Insert multiple rows from a row using FOR LOOP












-2















can i inserting into mutiple rows mySQL from one row php with FOR LOOP in MySQL?



i have a form like this:



<form action="" method="POST" name="inputRecord" id="inputRecord">

<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">

<input type="submit" name="save" id="save" value="OK">

</form>


if i submitted to mySQL become like this:



id |  Member  |  Debit  |  Credit
---------------------------------
1 | Member A | 5000 | 1000
2 | Member A | 5000 | 1000
3 | Member A | 5000 | 1000
4 | Member A | 5000 | 1000
5 | Member A | 5000 | 1000
6 | Member A | 5000 | 1000


This is may code:



$var_i = 10;
if(isset($_POST['member'])) {
$var_detailMember = $_POST['member'];
}
if(isset($_POST['debit'])) {
$var_detailDebit = $_POST['debit'];
}
if(isset($_POST['credit'])) {
$var_detailCredit = $_POST['credit'];
}
if (isset($_POST['save'])) {
for($i=0;$i<=$var_i;$i++) {
$insertSQL = "INSERT INTO transaction (member, debit, credit) VALUES ('$var_detailMember', '$var_detailDebit', '$var_detailCredit')";
mysql_select_db($database, $connection);
mysql_query($insertSQL, $connection) or die(mysql_error());
}
}


Thank you for helping me










share|improve this question




















  • 1





    So you want to insert the same data 6 times? And what is your specific problem with that? You know how a basic for loop works, right?

    – misorude
    Nov 22 '18 at 9:39













  • Where is your PHP code ?

    – executable
    Nov 22 '18 at 9:39






  • 1





    yes you can, although I can't see why it would be useful. Just run the same INSERT statement 6 times using a loop. What have you tried?

    – ADyson
    Nov 22 '18 at 9:46











  • Re your update: Your code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 12:28


















-2















can i inserting into mutiple rows mySQL from one row php with FOR LOOP in MySQL?



i have a form like this:



<form action="" method="POST" name="inputRecord" id="inputRecord">

<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">

<input type="submit" name="save" id="save" value="OK">

</form>


if i submitted to mySQL become like this:



id |  Member  |  Debit  |  Credit
---------------------------------
1 | Member A | 5000 | 1000
2 | Member A | 5000 | 1000
3 | Member A | 5000 | 1000
4 | Member A | 5000 | 1000
5 | Member A | 5000 | 1000
6 | Member A | 5000 | 1000


This is may code:



$var_i = 10;
if(isset($_POST['member'])) {
$var_detailMember = $_POST['member'];
}
if(isset($_POST['debit'])) {
$var_detailDebit = $_POST['debit'];
}
if(isset($_POST['credit'])) {
$var_detailCredit = $_POST['credit'];
}
if (isset($_POST['save'])) {
for($i=0;$i<=$var_i;$i++) {
$insertSQL = "INSERT INTO transaction (member, debit, credit) VALUES ('$var_detailMember', '$var_detailDebit', '$var_detailCredit')";
mysql_select_db($database, $connection);
mysql_query($insertSQL, $connection) or die(mysql_error());
}
}


Thank you for helping me










share|improve this question




















  • 1





    So you want to insert the same data 6 times? And what is your specific problem with that? You know how a basic for loop works, right?

    – misorude
    Nov 22 '18 at 9:39













  • Where is your PHP code ?

    – executable
    Nov 22 '18 at 9:39






  • 1





    yes you can, although I can't see why it would be useful. Just run the same INSERT statement 6 times using a loop. What have you tried?

