up vote 0 down vote favorite

everyone.

I know this is a far treated subject, but I've looked everywhere and cannot get it solved.

I have a series of checkboxes in my webpage and need to insert the values into a database.

For what I've read, it's supposed to be done this way:

<tr>
        <td class="titulofila">Sal&oacute;n Completo con: </td>
        <td>
        <table width="100%"><tr><td>
            <label>
            <input name="equipSalon[]" type="checkbox" id="equipSalon[]" value="mesa"  />
            mesas </label>
        </td><td>
            <label>
            <input name="equipSalon[]" type="checkbox" id="equipSalon[]" value="sillas"  />
            sillas </label>
        </td><td>
            <label>
            <input name="equipSalon[]" type="checkbox" id="equipSalon[]" value="sofa"  />
            sof&aacute;</label>
        </td></tr></table>
        </td>
    </tr>

And then, in the PHP script that the submit button takes to:

 $equipSalonF=mysql_real_escape_string(implode(',', $_POST['equipSalon']));
mysql_query("INSERT INTO markers (ciudad,
                            zona,address,name,
                            telefono,email,piso,
                            tipo,erasmus,nhabitaciones,
                            plazas,equipHabita,nbanos,
                            salon,cocina,electrodomesticos,
                            garaje,internet,calefaccion,
                            sexo,precio,superficie,otros,
                            fecha,lat,lng)
        VALUES ('{$_POST['ciudad']}','{$_POST['zona']}',
                '{$_POST['address']}','{$_POST['name']}','{$_POST['telefono']}',
                '{$_POST['email']}','{$_POST['piso']}','{$_POST['tipo']}',
                '{$_POST['erasmus']}','{$_POST['nhabitaciones']}',
                '{$_POST['plazas']}','{$equipHabitaF}',
                '{$_POST['nbanos']}','{$equipSalonF}',
                '{$equipCocinaF}','{$equipElectroF}','{$_POST['garaje']}',
                '{$_POST['internet']}','{$_POST['calefaccion']}',
                '{$_POST['sexo']}','{$_POST['precio']}',
                '{$_POST['superficie']}','{$_POST['otrosF']}',
                '{$_POST['fecha']}','{$_POST['lat']}',
                '{$_POST['lng']}'",$link);

I have more than this checkboxes and this doesn't work, just says "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 21"

If anyone wants to look at the full index.html and php files, you can have them here: http://paste.ideaslabs.com/show/8qEHDnsZdr the form starts at line 147. And the PHP File in here: http://paste.ideaslabs.com/show/IJFLSHM7Ka

Thanks in advance.

share|improve this question
Except you should remove the ID attributes. You only need to do that for the name attribute. – animuson Feb 4 '12 at 17:36
if you really want to see what is happening under the hood, dump the POST variable: <?php echo "<!-- POST: "; print_r($_POST); echo " -->\n"; ?> ... then use view source to see the debug in comments – dar7yl Feb 4 '12 at 23:04

2 Answers

up vote 1 down vote accepted

Checkboxes are only posted when they are ticked. So if the checkbox is not ticked, is will not appear in $_POST. Also you should generally not give any values to checkboxes. Instead use names to distinguish between them.

In the database I usually represent checkboxes with tinyints and store 1 for checked and 0 for unchecked.

// If your checkbox naem is foo, this will convert it
// into a value that can be stored in the database
$foo = isset($_POST['foo']) ? 1 : 0;

Also note that html requires ids to be unique. So you can't have multiple elements with the same id. And you should sanitize your inputs to prevent sql injection. Use mysql_real_escape_string() on user inputs that go in the database.

Update

The main issue is that the query is missing a ) at the last line. The query should look like

$query = "INSERT INTO markers (ciudad,
                        zona,address,name,
                        telefono,email,piso,
                        tipo,erasmus,nhabitaciones,
                        plazas,equipHabita,nbanos,
                        salon,cocina,electrodomesticos,
                        garaje,internet,calefaccion,
                        sexo,precio,superficie,otros,
                        fecha,lat,lng)
    VALUES ('{$_POST['ciudad']}','{$_POST['zona']}',
            '{$_POST['address']}','{$_POST['name']}','{$_POST['telefono']}',
            '{$_POST['email']}','{$_POST['piso']}','{$_POST['tipo']}',
            '{$_POST['erasmus']}','{$_POST['nhabitaciones']}',
            '{$_POST['plazas']}','{$equipHabitaF}',
            '{$_POST['nbanos']}','{$equipSalonF}',
            '{$equipCocinaF}','{$equipElectroF}','{$_POST['garaje']}',
            '{$_POST['internet']}','{$_POST['calefaccion']}',
            '{$_POST['sexo']}','{$_POST['precio']}',
            '{$_POST['superficie']}','{$_POST['otrosF']}',
            '{$_POST['fecha']}','{$_POST['lat']}',
            '{$_POST['lng']}')";
mysql_query($query, $link);

Note the closing ) on the last line of the query. Also note that creating the query like this, in a variable, allows you to output the created query so you can see what exactly is sent to MySQL and you also can test your query in a different environment (ie in phpmyadmin or any other database administration tool).

share|improve this answer
Thanks for the answer, but I'm trying to store the values of the checkboxes, not if they're checked or not. I want to make a string with the values of the checkboxes and store them into de MySQL DB. ¿Is this possible? – danielrozo Feb 4 '12 at 19:47
2  
You may be able to get a proper value in your $_POST for a checked checkbox, but if the checkbox is not checked then it will never be posted. So you have to implement logic to see which values have been posted and use that to determine which values have not been posted. – Arjan Feb 4 '12 at 19:54
You should more carefully look the code he's posting. He's quoting the $_POST values, so there shouldn't be any problems, no matter whether the checkboxes are checked or not. – periklis Feb 5 '12 at 14:54
@periklis, quoting values is good, but inputs also need to be escaped to prevent sql injection. – Arjan Feb 5 '12 at 16:21
I totally agree with you, but what does that have to do with the user's question? – periklis Feb 5 '12 at 16:28
show 3 more comments
up vote -3 down vote

Mysql doesn't like that you have split your query to multiple lines. Put them all on the same line (I Actually tried your code and it worked that way)

share|improve this answer
2  
MySQL has no problems at all with multi-line queries, and I'm sure that also goes for all other database engines. You should in fact use multiple lines per query to improve readability. – Arjan Feb 4 '12 at 19:44
Mysql doesn't have any problem, but the code danirolo uses does; Try using the actual code he's pasted and you'll see. The problem is that mysql doesn't like what the mysql_query() is sending (containing tab stops), not that the actuall query is multilined. But I guess you didn't go into trouble actually running the code he posted – periklis Feb 5 '12 at 14:56
Tabs also do not cause problems. I use queries with tabs on a daily basis. If a query is not working, it has nothing to do with tabs or newlines. If a space is allowed, then so is a tab or a newline. – Arjan Feb 5 '12 at 16:05
Nonetheless, it's the tabs and new lines that cause this error and I've seen that in my queries too (but never spent time to find out why it only happens in certain occasions). If you have a specific answer that might help the user overcome his problem, or answer why the spaces/newlines cause this problem, please post it, and it may turn out helpful for him and others (including myself). Otherwise, I don't see why you should mod down answers that actually solve this issue (even if you disagree with what I'm saying) – periklis Feb 5 '12 at 16:31
Putting everything on 1 line does not solve the issue. Adding a missing ) does. But I just noticed it was missing as I was looking at the question again. – Arjan Feb 5 '12 at 16:41
show 1 more comment

Your Answer

 
or
required, but never shown
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.