0

hi guys so this page where part of the form elements are made arrays by adding square brackets to the input names. the reason i did that is because that part of the form is handled in jquery this post(my post about jquery) if you take a glimpse will understand what/why i did in array.
im trying to save the data into database but it gives me warning:

Warning: mysql_real_escape_string() expects parameter 1 to be string, array given in D:\Xampp\htdocs\EMS2\add_contact.php on line

how to post the data?

3
Contributors
15
Replies
54
Views
3 Years
Discussion Span
Last Post by diafol
0

Post the bit of code that uses the mysql_real_escape_string() function. It is important that you give this function a string as a parameter (not an array as in your case).

0

i used it here:

    $childsalutations = ($_POST['child-salutations']);
    $childfname = ($_POST['child-fname']);
    $childlname = ($_POST['child-lname']);
    $childline1 = ($_POST['child-line1']);
    $childline2 = ($_POST['child-line2']);
    $childemail = ($_POST['child-email']);
    $childm = ($_POST['child-mobile']);

i got rid of mysql_real_escape_string but the warning still shows.

0

Obviously $_POST['child-fname'], $_POST['child-lname'] and others are arrays, not strings. Can you post the contents of some of them. Put this code somewhere in the script and post the output here.

print_r($_POST['child-fname']);
print_r($_POST['child-lname']);
...

And do not get rid of mysql_real_escape_string in production version. It means security.

0

print_r($_POST['child-lname']); nothing :( omg i have to start this page over? gah

0

In any case it is good practice to check for values before using them:

if(isset($_POST['child-fname']) && !empty($_POST['child-fname'])) {
    $childfname = ($_POST['child-fname']);
} elese {
    // do some falback procedure
}
0
    print_r ($_POST['child-fname']);
    print_r ($_POST['child-lname']);
    print_r ($_POST['child-line1']);
    print_r ($_POST['child-line2']);
    print_r ($_POST['child-mobile']);
    print_r ($_POST['child-office']);
    print_r ($_POST['cday']);
    print_r ($_POST['cmonth']);
    print_r ($_POST['cyear']);

this is what i got

Array ( [0] => Lia [1] => Rio ) Array ( [0] => Diwana [1] => Lee ) Array ( [0] => house 2 [1] => house 3 ) Array ( [0] => [1] => ) Array ( [0] => 0127896543 [1] => 0136524987 ) Array ( [0] => 78965413 [1] => 75421369 ) Array ( [0] => 19 [1] => 16 ) Array ( [0] => 7 [1] => 2 ) Array ( [0] => 1990 [1] => 1993 ) Column count doesn't match value count at row 1

Column count doesn't match value count at row 1 means that my query is retarded right?

Edited by nadiam

0
print_r ($_POST['child-fname']);
print_r ($_POST['child-lname']);
print_r ($_POST['child-line1']);
print_r ($_POST['child-line2']);
print_r ($_POST['child-mobile']);
print_r ($_POST['child-office']);
print_r ($_POST['cday']);
print_r ($_POST['cmonth']);
print_r ($_POST['cyear']);

result(which appears on top of page after insert):

Array ( [0] => Alia [1] => Ali ) Array ( [0] => Razali [1] => Razali ) Array ( [0] => house 2 [1] => house 1 ) Array ( [0] => [1] => ) Array ( [0] => 014965872 [1] => 0139874562 ) Array ( [0] => 79563214 [1] => - ) Array ( [0] => 16 [1] => 12 ) Array ( [0] => 4 [1] => 10 ) Array ( [0] => 1993 [1] => 1998 )

okay, i got it inserted into child database but in the specified field it says array.

|child_name|dob|house_add1|house_add2|mobile|office|email|

inserted:
|array|array-array-array|array| |array|array|array|

why?

Edited by nadiam

0
    $childsalutations = ($_POST['child-salutations']);
    $childfname = ($_POST['child-fname']);
    $childlname = ($_POST['child-lname']);
    $childline1 = ($_POST['child-line1']);
    $childline2 = ($_POST['child-line2']);
    $childemail = ($_POST['child-email']);
    $childm = ($_POST['child-mobile']);
    $childoff = ($_POST['child-office']);
    $cday = ($_POST['cday']);
    $cmonth = ($_POST['cmonth']);
    $cyear = ($_POST['cyear']);

insert query:

$add5 = mysql_query("INSERT INTO child VALUES('','".$childsalutations." $childfname $childlname',' ".$cday."-".$cmonth."-$cyear ','$childline1','$childline2','$childm','$childoff','$childemail')") or die(mysql_error());

fe496cd69ee10918f758006b9e6dc62a

Edited by nadiam

0

yup i added square brackets next to names.

example:

Line 1  :<input type="text" name="child-line1[]" id="child-line1"/>
Mobile No :<input type="text" name="child-mobile[]" id="child-mobile"/>
Line 2 :<input type="text" name="child-line2[]" id="child-line2" />
Office No :<input type="text" name="child-office[]" id="child-office" />
Email Address :<input type="email" name="child-email[]" id="email"  />
0

Why?

That's your problem - take off the square brackets and it might work. Or are you submitting multiple children at a time?

0

multiple childen at a time if it is has to be. its a contact form where users have to choose how many children they have and if its two or three or four then they will have to fill in their names etc and it will have to be in array form wouldn't it?

0

Yes, but you need to loop over. Also if you've got multiple children then your form ids don't make any sense as they have to be unique.

id="child-line1"

for example has to be unique

You have to be careful with multiple record insert as some fields are not sent if not set and that can mess up your order, e.g. checkboxes

So, assuming that you only have textboxes - all should be well

You need to build a prepared statement like this...

INSERT INTO table (field1,field2,field3,field4) VALUES (?,?,?,?),(?,?,?,?),(?,?,?,?) ...

And then bind all the parameters before executing. Should be simple enough.

0

Here's an example using username/pw into users table...

<?php
//DATA - DUMMY data from form
$_POST = array('username'=>array('ceri','arian','rhian'),'pw'=>array('a','b','c'),'someother'=>array('notreq1','notreq2','notreq1'));

//Form fields required in INSERT query in the order required in the SQL
$fields = array('username','pw');

//Connection details
$dsn = 'mysql:dbname=daniweb;host=localhost';
$user = '#########';
$password = '#########';

//Place post data into non-superglobal variable
$arr = $_POST;

//Gets the (?,?),(?,?)... string
function getValueClause($data,$fields)
{
    $fieldCount = count($fields);
    $recordCount = count(reset($data));

    $rep = str_repeat("?,",$fieldCount);
    $places = '(' . substr($rep,0,-1) . '),';
    $values =  str_repeat($places, $recordCount);
    return substr($values,0,-1);
}

//Gets the binding array, e.g. array('ceri','a','arian','b','rhian','c')
function getBindArray($data,$fields)
{
    $bind = array();
    for($i=0;$i<count($data[$fields[0]]);$i++)
    {
        foreach($fields as $field)
        {
            $bind[] = $data[$field][$i];    
        }
    }
    return $bind;
}

//Connect to DB via PDO
try {
    $dbh = new PDO($dsn, $user, $password);
} catch (PDOException $e) {
    echo 'Connection failed: ' . $e->getMessage();
}

//Prepare statement
$statement = "INSERT INTO users (username, pw) VALUES " . getValueClause($arr,$fields);
$stmt = $dbh->prepare($statement);
//Execute Statement
$stmt->execute(getBindArray($arr, $fields));
//Check number of rows inserted
echo $stmt->rowCount();
?>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.