2

Basically I have a dynamic form which provides a variable number of inputs depending on how the user selects that, I have set all text inputs with this name="user[]" to store the values into an array.

I then after submission of form place into this array:

$array = check_input($_POST['user']);

I am then using this array in a query like so:

$query = 'SELECT * FROM users_tb WHERE student_number IN(' . implode(',', $array) .')';
mysql_query($query) or die(mysql_error());
$result=mysql_query($query);

and I get this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1

Now i wanted to check also values are in the array, but when i try print_r($array); to see if the values are there it just prints the word "Array"

what am I doing wrong here?

thanks

ADDITIONAL PROBLEM ----

I have an array strings inputted by the user in a different dynamic form. I want to store each value in the array into a table along with an itemid (which is the same for all)

My query is currently inserting the whole array into one rows text_value with implode. Is there a way instead of looping through the array and running a query for each value in the array, for me to do this?

current query:

$query = "INSERT INTO answers_tb (item_id, text_value)VALUES('$itemid','".implode(',', $answers) . "')";

here is print_r of array:

Array ( [0] => option 1 [1] => option 2 [2] => option 3 [3] => option 4 )

thanks

Improve this question
1
  • Sounds like your check_input() function might be doing something wrong. May we see the source for that? Commented Mar 29, 2011 at 15:19

3 Answers 3

Reset to default
1

All of the operations you do in check_input() are designed for strings. Consider trying this instead.

function check_input_array($data)
{
   foreach ($data as &$d) {
     $d = trim($d);
     $d = stripslashes($d);
     $d = htmlspecialchars($d);
     $d = mysql_real_escape_string($d);
   }
   return $data;
}

Now you will have two functions: check_input() which is suitable for strings and check_input_array() which is suitable for 1-dimensional arrays.

Also, refer to fredrik's answer as he has spotted that your code forgets to quote the values that you put into your SQL string.

My guess is that, for your sample array, the following needs to be inserted into the table.

item_id|text_value
-------+----------
      0|option 1
      1|option 2
      2|option 3
      3|option 4

That would look something like this, then.

$records = array();
foreach($array as $item_id => $text_value) {
    $records[] = '("' . $item_id . '","' . $text_value . '")';

}
$sql = 'INSERT INTO answers_tb (item_id, text_value) VALUES';
$sql .= implode(',', $records);
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

what does the & infront of $d do?
&$d means $d is a reference, as opposed to a copy. This way, when I change the value of $d, it changes the value of what it references -- which in this case are the values in $data. If there was no reference, $d would be a copy of the value, and changing $d would thus have no effect on the values in $data.
right ok, thankyou! any chance you could help me with my actual query problem? i have updated
No problem. Could you show us a print_r of your array so that we can understand the structure of it? ie, how the multiple item_id and text_value pairs are to be retrieved.
can you explain this bit: $array as $item_id => $text_value I mean I want the item_id to be constant for all rows essentially, if that makes sense?
|
1

I've done a similar query in the past, and I had to use this implode for it to work:

$numbers = "'".implode($array,"','")."'";
$query = "SELECT * FROM users_tb WHERE student_number IN ($numbers)";

EDIT: This is probably not the solution for your problem, the problem is probably your check_input function. If the parameter is an array. I.e trim doesn't take an array as input parameter, but a string, so you will have to loop through the array and trim each element.

Improve this answer

Comments

0

Your array is empty.

When the array is empty print_r will print it like:

Array
(
)

Also when the array is empty, your query will look like:

SELECT * FROM users_tb WHERE student_number IN()

which is incorrect because of the empty list for IN clause.

You can try:

$query = 'SELECT * FROM users_tb WHERE student_number IN('NULL, ' . implode(',', $array) .')';
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.