I need to iterate through multiple fields and have them inserted into my MySQL database

Question

Ok, I'm really stuck. But I think I'm headed in the right direction. the script that calls this script has multiple fields which are generated dynamically by PHP. I need some way of looping through them and checking if they're set to avoid any undefined variables, and then once I know that they're all set and checked for validity inserting them into the MySQL table passwords. I could really use your help on this one guys.

<?php
require_once('/session/session.php');
require_once('auth/auth.php');
require_once('/MySQLi/mysqliConnect.php');
require_once('check_fields_function.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<!-- Copyright 2015 Brock Lynch -->
<?php $page = "passwords"; ?>
<?php require_once('/headerFooter/docHead.php'); ?>
<body>
<?php require_once('/headerFooter/header.php');?>
    <div id="boxWrapper"> <!-- beginning of boxWrapper -->
    <?php require_once('question_nav.php'); ?>
        <div id="display_categories">
<?php
// This is just for reference: check_fields($pattern,$post,$minlength,$maxlength,$name_of_field)
$numOfFields = $_POST['numOfFields'];

for($z = 1;$z <= $numOfFields;$z++) {
    if(isset($_POST['password_input$z']) && isset($_POST['group_input$z']) && isset($_POST['belongs_input$z']) && isset($_POST['name_input$z']) && isset($_POST['choice$z'])) {
        $password[$z] = check_fields("/([[:alnum:]\!\@\#\$\%\^\&\*\*\(\)\-\_\+\=\[\]\;\'\:\"\'\<\>\?\/\`\~])+/",$_POST['password_input$z'],6,50,'Password$z');
        $password_group[$z] = check_fields("/^[a-zA-Z \'\"]+$/",$_POST['group_input$z'],1,50,'Password Group$z');
        $password_belongs_to[$z] = check_fields("/^[a-zA-Z \'\"]+$/",$_POST['belongs_input$z'],1,50,'Belongs To$z');
        $password_name[$z] = check_fields("/^[a-zA-Z \'\"]+$/",$_POST['name_input$z'],1,50,'Password Name$z');
        $changes_periodically[$z] = check_fields("/^[0-1]+$/",$_POST['choice$z'],1,50,'Changes Periodically$z');
    }
    else {
        $password[$z] = false;
        $password_group[$z] = false;
        $password_belongs_to[$z] = false;
        $password_name[$z] = false;
        $changes_periodically[$z] = false;
    }
}

// Iterate through each array and if they are all set, set the master password_setting to true
function check_all_arrays($fieldArray)
    {
        global $numOfFields;
        $p = 0;
        if(isset($fieldArray)) {
            foreach($fieldArray as $test) {
                echo "Yeah, this seems to be working";
                if($test == true) {
                    $p++;
                }
            }
        }
        else {
            return false;
        }

        if($p == $numOfFields) {
            return true;
        }
        else {
            return false;
        }
    }

if(check_all_arrays($password) == true && check_all_arrays($password_group) == true && check_all_arrays($password_belongs_to) == true && check_all_arrays($password_name) == true && check_all_arrays($changes_periodically) == true) {
    echo "Got passed master checks, this is good";
    // Encrypt the users password before entering it into the database.
    // Clean the data before inserting it into the database.

    $instance = PasswordCrypt::createWithNewPassword($_POST['password_input']);
    $password_pass = mysqli_escape_string($mysqli,$instance->encodePassword($_POST['password_input']));
    $token_pass = mysqli_escape_string($mysqli,$instance->getToken());
    $key_pass = mysqli_escape_string($mysqli,$instance->getKey());
    $group = mysqli_escape_string($mysqli,$_POST['group_input']);
    $belongs_input = mysqli_escape_string($mysqli,$_POST['belongs_input']);
    $name_input = mysqli_escape_string($mysqli,$_POST['name_input']);

    $password_save = "INSERT INTO passwords (password_id,customer_id,password_not_key,token_pass,key_pass,password_group,
changes_periodically,security_status,belongs_to,password_name)VALUES('','" . $_SESSION['customer_id'] . "','" . $password_pass . "','". $token_pass . "','" . $key_pass . "','" . $group . "','" . $choice . "','','" . $belongs_input . "','" . $name_input . "')";
    mysqli_query($mysqli,$password_save) OR DIE(mysqli_error($mysqli));
    // Echo confirmation message to user
    echo "<div style='text-align:center;'>You have successfully stored 1 password</div>";
?>
        <form action="myPassword.php">
            <button input="submit_back">Back</button> 
        </form>
<?php
}
else {
    // Tell them to use only letters in fields besides the password field.
    echo "<div style='text-align:center;'>All fields are required except changes periodically. Password field may have letters, numbers, and special characters and must be at least 6 characters. All other fields may only have letters. Thank you</div>";
?>
        <form action="myPassword.php">
            <button type="submit">Go Back</button>
        </form>
<?php
}
?>
    </div> <!-- End of display categories -->
</div> <!-- End of boxWrapper div -->
</body>
<div class="bigBoldFont"></div>
<?php require_once('headerFooter/footer.php'); ?>
</div><!-- end of boxWrapper -->
</body>
</html>

Answer 1

What you have now will work if you change the single quotes on all the $_POST variables to double quotes.

E.g. change isset($_POST['password_input$z']) to isset($_POST["password_input$z"])

You could also make it a little easier to read by wrapping the variable in curly braces {}. isset($_POST["password_input{$z}"])