how to pass array through hidden field

Question

here my code

$order[$j][0]=\"Euclidean Geomethiyil Kodpagugal\";
$order[$j][1]=$q16;
$j++;

hidden field-

Answer 1

If you have non-scalar values you should serialize and unserialize them. You have multiple options:

1. PHP's serialize and unserialize
2. JSON encode and decode

As a general rule, if you put any value in HTML you need to encode its HTML special chars.

Use case:

<?php
$arr = unserialize($_REQUEST['arr']);
?>
<input type="hidden" name="arr" value="<?php echo htmlentities(serialize($arr)); ?>" />

Answer 2

For java servlets

arr={"Apple","Bannana","Cherry","Dragan"};
for(int i=0;i<4;i++)
    out.println("<input type=hidden name=fruits value="+arr[i]+">");

Answer 3

From the sounds of it you just want to pass data from one page of a form to another. If so use a PHP Session. It's much easier to implement, more efficient and more secure.

Answer 4

You can either serialize the array, or use lots of hidden fields. Alternatively, store this in a session.

Serializing the array

To serialize, you'll use just one hidden field. This is a useful technique if your array contains non-scalar data.

 $data=serialize($order); 
 $encoded=htmlentities($data);
 echo '<input type="hidden" name="order" value="'.$encoded.'">';

When this value comes back, you need to unserialize it to get your array back out. While easy, I wouldn't recommend this unless you have some additional mechanism to prevent tampering, like a security hash, otherwise anyone can inject any PHP data structure they like!

A hash might be done like this:

 $data=serialize($order); 
 $encoded=htmlentities($data);
 $hash=md5($encoded.'SecretStringHere');
 echo '<input type="hidden" name="order" value="'.$encoded.'">';
 echo '<input type="hidden" name="order_hash" value="'.$hash.'">';

Now, when the data comes back, before you unserialize, you generate the hash again and check it matches the hash value from the form. If it doesn't match, someone tampered with the data. If it does match, then you know that whatever generated the data also knows your secret string. Which should be just you!

Finally, if it will be useful for Javascript to understand the array data, then using JSON encode/decode functions of PHP would be more appropriate.

Multiple hidden fields

Assuming a simple array consisting of scalar values, you can use lots of hidden fields

 foreach($order as $idx=>$value)
 {
      $name=htmlentities('order['.$idx.']');
      $value=htmlentities($val);
      echo '<input type="hidden" name="'.$name.'" value="'.$value.'">';

 }

This has the advantage that PHP will automatically recreate this as an array for you.

Because your array is 2 dimensional, to use this technique you'll need an inner loop for the second dimension. An exercise for the reader....

Using a session

Perhaps the easiest of the three....

session_start();

$_SESSION['order']=$order;

Once set, the array is available after you've called session_start(). This has the advantage that it never leaves the server, but will of course disappear after a period of inactivity (24 minutes is the default)

Answer 5

An alternative solution to serializing to a single field is to serialize to multiple hidden fields. I wrote a generic function to do this. This function and the examples are being managed at GistHub's Gist service. Check there for the latest version but copied here for convenience.

<?php
# https://gist.github.com/eric1234/5802030

function array_to_input($array, $prefix='') {
  if( (bool)count(array_filter(array_keys($array), 'is_string')) ) {
    foreach($array as $key => $value) {
      if( empty($prefix) ) {
        $name = $key;
      } else {
        $name = $prefix.'['.$key.']';
      }
      if( is_array($value) ) {
        array_to_input($value, $name);
      } else { ?>
        <input type="hidden" value="<?php echo $value ?>" name="<?php echo $name?>">
      <?php }
    }
  } else {
    foreach($array as $item) {
      if( is_array($item) ) {
        array_to_input($item, $prefix.'[]');
      } else { ?>
        <input type="hidden" name="<?php echo $prefix ?>[]" value="<?php echo $item ?>">
      <?php }
    }
  }
}

Here is some example usage:

Basic Associative Array

echo array_to_input(array('foo' => 'bar', 'cat' => 'dog'));

Will output:

<input type="hidden" value="bar" name="foo">
<input type="hidden" value="dog" name="cat">

Associative Array with Nested Indexed Array

echo array_to_input(array('foo' => 'bar', 'cat' => 'dog', 'list' => array('a', 'b', 'c')));

Will output:

<input type="hidden" value="bar" name="foo">
<input type="hidden" value="dog" name="cat">
<input type="hidden" name="list[]" value="a">
<input type="hidden" name="list[]" value="b">
<input type="hidden" name="list[]" value="c">

Associative Array with Nested Associative Array

echo array_to_input(array('foo' => array('bar' => 'baz', 'a' => 'b'), 'cat' => 'dog'));

Will output:

<input type="hidden" value="baz" name="foo[bar]">
<input type="hidden" value="b" name="foo[a]">
<input type="hidden" value="dog" name="cat">

Go Crazy

echo array_to_input(array('a' => array('b' => array('c' => array('d' => 'e')))));

Will output:

<input type="hidden" value="e" name="a[b][c][d]">

Answer 6

Where's this form going and why does it need a multidimensional array to be passed as part of the form?

How you're going to do this depends on whether you control the page receiving the form. If you do, you have a couple options:

1) Serialize the array to a string with PHP's serialize function, then unserialize $_POST['order'] to get the original array back

2) Pass it through an array of form fields you'll have to generate

<input type="hidden" name="hdnOrder[0][0]" value="Something" />
<input type="hidden" name="hdnOrder[0][1]" value="Something else" />

If you don't control the form then whatever you're submitting to probably expects something specific in hdnOrder... what is it?