    – ADyson
    Nov 22 '18 at 9:46











  • Re your update: Your code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 12:28
















-2












-2








-2








can i inserting into mutiple rows mySQL from one row php with FOR LOOP in MySQL?



i have a form like this:



<form action="" method="POST" name="inputRecord" id="inputRecord">

<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">

<input type="submit" name="save" id="save" value="OK">

</form>


if i submitted to mySQL become like this:



id |  Member  |  Debit  |  Credit
---------------------------------
1 | Member A | 5000 | 1000
2 | Member A | 5000 | 1000
3 | Member A | 5000 | 1000
4 | Member A | 5000 | 1000
5 | Member A | 5000 | 1000
6 | Member A | 5000 | 1000


This is may code:



$var_i = 10;
if(isset($_POST['member'])) {
$var_detailMember = $_POST['member'];
}
if(isset($_POST['debit'])) {
$var_detailDebit = $_POST['debit'];
}
if(isset($_POST['credit'])) {
$var_detailCredit = $_POST['credit'];
}
if (isset($_POST['save'])) {
for($i=0;$i<=$var_i;$i++) {
$insertSQL = "INSERT INTO transaction (member, debit, credit) VALUES ('$var_detailMember', '$var_detailDebit', '$var_detailCredit')";
mysql_select_db($database, $connection);
mysql_query($insertSQL, $connection) or die(mysql_error());
}
}


Thank you for helping me










share|improve this question
















can i inserting into mutiple rows mySQL from one row php with FOR LOOP in MySQL?



i have a form like this:



<form action="" method="POST" name="inputRecord" id="inputRecord">

<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">

<input type="submit" name="save" id="save" value="OK">

</form>


if i submitted to mySQL become like this:



id |  Member  |  Debit  |  Credit
---------------------------------
1 | Member A | 5000 | 1000
2 | Member A | 5000 | 1000
3 | Member A | 5000 | 1000
4 | Member A | 5000 | 1000
5 | Member A | 5000 | 1000
6 | Member A | 5000 | 1000


This is may code:



$var_i = 10;
if(isset($_POST['member'])) {
$var_detailMember = $_POST['member'];
}
if(isset($_POST['debit'])) {
$var_detailDebit = $_POST['debit'];
}
if(isset($_POST['credit'])) {
$var_detailCredit = $_POST['credit'];
}
if (isset($_POST['save'])) {
for($i=0;$i<=$var_i;$i++) {
$insertSQL = "INSERT INTO transaction (member, debit, credit) VALUES ('$var_detailMember', '$var_detailDebit', '$var_detailCredit')";
mysql_select_db($database, $connection);
mysql_query($insertSQL, $connection) or die(mysql_error());
}
}


Thank you for helping me







php mysql






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 22 '18 at 10:58







Juniantoじゅにあんと

















asked Nov 22 '18 at 9:31









JuniantoじゅにあんとJuniantoじゅにあんと

134




134








  • 1





    So you want to insert the same data 6 times? And what is your specific problem with that? You know how a basic for loop works, right?

    – misorude
    Nov 22 '18 at 9:39













  • Where is your PHP code ?

    – executable
    Nov 22 '18 at 9:39






  • 1





    yes you can, although I can't see why it would be useful. Just run the same INSERT statement 6 times using a loop. What have you tried?

    – ADyson
    Nov 22 '18 at 9:46











  • Re your update: Your code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 12:28
















  • 1





    So you want to insert the same data 6 times? And what is your specific problem with that? You know how a basic for loop works, right?

    – misorude
    Nov 22 '18 at 9:39













  • Where is your PHP code ?

    – executable
    Nov 22 '18 at 9:39






  • 1





    yes you can, although I can't see why it would be useful. Just run the same INSERT statement 6 times using a loop. What have you tried?

    – ADyson
    Nov 22 '18 at 9:46











  • Re your update: Your code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 12:28










1




1





So you want to insert the same data 6 times? And what is your specific problem with that? You know how a basic for loop works, right?

– misorude
Nov 22 '18 at 9:39







So you want to insert the same data 6 times? And what is your specific problem with that? You know how a basic for loop works, right?

– misorude
Nov 22 '18 at 9:39















Where is your PHP code ?

– executable
Nov 22 '18 at 9:39





Where is your PHP code ?

– executable
Nov 22 '18 at 9:39




1




1





yes you can, although I can't see why it would be useful. Just run the same INSERT statement 6 times using a loop. What have you tried?

– ADyson
Nov 22 '18 at 9:46





yes you can, although I can't see why it would be useful. Just run the same INSERT statement 6 times using a loop. What have you tried?

