0

I have created a checkbox form with attribute medicine name, stock quantity and quantity. User can tick on any medicine name and for quantity user need to fill by themselves. When i tick and insert quantity for the first two row, my data successfully saved into my database. Below is the image for my checkbox form.

My checkbox form

But when i tick on the second and the third row,the medicine name successfully insert into database, but the quantity insert into my database is 'null'.

My checkbox form

checkbox.php

     <input type="checkbox" name="MEDICINE_ID[]" value="<?php echo $row['MEDICINE_ID'] ?>" id="check_item" align="middle" />
     </div></td>      
     <td align="center">
       <?php
          echo $row ["MEDICINE_NAME"];
       ?>      
     </td>

     <td align="center">
      <?php
         echo $row ["STOCK_QUANTITY"] ," ", $row ["MED_FORM"];
      ?>      
     </td>

    <td><label>
    <input name="quantity[]" type="number" max="<?php echo $row['STOCK_QUANTITY'] ?>" min='1' id="quantity" value="" size="1000" />
    </label></td>

   <?php
      $i++;
   ?>

checkboxprocess.php

  <?php
     $conn = oci_connect("username", "pass", "orcl");

     $matric_No = $_POST['matric_No'];
     $medicine_ID = $_POST['MEDICINE_ID'];
     $quantity = $_POST['quantity'];
     $dates =  $_POST['dates'];

     $size_medicine=sizeOf($medicine_ID);

        for($i=0;$i<$size_medicine;$i++){       
             $statement="insert into stud_med(quantity,matric_No,medicine_ID,dates) 
             VALUES('$quantity[$i]','$matric_No','$medicine_ID[$i]',to_date('$dates','yyyy-mm-dd'))";
             $state = oci_parse($conn,$statement ); 
             oci_execute($state);   
}
   ?>
Darren
  • 13,050
  • 4
  • 41
  • 79
megat ahmad mustaqim
  • 27
  • 8

1 Answers1

0

Empty checkboxes are not POSTed, so your resulting data for $medicine_ID looks like:

Array
(
    [0] => 2
    [1] => 3
)

And $quantity looks like:

Array
(
    [0] => 
    [1] => 5
    [2] => 4
)

Since you iterate over $medicine_ID you're accessing the wrong keys in $quantity.

The easiest fix is to specify the index in your field name. Since it looks like you already output your table in a loop you can do something like:

<input type="checkbox" name="MEDICINE_ID[<?= $i ?>]" value=...
...
<input name="quantity[<?= $i ?>]" type="number" max=...

PHP will use those keys when receiving the data so $medicine_ID now looks like this:

Array
(
    [1] => 2
    [2] => 3
)

$quantity stays the same but of course the keys line up correctly with $medicine_ID.

Now you can iterate with a foreach loop to access the correct elements:

$statement = "insert into stud_med(quantity,matric_No,medicine_ID,dates)
             VALUES(:quantity, :matric_No, :medicine_ID, to_date(:dates,'yyyy-mm-dd'))";
$state = oci_parse($conn, $statement);

foreach ($medicine_ID as $key => $value) {
        oci_bind_by_name($state, ':quantity', $quantity[$key]);
        oci_bind_by_name($state, ':matric_No', $matric_No);
        oci_bind_by_name($state, ':medicine_ID', $value);
        oci_bind_by_name($state, ':dates', $dates);

        oci_execute($state);
    }

Note that I've rewritten the SQL statement so that the code is no longer vulnerable to SQL Injection attack.

Community
  • 1
  • 1
timclutton
  • 12,682
  • 3
  • 33
  • 43
  • yess.... thank you very much timclutton!!! really really appreciate it....finally i managed to choose any medicine instead of selecting all from above... :') :') – megat ahmad mustaqim May 31 '16 at 07:41