How to solve cannot use string offset as an array error in PHP?

Question

I want to add multiple data into table at once but my code gives an error saying 'cannot use string offset as an array'. I have attached my code. Can anyone help me to solve this?

$issuedate=$_POST['issuedate'];
$member=$_POST['member'];
$bno[0]['TitleNo'] = $_POST['bno'];
$bno[1]['TitleNo'] = $_POST['bno1'];
$bno[2]['TitleNo'] = $_POST['bno2'];
$bno[3]['TitleNo'] = $_POST['bno4'];                        
$returndate = $_POST['returndate'];

for($i=0; $i<4; $i++)
{
    $sql5 = mysqli_query($db, "INSERT INTO borrow(TitleNo,MemberID,IssueDate,dueDate,ReturnDate) VALUES ('".$bno[$i]['TitleNo']."','$member','$issuedate','$returndate')");
}

if ($sql5)
{
    echo '<h4 class="message">Add New Book Copies! </h4>'; // echo $test;   
}
else
{
    echo 'Fail.';
}

You could make your life easier using arrays for the name attributes of your inputs as well. And you have an sql injection problem. — jeroen
– jeroen, Commented Apr 22, 2015 at 8:27
looks like $bno had the string assigned to it instead of array before this code. — n-dru
– n-dru, Commented Apr 22, 2015 at 8:39
For start ... start watching videos (like Laracast) and reading tutorials for clear and reusable code! On other hand ... just add "$bno = array();" — Lachezar Todorov
– Lachezar Todorov, Commented Apr 22, 2015 at 9:32

Community · Accepted Answer · 2017-05-23 11:43:36Z

2

You are probably assigning string to $bno variable thus it dynamically becomes of type string. More info here. Regarding the example you should

$bno = array();
Escape all your DB inputs (or even better, use prepared statements)
It makes more sense to put the if..else inside the for loop

Thus

$bno = array();

$mysqli_conn = mysqli_connect("localhost", "user", "password", "schema");

$issuedate = mysqli_real_escape_string($mysqli_conn, $_POST['issuedate']);
$member = mysqli_real_escape_string($mysqli_conn, $_POST['member']);
$bno[0]['TitleNo'] = mysqli_real_escape_string($mysqli_conn, $_POST['bno']);
$bno[1]['TitleNo'] = mysqli_real_escape_string($mysqli_conn, $_POST['bno1']);
$bno[2]['TitleNo'] = mysqli_real_escape_string($mysqli_conn, $_POST['bno2']);
$bno[3]['TitleNo'] = mysqli_real_escape_string($mysqli_conn, $_POST['bno4']);                        
$returndate = mysqli_real_escape_string($mysqli_conn, $_POST['returndate']);

for($i=0; $i<4; $i++)
{
    $sql = mysqli_query($db, "INSERT INTO borrow(TitleNo,MemberID,IssueDate,dueDate,ReturnDate) VALUES ('".$bno[$i]['TitleNo']."','".$member."','".$issuedate."','".$returndate."')");

    if ($sql)
    {
        echo '<h4 class="message">Add New Book Copies! </h4>'; // echo $test;   
    }
    else
    {
        echo 'Fail.';
    }
}

edited May 23, 2017 at 11:43

CommunityBot

11 silver badge

answered Apr 22, 2015 at 9:31

sitilge

3,7375 gold badges33 silver badges61 bronze badges

Sign up to request clarification or add additional context in comments.

3 Comments

iivannov Over a year ago

You have an error in your code. When using mysqli_real_escape_string in procedural style you should pass the DB instance.

Lachezar Todorov Over a year ago

mysqli_real_escape_string is used wrong! Please check documentation and fix your code.

sitilge Over a year ago

Sorry, was typing at the speed of thoughts. Edited the answer.

iivannov · Accepted Answer · 2015-04-22 09:38:23Z

1

You have set $bno as string in some previous code. What you can do for a quick fix is:

change $bno to somehing else, for example $book

$book[0]['TitleNo'] = $_POST['bno'];  
$book[1]['TitleNo'] = $_POST['bno1'];
//..

set $bno to a new array and then assign the values

$bno = array();
$bno[0]['TitleNo'] = $_POST['bno'];  
$bno[1]['TitleNo'] = $_POST['bno1'];  
//...

