mysql - Inserting multiple rows in a table using PHP

I am trying to insert multiple rows into MySQL DB using PHP and HTML from. I know basic PHP and searched many examples on different forums and created one script however it doesn't seem working. Can anybody help with this. Here is my script:

include_once 'include.php';

foreach($_POST['vsr'] as $row=>$vsr) {
   $vsr=mysql_real_escape_string($vsr);
   $ofice=mysql_real_escape_string($_POST['ofice'][$row]);
   $date=mysql_real_escape_string($_POST['date'][$row]);
   $type=mysql_real_escape_string($_POST['type'][$row]);
   $qty=mysql_real_escape_string($_POST['qty'][$row]);
   $uprice=mysql_real_escape_string($_POST['uprice'][$row]);
   $tprice=mysql_real_escape_string($_POST['tprice'][$row]);
}

$sql .= "INSERT INTO maint_track (`vsr`, `ofice`, `date`, `type`, `qty`, `uprice`,
`tprice`) VALUES ('$vsr','$ofice','$date','$type','$qty','$uprice','$tprice')";

$result = mysql_query($sql, $con);

if (!$result) {
   die('Error: ' . mysql_error());
} else {
   echo "$row record added";
}

3 Answers

  1. Elvis- Reply

    2020-01-24

    MySQL can insert multiple rows in a single query. I left your code as close as possible to the original. Keep in mind that if you have a lot of data, this could create a large query that could be larger than what MySQL will accept.

    include_once 'include.php';
    
    $parts = array();    
    foreach($_POST['vsr'] as $row=>$vsr) {
       $vsr=mysql_real_escape_string($vsr);
       $ofice=mysql_real_escape_string($_POST['ofice'][$row]);
       $date=mysql_real_escape_string($_POST['date'][$row]);
       $type=mysql_real_escape_string($_POST['type'][$row]);
       $qty=mysql_real_escape_string($_POST['qty'][$row]);
       $uprice=mysql_real_escape_string($_POST['uprice'][$row]);
       $tprice=mysql_real_escape_string($_POST['tprice'][$row]);
    
       $parts[] = "('$vsr','$ofice','$date','$type','$qty','$uprice','$tprice')";
    }
    
    $sql = "INSERT INTO maint_track (`vsr`, `ofice`, `date`, `type`, `qty`, `uprice`,
    `tprice`) VALUES " . implode(', ', $parts);
    
    $result = mysql_query($sql, $con);
    
  2. Eric- Reply

    2020-01-24

    Please try this code. Mysql query will not accept multiple insert using php. Since its is a for loop and the values are dynamically changing you can include the sql insert query inside the for each loop. It will insert each rows with the dynamic values. Please check the below code and let me know if you have any concerns

    include_once 'include.php';
    
    foreach($_POST['vsr'] as $row=>$vsr) {
       $vsr=mysql_real_escape_string($vsr);
       $ofice=mysql_real_escape_string($_POST['ofice'][$row]);
       $date=mysql_real_escape_string($_POST['date'][$row]);
       $type=mysql_real_escape_string($_POST['type'][$row]);
       $qty=mysql_real_escape_string($_POST['qty'][$row]);
       $uprice=mysql_real_escape_string($_POST['uprice'][$row]);
       $tprice=mysql_real_escape_string($_POST['tprice'][$row]);
    
       $sql = "INSERT INTO maint_track (`vsr`, `ofice`, `date`, `type`, `qty`, `uprice`,
    `tprice`) VALUES ('$vsr','$ofice','$date','$type','$qty','$uprice','$tprice')";
    
     $result = mysql_query($sql, $con);
    
     if (!$result)
     {
        die('Error: ' . mysql_error());
     } 
     else 
     {
        echo "$row record added";
     }
    }
    
  3. Evan- Reply

    2020-01-24

    I would prefer a more modern approach that creates one prepared statement and binds parameters, then executes within a loop. This provides stable/secure insert queries and avoids making so many escaping calls.

    Code:

    // switch procedural connection to object-oriented syntax
    $stmt = $con->prepare('INSERT INTO maint_track (`vsr`,`ofice`,`date`,`type`,`qty`,`uprice`,`tprice`)
                           VALUES (?,?,?,?,?,?,?)');  // use ?s as placeholders to declare where the values will be inserted into the query
    $stmt->bind_param("sssssss", $vsr, $ofice, $date, $type, $qty, $uprice, $tprice);  // assign the value types and variable names to be used when looping
    
    foreach ($_POST['vsr'] as $rowIndex => $vsr) {
        /*
          If you want to conditionally abort/disqualify a row...
          if (true) {
              continue;
          }
        */
        $ofice  = $_POST['ofice'][$rowIndex];
        $date   = $_POST['date'][$rowIndex];
        $type   = $_POST['type'][$rowIndex];
        $qty    = $_POST['qty'][$rowIndex];
        $uprice = $_POST['uprice'][$rowIndex];
        $tprice = $_POST['tprice'][$rowIndex];
        echo "<div>Row# {$rowIndex} " . ($stmt->execute() ? 'added' : 'failed') . "</div>";
    }
    

    To deny the insertion of a row, use the conditional continue that is commented in my snippet -- of course, write your logic where true is (anywhere before the execute call inside the loop will work).

    To adjust submitted values, overwrite the iterated variables (e.g. $vsr, $ofice, etc) before the execute call.

    If you'd like to enjoy greater data type specificity, you can replace s (string) with i (integer) or d (double/float) as required.

Leave a Reply

Your email address will not be published. Required fields are marked *

You can use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>