Checkbox validation and MySQL insertion using php


I am struggling with inserting the following into a MySQL database:

To create a series of HTML checkboxes


q="Select id, subject From subjects";
$r=mysqli_query ($d, $q);
If (mysqli_num_rows($r)>0) {
   while ($row =mysqli_ferch_array($r, MYSQLI_NUM)) {
           Echo "<input type=\"checkbox\" name=\"$row[1]\" value=\"$row[0]\">$row[1]";

This is fine.

However, what is the $_POST to validate?

I have validation for an individual $_POST value, however now as an array do I have to run the results through some form of foreach statement and just loop it through using the forearm statement?

Also, if I wish to then insert the resultant array into a different table in the ddatabase do I also have to run the result through a foreach as well?


Yes, if you’re posting the results of that code back into the database table, a foreach() through the $_POST array will probably do it, not least as you might want to change the default checkbox value from “on” to something more suitable for the database.

How you insert it into the other table depends on the layout of the table - if each element of the array will go in a separate table row, then a loop is probably easiest. If they’re all to go in the same row, then it will depend on how you align them to separate columns in the table.

Thanks but what is the $_POST name?

i.e. what data do I need to extract from the $_POST variable


Wait, let me clarify with my INSERT statement. That may help one minute

The results will then be inserted into a different MySQL table using a bind parameters approach (procedural style)

$q = 'INSERT INTO student (id) VALUES (?)';
$stmt = mysqli_prepare($d,$q);
mysqli_stmt_bind+param($stmt, 'i', $_POST[??????????]);

//check the results

Normally I would use

if(mysqli_stmt_affected_rows($stmt) ==1) {
print message 
clear post $_POST=array();

What is the $_POST[??] value to use here? and how to structure the foreach statement?

Thank you!!

you need the ones you set at the beginning, "Select id, subject From subjects"

Sorry, :frowning:

I’m still a little lost.

Would it be possible to show me the foreach statement using the examples?


you build the checkbox-names from the query, so just use them again to read from POST. first try iterating over them like you did above. second: grab the actual one from POST. $_POST[$the_key_you_got_from_the_statement]

Foreach ($_POST[$row[1]] as $sub)
do insert command

Is that correct? It seems to not work…Thx

that’s clearly nothing from what i told you. use your SQl-statement as a source for the POST keys you need.

foreach ($_POST[‘subject’] as $row)
execute statements on the $row

Sorry, it still does not work. I am not clear on the Post value from this statement and how to construct a foreach statement that works.

where did you get your keys from in the first place?

that’s the exact same keys you may get from POST.

Sorry I don’t understand what you mean by keys I am getting into the code from a text and was able to figure out how to get the checkboxes to write to the screen as above however I can’t figure out the next step

you iterate through the results of your SQL-query and put the keys in the name field of your input. so that’s the keys you can expect to come back from POST. so afterwards, how do you know which keys you get from POST (if they got checked)? they are the same as the ones you got from the DB.

Yes but when I iterated through my results checkbox the name field is $row[1] and you said to use sql.

So now I am confused between the variables

, $row, $row[0] $row[1] and sql subject sql id

What is what

And what ends up in the $_post where.

Would you be able to illustrate with an insert statement sql using a foreach() example from a checkbox?

I am confused between the relationship of the s?


When you output the form, you will end up with a series of checkboxes, the name of each of those checkboxes is retrieved by your code, from your database, and will be whatever appears in $row[1] from your query. So presuming those are the subject names, then that will be the names that appear. You can check this easily by just running your code, and then viewing the HTML source that it produces in your browser. Presuming a subjects table like this:

id     subject
1      French
2      German
3      Swahili
4      Welsh
5      English

you’ll get code like this:

<input type="checkbox" name="French" value="1">French
<input type="checkbox" name="German" value="2">German
<input type="checkbox" name="Swahili" value="3">Swahili

and so on. So you can see, the names for the $_POST array in this case will be your subject names.

In my opinion, it’s a poor way of naming fields, for precisely the reason that you’ve asked the question - it won’t be easy to know what the field names are. In your position I would probably use an array instead:

Echo "<input type=\"checkbox\" name=\"lang[]\" value=\"$row[0]\">$row[1]";

which would bring the selections back in an array within the $_POST array:

foreach ($_POST['lang'] as $lang) {
  echo $lang;

At the start of your processing code, var_dump($_POST) and have a look at the values and field names that you get back from the form submission, which should point in the right direction to process them. I believe that what @chorn is driving at is that your processing code could re-run the same query to get the field names out into an array, and that would give you your list of field names. But that sounds a lot of work just to have dynamic field names.

Thank you so much for your detailed explanation!!

I get it now.

This is what I tried in the interim:
I have a bit of a background in C, so I played with the $_POST variable as I would with an array until I got it to print to screen and then inserted the resultant values.

I have found this to work:

foreach ($_POST as $key => $value)
if ($value !=‘Submit’) {
if (isset($key) && filter_var($key, FILTER_VALIDATE_INT, array(‘min_range’ =>1))) $insert[$key] = $value; // this is on one line on my computer
$errors = ‘Please select a subject’;

// This produces an array variable $insert wiht the relevant $key and $value parameters

foreach ($insert as $key => $value)
// insert into mysql using variables $key and $value

I am thinking that your lang name up above would certainly bypass my solution. It was all in naming of the lang!


the only extra work he has to do is to copy the existing code (best if DRY’ed) with a condition.

q="Select id, subject From subjects";
$r=mysqli_query ($d, $q);
If (mysqli_num_rows($r)>0) {
   while ($row =mysqli_ferch_array($r, MYSQLI_NUM)) {
       if(isset($_POST[$row[1]])) ... // insert

if the checkboxes are just a recommendation, he may insert what the client gives. but at least for validation he somehow needs to get the fields from the beginning.

1 Like

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.