Additional Notes

By the way it's better to escape somehow the values you enter in your DB. You can use mysqli_real_escape_string

Just assign do this for all the values:

$bno[0]['TitleNo'] = mysqli_real_escape_string($db, $_POST['bno']);

Sources to read

http://php.net/manual/en/mysqli.real-escape-string.php

edited Apr 22, 2015 at 9:38

answered Apr 22, 2015 at 9:25

iivannov

4,3961 gold badge21 silver badges24 bronze badges

Comments

henrik123 · Accepted Answer · 2015-04-22 09:19:52Z

You should have a look att prepared statements and bind params. When you're doing the insert statements you select five columns and only inserts four values.

 $sql5 = mysqli_query($db, "INSERT INTO borrow(TitleNo,MemberID,IssueDate,dueDate,ReturnDate) VALUES ('".$bno[$i]['TitleNo']."','$member','$issuedate','$returndate')");

And as @jeroen mentioned, your code has sql-injection problems, read more about sql-injection here.

I've created and exampel using prepared statements and bind params. Note:

$stmt->bind_param('sssss',$bno[$i]['TitleNo'], $member, $issuedate, $dueDate, $returndate);

'sssss' are just for demo purpose, I assume dueDate and returndate columns are datetime something simular.

$DBServer = 'localhost';
$DBUser  = 'root';
$DBPass = 'root';
$DBName = 'borrow';

$conn = new mysqli($DBServer, $DBUser, $DBPass, $DBName);

$sql = ' INSERT INTO borrow (TitleNo,MemberID,IssueDate,dueDate,ReturnDate) VALUES (?,?,?,?,?)';

$TitleNo = $bno[0]['TitleNo'];
$member = 'MemberID';
$issuedate = 'issuedate';
$dueDate = 'dueDate';
$returndate = 'returndate';

/* Prepare statement */
$stmt = $conn->prepare($sql);
if($stmt === false) {
trigger_error('Wrong SQL: ' . $sql . ' Error: ' . $conn->error, E_USER_ERROR);
}


for( $i= 0; $i < count($bno); $i++){
/* Bind parameters. s = string, i = integer, d = double,  b = blob */
$stmt->bind_param('sssss',$bno[$i]['TitleNo'], $member, $issuedate, $dueDate, $returndate);

/* Execute statement */
$stmt->execute();
}
if( $stmt->affected_rows > 0 ){
    echo '<h4 class="message">Add New Book Copies!</h4>';
}

$stmt->close();

However im not sure if it's best practice to do a mass insert to db using a for-loop.

Kickstart · Accepted Answer · 2015-04-22 09:23:02Z

Initialising your array (ie, $bno was probably initialised to a string in your code which caused the error you are seeing), escaping the input and doing a single INSERT (rather than 4, where you only check the results of the last one):-

<?php 
$bno = array();
$sql_array = array();
$issuedate = mysqli_real_escape_string($db, $_POST['issuedate']);
$member = mysqli_real_escape_string($db, $_POST['member']);
$bno[0]['TitleNo'] = mysqli_real_escape_string($db, $_POST['bno']);
$bno[1]['TitleNo'] = mysqli_real_escape_string($db, $_POST['bno1']);
$bno[2]['TitleNo'] = mysqli_real_escape_string($db, $_POST['bno2']);
$bno[3]['TitleNo'] = mysqli_real_escape_string($db, $_POST['bno4']);                        
$returndate = mysqli_real_escape_string($db, $_POST['returndate']);

foreach($bno AS $abno)
{
    $sql_array = "('".$bno['TitleNo']."','$member','$issuedate','$returndate')"
}
$sql5 = mysqli_query($db, "INSERT INTO borrow(TitleNo,MemberID,IssueDate,dueDate,ReturnDate)
        VALUES ".implode(', ', $sql_array));            
if ($sql5) 
{
    echo '<h4 class="message">Add New Book Copies!</h4>';
    // echo $test;
} 
else
{
    echo 'Fail.';
}

This does suggest that the database could be further normalised, as you have multiple rows being inserted that are identical except for one value.

Collectives™ on Stack Overflow

How to solve cannot use string offset as an array error in PHP?

4 Answers 4

3 Comments

Comments

Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

4 Answers 4

3 Comments

Comments

Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related