0

I have multiple arrays which I am passing to a file sales_process.php on the form submit action. The arrays are named like this : boards1 = {a , b , c}, boards2 = {b , c , d}, boards3 = {a , c , d} . . and so on (The values are not a,b,c,d). I am passing them through multiple 'multiple select boxes' in my form like this where a,b,c,d are my multiple select options : 

for ($count=1;$count<10;$count++)
echo "<td>"."<select name='boards".$count."[]' multiple='multiple'>".showOptionsDrop($boards,$arr)."</select></td>";

Now when i pass them to the file sales_process.php, i want to convert these arrays into strings using implode function so that i can store them into my 'schools' table. In sales_process.php file, I am doing this: 

for ($i=0;$i<$count;$i++) {
$board = implode(',',${'boards'.$i});
$query = "UPDATE schools SET board = '$board' where schoolcode = (some_no)";
$result = mysql_query($query) or die("Error in updating table :".mysql_error());
}

So in this way, every time my loop runs, the values of boardsX gets converted into string and gets stored in the table, where X is 1,2,3.... and so on.
The problem is the implode function is not working and giving error :
Warning: implode() [function.implode]: Invalid arguments passed in C:\xampp\htdocs\relationshipReport\sales_process.php on line 18

Now if you say that the variable ${'boards'.$i} is not an array, i did this and found out that its giving me an array only : 

$i=1;
var_dump(${'boards'.$i});
print_r(${'boards'.$i});

which gives the output as : 

array(3) { [0]=> string(4) "CBSE" [1]=> string(4) "ICSE" [2]=> string(5) "IGCSE" }
Array ( [0] => CBSE [1] => ICSE [2] => IGCSE )

I hope my question is clear. Please help me in finding out whats going wrong in the implode function. If you don't understand the question, please mention it.

Improve this question
13
  • When working with arrays in PHP, wrap with square braces, [ and ], rather than their curly counterparts. Try fixing this and reporting back. :) Commented Jul 6, 2012 at 5:34
  • Well, it's an array when $i is 1, but is it always an array? Commented Jul 6, 2012 at 5:34
  • @SebastiánGrignoli : yes the variable which i am passing is in the format of 'boardsX' where X is an integer value, so its always an array when concatenated. Commented Jul 6, 2012 at 5:41
  • @Spiritfyre : i did $['boards'.$i] only to find out that its giving me an expression error :( Commented Jul 6, 2012 at 5:42
  • 1
    You need to access it as $_POST['boards'.$i] or $_GET['boards'.$i], depending how you sent the content from the form. Commented Jul 6, 2012 at 5:45

2 Answers 2

Reset to default
2

From your examples, I believe this is your current code:

for ($i=0;$i<$count;$i++) {
    $board = implode(',',${'boards'.$i});
    $query = "UPDATE schools SET board = '$board' where schoolcode = (some_no)";
    $result = mysql_query($query) or die("Error in updating table :".mysql_error());
}

If so, try altering it so it looks like this:

for ($i=0;$i<$count;$i++) {
    if(isset($_POST['boards'.$i]))
    {
        $board = mysql_real_escape_string(implode(',',$_POST['boards'.$i]));
        $query = "UPDATE schools SET board = '$board' where schoolcode = (some_no)";
        $result = mysql_query($query) or die("Error in updating table :".mysql_error());
    }
    else
    {
        echo '$_POST[\'boards' . $i . '\'] doesn\'t exist or is null.<br>';
    }
}

This contains an if condition, checking that the array entry actually exists. If it does exist, it runs the query. If it doesn't, it echos back a message, telling you which one doesn't exist.

Even if you have confirmed at the frontend with Javascript, you should always check before running code, just to be sure it won't break it. You can never be too safe, especially if your code contains sensitive information.

Try this, and let me know how you go.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Please add escaping to $board before sending it to the query.
Good thinking @SebastiánGrignoli. I'll add that in now.
@Mohit, if you don't use mysql_real_escape_string($boards) you will be introducing a SQL injection vulnerability to your server.
Thank you both. I found out what was the error. I was passing the variables starting from boards1[] and so on whereas my for_loop used the counter starting from 0 so it was doing it as boards0[]. Damn it, I am such a noob. :( Thanks you all for your time.
No worries @Mohit. If in doubt, print what you're doing. Debug step number one. :)
|
1

Assume ${'boards'.$i} comes from $_POST['boards'.$i]. (If not, you are using register_globals, but that is not good.)

For multiple select, if no options is selected, then $_POST['boards'.$i] will give you null instead of an array.

Improve this answer

3 Comments

In which case, the user simply needs to insert a if condition into the for loop surrounding the implode function. Something like if(isset($_POST['boards'.$i])) should do.
No i am using $_POST['boards'.$i] and not register globals. Also I assure you that none of the arrays is empty, i have done that validation at the front end using javascript.
This kind of validation should be done both client side and server side.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.