Saving array in mysql using php

Question

I have this form where I have one select list and two textboxex which can be dynamically added to form multiple rows. The scenario is that I will have one select value and multiple textbox values. I want to save this is mysql table which has three columns: SelectValue, TextBox1Value and TextBox2Value. SelectValue will be same/duplicate but textbox values should be unique. I have tried following php:

include('connection.php');
if(isset($_POST['submit'])){
    $roomId = $_POST['roomno'];

    $rowData = array();
    foreach($_POST['inventoryname'] as $row=>$inventory){
        $inventoryName = mysql_real_escape_string($inventory);
        $inventoryCount = mysql_real_escape_string($_POST['inventorycount'][$row]);

        $rowData[] = "('$inventoryName','$inventoryCount')"; 
    }
}
if(!empty($rowData)){
    $insert = mysql_query("INSERT INTO room_inventory_details(RoomId,Inventory,Count) VALUES('$roomId')".implode(',',$rowData));

    if(!$insert){
        die('Error: ' . mysql_error());
    }else{
        echo "Data saved successfullt";
    }
}

And here is my markup

<form action="save_room_inventory.php" method="post" name="reservation-form" id="reservation_form">
    <div class="left-form">
        <label for="roomno"><span>Room No.</span>
            <select name="roomno">
                <option value="">---Please Select---</option>
                <?php
                    include('connection.php');
                    $select_query = mysql_query("SELECT RoomId,RoomName FROM room ORDER BY RoomName");
                    while($rows = mysql_fetch_assoc($select_query)){ ?>
                        <option value="<?php echo $rows['RoomId']; ?>"><?php echo $rows['RoomName']?></option>
                <?php   }
                ?>
            </select>
        </label>
    </div>
    <div class="left-form">
        <input type="button" id="addinventory" Value="Add Inventory">
    </div>
    <div class="inventory-table">
        <div class="detail-table">
            <table class="itemTable" border="1">
                <thead>
                    <th>Inventory</th>
                    <th>Count</th>
                    <th><input type="button" value="Add New Row" id="addNew"></th>
                </thead>
                <tbody>
                    <tr class="cloneme">
                        <td>
                            <input type="text" name="inventoryname[]">
                        </td>
                        <td>
                            <input type="text" name="inventorycount[]">
                        </td>
                    </tr>
                </tbody>
            </table>
        </div>
    </div>
    <div class="event_button">
        <input type="submit" name="submit" value="Save">
        <input type="reset" name="reset" Value="Clear">
        <iframe name="acknowledgement" id="res_frame"></iframe>
    </div>
</form>

I am having the following error when I save: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '('Bed','1'),('Cderf','4')' at line 1

Answer 1

You only have one value in VALUES ('$roomId') , and only two values in each of $rowData . You need 3 values in all of them. Do that by putting $roomId into each of the elements in the foreach loop:

foreach($_POST['inventoryname'] as $row=>$inventory){
    $inventoryName = mysql_real_escape_string($inventory);
    $inventoryCount = mysql_real_escape_string($_POST['inventorycount'][$row]);

    $rowData[] = "('$roomId', '$inventoryName','$inventoryCount')"; 
}

Then your INSERT should be:

$insert = mysql_query("INSERT INTO room_inventory_details(RoomId,Inventory,Count) VALUES ".implode(',',$rowData));

BTW, you should use mysql_real_escape_string when assigning $roomId , too.