tags:

views:

61

answers:

3
Q: 

How do I save my current POST array to MySQL

This is my current $_POST output.

Array
(
    [fullname] => John Doe
    [email] => [email protected]
    [phone] => 123-455-6444
    [address] => 23-10 My Address
    [zip] => 12345

    [fullname_2] => Array
        (
            [0] => M. Owen
            [1] => V. Persie
        )

    [email_2] => Array
        (
            [0] => [email protected]
            [1] => [email protected]
        )

    [phone_2] => Array
        (
            [0] => 123-455-6555
            [1] => 222-111-1111
        )

    [submit] => Submit
)

I want the data above will store to my current database format looks like below.

id  | fullname  |  email             | phone         | address           | zip    | uid
----------------------------------------------------------------------------------------
1   | John Doe  | [email protected]      | 123-455-6444  | 23-10 My Address  | 12345  | 1
2   | M. Owen   | [email protected]     |               |                   |        | 1
3   | V. Persie | [email protected] |               |                   |        | 1

I'm getting blur how to save the array to MySQL.

$query = "INSERT INTO users SET fullname ='" . $fullname . "', email ='" . $email . "', phone='" . $phone . "', address ='" . $address . "', zip='" . $zip . "'";
$db->rq($query);

Let me know the clue.

+1  A: 
  1. Read about SQL Injection.
  2. Take a look at simple SQL INSERT syntax.
  3. Read about escaping special characters in PHP MySQL API.
  4. Read about database normalization.

Modify this code to fit your needs:

$query = sprintf("INSERT INTO users (FieldName1, FieldName2, ...) VALUES ('%s', '%s', ...)", mysql_real_escape_string($value1), mysql_real_escape_string($value2), ...);

Good luck!

Vlad Lazarenko  2010-10-13 20:40:31
4. and read about DB normalization http://en.wikipedia.org/wiki/Database_normalization
pleasedontbelong  2010-10-13 20:49:17
@pleasedontbelong: added it as p. 4 :-)
Vlad Lazarenko  2010-10-13 20:51:23
+1  A: 

Firstly I assume that last column uid refers to id of user with all data inserted and is used to mark connection between first element and two others.

Secondly I do not know anything about php DB wrapper from Google (or can you provide any codename for this) so I assume that it is one of many db wrapper project hosted on code.google.com. Since I do'nt know which one is it , you'll have to look yourself for equivalent to php function mysql_insert_id().

And general algorithm to accomplish what you need:

  1. Insert first row as in your example.
  2. Get last insert id for this row.
  3. Iterate through $_POST['fullname_2'] to collect data for next query
  4. Run it ;)

Example:

$lastId = $db->functionToGetLastId();
$valuesArray = array();
foreach($_POST['fullname_2'] as $key => $value){
    $fullname = sanitizeFunction($value);
    $email = sanitizeFunction($_POST['email_2'][$key]);
    $phone = sanitizeFunction($_POST['phone_2'][$key]);
    $valuesArray[] = "('{$fullname}','{$email}','{$phone}',{$lastId})";
}
$secondQuery = "INSERT INTO users (fullname,email,phone,uid) VALUES " . implode(',',$valuesArray);
$db->rq($secondQuery);
dev-null-dweller  2010-10-13 21:03:24
Thanks bro! Exactly what I need.
delicious  2010-10-13 21:23:25
+1  A: 

Best use PDO and prepared queries instead of insert query 'as-is' Something like this

$fullname = $_POST['fullname'];
$phone = $_POST['phone'];

$conn = new PDO(...); //params of connection
$stmt = $conn->prepare('
   INSERT INTO users
   (fullname, phone)
   VALUES
   (?, ?)'
);
$stmt->execute(array(
     $fullname,
     $phone
));
Aliaksei Shytkin  2010-10-13 21:26:59
+1 for a nice solution. But why is it the best? And best for what? If I want to achieve a better performance I would stick to native API, for example. Plus, parametrized statements could be less efficient in case with MySQL, because MySQL itself doesn't support them and does not support precompiled statements (or does it? it's been a long time since I looked at it). So.. you know what I am saying.. more details :)
Vlad Lazarenko  2010-10-14 02:19:12
Ok, maybe "best" was too subjectively. However, if you want to use native API, you can try MySQLi driver, which also supports prepared statements almost same way as PDO. MySQL supports prepared statements well, as I know, and it helps to achive more perfomance, if you need to do same queries several times. Based on my post: $stmt->execute(array('John', '444')); $stmt->execute(array('Bill', '777')). As I know it should be faster than traditional mysql_query. Also prepared statements are more convinient, because, in general, you don't need to do sanitization of parameters before insertion.
Aliaksei Shytkin  2010-10-14 05:44:25

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL