How to Insert Session Array into MySQL DB using PHP

Question

I have a multi page form and am trying to capture an array as a session to insert into mysql. Page two of the form is the "Address" section. Here I ask for Address information. The user can hit a "enter another address" button which expands another box.

The user hits next to go to the next page (phone.php) where I ask for phone info. On this page I think I am registering the session data correctly like so:

if(!isset($_SESSION)) 
{ 
@session_start(); 
}  
header("Cache-control: private");
ob_start();

include('header.php');

//now, let's register our session variables from address.php
session_register('addressLineOne');
session_register('addressLineTwo');

//finally, let's store our posted values in the session variables
$_SESSION['addressLineOne'] = $_POST['addressLineOne'];
$_SESSION['addressLineTwo'] = $_POST['addressLineTwo'];

Eventually we hit the submit.php . If I disable the code to add an additional address, this is the insert I am using which works fine.

 $insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo)
 VALUES ( '$id','$_SESSION[addressLineOne]','$_SESSION[addressLineTwo]')";
 if (!mysql_query($insertAddress,$con))
   {die('Error: ' . mysql_error());}
 echo "";

When I enable the "add additional address" code, the insert above will insert "ARRAY" into every DB field. I have been trying out the following:

 foreach($_SESSION['idperson'] as $row=>$id)
{
    $idperson=$id;
    $addressLineOne=$_SESSION['addressLineOne'][$row];
    $addressLineTwo=$_SESSION['addressLineTwo'][$row];
}
 //enter rows into database
 foreach($_SESSION['idperson'] as $row=>$id)
{
    $idperson=mysql_real_escape_string($id);
    $addressLineOne=mysql_real_escape_string($_SESSION['addressLineOne'][$row]);
    $addressLineTwo=mysql_real_escape_string($_SESSION['addressLineTwo'][$row]);
}

 $insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo)
 VALUES ('.$id.','.$addressLineOne.','.$addressLineTwo.')";

 if (!mysql_query($insertAddress,$con))
 {
 die('Error: ' . mysql_error());
 }
 echo "$row record added";

Instead of working, however, the above just inserts a couple of dots like "..." into the database. I don't know what else to do. Am I not grabbing the session data correctly? Is my foreach code way off? Thanks for any help.

Here is the code i'm using to add another table on address.php:

 <?php for($i=1; $i<6; $i++):?>
 <div id='hidden<?php echo $i; ?>' style='display: none'>
<tr class="odd">
    <td width="33%">Street/Number</td>
    <td><input type="text" name="addressLineOne[]" id="addressLineOne<?php echo $i; ?>"/></td>
</tr>
<tr>
    <td>Address 2</td>
    <td><input type="text" name="addressLineTwo[]" id="addressLineTwo<?php echo $i; ?>"/></td>
</tr>
 <?php endfor; ?>

Submit.php doesn't have anything besides connecting to the db and the above insert.

So just on first pass: did you know that session_register is deprecated? and that its usage with $_SESSION will lead to crazy, wild and, unpredictable results (according to the manual)? — Mark Elliot
– Mark Elliot, Commented Jan 23, 2011 at 4:16
I did not know that. I'm not a php programmer, just kind of figuring this out as I go along. i must have got that from an older tutorial. Can I just completely delete session_register then? — dfour
– dfour, Commented Jan 23, 2011 at 4:18
On second pass: we need to see more from either submit.php or this "inserting array" thing that you're doing. — Mark Elliot
– Mark Elliot, Commented Jan 23, 2011 at 4:21

Mark Elliot · Accepted Answer · 2011-01-25 15:38:28Z

1

So just going through and doing some cleanup:

Your first block:

No need to condition calling session_start, it's safe to just call it at the top of your script. Also, don't suppress warnings there, if you're getting warnings, find the root cause and eliminate them.

session_start();
header("Cache-control: private");
ob_start();
include('header.php');

No need to register session variables with session_register, it's deprecated now and the manual says don't use it -- especially don't use it mixing with use of $_SESSION sets.

$_SESSION['addressLineOne'] = $_POST['addressLineOne'];
$_SESSION['addressLineTwo'] = $_POST['addressLineTwo'];

So $_SESSION now contains at least two keys corresponding to what's just been set.

The rest of your problem stems from likely iterating through your array structure incorrectly (show us some more of your code).

Some cleanup on your second block:

There's no need to iterate through your list twice -- assuming you're iterating correctly, you just need to go through once and run the insert every time (rather than at the end). This does assume you want one row per address indexed by the id.

