I have a form something like below:
<input name="first_name[]" type="text">
<input name="last_name[]" type="text">
<input name="email[]" type="email">
I am using while loop to print/echo number of groups of above form fields it required.
There will be multiple data in it, i'm not understanding how use insert query to insert data in mysql table using php.
First, you will need to know how many records you are trying to insert. I used first_name for this, but you could use any of them. (I am assuming since these are grouped together that you will always have the same number of first_name, last_name, and email.):
$count = count($_POST['first_name']);
After you know that, you can build an SQL statement that will insert all of the records in one query:
$sql = "INSERT INTO people (first_name, last_name, email) VALUES ";
$sql .= implode(', ', array_fill(0, $count, '(?, ?, ?)'));
The second line (implode...) will create sets of placeholders in the statement for each record you are trying to insert. (The three question marks represent the three columns you are inserting.) For example, if you had two field groups, the statement would look like:
INSERT INTO people (first_name, last_name, email) VALUES (?, ?, ?), (?, ?, ?)
After you have created the SQL string, you can create a new PDO connection and use that connection to create a prepared statement using your SQL.
$pdo = new PDO($dsn, $user, $password);
$statement = $pdo->prepare($sql);
Next you need to bind your values to the prepared statement. There are various different ways to do this. Here is one example:
// Create a multidimensional array using each of the fields from your field groups
$columns = array($_POST['first_name'], $_POST['last_name'], $_POST['email']);
$index = 1; // This is the index of the placeholder in the prepared statement
for ($i=0; $i < $count; $i++) { // This will loop as many times as you have field groups
$row = array_column($columns, $i);
// using array_column will pull everything from the $i index of each of the sub-arrays
// e.g. first_name[$i], last_name[$i], email[$i]
foreach ($row as $value) {
// bind the value and increment the index
$statement->bindValue($index, $value);
$index++;
}
}
After you have bound all the parameters, you can execute the prepared statement:
$statement->execute();
You can try something like this (you can find comments in the code):
if (isset($_POST['yourSubmitButton']) && isset($_POST['first_name'])) {
try {
$conn = new PDO("mysql:host=localhost;dbname=mysql", 'db_username', 'db_password');
}
catch(PDOException $e) {
echo $e->getMessage();
die();
}
$sql = 'INSERT INTO your_table (first_name, last_name, email) VALUES ';
$sql_append = array(); //Here we have the placeholder to be inserted
$binds = array(); //Here he have the values for the placeholders
for($i = 0; $i < count($_POST['first_name']); $i++) {
if (!( isset($_POST['first_name'][$i]) && isset($_POST['last_name'][$i]) && isset($_POST['email'][$i]) )) {
//We need all the values to be valid
continue;
}
//Add the placeholders and bind values
$sql_append[] = '(first_name = :first_name'.$i.', last_name = :last_name'.$i.', email = :email'.$i.')';
$binds[':first_name'.$i] = $_POST['first_name'][$i];
$binds[':last_name'.$i] = $_POST['last_name'][$i];
$binds[':email'.$i] = $_POST['email'][$i];
}
//Implode and add to the query and then execute
$sql = $sql.implode(', ', $sql_append).';';
$stmt = $conn->prepare($sql);
$stmt->execute($binds);
}
If you have 2 rows $sql will have:
echo $sql;
Result:
INSERT INTO your_table (first_name, last_name, email) VALUES (first_name = :first_name0, last_name = :last_name0, email = :email0), (first_name = :first_name1, last_name = :last_name1, email = :email1);
Related
I have tried whole day (again) but with error trying to insert in total of over billion of rows while inserting about 10k within one query. I want to use prepared statements to do this with MySQL, using innoDB tables. Hardware resources are not a problem, problem has all the time been indexing and one row / insert.
Do not say that I should use straight from list methods since I need to do some calculations before inserting. Input comes from file.
So I have a big while loop, looping text file lines and that's working fine.
I currently do it with inserting one per query.
