Using array after POST

Question

I would like to edit database entries with a simple form. The id and name of each entry is fixed.

Problems:

After submitting the form $farray does only include the edited data of $array[3] not of the other records.
$farray doesn't include name and id (not included in the form). I need the id of the record for the query.

What could I use as a workaround?

Current script

<?php 
$query = mysql_query("SELECT * FROM database");
$array = array();
while($row = mysql_fetch_assoc($query)){ 
  $array[] = $row;
}

if(isset($_POST['send'])) 
{ 
    $farray = $_POST['farray'];

    foreach ($farray as $key => $value) {
        echo('UPDATE database SET ' . $key . ' = "' . $value . '"' . ' WHERE id = ' . $farray['id']);  //testing
    } 
} 
?>

<form action=" <?=$_SERVER['PHP_SELF']?> " method="POST">
<?php
foreach($array as $key1){
    echo $key1["name"] . "<br />";
    foreach($key1 as $key => $value){
        if ($key != "id" AND $key != "name") {
            print $key. 
            ' <input type="text" name="farray['.$key.']" value="'.$value.'"><br /><br />';
        }    
    }
}
?>
<input type="submit" name="send" value="send"> 
</form>

Example $array

Array
(
    [0] => Array
        (
            [id] => 0
            [name] => name0
            [1] => 1
            [2] => 2
            [3] => 3
        )

    [1] => Array
        (
            [id] => 1
            [name] => name1
            [1] => 1
            [2] => 2
            [3] => 3
        )

    [2] => Array
        (
            [id] => 2
            [name] => name2
            [1] => 1
            [2] => 2
            [3] => 3
        )

    [3] => Array
        (
            [id] => 3
            [name] => name3
            [1] => 1
            [2] => 2
            [3] => 3
        )
)

Example $farray (after editing and submitting form)

Array
(
    [1] => 10
    [2] => 20
    [3] => 30
)

Do you actually have fields in your database table that are named 1, 2, and 3? — Brian Gottier
– Brian Gottier, Commented Dec 24, 2017 at 15:45
I left you an answer. You've got a major security issue (SQL injection vulnerability) that you'll want to address, but the point of my answer was to show you how to post arrays of data correctly. My answer should make it quite obvious how to fix your actual code. — Brian Gottier
– Brian Gottier, Commented Dec 24, 2017 at 16:15
@BrianGottier I am aware of the security. Thanks a lot for your answer! — Scripter
– Scripter, Commented Dec 24, 2017 at 16:21

Brian Gottier · Accepted Answer · 2017-12-24 16:07:32Z

OK, even though your table fields are not 1, 2, and 3, you just needed to change up your posted array a little. So I made you a little example:

<form method="post">
<?php
// Simulate DB records
$array = [
  [
    'id'   => 0,
    'name' => 'name0',
    '1'    => 1,
    '2'    => 2,
    '3'    => 3
  ],
  [
    'id'   => 1,
    'name' => 'name1',
    '1'    => 1,
    '2'    => 2,
    '3'    => 3
  ],
  [
    'id'   => 2,
    'name' => 'name2',
    '1'    => 1,
    '2'    => 2,
    '3'    => 3
  ]
];
// Create the input fields:
foreach( $array as $key1 )
{
    echo $key1["name"] . "<br />";

    foreach($key1 as $key => $value)
    {
        if ($key != "id" AND $key != "name") 
        {
            echo $key. 
            ' <input type="text" name="farray[' . $key1['id'] . ']['.$key.']" value="'.$value.'"><br /><br />';
        }    
    }
}
?>
<button type="submit">Submit</button>
</form>

<pre>
<?php 
if( isset( $_POST['farray'] ) )
{
  print_r( $_POST );

  foreach( $_POST['farray'] as $id => $values ) 
  {
    foreach( $values as $k => $v )
    {
      echo('UPDATE database SET ' . $k . ' = "' . $v . '"' . ' WHERE id = ' . $id ) . '<br />';
    }
  }
}
?>
</pre>

I tested this, and I think it works as you would expect.

Collectives™ on Stack Overflow

Using array after POST

1 Answer 1

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

1 Answer 1

Comments

Your Answer

Sign up or log in

Post as a guest

Related