– ADyson
Nov 22 '18 at 9:46













Re your update: Your code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

– ADyson
Nov 22 '18 at 12:28







Re your update: Your code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

– ADyson
Nov 22 '18 at 12:28














1 Answer
1






active

oldest

votes


















0














Use the Below code, Here 10 Records will be inserted



<form action="save.php" method="POST" name="inputRecord" id="inputRecord">
<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">
<input type="submit" name="save" id="save" value="OK">
</form>

//save.php
<?php
$limit=10;
$Member=Escape($_POST['member']);
$Debit=Escape($_POST['debit']);
$Credit=Escape($_POST['credit']);
$Insert = "INSERT INTO table_name(Member,Debit,Credit) values('".$Member."','".$Debit."','".$Credit.")";
for($i=1;$i<=$limit;$i++){
$Inserting=mysqli_query($dbconnection,$Insert);
}

function Escape($string){
$string = preg_replace('/[^p{L}p{N}s]/u', '', $string);
return $string;
}
?>





share|improve this answer


























  • This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

    – ADyson
    Nov 22 '18 at 9:49








  • 1





    2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

    – ADyson
    Nov 22 '18 at 9:49











  • 3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 9:49











  • Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

    – ADyson
    Nov 22 '18 at 9:51











  • Thanks for the edit. You've corrected points 1 and 3, but not 2.

    – ADyson
    Nov 22 '18 at 9:52











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53427732%2finsert-multiple-rows-from-a-row-using-for-loop%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














Use the Below code, Here 10 Records will be inserted



<form action="save.php" method="POST" name="inputRecord" id="inputRecord">
<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">
<input type="submit" name="save" id="save" value="OK">
</form>

//save.php
<?php
$limit=10;
$Member=Escape($_POST['member']);
$Debit=Escape($_POST['debit']);
$Credit=Escape($_POST['credit']);
$Insert = "INSERT INTO table_name(Member,Debit,Credit) values('".$Member."','".$Debit."','".$Credit.")";
for($i=1;$i<=$limit;$i++){
$Inserting=mysqli_query($dbconnection,$Insert);
}

function Escape($string){
$string = preg_replace('/[^p{L}p{N}s]/u', '', $string);
return $string;
}
?>





share|improve this answer


























  • This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

    – ADyson
    Nov 22 '18 at 9:49








  • 1





    2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

    – ADyson
    Nov 22 '18 at 9:49











  • 3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 9:49











  • Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

    – ADyson
    Nov 22 '18 at 9:51











  • Thanks for the edit. You've corrected points 1 and 3, but not 2.

    – ADyson
    Nov 22 '18 at 9:52
















0














Use the Below code, Here 10 Records will be inserted



<form action="save.php" method="POST" name="inputRecord" id="inputRecord">
<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">
<input type="submit" name="save" id="save" value="OK">
</form>

//save.php
<?php
$limit=10;
$Member=Escape($_POST['member']);
$Debit=Escape($_POST['debit']);
$Credit=Escape($_POST['credit']);
$Insert = "INSERT INTO table_name(Member,Debit,Credit) values('".$Member."','".$Debit."','".$Credit.")";
for($i=1;$i<=$limit;$i++){
$Inserting=mysqli_query($dbconnection,$Insert);
}

function Escape($string){
$string = preg_replace('/[^p{L}p{N}s]/u', '', $string);
return $string;
}
?>





share|improve this answer


























  • This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

    – ADyson
    Nov 22 '18 at 9:49








  • 1





    2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

    – ADyson
    Nov 22 '18 at 9:49











  • 3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 9:49











  • Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

    – ADyson
    Nov 22 '18 at 9:51











  • Thanks for the edit. You've corrected points 1 and 3, but not 2.