$stmt = $conn->prepare("INSERT INTO $tableName(row1, row2, row3) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $str1, $str2, $str3);
$stmt->execute();
I have looked at examples doing it like so:
$stmt = $conn->prepare("INSERT INTO $tableName(row1, row2, row3) VALUES (?, ?, ?), (?, ?, ?), (?, ?, ?), (?, ?, ?) ..... ");
But I need to construct this to for like 5-10k rows for single query.
If someone has done something like this before, please give some reference to work with.
Thanks in advance!
The whole idea of a prepared query is that it reduces the overhead of setting up the query each time it's run – prepare once, execute repeatedly. That means there's not going to be a huge amount of difference (from the POV of the database) between running a prepared statement in a loop, or passing one giant query.
You don't include your whole code here, but an error that many people make is to include the statement preparation in the loop. Don't make that mistake! Something like this will be most efficient:
// these need a value before being used in bind_param
$str1 = $str2 = $str3 = "";
$stmt = $conn->prepare("INSERT INTO $tableName(row1, row2, row3) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $str1, $str2, $str3);
while ($we_have_data) {
$str1 = "foo";
$str2 = "bar";
$str3 = "baz";
$stmt->execute();
}
Though I always recommend using PDO prepared statements, as you get to avoid the potential mess of binding parameters:
// assuming $conn is a PDO object now
$stmt = $conn->prepare("INSERT INTO $tableName(row1, row2, row3) VALUES (?, ?, ?)");
while ($we_have_data) {
$str1 = "foo";
$str2 = "bar";
$str3 = "baz";
$stmt->execute([$str1, $str2, $str3]);
}
Maybe because limit executing time from server. Try to use insert batch.
Add to array
$i = 0;
.. looping
$i++;
$mark[] = '(?,?,?)';
$val[] = $str1.",".$str2.",".$str3;
// check when 1k record
if($i == 1000){
$stmt = $conn->prepare("INSERT INTO ? (row1, row2, row3) VALUES ".implode(',', $mark);
$stmt->bind_param("sss", implode(',', $val));
$stmt->execute();
$mark = []; $val = []; $i = 0; // reset
}
I am using the Nested Foreach loop to store the data in the mysql. But its taking too much processing time. How i can reduce the maximum execution time.
foreach ($results as $r) {
mysqli_query($con,"insert into commercial values('".mysqli_real_escape_string($con,$r['MST_MLS_NUMBER'])."')");
$val=1;
$objects = $rets->GetObject('Property', 'Photo', $r['MST_MLS_NUMBER'], '*', 0);
foreach ($objects as $pho) {
mysqli_query($con,"insert into cmtval values('".mysqli_real_escape_string($con,$r['MST_MLS_NUMBER'])."')");
}
}
You should use bulk insert
INSERT INTO tbl_name (a,b,c) VALUES(1,2,3),(4,5,6),(7,8,9);
By foreach loop you should make first query to execute and then execute query with mysqli_query.
$query1 = "insert into commercial values ";
$query2 = "insert into cmtval values ";
foreach ($results as $r)
{
$query1 .= "('" . mysqli_real_escape_string( $con, $r['MST_MLS_NUMBER']) . "'), ";
$val=1;
$objects = $rets->GetObject('Property', 'Photo', $r['MST_MLS_NUMBER'], '*', 0);
foreach ($objects as $pho)
{
$query2 .= "('" . mysqli_real_escape_string( $con, $r['MST_MLS_NUMBER']) . "'), ";
}
}
mysqli_query($con, $query1);
mysqli_query($con, $query2);
I haven't tested code. Test and let me know if anything is missing.
Batch updates reduces some time.
Also if you are saving too much data in DB in single query and if you too much indexes it takes time to insert data.
you can make something like this
foreach ($results as $r)
{
mysqli_query($con,"insert into commercial values('".mysqli_real_escape_string($con,$r['MST_MLS_NUMBER'])."')");
$val=1;
$objects = $rets->GetObject('Property', 'Photo', $r['MST_MLS_NUMBER'], '*', 0);
// generate partial query strings for insert multiple records
$numbers=array();
foreach ($objects as $pho)
{
$numbers[]= "('".mysqli_real_escape_string($con,$pho['MST_MLS_NUMBER'])."')";
}
mysqli_query($con,"insert into cmtval values".implode(",",$numbers)); // it will insert multiple record
}
You can use a prepare statement and execute with different values to be inserted
For example
// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);
// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "john#example.com";
$stmt->execute();
$firstname = "Mary";
$lastname = "Moe";
$email = "mary#example.com";
$stmt->execute();
$firstname = "Julie";
$lastname = "Dooley";
$email = "julie#example.com";
$stmt->execute();
Set parameters and execute line should be in your foreach loop.
