0

I have a list of checkboxes that I want to insert into a database, which I have processed as an array: 

<input name="my_array[]" value="<?php echo $data['ID'] ?>" type="checkbox">
<?php echo $data['name'] ?><?php echo "br/>";

I'm getting my list of checkboxes from my database, and the selected checkboxes are being posted like so:

   $strFoo=$_POST['my_array'];

    $strBar = "";


    foreach ($strFoo as $strFooName) {

    $strBar .= $strFooName . ", ";
    }
    $strBar = substr($strBar, 0, -2);

Echoing, I get my list of ID's selected like so 1, 2, 3, 4

My below foreach is unfortunately only inserting the first ID of the array only..

foreach ($strFoo as $strFooName) {

        $strSql="INSERT INTO table (ID) 
                 VALUES ('$strBar')";
    }

How can I insert each ID into my table?

Improve this question

4 Answers 4

Reset to default
1

It'd have to be:

INSERT INTO table (ID) VALUES (1), (2), (3), (4)

so your processing step would need to be

$values = array();
foreach ($strFoo as $strFooName) {
     $values[] = '(' . intval($strFooName) . ')';
}

$strBar = implode(',', $values);

Note the addition of intval - that ensures that only valid numbers get inserted into the SQL statement. Your version was vulnerable to SQL injection attacks.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

What would the INSERT statement by with the (1), (2), etc?
That's mysql's "extended" insert syntax. each (#) becomes a new record in the table you're inserting to.
I see what your saying, but won't that only insert the first 4 INT's selected?
The loop should generate (#) sets for every checkbox selected in th form, since it's looping on strFoo, and that's just a copy of $_POST['my_array']. It'll insert as many checkboxes are selected. It will break if NO checkboxes are selected, however.
0

$strSql="INSERT INTO table (ID) VALUES ('$strBar')";

should be

$strSql="INSERT INTO table (ID) VALUES ('$strFooName')";

Improve this answer

Comments

0

You're looping in the array with $strFooName but you're inserting $strBar which is updated just once above.. Maybe it's the problem

Improve this answer

Comments

0

From 12.2.5. INSERT Syntax

INSERT statements that use VALUES syntax can insert multiple rows. To do this, include multiple lists of column values, each enclosed within parentheses and separated by commas. Example:

INSERT INTO tbl_name (a,b,c) VALUES(1,2,3),(4,5,6),(7,8,9);

That said, however. It looks like you're trying to just loop straight through your post array with this piece of code

foreach ($strFoo as $strFooName) {
        $strSql="INSERT INTO table (ID) VALUES ('$strBar')";
}

$strBar in that example hasn't been created. You might try

foreach ($strFoo as $strFooName) {
        $strSql="INSERT INTO table (ID) VALUES ('$strFooName')";
}

Although you should also look into preventing SQL injection if you're going to do that.

Improve this answer

2 Comments

Is the code in your question two different attempts, or does the first block of code influence the second?
Not sure what you mean by that, I've just changed the $variable it's inserting.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.