Dynamic Input Error To Mysql Using PHP

Question

Here is the database

CREATE TABLE IF NOT EXISTS `student` (
  `id` int(11) NOT NULL,
`name` varchar(100) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

ALTER TABLE `student`
ADD PRIMARY KEY (`id`);
ALTER TABLE `student`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;

Here is the HTML part: jsFiddle

And Here is the PHP part inserting data to mysql:

<?php
$connect = mysql_connect('localhost','root','');
if (!$connect) {
   echo mysql_error();
}
$db = mysql_select_db('demo');
if (!$db) {
  echo mysql_error();
} 
$all_names ="";
if(isset($_POST["mytext"])){   
   foreach($_POST["mytext"] as $key => $text_field){
      $all_names .= $text_field .", ";
 }
}

$result = "INSERT INTO student ( name ) VALUES( $all_names )";
$insert_row  = mysql_query($result);
if(!$insert_row){
   echo $result;
}

Getting Error inserting value to database:

INSERT INTO student ( name ) VALUES( dffd, )

why Question with jQuery in title is not tagged with jQuery tag? and has no jQuery code included? — Alex, Oct 14 '15 at 18:52
change `echo mysql_error();` to `echo $sql;` and show us results — Grzegorz Adam Kowalski, Oct 14 '15 at 18:56
@nikolas, of course it shows sql query. This is exactly what I need to see. — Grzegorz Adam Kowalski, Oct 14 '15 at 18:59
@nikolas, edit your question and paste this resulting query. — Grzegorz Adam Kowalski, Oct 14 '15 at 19:00

Alex · Answer 1 · 2015-10-14T19:12:10.340

2

I don't see whole picture yet. What is the real value returned by $_POST["mytext"]?

But my guess you should at least change your loop to:

foreach($_POST["mytext"] as $key => $text_field){
      if ($all_names == '') {
          $all_names .=  "( '".mysql_real_escape_string($text_field) ."') ";
      } else {
          $all_names .=  ",( '".mysql_real_escape_string($text_field) ."') ";
      }
 }

and your query to:

 $sql = "INSERT INTO student ( name ) VALUES $all_names ";

edited Oct 14 '15 at 19:12

answered Oct 14 '15 at 19:02

Alex

16,739
1
28
51

Same error: INSERT INTO student ( name ) VALUES ,( 'dffd') – Russell Oct 14 '15 at 19:10
Comma is creating problem. – Russell Oct 14 '15 at 19:12
my bad typo in `if ($all_names == '') {` – Alex Oct 14 '15 at 19:12

score 1 · Accepted Answer · answered Oct 14 '15 at 19:14

1

Change

   foreach($_POST["mytext"] as $key => $text_field){
      $all_names .= $text_field .", ";
   }

to

$all_names = "'" . implode("'), ('", $_POST["mytext"]) . "'";

answered Oct 14 '15 at 19:14

Grzegorz Adam Kowalski

5,243
3
29
40

If you'd like to sanitize input then you could use `array_map` and `mysql_real_escape_string`. – Grzegorz Adam Kowalski Oct 14 '15 at 19:26
is it like `$all_names = "'" . implode("'), ('", mysql_real_escape_string($_POST["mytext"])) . "'"; ` – Russell Oct 14 '15 at 19:28
No, something like `$all_names = "'" . implode("'), ('", array_map('mysql_real_escape_string', $_POST["mytext"])) . "'"; ` – Grzegorz Adam Kowalski Oct 14 '15 at 19:45
Many Many thanks again. Another question: if I have another single value with it. How to save that field. – Russell Oct 14 '15 at 19:47
I do not understand. You want to `INSERT` not one, but two values into the table? Then probably it would be easier for you to modify @Alex code, but you could also continue using `implode` with earlier call to `array_walk`.. – Grzegorz Adam Kowalski Oct 14 '15 at 20:23
Ok. Thank you. Alex code working great with multiple values. You both are awesome. – Russell Oct 14 '15 at 20:26

Dynamic Input Error To Mysql Using PHP

2 Answers2

Linked