-1

I have looked all over for a answer to this. But all the questions asked don't seem to answer my question.

I am trying to post from a html page to a php page. But i am receiving this notice:

Notice: Array to string conversion ... line 41

In order to fix the issue i have stopped the page i am working on (index page) from posting to the next page, and post to the index page instead, so i can see what is going on.

Line 41

WHERE Delivery_Pcode.Pcode LIKE '%".$search."%'");

I am using the exactly the same query, part from the variable names in another page, and it works perfectly.

I am trying to retrieve the area name from the db, which matches the postal code which is inputted by the user in the search bar on the index page, there is nothing on the index page apart from the search bar.

Code

$c_name= '';

if(isset($_POST['feed_me'])){
     $search= $_POST;

$select_pcode=mysqli_query($dbc,"SELECT Rest_Details.Resturant_ID, Rest_Details.City_name, Delivery_Pcode.Pcode 
 FROM Rest_Details INNER JOIN Delivery_Pcode
 ON Delivery_Pcode.Restaurant_ID=Rest_Details.Resturant_ID


echo var_dump($select_pcode);

while($row_pcode=  mysqli_fetch_array($select_pcode)){
$c_name = $row_pcode['City_name']; 

}}

I have never received this notice before, i am unaware how to deal with it or how to resolve the issue. Please advice

Blue
  • 57
  • 5
  • 3
    `$search= $_POST;` is wrong, should be `$search= $_POST['postcode']` or whatever name the postcode form field has – Steve May 20 '16 at 11:45
  • 2
    Also note that if you're feeding post variables directly into your SQL string without escaping them, you are leaving yourself **wide** open to being hacked. Look up "SQL injection attack" and make sure you understand how to avoid it before making any of your code available to the public. – Simba May 20 '16 at 11:48

4 Answers4

3

You are copying the whole $_POST array to $search and then you are trying to concatenate the array to a string.

This is the correct way:

if(isset($_POST['feed_me'])){
     $search= $_POST['feed_me'];
dimlucas
  • 5,040
  • 7
  • 37
  • 54
2

Your $search is $search= $_POST; and $_POST is array.

When you use it in %$search% here you get this error.

Implode $_POST with implode('", "', $_POST), take only one value ($_POST['feed_me']) or other way make it to string.

Don't use direct $_POST in query. Use prepared statements.

Justinas
  • 41,402
  • 5
  • 66
  • 96
2

Well, $_POST is an array and you're passing its whole value to $search. Then you're using $search to display a message. Since $_POST is of type array, when trying to display $search, you would be mixing a string with an array, hence the notice.

Since you want to compare Delivery_Pcode.Pcode, you need to call the "Pcode" that you sent from the $_POST to the $search. Something like this:

$search["Pcode"]

That would bring the value you're looking for (if that's the name of the value).

cthefinal
  • 79
  • 1
1

$search= $_POST;

That's the mistake, change it to 

$search= $_POST['feed_me'];
Borjante
  • 9,767
  • 6
  • 35
  • 61