Inserting multiple rows from a php form into the database

Question

my form as the following table (of textfeild). I am feeding the values into these textfeild. How can i enter these values into my database? plz help. enter image description here

code of the form:-

    $rows=$_POST["rows"];       
          echo "
        <table align=\"center\" border=\"1\" width=\"70%\">
        <tr>
        <td><b>Roll No.</b></td> <td><b>Full Name</b></td> <td><b>Unit_test</b>       </td><td><b>Prelims</b></td> 
        <td><b>Attendance</b></td> <td><b>File</b></td> 
        </tr>";

    for($n=0;$n<$rows;$n++)
    { 
    echo "<tr>
    <td><input type=\"text\" name=\"roll\" /></td><td><input type=\"text\"                 name=\"name\" /></td><td><input type=\"text\" name=\"unit_test\" /></td>
    <td><input type=\"text\" name=\"prelims\" /></td><td><input type=\"text\"  name=\"attendance\" /></td><td><input type=\"text\" name=\"file\" /></td>
    </tr>";
    }
     echo "</table>";
     echo "<form action=\"feed2.php\" method=\"post\">
    <br>
     <input type=\"submit\" name=\"\" value=\"Submit\" />
   </form>";

code used for inserting into db:-

for($n=0;$n<3;$n++)
{
  if(isset($_POST['roll']))
  {
    echo "<br>Updating";

    $roll=$_POST['roll'];
    $name=$_POST['name'];
    $unit_test=$_POST['unit_test'];
    $prelims=$_POST['prelims'];
    $attendance=$_POST['attendance'];
    $file=$_POST['file'];

    $sql="Insert into students (roll,name,unit_test,prelims,average,attendance,file,interm) 
    VALUES ('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file')";
    $res=mysql_query($sql);
    header("Location:./view.php");
  }

I don't even see how this code works at all. Where do you post values to your table in form? Your for loop in your inserting into db does nothing. It is just looping 3 times with the same values. — sskoko, Sep 29 '13 at 12:01
my table is made of textfeilds so i think on clicking the submit button it should insert but for obvious reason it doesnt even insert any values. — jhe, Sep 29 '13 at 12:30

score 2 · Answer 1 · edited May 23 '17 at 12:19

2

The simplest way is probably to make the $_POST values for roll etc. an array (so $_POST becomes a multidimensional array).

See this previous question for an example of how it can be done:

Submitting a multidimensional array via POST with php

You can then loop through the array values in your database insert code.

edited May 23 '17 at 12:19

Community

1
1

answered Sep 29 '13 at 11:59

Clart Tent

1,319
2
9
11

score 0 · Answer 2 · answered Sep 29 '13 at 14:16

The name of each field must be different in each row in order to successfully send data from browser to server. In your case for all columns the name remains the same in all rows. You can suffix them with $n

Solution:

Replace the code which generate fields to the following:

 for($n=0;$n<$rows;$n++)
    { 
    echo "<tr>
    <td><input type=\"text\" name=\"roll_$n\" /></td><td><input type=\"text\"                     name=\"name_$n\" /></td><td><input type=\"text\" name=\"unit_test_$n\" /></td>
    <td><input type=\"text\" name=\"prelims_$n\" /></td><td><input type=\"text\"  name=\"attendance_$n\" /></td><td><input type=\"text\" name=\"file_$n\" /></td>
    </tr>";
    }

In above code we have suffixed each field with _$n

Secondly, Change the code of insert to the following:

$roll=$_POST['roll_'.$n];
$name=$_POST['name_'.$n];
$unit_test=$_POST['unit_test_'.$n];
$prelims=$_POST['prelims_'.$n];
$attendance=$_POST['attendance_'.$n];
$file=$_POST['file_'.$n];

Thirdly, I think the sql query need to be changed. Calculate average before the query and store its values in a variable. Then reference this variable in query same as you have done with other variables like $roll and $name.

$average=(($unit_test + $prelims)/125) *10;

Now with this code all three lines will be saved in database.

Hope this helps.

score 0 · Answer 3 · answered Sep 29 '13 at 15:53

Multiple row inserts in SQL are simply multiple parenthesis with commas, (), (), ();

You are also NOT escaping your data! You must escape ALL your data regardless of text or binary. It is simple and you must never fail to escape data. I escape data even if it's come directly out of my database, a hacker could post code in say a blog comment, it gets commented out, but then for some reason if I handle that comment it could later execute.

$roll = mysql_real_escape_string($_POST['roll');

So just do this...

INSERT INTO table (roll, name, unit_test, prelims, average, attendance, file, interm) VALUES 
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file'),
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file'),
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file'),
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file');

Inserting multiple rows from a php form into the database

3 Answers3

Linked