Inserting multiple rows from a php form into the database

Question

my form as the following table (of textfeild). I am feeding the values into these textfeild. How can i enter these values into my database? plz help.

Answer 1

The name of each field must be different in each row in order to successfully send data from browser to server. In your case for all columns the name remains the same in all rows. You can suffix them with $n

Solution:

Replace the code which generate fields to the following:

 for($n=0;$n<$rows;$n++)
    { 
    echo "<tr>
    <td><input type=\"text\" name=\"roll_$n\" /></td><td><input type=\"text\"                     name=\"name_$n\" /></td><td><input type=\"text\" name=\"unit_test_$n\" /></td>
    <td><input type=\"text\" name=\"prelims_$n\" /></td><td><input type=\"text\"  name=\"attendance_$n\" /></td><td><input type=\"text\" name=\"file_$n\" /></td>
    </tr>";
    }

In above code we have suffixed each field with _$n

Secondly, Change the code of insert to the following:

$roll=$_POST['roll_'.$n];
$name=$_POST['name_'.$n];
$unit_test=$_POST['unit_test_'.$n];
$prelims=$_POST['prelims_'.$n];
$attendance=$_POST['attendance_'.$n];
$file=$_POST['file_'.$n];

Thirdly, I think the sql query need to be changed. Calculate average before the query and store its values in a variable. Then reference this variable in query same as you have done with other variables like $roll and $name.

$average=(($unit_test + $prelims)/125) *10;

Now with this code all three lines will be saved in database.

Hope this helps.

Answer 2

Multiple row inserts in SQL are simply multiple parenthesis with commas, (), (), ();

You are also NOT escaping your data! You must escape ALL your data regardless of text or binary. It is simple and you must never fail to escape data. I escape data even if it's come directly out of my database, a hacker could post code in say a blog comment, it gets commented out, but then for some reason if I handle that comment it could later execute.

$roll = mysql_real_escape_string($_POST['roll');

So just do this...

INSERT INTO table (roll, name, unit_test, prelims, average, attendance, file, interm) VALUES 
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file'),
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file'),
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file'),
('$roll','$name','$unit_test','$prelims','$average'=(('$unit_test' + '$prelims')/125) *10,'$attendance','$file','$average'+'$attendance'+'$file');

Answer 3

The simplest way is probably to make the $_POST values for roll etc. an array (so $_POST becomes a multidimensional array).

See this previous question for an example of how it can be done:

Submitting a multidimensional array via POST with php

You can then loop through the array values in your database insert code.