inserting array $_POST values to database using php

Question

I have code which takes multiple values on post like`

<form id='students' method='post' class="form-horizontal no-margin"  name='students' action='manage_shows.php'>
<input class="input-small" type="text"  id='tamil' name='tamil[]' >
<input  class="input-small" type="text"  id='english' name='english[]' >

and so on..

When I try to insert db shows array values

include('config.php'); if(isset($_POST['submit'])) {
$tamil=$_POST['tamil'];
$english=$_POST['english'];
$sql = "INSERT INTO `shows` ( from , to , seats ,  cost , screen ) VALUES ('$fname','$lname','$tamil','$english','$computer')";

It inserts only array array into the database. How to add post values to the database ?

Thanks in advance

ameeth

FYI, you are wide open to [SQL injections](http://stackoverflow.com/q/60174) — John Conde, Sep 06 '13 at 21:01
What does `var_dump($_POST)` display? You will be able to figure out from there. And then you can do your insert, after you sanitize your data, of course. — Chris Rockwell, Sep 06 '13 at 21:01

score 0 · Answer 1 · answered Sep 06 '13 at 21:02

0

You're using the [] notation on the field names. That tells PHP to treat those fields as multi-valued, and it will create a sub-array for each of them in $_POST. You will have to loop over those arrays and insert each value individually.

Also note that your code is vulnerable to SQL injection attacks.

answered Sep 06 '13 at 21:02

Marc B

356,200
43
426
500

i am new to php so can give me an example of the loop that can post values – user2610240 Sep 06 '13 at 21:07
2

Sorry. We're here to help, not be your teachers. There's plenty of examples on how to do PHP+database operations on the web. – Marc B Sep 06 '13 at 21:09

score 0 · Answer 2 · answered Sep 06 '13 at 21:23

0

you can use a foreach loop through the information collected as follows;

foreach ($_POST as $key => $value)
{
    echo "$key = $value";
}

answered Sep 06 '13 at 21:23

Suvash sarker

3,140
1
18
21

score 0 · Answer 3 · answered Sep 06 '13 at 21:27

@Marc B's answer is correct, bu I'll take the liberty of adding a bit of detail. See, as already stated, the brackets you added to your inputs' names basically indicate that those inputs hold one of multiple values, i.e., that input is inside an array, so PHP is actually expecting an array of values for said post argument, like in this case:

<input class="input-small" type="text"  id='tamil_1' name='tamil[]' />
<input class="input-small" type="text"  id='tamil_2' name='tamil[]' />
<input class="input-small" type="text"  id='tamil_2' name='tamil[]' />

When you send this, values will be parsed and placed in $_POST['tamil'], which will be an array with 3 values, the same happens to you, but you're sending only one value (as you understand, an array with one value, is still an array), so you have a structure that looks like this:

$_POST=array(
    'tamil'=>array(...),
    'english'=>array(...)
);

As stated by @Marc B, you can iterate through that array like so:

 foreach($_POST['tamil'] as $k=>$v) {
      //Do something with the value stored in $v or the key in $k
 }

Now, you stated in a comment that you're new to PHP, so I'll clarify a bit regarding that behavior in which you insert rows with (array, array), when you try to place a variable inside a string, via concatenation or interpretation, like in your example (variables inside double quotes are interpreted by PHP before adding them to the string, as I suppose you're well aware since you used this syntax), said variables are first parsed into strings. Now, PHP is not the kind of fellow who questions what you're doing, so he will go with the flow most of the time and, instead of throwing an exception, he'll just cast your variable (whatever the type) into a string, how does he cast arrays into strings? by just returning 'array', of course.

So, in your code, PHP casts the arrays as strings and you end up having 'insert into table(col1,col2) values('.'array'.','.'array'.')'.

inserting array $_POST values to database using php

3 Answers3