Prepared Statements and Bound Parameters
A prepared statement is a feature used to execute the same (or similar) SQL statements repeatedly with high efficiency.
Prepared statements basically work like this:
Prepare: An SQL statement template is created and sent to the
database. Certain values are left unspecified, called parameters
(labeled "?"). Example: INSERT INTO MyGuests VALUES(?, ?, ?) The
database parses, compiles, and performs query optimization on the SQL
statement template, and stores the result without executing it
Execute: At a later time, the application binds the values to the
parameters, and the database executes the statement. The application
may execute the statement as many times as it wants with different
values
I am using a prepared statement to insert multiple rows into a table using a for loop. What I require is for the same value ($id) to be inserted into all rows of the "id" column. Likewise, the timestamp should be inserted into the "submitted" column over all iterations.
My current code only inserts one column. Here is the code:
if($stmt = $link->prepare("INSERT INTO table (id, alt_ord, alt_id, rank, submitted) VALUES ($id,?,?,?, NOW())")){
$stmt->bind_param('iii', $q_ord, $q_ID, $rating);
for($i=0; $i < count($_POST['alt_ord']); $i++){
$q_ord = $_POST['alt_ord'][$i];
$q_ID = $_POST['alt_id'][$i];
$rating = $_POST['rank_'][$i];
$stmt->execute();
}
$stmt->close();
}
Using a combination of ?s with $id and NOW() in the INSERT statement is clearly incorrect. How would I repeat the ID and timestamp values in the insert as intended?
Assuming $id is an unknown value (from user input, etc), simply bind it along with the others and don't forget to check for errors
// make mysqli trigger useful errors (exceptions)
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$stmt = $link->prepare('INSERT INTO table (id, alt_ord, alt_id, rank, submitted) VALUES (?, ?, ?, ?, NOW())');
$stmt->bind_param('iiii', $id, $q_ord, $q_ID, $rating);
for ($i = 0; $i < count($_POST['alt_ord']); $i++) {
$q_ord = $_POST['alt_ord'][$i];
$q_ID = $_POST['alt_id'][$i];
$rating = $_POST['rank_'][$i]; // you sure about this one? "rank_"?
$stmt->execute();
}
I am entering objects from an array into a database.
I have an array called $graphObject
I am looping through the array like this,
foreach($graphObject['tagged_places']->data as $data) {
}
Then I want to take each one of these values and enter them in to the mysql DB with PDO
$data->id
$data->created_time
$data->place->id
$data->place->location->latitude
$data->place->location->longitude
$data->place->name
I am confused on how to write this loop to enter each one of these fields foreach time a new field exist.
Assuming the DB connection is open and the fields in the DB are named
id created_time place_id latitude longitude name
How would I write this with PDO?
What you probably want to do is to build your insert in a loop and then simply execute a single insert statement. So something like this:
$sql = <<<EOT
INSERT INTO table (
`id`,
`created_time`,
`place_id`,
`latitude`,
`longitude`,
`name`)
VALUES
EOT;
foreach($graphObject['tagged_places']->data as $data) {
// add values into string you can remove single quotes if not needed
// (i.e. for numeric data types)
$values = <<<EOT
(
'{$data->id}',
'{$data->created_time}',
'{$data->place->id}',
'{$data->place->location->latitude}',
'{$data->place->location->longitude}',
'{$data->place->name}'
),
EOT;
$sql .= $values;
}
$sql = rtrim(',', $sql);
// execute query using $sql
// assume you have properly instantiated PDO object in $pdo
$result = $pdo->query($sql);
if (false === $result) {
// something went wrong, so log an error
// this assumes you have not configured PDO to throw exceptions
error_log(var_export($pdo->errorInfo(), true));
} else {
// continue doing whatever you want to do
}
Create a prepared statement:
$stmt = $db->prepare('
INSERT INTO table
(id, created_time, place_id, latitude, longitude, name)
VALUES
(?, ?, ?, ?, ?, ?)
