Jump to content

Recommended Posts

Hi Guys, I am new to this site, and I regret that I have been ploughing my way through php tutorials for about 6 years, and have had great success and never really though about actually just asking for help untill now!!

 

I am having difficulty with a script I am trying to write, basically the script is to a form creator script, to create a questionair.  So I set up a simple database, with a table to hold the questionaire name and ID, and a table to hold to questionaire questions, and a table to hold the answers,  so now I need to write the script.

 

Each questionaire will have different amounts of questions on it, so I have made a script to ask how many questions are required, and then output the correct number of textboxes to input the questions onto, as follows ;

 

if(isset($_POST['continue'])){

$assess_name = $_POST['assess_name'];
$company = $_POST['company'];
$num_ques = $_POST['num_ques'];
$num_questions = (int)$num_ques;
$i = 1;

echo "<form action='create_assessment.php' method='post'><table width='800' cellpadding='0' cellspacing='0' border='0'>
<tr><td colspan='2'>Assessment name : <b>$assess_name</b><input type='hidden' name='assess_name' value='$assess_name'></td></tr>
<tr><td colspan='2'>Company Name : <b> $company</b><input type='hidden' name='company' value='$company'> ";

while($i <= $num_questions){
echo "<tr><td>Question $i : </td><td><input type='text' name='ques[]'></td></tr>";
$i++;
}
echo "<tr><td colspan='2'><input type='submit' name='crt_assess' value='Create'></td></tr>
</table></form>";

}else{

echo "<form action='new_assess.php' method='post'><table width='100%' cellpadding='0' border='0' cellspacing='0'>
<tr><td>Assessment Name : </td><td><input type='text' name='assess_name'></td></tr>
<tr><td>Company Name : </td><td><input type='text' name='company'></td></tr>
<tr><td>Number of Questions : </td><td><input type='text' size='3' name='num_ques'></td></tr>
<tr><td colspan='2'><input type='submit' name='continue' value='Continue'></td></tr>
</table></form>";

}

 

However, when processing the secondary form with the questions onto the next page, it doesnt seem to build the array for the "ques[]" textbox, i.e. it doesnt recognise it as an array.  the next page code is as follows :

 

if(isset($_POST['crt_assess'])){

include "../connect.php";

$assess_name = mysql_real_escape_string($_POST['assess_name']);
$company = mysql_real_escape_string($_POST['company']);

$add_assess = mysql_query("INSERT INTO assessments (name, company, timestamp)VALUES('$assess_name','$company','$timestamp')") or die(mysql_error());
$assess_id = mysql_insert_id();
echo "$assess_name Succeessfully added to database with the following questions : <br>";

if(is_array($_POST['ques'])){
	foreach($_POST['ques'] AS $value){
	$escape = mysql_real_escape_string($value);
	$add_ques = mysql_query("INSERT INTO assess_questions (question, assess_id)VALUES('$escape','$assess_id')") or die(mysql_error());
	echo "$escape added successfully<br>";
	}
}else{
echo "error building array";
}

}else{
echo "invalid page request.";
}

 

That script always returns the "error building array" string, so its proven that the $_POST['ques'] is not forming an array for each of the text boxes.

 

Where am I going wrong?

 

I have made a script like this before, but with checkboxes instead of textareas, and that script worked fine....  whats going on?!

Link to comment
https://forums.phpfreaks.com/topic/218295-help-text-box-arrays/
Share on other sites

You did a print_r($_POST) and you got array() and that's it?  Then it's empty.

 

Also note that print_r($_POST) should ALWAYS give you an array, the key is to look at the output and see what $_POST['ques'] is.  I'm guess it's not an array or it doesn't even exist.

 

-Dan

Dan, thanks for your help, but I have figured out the problem.  On my connect file this was creating the problem :

 

if(!get_magic_quotes_gpc())
{
  $_POST = array_map('mysql_real_escape_string', $_POST);
  $_GET = array_map('mysql_real_escape_string', $_GET); 
  $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
}
else
{  
   $_GET = array_map('stripslashes', $_GET); 
   $_POST = array_map('stripslashes', $_POST); 
   $_COOKIE = array_map('stripslashes', $_COOKIE);
   $_GET = array_map('mysql_real_escape_string', $_GET); 
   $_POST = array_map('mysql_real_escape_string', $_POST); 
   $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
}

 

so what i did was put an

if(!defined('raw_input')){
}

 

Around it, then defined the raw input on the page to cut this out, and it worked seemlessly.  Just means I have to include addslashes() on each $_POST

 

Cheers!

A better solution would be to write your own recursive function to use in array_map().

 

Your function would test if what it was passed is an array. If so, it calls array_map() again, else it returns the result of using mysql_real_escape_string on the value.

function escape_deep($value){
if(is_array($value)){
	$value = array_map('escape_deep', $value);
} else {
	if(get_magic_quotes_gpc()){
		$value = stripslashes($value);
	} else {
		$value = mysql_real_escape_string($value);
	}
}
    return $value;
}

$_GET = array_map('escape_deep', $_GET);
$_POST = array_map('escape_deep', $_POST);
$_COOKIE = array_map('escape_deep', $_COOKIE);

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.