Essentially Im trying to update multiple MySQL rows using an array I got from the $_POST
variable called "units". Been stuck trying to figure out this. This is what I have so far:
Current Code that doesnt add to the 2nd person:
if(isset($_POST['unit'])){ $units .= implode(', ', $_POST['unit']); } else { redirect('addcall.php?err=7'); }
$my_s = $my->prepare('INSERT INTO `calls`(`call_taker`, `call_time`, `call_type`, `call_priority`, `call_location`, `call_city`, `reporter_name`, `reporter_num`, `call_info`, `units`) VALUES (?,?,?,?,?,?,?,?,?,?)') or die($my->error);
$my_s->bind_param('sssisssiss', $name, $date, $c_type, $c_prio, $c_loc, $c_city, $r_name, $r_num, $c_info, $units) or die($my->error);
$my_s->execute() or die($my->error);
$my_s->close();
$my->close();
$my = new mysqli(HOST, USER, PASS, DB);
$my_s2 = $my->prepare('UPDATE `users` SET `busy` = 1 WHERE `badge` = ? AND `enabled` = 1 AND `confirmed` = 1 AND `duty` = 1') or die($my->error);
$my_s2->bind_param('s', $units) or die($my-error);
$my_s2->execute() or die($my-error);
$my_s2->close();
$my->close();
redirect('dashboard.php');
<table> // table for checkboxes thats in main HTML area
<tr> <td>Units Available:   </td>
<?php
$my = new mysqli(HOST, USER, PASS, DB);
$my_s = $my->prepare('SELECT `name`, `badge` FROM `users` WHERE `duty` = 1 AND `busy` = 0');
$my_s->execute();
$my_s->store_result();
if($my_s->num_rows == 0){
echo "<td>None</td>";
}
$my_s->bind_result($u_name, $u_badge);
while($row = $my_s->fetch()){
echo '<td><input type="checkbox" name="unit[]" value="'.$u_badge.'">'.$u_name.' , #'.$u_badge.' </td>';
}
$my_s->close(); $my->close();?>
</tr>
</table>
I think your html code is missing a "form" tag. Every type of "input" in html needs to be inside a "form" and "/form" tags that define the method which the form is sent (POST or GET) and what is the destination (what php file), defined by "action" parameter.
You could use a foreach
loop to update each badge number in $_POST['unit']
. Or you can use it to construct a list of values to use in an IN
test. Unfortunately, you can't bind a parameter to this, so it's necessary to escape them explicitly.
if (isset($_POST['unit'])) {
$units = implode(', ', $_POST['unit']);
$my_s = $my->prepare('INSERT INTO `calls`(`call_taker`, `call_time`, `call_type`, `call_priority`, `call_location`, `call_city`, `reporter_name`, `reporter_num`, `call_info`, `units`) VALUES (?,?,?,?,?,?,?,?,?,?)') or die($my->error);
$my_s->bind_param('sssisssiss', $name, $date, $c_type, $c_prio, $c_loc, $c_city, $r_name, $r_num, $c_info, $units) or die($my->error);
$my_s->execute() or die($my->error);
$in_units = implode(', ', array_map(function($u) use ($my) { return "'" . $my->real_escape_string($u) . "'"; }, $_POST['unit']));
$my_s2 = $my->prepare("UPDATE `users` SET `busy` = 1 WHERE `badge` IN ($in_units) AND `enabled` = 1 AND `confirmed` = 1 AND `duty` = 1") or die($my->error);
$my_s2->execute() or die($my-error);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.