');
Execute it on each loop
foreach($graphObject['tagged_places']->data as $data) {
$stmt->execute(array(
$data->id,
$data->created_time,
$data->place->id,
$data->place->location->latitude,
$data->place->location->longitude,
$data->place->name
));
}
I was wondering if someone could help me.
Im trying to integrate some code into my application, the code that i need to integrate is written with PDO statements and i have no idea how it goes.
I was wondering if someone could help me convert it.
The code is as follows
$sql = "insert into message2 (mid, seq, created_on_ip, created_by, body) values (?, ?, ?, ?, ?)";
$args = array($mid, $seq, '1.2.2.1', $currentUser, $body);
$stmt = $PDO->prepare($sql);
$stmt->execute($args);
if (empty($mid)) {
$mid = $PDO->lastInsertId();
}
$insertSql = "insert into message2_recips values ";
$holders = array();
$params = array();
foreach ($rows as $row) {
$holders[] = "(?, ?, ?, ?)";
$params[] = $mid;
$params[] = $seq;
$params[] = $row['uid'];
$params[] = $row['uid'] == $currentUser ? 'A' : 'N';
}
$insertSql .= implode(',', $holders);
$stmt = $PDO->prepare($insertSql);
$stmt->execute($params);
You shoudl use PDO unles for some technical reason you cant. If you dont know it, learn it. Maybe this will get you started:
/*
This the actual SQL query the "?" will be replaced with the values, and escaped accordingly
- ie. you dont need to use the equiv of mysql_real_escape_string - its going to do it
autmatically
*/
$sql = "insert into message2 (mid, seq, created_on_ip, created_by, body) values (?, ?, ?, ?, ?)";
// these are the values that will replace the ?
$args = array($mid, $seq, '1.2.2.1', $currentUser, $body);
// create a prepared statement object
$stmt = $PDO->prepare($sql);
// execute the statement with $args passed in to be used in place of the ?
// so the final query looks something like:
// insert into message2 (mid, seq, created_on_ip, created_by, body) values ($mid, $seq, 1.2.2.1, $currentUser, $body)
$stmt->execute($args);
if (empty($mid)) {
// $mid id is the value of the primary key for the last insert
$mid = $PDO->lastInsertId();
}
// create the first part of another query
$insertSql = "insert into message2_recips values ";
// an array for placeholders - ie. ? in the unprepared sql string
$holders = array();
// array for the params we will pass in as values to be substituted for the ?
$params = array();
// im not sure what the $rows are, but it looks like what we will do is loop
// over a recordset of related rows and do additional inserts based upon them
foreach ($rows as $row) {
// add a place holder string for this row
$holders[] = "(?, ?, ?, ?)";
// assign params
$params[] = $mid;
$params[] = $seq;
$params[] = $row['uid'];
$params[] = $row['uid'] == $currentUser ? 'A' : 'N';
}
// modify the query string to have additional place holders
// so if we have 3 rows the query will look like this:
// insert into message2_recips values (?, ?, ?, ?),(?, ?, ?, ?),(?, ?, ?, ?)
$insertSql .= implode(',', $holders);
// create a prepared statment
$stmt = $PDO->prepare($insertSql);
// execute the statement with the params
$stmt->execute($params);
PDO really is better. It has the same functionality as MySQLi but with a consistent interface across DB drivers (ie. as long as your SQL is compliant with a different database you can theoretically use the exact same php code with mysql, sqlite, postresql, etc.) AND much better parameter binding for prepared statements. Since you shouldnt be using the mysql extension any way, and MySQLi is more cumbersome to work with than PDO its really a no-brainer unless you specifically have to support an older version of PHP.