0

I have a webpage where people can add what games they have through a checklist and save it to their account.

Here's my save posted checkbox code:

    if ($_POST['info']) {
        $newinfo = $_POST['info'];
        file_put_contents("member/$userid/info.txt", $newinfo); 
        $games = array();
        if (isset($_POST['game'])) {
            $games = $_POST['game'];
            $gamesready = serialize($games);
            $gamesql = mysql_query("UPDATE user SET games='$gamesready' WHERE id='$userid'");
            }

        header("Location: ".$username);     
    exit();
}

So I have the whole add checked items to an array, then serialize and store it in a database, but what if I want to pull that array out and check the boxes that were previously marked so that they could be disabled without having to completely recheck the games they previously saved to the array.

I assume I would unserialize the array, then do a foreach and match them up with the checkboxes? If that's so, I would have no idea how to do it. Thanks for your help.

Kragalon
  • 420
  • 1
  • 6
  • 25
  • Is normalization not an option? – Strawberry Mar 23 '14 at 10:12
  • This is a messy approach. You need to have a relate table and add a row for each game/user combination – Anthony Mar 23 '14 at 10:14
  • Strawberry,I don't know what normalization is. I am learning PHP at the moment. Anthony, I asked the best way to store an array per user [here](http://stackoverflow.com/questions/22550262/most-efficient-way-to-save-a-checklist-per-user). – Kragalon Mar 23 '14 at 10:21
  • Your code is vulnerable to SQL injections. You should read on [how to prevent them in PHP](http://stackoverflow.com/q/60174/53114). – Gumbo Mar 23 '14 at 10:59
  • I don't think it is vulnerable. $_POST['game'] is the name of the game which they are adding from a checklist. The name of the games arent determined by the user – Kragalon Mar 23 '14 at 23:10

0 Answers0