AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of JohnMac328
JohnMac328
Flag for United States of America asked on

SQL - Insert statement from array

I am using a SQL insert statement into a table taking field from a survey form.  It worked fine until they wanted to add some questions with checkbox answers.  I created a checkbox array and have to sanitize the input.  I can't figure out where the echo goes, I tried a couple of positions but it bombed the page - if I don't use the echo I get "array" inserted into the table instead of the value of the checkbox.

exploring is the checkbox array

Here is an example of the insert statement
INSERT INTO survey SET
		,$exploring='" .$this->real_escape_string(implode(',', $_POST['exploring'])). "' 
			,stay_informed_yes='" . $this->real_escape_string($_POST['stay_informed_yes']) . "'
			,stay_informed_no='" . $this->real_escape_string($_POST['stay_informed_no']) . "'

Open in new window

Thanks
Microsoft SQL ServerMySQL ServerSQL
Avatar of undefined
Last Comment
JohnMac328
8/22/2022 - Mon
Moussa Mokhtari
@ JohnMac328
How did you create exploring in client side ?
JohnMac328
ASKER
  <input  type="checkbox" name="exploring[]" id="field id" value="value for table" class="form-control">

Open in new window

Moussa Mokhtari
Are you running  $this->real_escape_string(implode(',', $_POST['exploring']))
inside your query if so try to put it in variable and insert the variable instead.
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
JohnMac328
ASKER
That is inside the query and it is trying to insert the variable - won't work without echo like they explained here

stack overflow
ASKER CERTIFIED SOLUTION
Moussa Mokhtari
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
JohnMac328
ASKER
Ok I will try that tomorrow at work
JohnMac328
ASKER
Looks like you have two different things happening with the same line - Here is a better explanation of what is happening

Here is the insert statement - after the insert the values are passed to an email function which sends the results of the survey to a recipient.  Here are some of the form fields that handle the checkbox array - what I get now is "Array" instead of the items that they checked.

			<div class="form-group">
    <label for="Title" class="control-label col-xs-4 col-sm-3">Title</label>
    <div class="col-xs-8 col-sm-9">
        <input  type="checkbox" name="exploring[]" id="id field" value="Value passed to the insert" class="form-control">
    </div>
</div> 
<div class="form-group">
    <label for="Title" class="control-label col-xs-4 col-sm-3">Title</label>
    <div class="col-xs-8 col-sm-9">
  <input  type="checkbox" name="exploring[]" id="id field" value="Value passed to the insert" class="form-control">
    </div>
</div> 
<div class="form-group">
    <label for="Title" class="control-label col-xs-4 col-sm-3">Title</label>
    <div class="col-xs-8 col-sm-9">
<input  type="checkbox" name="exploring[]" id="id field" value="Value passed to the insert" class="form-control">
    </div>
</div>

Open in new window


			$sql_3 = "INSERT INTO survey SET
			id='" .  $this->real_escape_string($_POST['id']) . "'
			,company='"  . $this->real_escape_string($_POST['company']) . "'
			,address1='" . $this->real_escape_string($_POST['address1']) . "'
			,address2='" . $this->real_escape_string($_POST['address2']) . "'
			,city='" . $this->real_escape_string($_POST['city']) . "'
			,state='" . $this->real_escape_string($_POST['state']) . "'
			,postal_code='" . $this->real_escape_string($_POST['postal_code']) . "'
			,email='" . $this->real_escape_string($_POST['email']) . "'
			,field='" . $this->real_escape_string((int)$_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,$exploring='" .$this->real_escape_string(implode(',', $_POST['exploring'])). "' 
			,field='" . $this->real_escape_string($_POST['field']) . "'
			,field='" . $this->real_escape_string($_POST['field']) . "'
			" . $this->usual_fields('survey);
			$result = $this->query($sql_3);

Open in new window

⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent