Begginer-Can't insert data into database through arrays and implode function using php mysql

I am trying to insert an Html form data into my DB using PHP arrays and implode function. The code works fine with no errors and gives me prompt stating values have been inserted. However, when I query into my DB the Values are not present.

Html Code:

<form action="##"  method="Post">

User Name

<input type ="text" name="uname" >

First Name

<input type ="text" name="fname"  >

Email

<input type ="email" name="email" >

submit

<input type ="submit" name="submit" value="submit">

PHP CODE :

Db Created

$con=mysql_connect("localhost","root","1234");

$db=mysql_select_db("abcd");

Values Passed via POST method

$a=mysql_real_escape_string($_POST['uname']);

$b=mysql_real_escape_string($_POST['fname']);

$c=mysql_real_escape_string($_POST['email']);

converting values into an array.

$data=array('$a','$b','$c');

Usage of implode function for inserting data in feild names in MySql.

$f_sql= "'" . implode(',' , array_keys($data)) ."'";

Usage of implode function for inserting data in field names. This will be used for inserting values in Mysql

$v_sql="'".implode ("' ,",$data)."'";

Finally MySql Command:

$sql="insert into pracproj1 ($f_sql) VALUES  ($v_sql)";

if( $sql== true){
    echo "updated";

}

else
    "failed";

I get what I echoed after I press the submit button. But as I said. Real-time values aren't getting updated into my DB.

If, somehow I don't use an array or Implode function I don't get stuck anywhere.

I am trying to learn few more PHP concepts that I can use with my Html form and that's why I started working with Implode and arrays. Kindly help.

1 answer

  • answered 2018-05-16 07:15 Stefan R

    The array of your variables $a, $b and $c would look like this (according to your code):

    array(3) {
      [0] => string(2) "$a"
      [1] => string(2) "$b"
      [2] => string(2) "$c"
    }
    

    That is because you're inserting strings into the array function. You want to insert the variables. For that, you simply remove the single quotes:

    $data = array($a, $b, $c);
    

    Or, as of PHP 5.4:

    $data = [$a, $b, $c];
    

    However, you also have to make sure the result of $f_sql equals the name of the rows of your database table. At this moment it would only return the following string: 0,1,2. I doubt the names of your rows are 0,1,2.

    You could attempt something like the following, if you really want to use arrays:

    $a = mysql_real_escape_string($_POST['uname']);
    $b = mysql_real_escape_string($_POST['fname']);
    $c = mysql_real_escape_string($_POST['email']);
    
    // For older PHP versions we use 'array()' instead of brackets
    $insertData = array(
      'uname' => $a,
      'fname' => $b,
      'email' => $c
    );
    
    $implodedFields = implode(',', array_keys($insertData));
    $implodedValue = implode(',', $insertData);
    
    $sql = "INSERT INTO pracproj1 ($implodedFields) VALUES  ($implodedValue)";
    

    Where 'uname', 'fname' and 'email' in the array should equal the name of your row in the database.

    If you're not going to dynamically generate arrays or have any logic to dynamically modify the array and you want static data as I used in my example, I would advise you to write out the row names and echo the variables yourself in the query string for a lighter performance:

    $sql = "INSERT INTO pracproj1 (uname, fname, email) VALUES  ($a, $b, $c)";
    

    Important: Please, make sure to read and consider using MySQLi or PDO and prepared statements, as told by Magnus in your comments.