First off, you shouldn't store it using serialize for this purpose. You should normalize your schema instead to avoid problems with searhing, joining, updating etc.
An array is an array, no matter where it comes from, so it doesn't matter if it's checkboxes that makes php create it or something else.
As an example, consider a logged in user, whose id is set in $SESSION['id'], which matches this users id in the database for table 'user', i.e. user.id == $SESSION['id']. The user clicks some checkboxes matching his or her interests, which end up as an array in $_POST['interests']
Three tables are needed: user, interest, user_interest
user
------
id
name
etc
interest
---------
id
name
other stuff?
-- this is the only table which will be modified when a user saves intersts
user_interest
--------------
user_id
interest_id
if (isset($_POST['save_interests']))
{
# if there were any interests for this user before, delete them
$result = $db->exec(printf('DELETE FROM user_interest WHERE user_id=%d',
$_SESSION['id']));
if ($result === false)
{
# failed deleting previously set interests. log, abort, recover
# or whatever you feel is necessary
}
else
{
$stmt = $db->query('SELECT max(id) AS max_id FROM interests');
# handle $stmt === false as needed
$r = $stmt->fetch();
$max = $r['max_id'];
$stmt->closeCursor();
$stmt = $db->prepare('INSERT INTO user_interest(user_id, interest_id) VALUES(:user, :interest)');
# handle $stmt === false as needed
foreach ($_POST['interests'] as $v)
{
$v = (int) $v;
if (0 < $v && $v <= $max)
{
$success = $stmt->execute(array(':user' => $_SESSION['id'], ':interest' => $v));
# handle $success === false as necessary
}
}
}
}
