[RESOLVED] A Registration Problem

NFClimber

I have a registration database that I am creating for a boy scout council. Each troop will register information about their scouts, first name, last name, age, rank...all of these stored with a troop number. I was thinking about making the site so that they could enter 5 scouts' information at a time. What is the best way to send multiple entries like this into my database?

fyo

The same way you would send one entry.

Say you have a form (and why not make the user able to select the number of entries at a time?). Simply do something like this in the php file that the form is submitted to:

// check if the server uses magic quotes. if so, undo the damage caused by it. magic quotes provides a false sense of security and while perhaps ok for a total newbie, anything even half serious is better off being treated "correctly", which simply means that user submitted content should never be stored in a database or displayed onscreen without first making it safe.
if (get_magic_quotes_gpc()) {
  $_POST = array_map('stripslashes', $_POST);
}

for ($i=0;$i<$_POST['numberofentries'];$i++) {
  // below I'm simply making the submitted data safe for STORING in the database. Note that the data isn't necessarily safe for DISPLAYING on a web page. Since you know what kind of data is being submitted, it would be better to simply clean the submitted data of everything that isn't e.g. letters, numbers or single quotes.
  $firstname = mysql_real_escape_string($_POST["firstname$i"]);
  $lastname = mysql_real_escape_string($_POST["lastname$i"]);
  $sql = "INSERT INTO scouttable (firstname, lastname) VALUES (\"$firstname\", \"$lastname\")";
  mysql_query($sql);
}

This assumes that you have already connected to the database etc. You should also perform a check for duplicate entries BEFORE issuing the INSERT. It would also be advisable to test for failure when issuing the mysql_query.

Sincerely,

fyo