In form there is a list of multiple choice. It is necessary to make the selected list items go to one DB field, separated by commas.

if ($_POST){ $abon_login = $_POST['login']; $telephone = $_POST['telephone']; $sending = $_POST['sending']; $pay = $_POST['pay']; $orders = $_POST['orders']; $news = $_POST['news']; $other = $_POST['other']; $table = $system_site_prefix . 'erps_services_sms'; database_insert("INSERT INTO `$table` VALUES ('$index', '$abon_login', '$telephone', '".implode(",", $sending)."', '$pay', '$orders', '$news', '$other')");

Selected list items should be entered into the variable of , and after - into the base. I tried using the function - it did not work out. Please tell me how best to do it.

  • one
    It is better not to do this, in principle, the values ​​separated by commas in the field of the relational database lead to the impossibility of a normal search in the field and a heap of any surprises. In addition, to substitute the values ​​of variables taken from somewhere directly into the query text - the right way to break into your site, the sql injection is done once or twice - Mike
  • How, then, to do? Do you mean that the selected list items should not be entered in one field of the table at all? Just about the question of protection is not worth it, I would understand specifically in this problem. - luckydutch
  • Of course it depends on what kind of field it is. If the person himself then views it directly, there is no search through it and no associated tables — you can, of course, separated by commas. But if there is a related table (yes at least a reference book of possible values) or if there is a search, a separate table is created where each of the values ​​is in a separate line - Mike
  • one
    Well, it looks fine if you really have an array in that variable .... you would print the resulting query and see what is actually being formed there ... - Mike
  • 2
    By the way, always in insert explicitly list the columns that insert insert into table(col1, col2, col3, ) values(...) firstly you will see that you are not mistaken with the order of values. Secondly, if there is no list of columns, if in the future you add to the table a column, even an optional one, not used in this insert, you will have to remember to find this query in the program and add something to it ... - Mike

2 answers 2

Theoretically, everything should work fine. Perhaps among the elements of the $ sending array are erroneous.

It would be nice to temporarily replace your database_insert with

 if(!$ins=mysql_query("INSERT INTO....")){ echo mysql_error() . " " . __LINE__ . "<br>"; }

and see what the mysql error shows. Most likely there will be a problem

  • Replaced as you said - no errors, the data added to the database. Maybe the problem is that my $ sending is not an array, so only one selected item of the list is entered into the database. How to make $ sending an array? - luckydutch
  • one
    If sending is selected by select in the add form, then the <select ...> tag must be added multiple, if not select, then the name of the input must be name = "inputname []" - maxkuku
  • First I found the answer, then I saw your comment. Thank you for help. - luckydutch

I decided. In , the tag in the attribute needed to add square brackets after the name,

 <select multiple name="sending[]">

so that as an array