0

I have this table which gives me the functionality to add and remove rows dynamically.

<form name="add_name" id="add_name">  
                          <div class="table-responsive">  
                               <table class="table table-bordered" id="dynamic_field">  
                                    <tr>  
                                         <td><input type="text" name="name[]" placeholder="Enter your Name" class="form-control name_list" /></td>  
                                         <td><button type="button" name="add" id="add" class="btn btn-success">Add More</button></td>  
                                    </tr>  
                               </table>  
                               <input type="button" name="submit" id="submit" class="btn btn-info" value="Submit" />  
                          </div>  
                     </form>

I then submit to a php script using this code

 $('#submit').click(function(){            
           $.ajax({  
                url:"name.php",  
                method:"POST",  
                data:$('#add_name').serialize(),  
                success:function(data)  
                {  
                     alert(data);  
                     $('#add_name')[0].reset();  
                }  
           });  
      });

Then insert posted values to a database using this script

$number = count($_POST["name"]);  
 if($number > 0)  
 {  
      for($i=0; $i<$number; $i++)  
      {  
           if(trim($_POST["name"][$i] != ''))  
           {  
                $sql = "INSERT INTO tbl_name(name) VALUES('".mysqli_real_escape_string($conn, $_POST["name"][$i])."')";  
                mysqli_query($connect, $sql);  
           }  
      }  
      echo "Data Inserted";  
 }  
 else  
 {  
      echo "Please Enter Name";  
 }

The php script does not insert the data into the database, but the success function tells me that it has been inserted, is there something i did not do correct here? I even tried logging the form values to the console but it does not display any values.

Morena Toxx
  • 25
  • 5
  • Just use a foreach here. Your for loop syntax isn't right – Rotimi Oct 24 '17 at 17:53
  • Why are you using input type text as array. Is there more than one input fields with same name? – Rajan Benipuri Oct 24 '17 at 17:56
  • @inxoy they are binding on the click of the button with the id of submit, but it's not a submit button. It's just a normal button. The form does not submit. There ajax is performing a POST request. – Taplar Oct 24 '17 at 18:01
  • Note: The object-oriented interface to `mysqli` is significantly less verbose, making code easier to read and audit, and is not easily confused with the obsolete `mysql_query` interface. Before you get too invested in the procedural style it’s worth switching over. Example: `$db = new mysqli(…)` and `$db->prepare("…")` The procedural interface is an artifact from the PHP 4 era when `mysqli` API was introduced and should not be used in new code. – tadman Oct 24 '17 at 18:06
  • **WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add user data to your query. **DO NOT** use manual escaping and string interpolation or concatenation to accomplish this because you will create severe [SQL injection bugs](http://bobby-tables.com/). Accidentally unescaped data is a serious risk. Using bound parameters is less verbose and easier to review to check you’re doing it properly. – tadman Oct 24 '17 at 18:06
  • @inxoy okay i tried that its still not working. also the method is specified on the ajax call – Morena Toxx Oct 24 '17 at 18:09
  • @tadman thanks for pointing that out, but i know about prepared statements just wanted to try making that functionality quickly – Morena Toxx Oct 24 '17 at 18:12
  • @RajanBenipuri, it has the ability to add other inputs fields incase i want to add more than one name – Morena Toxx Oct 24 '17 at 18:13
  • When you slap something together quickly you're more likely to make mistakes that will be very difficult and time-consuming to resolve later. It only takes a moment longer to use placeholder values and it can save you hours of frustration when dealing with a minor escaping problem that pops up later. It's worth noting that `bind_param` is a heck of a lot less typing than what you have here, so it'll save you time in the next function like this you write. – tadman Oct 24 '17 at 18:16
  • @tadman, I totally agree with you and thanks i will change my coding practises, do you have solution i can apply to this though? – Morena Toxx Oct 24 '17 at 18:24
  • You're not testing for errors, the result of that query function is ignored, so you can't be sure that inserted correctly. I'd try re-writing that using the object-oriented style as well as [enable exceptions](https://stackoverflow.com/questions/14578243/turning-query-errors-to-exceptions-in-mysqli) so any mistakes will be displayed as errors. – tadman Oct 24 '17 at 18:43
  • you have only defined one name="name[]" input So how this becomes an array. it will treat as a single value, not an array. – Sachin Kumar Oct 24 '17 at 19:52
  • @sachinkumar there is a button through which i can add more name fields – Morena Toxx Oct 24 '17 at 22:07

0 Answers0