0

I have this :

foreach($textnode as $key => $value) {

$value = stripslashes($value);
 $value = mysql_real_escape_string($value, $con);


 mysql_query("INSERT INTO paragraphs (textnodes, url)
 VALUES ('$value', '$url')");



}

My table has three columns (textnodes, ytext, and url)

textnode and ytext are both arrays.....can I do this for two arrays?

Improve this question
2
  • What do you mean, for two arrays? Commented Jul 7, 2011 at 7:26
  • I wanted to know how can add the values from the textnode array and the ytext array into their respective rows.. Commented Jul 7, 2011 at 7:28

2 Answers 2

Reset to default
1

I think what you want is to use a normal for loop instead:

for($i=0;$i<sizeof($textnode);$i++){

    $textnode[$i] = stripslashes($textnode[$i]);
    $textnode[$i] = mysql_real_escape_string($textnode[$i], $con);

    $ytext[$i]    = stripslashes($ytext[$i]);
    $ytext[$i]    = mysql_real_escape_string($ytext[$i], $con);

     mysql_query("INSERT INTO paragraphs (paragraphs, ytext, url)
     VALUES ('$textnode[$i]', '$ytext[$i]', '$url')");

}

That way you can loop through both at once (not 100% sure that's what you were asking, but it's my best guess).

I haven't tested the code above but it should work. However the style it follows and the style you've shown above isn't very good. Here are a few improvements that could be made:

  1. Instead of making a separate query for each insert, do all the inserts in one query. This is better because there is only overhead for 1 query instead of $i queries.

  2. Abstract away the DB. Currently it seems that you are mixing business logic with DB logic. I can see this because you are escaping strings of text with specific purposes (textnode and ytext and url) and inserting them with a mysql query. Instead it would be prudent to abstract away the query so that the business logic isn't coupled with the db logic.

  3. A smaller note - you shouldn't have to call stripslashes. If you are using magic quotes, disable it immediately instead, as it is deprecated and is considered a bad practice now.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Your SQL query can't work since you did not escaped+concatenated your variables. Make it VALUES ('".$textnodes[$i]."', ...
@caffein: It might not work as I haven't tested it, but that part should be fine. Read this: php.net/manual/en/…
No, that works. Variables in double quotes do not need to be escaped.
By the way it's not a best way to insert multiple rows to database. Imagine there are 1 mln rows in input arrays - you requsts will overload server. It's better to combine your inserts into one INSERT command: $inserts [] = "('val1', 'val2', 'val3)"; and then finally execute all at once: mysql_query( "INSERT INTO table (col1, col2, col3) VALUES " . join(',', $inserts))
@WASD42: I definitely agree - the overhead from multiple inserts would definitely put a lot of stress on the server.
0

Have you tried serialize? It converts your array into a "storable" form (string). When you select from your table again unserialize will convert the string back into an array.

Just guessing, your question is somewhat unclear ...

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.