Also, you might reconsider your use of die as an error control mechanism, it'll simply terminate the entire script execution -- is that really what you want?

// enter rows into database
foreach($_SESSION['addressLineOne'] as $row => $id){
    $idperson = mysql_real_escape_string($_SESSION['idperson']);
    $addressLineOne = mysql_real_escape_string($_SESSION['addressLineOne'][$row]);
    $addressLineTwo = mysql_real_escape_string($_SESSION['addressLineTwo'][$row]);
    $insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo)
                    VALUES ('.$id.','.$addressLineOne.','.$addressLineTwo.')";
    if(!mysql_query($insertAddress,$con)){
        // maybe not the best use of `die` here?
        die('Error: ' . mysql_error());
    }
    echo "$row record added";
}

edited Jan 25, 2011 at 15:38

answered Jan 23, 2011 at 4:22

Mark Elliot

77.4k23 gold badges147 silver badges162 bronze badges

Sign up to request clarification or add additional context in comments.

2 Comments

dfour Over a year ago

Thank you for the cleanup suggestions. I have implemented them. The code above to enter into the database is not hitting the address table, unfortunately.

Mark Elliot Over a year ago

@dfour: I've made a small change so that the foreach is on addressLineOne instead of idperson, I suspect this will fix your problem.

Michael Mior · Accepted Answer · 2011-01-23 04:18:51Z

0

Without knowing what your "add additional address code" is, it seems that the addressLineOne and addressLineTwo variables come out as arrays. To check exactly what you're storing, you can use PHP's var_dump function. I suggest adding var_dump($_SESSION); somewhere in your code to see exactly what is being stored in the session so you can make sure it's what you think it is.

answered Jan 23, 2011 at 4:18

Michael Mior

28.9k10 gold badges95 silver badges118 bronze badges

4 Comments

dfour Over a year ago

I should have mentioned that section looks like this. <?php for($i=1; $i<6; $i++):?> <td><input type="text" name="addressLineOne[]" id="addressLineOne<?php echo $i; ?>"/></td> <?php endfor; ?>

Michael Mior Over a year ago

I suggest you update your question and add that code. What to do you get when executing var_dump($_SESSION)? In any case, it seems that perhaps you want to join the array before inserting into the database. You can't just dump a PHP array into your database and have it work. Try replacing $addressLineOne with implode("\n", $addressLineOne) when constructing your SQL query (and similarly for $addressLineTwo)

dfour Over a year ago

Sorry about this, I stink at formatting these comments. This is the output I get with the dump. And I have updated my original post with some more code.......["addressLineOne"]=> array(6) { [0]=> string(12) "streetnumber" [1]=> string(13) "streetnumber2" [2]=> string(0) "" [3]=> string(0) "" [4]=> string(0) "" [5]=> string(0) "" } ["addressLineTwo"]=> array(6) { [0]=> string(4) "apt1" [1]=> string(4) "apt2" [2]=> string(0) "" [3]=> string(0) "" [4]=> string(0) "" [5]=> string(0)

Michael Mior Over a year ago

Did you submit the form with empty data? Also, if this is how you are structuring your form, you need to decide how to convert that to store in your database. As I mentioned, you can't just dump a PHP array into the DB. If each individual piece of information is important to you, then you probably want to consider restructuring your database to store this info in separate fields.

Marc B · Accepted Answer · 2011-01-23 07:45:51Z

As well:

$insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo) VALUES ('.$id.','.$addressLineOne.','.$addressLineTwo.')";

You're using double-quoted strings, so the ' single quotes within the query won't "break out" of string mode, so if $id,$addressLineOneand$addressLineTwo` are blank for whatever reason, your query ends up looking like:

INSERT INTO ... VALUES ('..', '..', '..')

which explains why you're getting dots in your fields.

Either rewrite the query to be

$insertAddress = "INSERT .... VALUES ('$id', '$addressLineOne', '$addressLineTwo')

or

$insertAddress = 'INSERT ... VALUES (\'' . $id . '\', \'' ....)

Personally, directly writing variables into double-quoted strings leads to far more readable code, especially in a syntax highlighting editor which is PHP-aware.

Collectives™ on Stack Overflow

How to Insert Session Array into MySQL DB using PHP

3 Answers 3

2 Comments

4 Comments

Comments

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

3 Answers 3

2 Comments

4 Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Related