0

How can I save the below

cv_skills=MySQL&cv_skills=HTML&cv_skills=AutoCAD

as

MySQL,HTML,AutoCAD

into the cv_skills column of my mySQL database?

Currently I am doing implode but it does not work 

$cv_skills = mysql_real_escape_string(implode( ',', $_POST["cv_skills"]));

In this question I have shown the variables as GET just to show how are passed. I am using POST for sure :)

EnexoOnoma
  • 8,454
  • 18
  • 94
  • 179
  • 3
    `cv_skills=MySQL&cv_skills=HTML&cv_skills=AutoCAD` that implies a GET and you're using POST in the query. – Funk Forty Niner Mar 06 '16 at 15:41
  • 1
    @Fred-ii- yes, I know. I posted it this way to make known how the variables are passed. – EnexoOnoma Mar 06 '16 at 15:42
  • Don't they overwrite and you get only `AutoCAD` ? – Vasil Rashkov Mar 06 '16 at 15:43
  • 2
    what about the query to INSERT/UPDATE? maybe that's failing you. Are you using `mysql_` to connect with also? – Funk Forty Niner Mar 06 '16 at 15:44
  • @VasilShaddix unfortunately, yes. only the last is saved. – EnexoOnoma Mar 06 '16 at 15:48
  • oh hold on. As a few said, you're overwriting your query here using the same parameters. Use different ones `cv_skills1=MySQL&cv_skills2=HTML&cv_skills3=AutoCAD` - *"I am using POST for sure"* then show us your HTML form that goes with this. – Funk Forty Niner Mar 06 '16 at 15:48
  • if you're using a form with this (which I suspect contains `name="cv_skills"` for multiple fields and didn't assign them as arrays such as `name="cv_skills[]"` and not using a `foreach` and not using a post method, then that could be the reason. It's unknown because you haven't show us enough (PHP) code and for the query itself. I'm guessing here. – Funk Forty Niner Mar 06 '16 at 15:53
  • you have been given answers below now. I am out of the loop. Wishing you well. – Funk Forty Niner Mar 06 '16 at 16:02

3 Answers3

0

In the current way that you pass the variables to your PHP script they will just get continuously overridden. If you change the variable to the following

cv_skills[]=MySQL&cv_skills[]=HTML&cv_skills[]=AutoCAD

you can then access the data like this

$_POST['cv_skills'][0] == 'MySQL'
$_POST['cv_skills'][1] == 'HTML'
$_POST['cv_skills'][2] == 'AutoCAD'
Nick Taylor
  • 174
  • 7
0

First you need to change the way you are passing the cv_skills variable. Change to an array for example cv_skills[]=HTML&cv_skills[]=AutoCAD; etc.

I would suggest using json_encode($_POST['cv_skills']) to save it with the exact same name. And then pass it to the database.

Vasil Rashkov
  • 1,818
  • 15
  • 27
0

If you are reusing field names you cannot take values from PHP superglobals. Instead, you need to parse request body manually.

You can read raw POST data from the 'php://input' wrapper [reference]. Parsing the string is trickier; you can use a combination of explode() and rawurldecode().

As about the database, explaining how to interact with MySQL is way beyond the scope of this site. I can only suggest you have a look at How can I prevent SQL-injection in PHP and get a reasonably recent book (mysql_real_escape_string() does not even exist any more in latest PHP versions).

Community
  • 1
  • 1
Álvaro González
  • 142,137
  • 41
  • 261
  • 360