Sending an array to the database

Question

Hiii... I can get an array from $_POST['C'] to my PHP file. I need to send it to the database. Here I have posted what I tried.

<?

if(!empty($_POST['G'])){

for($i=0;$i<sizeof($_POST['C']);$i++){

var_dump($_POST['C']);

$Query="INSERT INTO Questions(Questions_ID,Question_Name)          VALUES($i+1,'$_POST[C][$i]')";

if(!mysqli_query($con,$Query)){

die("<script>alert( \"Error: ". mysqli_error($con)."\");window.location.href='FormCreationTrial.php';</script>");

} }

}

?>

This is the var_dump of the array. array(3) { [0]=> string(1) "A" [1]=> string(5) "Male2" [2]=> string(7) "Female2" } Notice: Array to string conversion in C:\xampp\htdocs\PHIS\FinalSubmissionOfTheFormPHP.php on line 19. Line 19 is where I have written the query.

When I'm trying to send the array one by one it gives me an error like ' Duplicate entry 'Array[0]' for key 'Question_Name_UNIQUE'. Please someone help me to solve this.

score 1 · Answer 1 · answered Nov 18 '13 at 01:40

1

First of all your for statement should be something like (which most probably will solve your issue):

for($i = 0; $i < sizeof($_POST['C']) - 1; $i++) {

Second thing, you don't use "echo" with "var_dump", use "var_dump" alone, so your var_dump line should be something like:

var_dump($_POST['C']);

Hope this helps

answered Nov 18 '13 at 01:40

Ma'moon Al-Akash

4,445
1
20
16

Thanks for editing the question :) i was just expressing that you should not use echo with var_dump but not editing the question :) Further more, just decrement the sizeof($_POST['C']) by 1 in your for loop, like i am showing in the answer and this will hopefully solve your issue. – Ma'moon Al-Akash Nov 18 '13 at 02:03

Tom Tom · Accepted Answer · 2014-11-08T14:01:18.157

1

$size = sizeof($_POST['C']) - 1;
for($i = 0; $i < $size; $i++) {

Is better performance wise, so the loop doesn't call sizeOf at each iteration

$Query="INSERT INTO Questions(Questions_ID,Question_Name) VALUES(".($i+1).", '".$_POST[C][$i]."')";

Furthermore you don't seem to generate your id field properly which means you will get duplicate errors. Either set your id on auto generate in the table structure or get the latest id from your table and increment from there. You could also create a trigger to do it but that might be a bit hard for you.

And be warned, your code will be vulnerable to SQL injections.

edited Nov 08 '14 at 14:01

answered Nov 18 '13 at 01:44

Tom Tom

3,680
5
35
40

1

Hello... Thank you so much.. Now it is working. What did you mean by SQL injection. Isn't it good to use with large databases. Could you please explain me the reason. – t4thilina Nov 18 '13 at 01:58
If the input you're getting the POST from is public, being vulnerable to SQL injections means users can try to input various SQL code to hack your database and eventually succeed. You can prevent this by using functions like mysql_real_escape_string() on the strings right before you insert them, or using PDO to handle database interaction among other solutions http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php – Tom Tom Nov 18 '13 at 02:11

Sending an array to the database

2 Answers2