seef Posted December 6, 2013 Share Posted December 6, 2013 I have a PHP page called insert.php that inserts records via a page with a form named index.php. It works perfectly well but I can only add one record at a time. I would like to rewrite both scripts so that I can add many records a once and not one at a time. I am an absolute newbie and is completely stumped. Any ideas? Insert,php -------------------------------------- <?php // Create connection $con=mysqli_connect("localhost","root","password","results"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $sql="INSERT INTO 2014 (Pos,FirstName, LastName, Prov, Perf, Wind, Gender, Agegroup, Event, DOB, Meet, Venue, Date ) VALUES ('$_POST[pos]','$_POST[firstname]','$_POST[lastname]','$_POST[prov]','$_POST[perf]','$_POST[wind]','$_POST[gender]','$_POST[agegroup]','$_POST[event]','$_POST [dob]','$_POST[meet]','$_POST[venue]','$_POST[date]')"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } echo "1 record added"; mysqli_close($con); ?> --------------------------------------------------- index.php <html> <body> <form action="insert.php" method="post"> Pos: <input type="text" name="pos"> Firstname: <input type="text" name="firstname"> Lastname: <input type="text" name="lastname"> Prov: <input type="text" name="prov"> Perf: <input type="text" name="perf"> Wind: <input type="text" name="wind"> Gender: <input type="text" name="gender"> Agegroup: <input type="text" name="agegroup"> Event: <input type="text" name="event"> DOB: <input type="text" name="dob"> Meet: <input type="text" name="meet"> Venue: <input type="text" name="venue"> Date: <input type="text" name="date"> <input type="submit"> </body> </html> Quote Link to comment Share on other sites More sharing options...
davidannis Posted December 6, 2013 Share Posted December 6, 2013 If you put square brackets after the field name you'll get an array of values back. You can prefill the brackets with a number if you want. Pos: <input type="text" name="pos[0]"> Firstname: <input type="text" name="firstname[0]"> ... Date: <input type="text" name="date[0]"> Pos: <input type="text" name="pos[1]"> Firstname: <input type="text" name="firstname[1]"> ... Date: <input type="text" name="date[1]"> Then loop through the values for ($i=0; $i<=1 ;$i++ ){ $sql="INSERT INTO 2014 (Pos,FirstName, LastName, Prov, Perf, Wind, Gender, Agegroup, Event, DOB, Meet, Venue, Date ) VALUES ('$_POST[pos]','$_POST[firstname][$i]','$_POST[lastname][$i]','$_POST[prov][$i]',...'$_POST[date][$i]')"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } } You should also sanitize the data with mysqli_real_escape_string before the insert. Quote Link to comment Share on other sites More sharing options...
Barand Posted December 6, 2013 Share Posted December 6, 2013 or you could structure like this index.php <form action="insert.php" method="post"> <?php for ($i=1; $i<=5; $i++) { echo "Name: <input type='text' name='name[$i]' size='12' /> Email: <input type='text' name='email[$i]' size='12' /> Phone: <input type='text' name='phone[$i]' size='12' /> <br><br>\n"; } ?> <input type="submit" name="btnSubmit" value="Submit"> </form> insert.php if (isset($_POST['name'])) { $data = array(); // loop through the arrays of fileds foreach ($_POST['name'] as $k => $name) { $email = $_POST['email'][$k]; $phone = $_POST['phone'][$k]; // if data OK process if ($name && $email) { // very simple validation! Phone is optional $data[] = sprintf("('%s', '%s', '%s')", $db->real_escape_string($name), $db->real_escape_string($email), $db->real_escape_string($phone) ); } } // insert all the records with a single query $sql = "INSERT INTO contact (name, email, phone) VALUES \n" . join(",\n", $data); $db->query($sql); } // back to input form header("Location: index.php"); Quote Link to comment Share on other sites More sharing options...
aysiu Posted December 7, 2013 Share Posted December 7, 2013 Are you the one submitting this information, or can any random person on the internet submit the information? If it can be just anyone, you may want to avoid SQL injection attacks by using prepared statements. Quote Link to comment Share on other sites More sharing options...
seef Posted December 9, 2013 Author Share Posted December 9, 2013 Thanks for all the help. Barand I tried your solution but I get the following: Fatal error: Call to a member function real_escape_string() on a non-object in /home/definit1/public_html/athletics/insit.php on line 23 Any ideas? Quote Link to comment Share on other sites More sharing options...
Barand Posted December 9, 2013 Share Posted December 9, 2013 $db would be the mysqli connection. Change it to $con as that is the variable you are using. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.