    – ADyson
    Nov 22 '18 at 9:52














0












0








0







Use the Below code, Here 10 Records will be inserted



<form action="save.php" method="POST" name="inputRecord" id="inputRecord">
<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">
<input type="submit" name="save" id="save" value="OK">
</form>

//save.php
<?php
$limit=10;
$Member=Escape($_POST['member']);
$Debit=Escape($_POST['debit']);
$Credit=Escape($_POST['credit']);
$Insert = "INSERT INTO table_name(Member,Debit,Credit) values('".$Member."','".$Debit."','".$Credit.")";
for($i=1;$i<=$limit;$i++){
$Inserting=mysqli_query($dbconnection,$Insert);
}

function Escape($string){
$string = preg_replace('/[^p{L}p{N}s]/u', '', $string);
return $string;
}
?>





share|improve this answer















Use the Below code, Here 10 Records will be inserted



<form action="save.php" method="POST" name="inputRecord" id="inputRecord">
<input type="text" name="member" id="member" value="Member A">
<input type="text" name="debit" id="debit" value="5000">
<input type="text" name="credit" id="credit" value="1000">
<input type="submit" name="save" id="save" value="OK">
</form>

//save.php
<?php
$limit=10;
$Member=Escape($_POST['member']);
$Debit=Escape($_POST['debit']);
$Credit=Escape($_POST['credit']);
$Insert = "INSERT INTO table_name(Member,Debit,Credit) values('".$Member."','".$Debit."','".$Credit.")";
for($i=1;$i<=$limit;$i++){
$Inserting=mysqli_query($dbconnection,$Insert);
}

function Escape($string){
$string = preg_replace('/[^p{L}p{N}s]/u', '', $string);
return $string;
}
?>






share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 22 '18 at 10:02

























answered Nov 22 '18 at 9:45









Brindha BaskaranBrindha Baskaran

9510




9510













  • This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

    – ADyson
    Nov 22 '18 at 9:49








  • 1





    2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

    – ADyson
    Nov 22 '18 at 9:49











  • 3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 9:49











  • Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

    – ADyson
    Nov 22 '18 at 9:51











  • Thanks for the edit. You've corrected points 1 and 3, but not 2.

    – ADyson
    Nov 22 '18 at 9:52



















  • This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

    – ADyson
    Nov 22 '18 at 9:49








  • 1





    2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

    – ADyson
    Nov 22 '18 at 9:49











  • 3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

    – ADyson
    Nov 22 '18 at 9:49











  • Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

    – ADyson
    Nov 22 '18 at 9:51











  • Thanks for the edit. You've corrected points 1 and 3, but not 2.

    – ADyson
    Nov 22 '18 at 9:52

















This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

– ADyson
Nov 22 '18 at 9:49







This code demonstrates the simple idea of using a loop to repeat the insert, but buyer beware: 1) It appears to be manually generating the ID, which can lead to duplicate IDs / key violations if more than one person tries to run the code at the same time (easily done in a web environment). Use an auto-increment key instead, don't insert it from the code.

– ADyson
Nov 22 '18 at 9:49






1




1





2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

– ADyson
Nov 22 '18 at 9:49





2) The code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. Never insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data.

– ADyson
Nov 22 '18 at 9:49













3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

– ADyson
Nov 22 '18 at 9:49





3) This code is using the long-deprecated mysql_ code library. It was discontinued many years ago and removed entirely in PHP7. No new code should be written using this library. It leaves you vulnerable to SQL injection attacks (due to the lack of parameterised query support) and potentially other unpatched vulnerabilities. Switch to using mysqli or PDO as soon as possible, and then learn how to write parameterised queries to protect your data from malicious input. See bobby-tables.com for a simple explanation of the risks and some sample PHP code to write queries safely.

– ADyson
Nov 22 '18 at 9:49













Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

– ADyson
Nov 22 '18 at 9:51





Downvoted for violating just about every principle of writing safe and correct SQL using PHP.

– ADyson
Nov 22 '18 at 9:51













Thanks for the edit. You've corrected points 1 and 3, but not 2.

– ADyson
Nov 22 '18 at 9:52





Thanks for the edit. You've corrected points 1 and 3, but not 2.

– ADyson
Nov 22 '18 at 9:52


















draft saved

draft discarded




















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53427732%2finsert-multiple-rows-from-a-row-using-for-loop%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

404 Error Contact Form 7 ajax form submitting

How to know if a Active Directory user can login interactively

Refactoring coordinates for Minecraft Pi buildings written in Python