1
<?php
//Checks that the user submitted data is valid and then adds it to the table or displays the error.
require ('connect.php');

// Sanitize user input to escape HTML entities and filter out dangerous characters.
$drinkName  = filter_input(INPUT_POST, 'drinkName', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$era = filter_input(INPUT_POST, 'era', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$style = filter_input(INPUT_POST, 'style', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$mix = filter_input(INPUT_POST, 'mix', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$glass = filter_input(INPUT_POST, 'glass', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$ice = filter_input(INPUT_POST, 'ice', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$primarySpirit = filter_input(INPUT_POST, 'primarySpirit', FILTER_SANITIZE_FULL_SPECIAL_CHARS);

// Build the parameterized SQL query and bind sanitized values to the parameters
$query     = "INSERT INTO recipe (DrinkName, Era, Style, Mix, Glass, Ice, PrimarySpirit) VALUES (:drinkName, :era, :style, :mix, :glass, :ice, :primarySpirit)";
$statement = $db->prepare($query);
$statement->bindValue(':drinkName', $drinkName);
$statement->bindValue(':era', $era);
$statement->bindValue(':style', $style);
$statement->bindValue(':mix', $mix);
$statement->bindValue(':glass', $glass);
$statement->bindValue(':ice', $ice);
$statement->bindValue(':primarySpirit', $primarySpirit);

// Execute the INSERT prepared statement.
$statement->execute();

$lastid = $db->lastInsertId();

$query1 = "INSERT INTO ingredients (RecipeId, IngedientName, Quantity) VALUES ({$lastid}, :ingredient ,:quantity)";
$statement1 = $db->prepare($query1);

//$ingredientArray = filter_input_array(INPUT_POST, 'ingredient', FILTER_SANITIZE_SPECIAL_CHARS);
//$quantityArray = filter_input_array(INPUT_POST, 'quantity', FILTER_SANITIZE_SPECIAL_CHARS);

$filteredIngredient = array_filter($_POST['ingredient']);
$filteredQuantity = array_filter($_POST['quantity']);

$combinedArray = array_combine($filteredIngredient, $filteredQuantity);

foreach($combinedArray as $ingredient => $quantity)
{
        $statement1->bindValue(':ingredient', $ingredient, PDO::PARAM_STR);
        $statement1->bindValue(':quantity', $quantity, PDO::PARAM_STR);
        $statement1->execute();
}
if(count($combinedArray) > 10){
    header("Location: index.php");
}

Above is the script I am using to push some recipe info into multiple tables. the problem I am having is that the second statement Seems to not be executing at all. the first statement does create a new row on the recipe table however the ingredient table statement does not.

I have used netbeans and xdebug to make sure the values are correct in the array being used to populate the statement and have not been able to figure out what is causing it to not create new rows.

Pellistorm
  • 11
  • 2
  • You don't appear to be checking the results of your queries for errors. Either explicitly check the return values for an error condition. or set your PDO connection to throw an exception. – Tangentially Perpendicular Mar 25 '21 at 02:33
  • Thank you very much this led me to look at this post. https://stackoverflow.com/questions/32648371/my-pdo-statement-doesnt-work Worked perfectly – Pellistorm Mar 25 '21 at 02:57

0 Answers0