0

I have this previous post where I need to change my HTML form to accept an array. This post has the full details of the code.

So I changed all forms accordingly, such as:

<select name="camera_type[]">

But now I'm stuck on how to run the update query. Now that I store everything in an array I obviously can't use my query as is. Here is a post that seems to be exactly what I need, but I'm not sure I understand: Update MySQL table with an Array using Foreach

Any further help on this is appreciated.

Improve this question
1
  • What error are you getting when you run the UPDATE query? It looks like you have all of the code on the other post. Commented Nov 14, 2011 at 3:53

2 Answers 2

Reset to default
1

Use a foreach loop on the submitted value. Then you can iterate over the entire array and construct queries as you please.

For example: You have a $_POST['camera_type'] variable which is an submitted from the browser. In your php script do the following.

foreach($_POST['camera_type'] as $value) {
  //do your processing.
}
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Sorry, wasn't clear. I've added the foreach loop on the submitted value. Just not sure how to construct the update query. Do I update in each loop? Seems...inefficient?
Agreed, it seems inefficient, but it'd the only way. Unless you want to go down the track of creating a single UPDATE query and using CASE arguments to set the values for the various feeds based on the tuple's ID field.
@TomPepernic Tho may be inefficient its a general way. The POST['camera_type'] holds ONLY those which are submitted, so it wont have redundant values. Hence its better.
1

To help understand looping through an array and running UPDATE queries check this out:

// first setup your MySQLi connection
$db = new mysqli('localhost', 'user', 'pass', 'dbname');

if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit;
}

// disable autocommit for transactions
$db->autocommit(false);

// **EDIT** forgot to escape input data. fixed now. note the mysqli_real_escape_string() and int type casting
foreach ($_POST['camera_type'] as $type) {
    // assuming 'id' is set in the POST array
    $query = sprintf(
        'UPDATE table SET column = "%s" WHERE id = %d', 
        $db->real_escape_string($type), 
        (int) $_POST['id']
    );
    $db->query($query);
}

// commit transactions (or commit the updates that were run) and then close
$db->commit();
$db->close();
Improve this answer

6 Comments

hmm oops missed that one. fixed. Thanks! ...but why was this downvoted?
because of sql injection which still persists. you have to either cast the id to int instead of escaping OR quote it.
Ok touche. Thanks for commenting! I fixed it now. :) Did I miss anything else? (by the way, I swear I always validate all my data before running queries lol)
data validation and query composing are different matters.
I am taking validation as data-specific routine, say, email validation. while query composing should be quite contrary - data-irrelevant, allowing any kind of data into query while making it safe way.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.