2

I've been reading about arrays created by $_POST in PHP. I know that if I submit a form with the follow inputs ID, Name, Date I will end up with an array that includes $_POST = array('IDNo', 'Name', 'Date', 'State'). The point that I'm trying to get to is that I'll have multiple instances of IDNo, Name, Date, State submitted at the same time.

I'm fairly sure I can process and sanitize the data once it's been submitted, but I'm not sure how to get it into a multi row array.

<form method="post" action="test.php">
    <input type="hidden" name="IDNo" />
    <input type="text" name="Name" />
    <input type="text" name="Date" />
    <input type="radio" name="State1" />

    <input type="hidden" name="IDNo" />
    <input type="text" name="Name" />
    <input type="text" name="Date" />
    <input type="radio" name="State2" />

    <input type="hidden" name="IDNo" />
    <input type="text" name="Name" />
    <input type="text" name="Date" />
    <input type="radio" name="State3" />

    <input type="submit" value="Test Me" />
</form>

One thing you'll notice is that the radio input has a unique name for each row. This is related to some jquery implemented on the page. I've seen IDNo[] and Name[] etc used as this would create the array within the $_POST array, but my unique input name on radio wouldn't work with this, as each radio input would be a different array

Would I be better to append the IDNo or a row number to each input name, or is there another way I can tackle this that I just haven't seen?

Perhaps by changing State1, to state[1] and changing IDNo, Name, Date to ID[1], Name[1], Date[1] within the HTML.
What's key for me is that I do it correctly without creating anything that is insecure.

Improve this question
3
  • I would use the array method to be able to loop through the $_POSTdata easily but if a radio input isn't checked, it won't appear in the data and your loop will be wrong. Using numbers can be better. Then loop through $_POST and check existing inputs with array_keys and strpos. Commented Feb 19, 2017 at 9:54
  • Thanks for the answer. You mentioned radio inputs, but there are some inputs which will have no values that I intend to use as part of php arguments. Commented Feb 19, 2017 at 16:02
  • an empty input type text will just be empty, but sent Commented Feb 19, 2017 at 16:08

2 Answers 2

Reset to default
4

There are many ways to do this. One would be:

<?php $states = array(1,2,3); ?>
<form method="post" action="test.php">
   <?php foreach ( $states as $state ) : ?>
        <input type="hidden" name="<?php echo 'state['.$state.']'; ?>[IDNo]" />
        <input type="hidden" name="<?php echo 'state['.$state.']'; ?>[Name]" />
        <input type="hidden" name="<?php echo 'state['.$state.']'; ?>[Date]" />
        <input type="hidden" name="<?php echo 'state['.$state.']'; ?>" />
    <?php endforeach; ?>
    <input type="submit" value="Test Me" />
</form>

You can access these values by using code like $_POST['state'][1]['Name']

You can expand the $states array to hold more information.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

So essentially $_POST['State'][1]['Name'] is a numerical array called state, with a sub array which has names.
I have 2 questions if you don't mind. 1. can i use <input name="State[1][Name]" /> etc, securely once I sanitise the input correctly? 2. Is there any security concerns around using the actual Unique ID number from MySQL as the State number.
No. Your level of security doesn't depend on record id numbers. What you do with the information before sending it to the database will.
0

It's a good question~

I think it can only use a different name attribute for radio when using form to send http packets~

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.