-2

i have a table t1 have two column id and name i want to insert files names in one column 

<input type="file" name="files[]" multiple></br>
<input  type="submit"  name="submit"  value="ADD">

table

id | name
1  | e1.jpg, e2.jpg, ....

i tried 

if (isset($_POST['submit'])) {
    $output = '';  
    if(is_array($_FILES))   
    {  
        foreach ($_FILES['files']['name'] as $name => $value)  
        {  
            $file_name = explode(".", $_FILES['files']['name'][$name]);  
            $allowed_ext = array("jpg", "jpeg", "png", "gif");  
            if(in_array($file_name[1], $allowed_ext))  
            {  
                $new_name = md5(rand()) . '.' . $file_name[1];  
                $sourcePath = $_FILES['files']['tmp_name'][$name];  
                $targetPath = "picem/".$new_name;  
                $sql = "INSERT INTO phem (userid, username, img, date) VALUES 
      ('$id_user','$user','{$targetPath}','$myDate')";
                $image = mysqli_query($conn,$sql);
                if(move_uploaded_file($sourcePath, $targetPath))  
                {  
                }                 
            }            
        } 
    }
}

but this code will insert each file in a row

RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
tgms tgms
  • 1
  • 1
  • 1
    One row per file is better anyway. See: ["Is storing a delimited list in a database column really that bad?"](https://stackoverflow.com/questions/3653462/is-storing-a-delimited-list-in-a-database-column-really-that-bad) And you should use parameterized queries. See: ["How can I prevent SQL injection in PHP?"](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) And if you care about integrity you should consider storing the content in the database, not just a path over which the DBMS has no control. – sticky bit Dec 25 '19 at 11:45
  • Good code indentation would help us read the code and more importantly it will help **you debug your code** [Take a quick look at a coding standard](http://www.php-fig.org/psr/psr-2/) for your own benefit. You may be asked to amend this code in a few weeks/months and you will thank me in the end. – RiggsFolly Dec 25 '19 at 12:02

1 Answers1

0

It is easy to use comma-separated value instead of to store as an array. So you can directly get easily using this in sql query in WHERE clause FIND_IN_SET(arr_val, sql_column_name).

If you want to store it as array you should store it as a serialized array to serialize an array using serialize($your_array) and store it as a:0{} type of serialized array.

you also can unserialize by unserialize($serialized_array) function.

Manthan Kanani
  • 28
  • 6