I have a select input where you can choose multiple options. Unfortunately, I have no clue how to insert the values selected into my database. Here is the code I am trying to use, which is giving me an invalid argument passed on my attempt to implode it.
Thanks for any help...
Here is my php:
$distribs = implode("|", $_POST["distributors"]);
$distribs = mysql_real_escape_string($distribs );
$distribs = mysql_real_escape_string($_POST['distributors']);
$sql="UPDATE customers SET distributors = '$distribs'
WHERE id='$id'";
Here is my select:
echo "<select name='distributors' multiple='multiple'>";
try like this
echo "<select name='distributors[]' multiple='multiple'>";
$_POST["distributors"]; is not an array, implode(); require an array to function,
PHP.net Function for implode();
If your $_POST is a correct array format; then implode will convert the array into a single string.
If your $_POST contains information from a <select> </select> Then the submission would be a single string which can be inserted into a database without the need for your implode(); function.
if you are certain that your $_POST is being submitted in an array format. Use as
DeDav
Has suggested.
Run this command when your $_POST is populated.
print_r($_POST['distributors'])
If your using a multiple select. Use as again DeDav suggested:
echo "<select name='distributors[]' multiple='multiple'>";
Related
hi im trying to fill a database table from the code below, but afterwards it fills the table coloumn just saying "Array" is there anyway to get the values inside this array and make them print in the table.
$query_new = "INSERT INTO red_message (message) VALUES ('$attributes')";
$result = mysql_query($query_new, $link_local);
P.S i use the print_r once it returns 1.. so print_r diont work either.. can anybody help me to get the values inside this $attributes array
Do you mean the implode()?
http://php.net/manual/en/function.implode.php
Example code from php.net:
$array = array('lastname', 'email', 'phone');
$comma_separated = implode(",", $array);
echo $comma_separated; // lastname,email,phone
try to use json_encode. If your array will be of several steps it is better to initially encode rhis array and then insert into the database. You also keep structure of the array.
Example:
$farr=array('user1'=>array('name'=>$name,'phone'=>$phone),'user2'=>array('name'=>$name,'phone'=>$phone));
$sarr=json_encode($farr);
mysql_query("Insert INTO .......");
After:
$query=mysql_query("SELECT ......");
$res=mysql_fetch_assoc($query);
$finaly=json_decode($res, true);
print_r($finaly);
This simply means that $attributes is of Array type. You should make sure that $attributes is of String type (which you can achieve with implode()) before using it in mysql_query().
I have an array containing the names of form input names:
$minmax = array('bed_min', 'bed_max', 'rec_min', 'rec_max', 'bath_min', 'bath_max', 'value_min', 'value_max');
The names are identical to the corresponding columns in a database. Instead of using an sql query like so:
$bed_min=$_POST['bed_min'];
$bed_max=$_POST['bed_max'];
$rec_min=$_POST['rec_min'];
$rec_max=$_POST['rec_max'];
$bath_min=$_POST['bath_min'];
$bath_max=$_POST['bath_max'];
$value_min=$_POST['value_min'];
$value_max=$_POST['value_max'];
$query = "UPDATE first_page SET bed_min='$bed_min', bed_max='$bed_max', rec_min='$rec_min', rec_max='$rec_max', bath_min='$bath_min', bath_max='$bath_max', value_min='$value_min', value_max='$value_max', WHERE email_address='$email' ";
Is there a way to automate all this into a smaller lump of code? I know the POST values should not be added to the query diectly, so maybe a loop to assign the POST values to a corresponding array of variables using something like:
foreach ($minmax as $var){
$var = $_POST[$var]
}
(nb i dont think this snippet will work but ive added it because I think with a bit of editing it might!)
After the list of variables have been assigned the POST values, do the update in the $query using two arrays, one with the list of values and one with the list of database columns. Again I dont know how this will work, so pointers would be helpful!
You don't really need the $minmax array of form input names since you can get those from the keys of $_POST.
If the values are all numbers, like they seem to be, then you could do it all in one line like this:
$query = "UPDATE first_page SET " . vsprintf(implode("='%d', ", array_keys($sanitized_POST))."='%d'", array_values($sanitized_POST))." WHERE email_address='$email'";
That's assuming you have already sanitized the items from $_POST into a new array named $sanitized_POST. I know you said in the above comment to ignore sanitization, but I thought I'd add it so you know I'm not suggesting to use the values straight from $_POST.
You could sanitize the $_POST array with something like this:
$sanitized_POST = array_map(function($item) {
return mysqli::real_escape_string($item);
}, $_POST);
Honestly though, you should try to come up with a solution that uses prepared statements.
