0

I am not sure what I am missing with this Array output of php to mysql. It really seems simple and I am missing something. I would think it would break it up into checkbox[1], checkbox[2], checkbox[3].

<html>
<body>
<form method="post" action="output_to_sql.php">
Check box - Please choose type of residence:<br />
Steak:<input type="checkbox" value="Steak" name="checkbox[]"><br />
Pizza:<input type="checkbox" value="Pizza" name="checkbox[]"><br />
Chicken:<input type="checkbox" value="Chicken" name="checkbox[]"><br />
<input type="submit" value="submit" name="submit">
</form>

output_to_sql.php

<?php
$servername = "localhost";
$username = "user";
$password = "password";
$dbname = "database";

// Create connection
$connection = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}else{
echo "success";
}
$checkbox = $_POST["checkbox"];
if (!isset($_POST['submit'])) { 
// if page is not submitted to itself echo the form
echo "error submitting form";
} 
else //show form data with check box answers
{
//make an array with check boxes and show result
foreach ($checkbox as $checkboxitems) {
echo $checkboxitems."<br />";
}
$sql =  mysqli_query("INSERT INTO `table` (`checkbox1`, `checkbox2`, `checkbox3`) VALUES ('$checkboxitems[0]','$checkboxitems[1]','$checkboxitems[2]')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
Improve this question
4
  • 1
    It looks like $checkboxitems is only one of the checkbox values, specifically the last one (set during your foreach loop). So, $checkboxitems[0] doesn't exist. The array you're referencing seems to be called $checkbox, so the first checkbox would be $checkbox[0]. Commented Jan 21, 2016 at 23:20
  • 2
    Danger: You are vulnerable to SQL injection attacks that you need to defend yourself from. Commented Jan 21, 2016 at 23:22
  • 1
    As Quentin points out, one of the biggest things wrong with the code is that appears to be vulnerable to SQL Injection. Despite what the plethora of vulnerable code examples would lead you to believe... prepared statements and bind placeholders are really not that hard. Commented Jan 21, 2016 at 23:25
  • I want to make sure it worked before I strip it and prepare it to prevent SQL injection. I just have had a hard time understanding this one and radio buttons because there aren't that many good tutorials I could find (even in my thick MYSQL PHP book) Commented Jan 21, 2016 at 23:40

1 Answer 1

Reset to default
1

Only checked checkboxes are successful controls.

So if no checkbox is checked, then the array will be empty.

If one is checked, then it will have one item in it (at index 0 not index 1, arrays start counting from 0).

In general, this should be resolved with a many-to-many relationship.

After inserting your data (without checkboxes) into your "table" table, loop over $_POST['checkboxitems'] and insert the id of your new row and the id of the matching foodstuff in the "foodstuffs" table into your linking table.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.