"

// Step 2: Define the regular expression pattern to match English characters
$pattern = '/^[a-zA-Z\s]+$/';

// Step 3: Validate the input against the pattern
if (preg_match($pattern, $input)) {
    // The input contains only English characters
    // Proceed with further processing or database operations
    // ...
    $table = $_POST['table'];

    // SQL to Create a table in the selected database
    $sql = "CREATE TABLE $table (
    id INT PRIMARY KEY AUTO_INCREMENT,
    firstname VARCHAR(225), 
    content TEXT,
    user_id INT,
    FOREIGN KEY (user_id) REFERENCES test(test_id)
    )";  
     if ($con->query($sql) === TRUE) {
        $msg="تم انشاء قاعدة بيانات جديدة بإسم $table" ;
      } else {
        $error="حدث خطأ اثناء انشاء جدول في قاعدة البيانات";
    }

}else {
    // The input contains non-English characters
    $error="يرجى ادخال اسم جدول قاعدة البيانات المحدد باللون الأحمر باللغة الأنجليزية فقط";
}
}

 $firstname = $_POST['firstname']; 

if(isset($_POST['firstname'])) {   
    $order="INSERT INTO test (firstname,test_id) VALUES ('$firstname','$test_id')";

    if ($con->query($order) === TRUE) {
    echo "New record created successfully";
    } else {
    echo "Error: " . $order . "<br>" . $con->error;
    }
  }

  $con->close();  

 ?>
```

I have tried to insert the table id.

What I have tried:

i tried to insert the data but the labels are not linked.

Posted 20-Aug-23 19:44pm

AmeerBaathar

Updated 14-Sep-23 9:12am

Deeksha Shenoy

v2

Add a Solution

Comments

Richard Deeming 21-Aug-23 3:34am

Even if you managed to fix the SQL Injection[^] vulnerability in your code, why are you doing this?

Unless you're creating a "database builder"-type application, creating new tables dynamically is almost certainly the wrong thing to do, and a sign that your database design is fundamentally broken.

Andre Oosthuizen 21-Aug-23 4:25am

I agree 100%, why would you want to create tables dynamically? If you have 1 million users and they each create a table = 1 million tables with probably 1 record per table. You'll have a lot more search capability and management ease with 1 set of tables instead of a set per user.

Imagine if the schema needs to change? do you really want to update hundreds or thousands/millions of tables or write some long script to fix a mundane issue? Stick with a single set of tables and ignore sharding. Instead, think "maybe we'll partition the tables someday, if necessary"

Dave Kreskowiak 21-Aug-23 16:56pm

You never say what you mean by "link" and if there are any relationships between the tables so it's impossible to tell you what's going on or what you need to do.

But, overall, like the other comments, I think this sounds like a very bad design.

Member 15627495 16-Sep-23 9:59am

why are you replacing the 'relation link' in db , with 'literals' ( string Type ).

remenber "primary -> foreign keys".
It's an error about your DB design.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)