1

Good afternoon,

I will first start with the goal I am trying to accomplish and then give a very basic sample of what I need to do.

Goal

Instead of collecting several variables and naming them with keys individually, I have decided to give in and use an array structure to handle all inputs of the same type and rules. Once I have the variables, I will validate against them and if 'ok' store them in a MySQL table. The table will hold consumer information and will need to store multiple rows of the same type of information.

First Pass

I will leave out the validation portion of this question because I feel I need to first understand the basics.

<form action="?" method="POST" name="Form">
Member 1 First Name:<input type="text" name="MemberFirstName[]" /><br />
Member 1 Last Name: <input type="text" name="MemberLastName[]" /><br />
Member 1 Email: <input type="text" name="MemberEmail[]" /><br />

Member 2 First Name:<input type="text" name="MemberFirstName[]" /><br />
Member 2 Last Name: <input type="text" name="MemberLastName[]" /><br />
Member 2 Email: <input type="text" name="MemberEmail[]" /><br />

Member 3 First Name:<input type="text" name="MemberFirstName[]" /><br />
Member 3 Last Name: <input type="text" name="MemberLastName[]" /><br />
Member 3 Email: <input type="text" name="MemberEmail[]" /><br />

<input type="submit" name="submit" value="Continue" />          
</form>

I am hoping that each input given for First Name (a required field) will generate a unique key for that particular entry and not overwrite any data entered. Because I am carrying information from page to page (checkout form), I am turning the POST variables into SESSION variables then storing in a mysql database in the end. My hope is to have:

<?php

$conn = mysql_connect("localhost", "username", "password");
mysql_select_db("DBname",$conn);

$sql = "INSERT INTO tablename VALUES ('$_SESSION[Member1FirstName]', '$_SESSION[Member1LastName]', '$_SESSION[Member1Email]', '$_SESSION[Member2FirstName]', '$_SESSION[Member2LastName]', '$_SESSION[Member2Email]', '$_SESSION[Member1FirstName]', '$_SESSION[Member3LastName]', '$_SESSION[Member3Email]')";


$result = mysql_query($sql, $conn) or die(mysql_error());
Header ("Location: completed.php");
?>

Where Member1, Member2, and Member3 values will appear on their own row within the table. I KNOW my code is wrong but I am giving a first shot at the overall business purpose I am trying to achieve and trying to learn how to code the right way.

I am very, very new to programming so any 'baby advice' is greatly appreciated.

JM4
  • 6,740
  • 18
  • 77
  • 125
  • And what exactly is your question? – Felix Kling May 17 '10 at 23:15
  • I'm just not understanding why the need for the array - which is perfectly possible but you should use in different situations like range of colors for a product or something like that. In your case, a simple memberfirstname1, memberfirstname2 would do the job and keep the code simple as you are beginning as you said. – ronaldosantana May 17 '10 at 23:21
  • @Felix King - How do I create an array of values like this. I dont understand arrays when collecting this data – JM4 May 17 '10 at 23:23
  • @Ronaldo Junior - the reason is because I actually have 12 fields for 20 different members, passing 200+ session variables is overkill and also causes me to create a TON of code and validations. I want to be able to create 1 single form layout, and based on the number of enrollees desired on page 1, have the form auto create additional fields available for population – JM4 May 17 '10 at 23:24
  • @JM4: This is already the way to specify form elements as part of an array. `$_POST['MemberFirstName']` should give you an array. Haven't you tried yet? – Felix Kling May 17 '10 at 23:30
  • @Felix Kling - specifying the data that way would constantly overwrite what the MemberFirstName value would be. If member 1 was jack then member 2 was john, given your assumption, $_POST['MemberFirstName'] would only return John – JM4 May 17 '10 at 23:38
  • @JM4: Your HTML is correct (as you can also verify by reading the documentation: http://www.php.net/manual/en/faq.html.php#faq.html.arrays). And no, I said that `$_POST['MemberFirstName']` is an **array**, i.e. `$_POST['MemberFirstName'][0]` is jack, `$_POST['MemberFirstName'][1]` is john etc. If you experience different behaviour then something is wrong with your PHP code (but with the part you did not post). – Felix Kling May 17 '10 at 23:46

2 Answers2

1

If you want to need to associate fields in a specific number of sets and still want them in an array then you should put an index in the name. An empty index is only useful when you don't know how many elements the final array will contain.

Member 1 First Name:<input type="text" name="MemberFirstName[1]" /><br />
Member 1 Last Name: <input type="text" name="MemberLastName[1]" /><br />
Member 1 Email: <input type="text" name="MemberEmail[1]" /><br />
Ignacio Vazquez-Abrams
  • 776,304
  • 153
  • 1,341
  • 1,358
1

Depending on your column names the following

INSERT INTO tablename 
VALUES ('$_SESSION[Member1FirstName]', '$_SESSION[Member1LastName]', '$_SESSION[Member1Email]'),
       ('$_SESSION[Member2FirstName]', '$_SESSION[Member2LastName]', '$_SESSION[Member2Email]'), 
       ('$_SESSION[Member1FirstName]', '$_SESSION[Member3LastName]', '$_SESSION[Member3Email]')"

would work on mysql, see INSERT.

However this is an answer that will lead into much trouble if you do not sanitize the input.

EDIT: Sanitizing refers to the sql injection attack, where strings passed directly to database may contain constructs that would allow attacker to change database passwords or update or destroy data.

EDIT2: As for php syntax, I think this question has reasonable answers from which you can learn.

Community
  • 1
  • 1
Unreason
  • 12,556
  • 2
  • 34
  • 50
  • my overall goal is to use the arrays to figure out how to loop the 'insert' statement. If I use the method above (which i already do, I have 12 inputs for over 20 members) which takes a lot of code. Can you explain 'sanitizing the input'? – JM4 May 17 '10 at 23:26
  • @JM4 - I expanded my answer re sanitzing/injection problems. As for looping over array in PHP, what seems to be the problem? foreach and other methods are at your disposal. – Unreason May 17 '10 at 23:46
  • I think the area I am stuck in while looping in the example you give above is that I wont know how many Members are being entered so I'm not sure where to run the loop. The enroller can choose to enroll from 1 to up to 20 members at a time so the only guarantee in the 'INSERT INTO tablename' is '$_SESSION['Member1FirstName'] values. It is my estimation i need to change it altogether to something like: INSERT INTO tablename VALUES ('MemberFirstName[0]', 'MemberLastName[0]... and so on with the key changing determined by the Number of Enrollee's entered – JM4 May 18 '10 at 00:06
  • @JMR - added a link to so question on inserting multiple rows into mysql via php – Unreason May 18 '10 at 09:24