Reputation: 6324
php/sql - insert same value on multiple field
I have this code (this is working and pass these variable to another file)
var month = "<?php echo openedMonthbid();?>";
var user = "<?php echo $_SESSION['member_id'];?>";
var day = new Array();
$(':checkbox:checked').each(function(i){
day.push('`' + $(this).val() + '`'); });
var count = day.length;
$.ajax({
type: "POST",
url: "sendBidding.php",
data : "user="+user+"&days="+day+"&month="+month+"&number=",
dataType: "json",
sendBidding.php
$month = $_POST['month'];
$user = $_POST['user'];
$days = $_POST['days'];
$count = $_POST['count'];//if a check 3 values I get '3'
mysql_query("INSERT INTO $month ($days) VALUES ('1','1','1')");
$result = true;
echo json_encode(array("success"=>$result,
"datas" => $data,
"mon"=>$month));
I would like to add as many values ('1') as the number of days selected. How can I change VALUES ('1','1','1') ?
Upvotes: 2
Views: 1457
Answers (2)
Reputation: 562348
Here's a solution for generating a sequence of identical strings. Use array_fill().
$month = $_POST['month'];
$days = $_POST['days'];
// Be sure to whitelist $month and $days before using them in an SQL query!
// For example, you could store an associative array keyed by month,
// containing lists of the day column names.
$month_table_whitelist = array(
"month_jan" => array("day1", "day2", "day3", /* etc */),
"month_feb" => array("day1", "day2", "day3", /* etc */),
/* etc */
);
if (!array_key_exists($month, $month_table_whitelist)) {
die("Please specify a valid month.");
}
if (!array_search($days, $month_table_whitelist[$month])) {
die("Please specify a valid day of month.");
}
$count = $_POST['count'];//if a check 3 values I get '3'
$tuples = array_fill(1, $count, "('1')");
$status = mysql_query("INSERT INTO $month ($days) VALUES ".implode(",", $tuples));
if ($status === false) {
die(mysql_error());
}
PS: Your query is vulnerable to SQL injection, by interpolating unsafe values $month and $days directly into your query. You should use a whitelist method to ensure these inputs match real table and column names in your database, don't just trust the user input.
PPS: You should know that you're using the ext/mysql functions, but these are deprecated. If this is a new application, you should start using mysqli or PDO before investing more time into using the deprecated API.
Upvotes: 2
Reputation: 737
$count = $_POST['count'];//if a check 3 values I get '3'
$daystatic="('1')";
mysql_query("INSERT INTO $month ($days) VALUES ". $daystatic . str_repeat ( ",$daystatic" , $count-1));
Upvotes: -1
Related Questions
- MySQL insert non-duplicate multiple values for each key
- Insert multiple values in MySql Column
- Insert multipe rows for the same value - SQL
- how to insert into multiple fields in same db
- Insert multiple same named fields into MySQL Database using PHP
- Inserting same value twice into database
- MYSQL Insert the same values in different table PHP
- mysql multiple value insert in one field
- How to insert duplicate value depending on what value was entered using mysql and php
- insert multiple data in single field in mysql