On a side note, if you have the sanitized post array, then this one line will essentially do what Quixrick has done with variable variables in one of the other answers:
extract($sanitized_POST);
If you assume that all of the values in post have the same names (array keys) as your columns, then something like this could work for you:
$query = "UPDATE first_page SET ";
foreach ($_POST as $key => $var){
$query .= " $key='$var',";
}
$query = rtrim($query,',') . " WHERE email_address='$email' ";
You probably want to use 'Variable Variables' here. Basically, you'd use a double dollar sign $$ to create a variable with the name of the array value.
$_POST['bed_min'] = 'Rick';
$minmax = array('bed_min', 'bed_max', 'rec_min', 'rec_max', 'bath_min', 'bath_max', 'value_min', 'value_max');
foreach ($minmax as $var){
$$var = $_POST[$var];
}
print "<BR>BED MIN: ".$bed_min;
This outputs:
BED MIN: Rick
I have a form being passed in $_POST where the names of each field correspond with data in a database
$_POST['test']; (has a value of 1)
$_POST['prod']; (has a value of 2)
Both test and prod are unique names in the database. Is there a way I can dynamically grab a $_POST variable? For example (some code that doesn't work)
$getServerIDs = $link->query("SELECT * FROM servers");
while($row = $getServerIDs->fetch_assoc()){
$serverName = $row['name'];
$newDisplayID = $_POST['$sName'];
$updateDisplayID = "UPDATE servers SET displayID = $newDisplayID WHERE name = $servername";
$runQuery = $link->query($updateDisplayID);
The $_POST['$sName'] is the line of code being the problem. Whats the best way to fix this?
The problem is with line $newDisplayID = $_POST['$sName']; you used single quote and when you put variable in single quote then it is not parsed by php use $_POST[$sName]; or $_POST["$sName"];
Edited
DEMO
Dont use quotes OR use double quotes.
Also be carefull you are using highly insecure code. Google sql injection
You can use array_keys() to get all keys inside and array as $_POST.
$keys = array_keys( $_POST );
But be aware, that your user could add any key there in their submission. So you should in any case filter and sanitize this input!
Down the line you could then use this $keys array to do your output.
Following is my code showing some error in mysql query:
<?php
$con=mysql_connect('localhost','root','');
$str=$_GET["message"];
$stor=explode(" ",$str);// converting message into array
mysql_select_db('words',$con);
for($j=0;$j<=30; $j++)
{
mysql_query($con,"UPDATE blacklist SET $stor=1 where $stor=0");//if column name=element in array then make it as 1 in database
}
mysql_close($con);
?>
Your code is vulnerable to SQL Injection. Read up on prepared statements and use PDO/MySQLi.
$stor is an array object and cant be used directly in the query. If you want to use it, try using
IN('.implode(",", $stor).')
the code above does the following:
implode() - takes an array and turns it into a comma separated string.
IN() - compares the given comma separated values and returns true if at least one of them exists.
Example (implode):
implode(",", array(1,2,3)) IS EQUAL TO "1,2,3"
Example (IN):
TestID IN (1,2,3) IS SAME AS (TestID = 1 OR TestID = 2 OR TestID = 3)
You're probably getting a mysql error because your query ends up looking like this
UPDATE blacklist SET Array=1 where Array=0;
If you're just echoing out a full array, you get Array instead, you'll need to specify an array element ($stor[1] for example).
What you'll want to do is replace your for loop with a foreach so that you can just throw out the elements one at a time.
Also, your arguments are backwards.
foreach($stor as $word)
{
mysql_query("UPDATE blacklist SET $word=1 where $word=0", $con);
}
Iam trying to insert Array data (ie., checkbox values) into Mysql db (using Phpmyadmin)
when I try to store, iam getting as 'Array' for the field "forms" in db..
please someone tell me what changes I have to do for the below code, so I can store all the array values (seperated with commas in my db)
here is the code:
if(isset($_POST['forms']) && $_POST['forms']!=''){
$table = $wpdb->prefix . "eshop_orders";
$forms=$wpdb->escape($_POST['forms']);
$query1=$wpdb->query("UPDATE $table SET forms='$forms' where checkid='$checkid' limit 1");
}
Use serialize on the array before inserting the values, and unserialize when you call the values from memory.
For example:
$data = serialize($_POST['forms']);
You can change the array value to string using comma seperator and store it to db.
In Php there is an implode function to convert the array value to string using seperator.
$value = implode(",", $forms);
echo $value;
http://php.net/manual/en/function.implode.php