PHP - HTML: Select attribute after $_POST is giving value 'Array'

Question

Recently I got a problem with $_POST method. Here is select attribute in HTML that is giving informations by POST method.

<select name="date_year[]" required>
                    <option value="" selected="selected" disabled="true">Choose year...</option>
                    <option value="07"> 2007</option>
                    <option value="08"> 2008</option>
                    <option value="09"> 2009</option>
                    <option value="10"> 2010</option>
                    <option value="11"> 2011</option>
                    <option value="12"> 2012</option>
                    <option value="13"> 2013</option>
                    <option value="14"> 2014</option>
                    <option value="15"> 2015</option>
                    <option value="16"> 2016</option>
                    <option value="17"> 2017</option>
                    <option value="18"> 2018</option>
                    <option value="19"> 2019</option>
                    <option value="20"> 2020</option>
                    </select>

after submiting form with this select tag, in PHP code I have something like this:

$month_date = $_POST['date_month'];
$year_date = $_POST['date_year'];

$final_date = $month_date . ' '. $year_date;
$esult = $connection->query("SET NAMES 'utf8'");
if($connection->query("INSERT INTO thread VALUES (NULL, '$name', '$final_date', '$desc', '$thumbnail', '$gallery_img')")) {
    unset($_POST['upload']);
    header('Location: panel.php');
    $connection->close();
    exit();
}

Here just look for these $_POST things. I just gave the full code for the context. Here is my problem: after a successfull insert to my MySQL database, I got the value "Array Array". From curiosity I echo'ed that $final_date but still, it's just 'Array Array'. Why?

because you defined your select as `name="date_year[]"`, so it's an array. Remove the `[]` from teh name ro do you need it to be an array? — xander, Aug 17 '17 at 12:38
Hey y'all, few minutes after the question I have saw that. The problem was that "[]" in the name of my select attribute. Thanks for your time! — Cvbge Xhapl, Aug 17 '17 at 12:39
[Little Bobby](http://bobby-tables.com/) says **[you are at risk for SQL Injection Attacks](https://stackoverflow.com/q/60174/)**. Learn about [Prepared Statements](https://en.wikipedia.org/wiki/Prepared_statement) for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even **[escaping the string](https://stackoverflow.com/q/5741187)** is not safe! I recommend `PDO`, which I [wrote a function for](http://paragoncds.com/grumpy/pdoquery/#function) to make it extremely **easy**, very **clean**, and way more **secure** than using non-parameterized queries. — GrumpyCrouton, Aug 17 '17 at 12:43
_“From curiosity I echo'ed that '$final_date' but still, it's just 'Array Array'. Why?”_ - because that happens when you `echo` an array ... To make debug outputs, you should use `var_dump`. Not only can that handle arrays as well, it also shows you the data type of what you output. — CBroe, Aug 17 '17 at 12:44
Hint: it seems that your question was caused by a simple typo - if so: consider deleting it. — GhostCat, Aug 17 '17 at 12:44
_“What does it mean? Should I use some HTML entities?”_ - it means you should take the time to _read up_ on the issue, instead of coming with the knee-jerk reaction “what does it mean” as soon as someone mentions something that is new to you ... — CBroe, Aug 17 '17 at 12:46
Possible duplicate of [HTML Element Array, name="something\[\]" or name="something"?](https://stackoverflow.com/questions/4688880/html-element-array-name-something-or-name-something) — GrumpyCrouton, Aug 17 '17 at 12:46

score 2 · Answer 1 · answered Aug 17 '17 at 12:38

2

Change

<select name="date_year[]" required>

Into

<select name="date_year" required>

The brackets make the input field an array hence the Array in your query.

answered Aug 17 '17 at 12:38

Peter M

1,059
8
19

score 2 · Answer 2 · answered Aug 17 '17 at 12:45

There are two issue with your code:

<select name="date_year[]" required>

here there is no need to use name as an array. So change it to:

<select name="date_year" required>

and after concatenating:

$final_date = $month_date . ' '. $year_date;

the format is m-Y which is not acceptable for date column. The date column format is 'Y-m-d'

score 1 · Answer 3 · answered Aug 17 '17 at 12:39

1

As you have mention date_year[] as array in select tag, It will be result as array

change your select tag to

<select name="date_year" required>

answered Aug 17 '17 at 12:39

B. Desai

16,414
5
26
47

score 1 · Answer 4 · answered Aug 17 '17 at 12:42

1

Your html select element was following

<select name="date_year[]" required>

So you should access it like this

$year_date = $_POST['date_year'][0];

Not Like

$year_date = $_POST['date_year'];

answered Aug 17 '17 at 12:42

Ashraful Alam

61
4

score 1 · Answer 5 · answered Aug 17 '17 at 12:43

1

change this

<select name="date_year[]" required>

to this

<select name="date_year" required>

it will solve your problem.

answered Aug 17 '17 at 12:43

Nazish Fraz

94
1
9

PHP - HTML: Select attribute after $_POST is giving value 'Array'

5 Answers5