PHP prepared insert statement from multidimensional array

Question

Updated code:

if (isset($_POST['submit'])) {

/* Create a prepared statement */

$query = "INSERT INTO log_dates(week_date, crew_chief, monday_crew) values(?,?,?)";

$stmt = mysqli_prepare($connection, $query);


  $returnedData = $_POST['data'];

  foreach($returnedData as $data) {
    $week_date = $data['week_date'];
    $crew_chief = $data['crew_chief'];
    $monday_crew = $data['monday_crew'];
    $stmt->execute();
  }


 mysqli_stmt_bind_param($stmt, 'sss', $week_date, $crew_chief, $monday_crew);

/* Execute it */
 mysqli_stmt_execute($stmt);


/* Close statement */
 mysqli_stmt_close($stmt);

 } // end if

Here's what my POST array looks like:

Array ( [0] => Array ( [week_date] => 2013-07-08 - 2013-07-14 ) [1] => Array ( [crew_chief] => Alan ) [2] => Array ( [monday_crew] => dd ) )

Answer 1

That's not how you bind parameters. You're slapping your multiple parameters into a SINGLE value. The bind call should be

mysqli_stmt_bind_param($stmt, 'ss', $foo, $bar);
                               ^^--two params
                                    ^^^^^^^^^^---two values


foreach($returnedData as $data) {
   $bar = $data['crew_chief'];
   $foo = $data['week_date'];
   $stmt->execute();
}

once the variables are bound, simply assigning new values to them will cause the next ->execute() call on the statement to pick up those new values.

Answer 2

I have an idea for you. You need to have an idea on what are you doing.

First of all you need to develop a pure SQL query that you want to run against SQL server. Without prepared statements, without mysqli, without PHP. A clean SQL.

SQL is your problem now, not API to send it to server. And then eventually, step by step, go further with developing a program you need. Here is a rough checklist:

1. First of all, a database have to be designed to store your data.
2. Once you've done with it, you need to make your mind on what query would serve the purpose of insert.
3. then write this query by hand and make sure it works in console
4. next step would be to determine what data you need for this query
5. then you have to verify the data you have and determine if it fits for the (4)
6. if not - you need to format your existing data to make it meet requirements from (4)
7. As soon as you have it, you may start writing a PHP program that does create your query dynamically, using string concatenation, and echo the result out.
8. then you have to test this dynamically built query in the console as if in (3)
9. if it works - replace variables in the query with placeholders and proceed with running this query using mysqli prepared statements, with one single set of data. Note that when using native prepared statements, a placeholder can represent only a single data literal alone.
10. having done with it, you may finally start your research on a problem of feeding a prepared statement with multiple values.

You may ask for help for the any stage from above but it's essential to follow the list. As it seems you are asking for the last item having not completed the first one.

Hope it helps.