Reputation: 37

Inserting select options into database

This is my php code to connect to the server and insert each option value of each select tag into a table in the database

<?php 

$servername = "localhost";
$username = "projectuser";
$password ="";
$dbname = "surveyproject";

//establish connection
$connection = mysqli_connect($servername , $username , $password       ,$dbname);

//check for connection errors
if ($connection->connect_error) {
die("Connection failed: " . $connection->connect_error);
}
echo "connected succesfully";

//inserting answers into db
if (isset($_POST['submit'])) {
# code...
for($i=1; $i<3; $i++){
   if(isset($_POST['select'])){
     $select = $_POST['select']; 
     $query = "INSERT INTO surveyanswers (answer) VALUES     ('$select')";
     mysqli_query($connection,$query);
}
}

echo "<script>alert('succesfully submitted answers , thank you')</script>";

mysqli_close($connection);
}
?>

this is my html code with three select tags i want the values select within in option of each select tag to be updated into the table in the database

<select class="form-control" name="select">
  <option value="Very Good">Very Good</option>
  <option value="Good">Good</option>
  <option value="Average">Average</option>
  <option value="Poor">Poor</option>
  <option value="Very Poor">Very Poor</option>
</select>
<select class="form-control" name="select">
  <option value="Very Good">Very Good</option>
  <option value="Good">Good</option>
  <option value="Average">Average</option>
  <option value="Poor">Poor</option>
  <option value="Very Poor">Very Poor</option>
</select>
<select class="form-control" name="select">
  <option value="Very Good">Very Good</option>
  <option value="Good">Good</option>
  <option value="Average">Average</option>
  <option value="Poor">Poor</option>
  <option value="Very Poor">Very Poor</option>
</select>

Upvotes: 0

Answers (1)

chris85

Reputation: 23892

Make the selects arrays.

<select class="form-control" name="select[]">
  <option value="Very Good">Very Good</option>
  <option value="Good">Good</option>
  <option value="Average">Average</option>
  <option value="Poor">Poor</option>
  <option value="Very Poor">Very Poor</option>
</select>
<select class="form-control" name="select[]">
 <option value="Very Good">Very Good</option>
  <option value="Good">Good</option>
  <option value="Average">Average</option>
  <option value="Poor">Poor</option>
  <option value="Very Poor">Very Poor</option>
</select>
<select class="form-control" name="select[]">
  <option value="Very Good">Very Good</option>
  <option value="Good">Good</option>
  <option value="Average">Average</option>
  <option value="Poor">Poor</option>
  <option value="Very Poor">Very Poor</option>
  </select>

Then you can loop through the array. As is only the last select is sent because they all have the same name.

After that fix your SQL injection issue by using prepared statements with parameterized query. http://php.net/manual/en/mysqli.quickstart.prepared-statements.php

Then your PHP could be:

$query = "INSERT INTO surveyanswers (answer) VALUES (?)";
if ($stmt = mysqli_prepare($connection,$query)) {
     foreach($_POST['select'] as $selectvalue){
          mysqli_stmt_bind_param($stmt, "s", $selectvalue);
          mysqli_stmt_execute($stmt);
     }
} else {
     printf("Error: %s.\n", mysqli_stmt_error($stmt));
}

Upvotes: 1

Inserting select options into database

Answers (1)

Related Questions