Hi i am developing Attendence mgt sys. and i have to insert name,section,class,status in database of n number of students. I am able to do listing by the code below:

<?php
@session_start();
include('config.php');
$sessionName = $_SESSION['NAME'];
$sessionID = $_SESSION['UID'];

if($sessionName == "" && $sessionID == "")
{
    header('location:index.php');
}
    $class = $_REQUEST['class'];
    $section = $_REQUEST['section'];
    $_SESSION['class'] = $class;
    $_SESSION['section'] = $section;


    /*This is by me*/

    $infoArr = array();

    $sql = "SELECT tbl_name,tbl_gender,tbl_class,tbl_section FROM tbl_student_record WHERE tbl_class = '$class'            AND tbl_section = '$section'";       
    $res = mysql_query($sql);

    if(mysql_affected_rows() > 0){

        $i=0;

        while($row = mysql_fetch_array($res)){

            $infoArr[$i]['name'] = $row['tbl_name'];
            $infoArr[$i]['gender'] = $row['tbl_gender'];
            $infoArr[$i]['class'] = $row['tbl_class'];
            $infoArr[$i]['section'] = $row['tbl_section'];

            $i++;
        }


    }

    $count = count($infoArr);
    $newCount = $count - 1;
    ?>
    // HTML 

    <form action="submitAttendence.php" method="post"/>
            <input name="cnt" id="cnt" type="hidden" value="<?=$newCount;?>"/>
            <div>
                <div class="li-label" style="width:50px;">S.No.</div>
                <div class="sep"></div>
                <div class="li-label" style="width:250px;">Name</div>
                <div class="sep"></div>
                <div class="li-label" style="width:100px;">Student ID</div>
                <div class="sep"></div>
                <div class="li-label" style="width:50px;">Class</div>
                <div class="sep"></div>
                <div class="li-label" style="width:80px;">Section</div>
                <div class="sep"></div>
                <div class="li-label" style="width:100px;">Gender</div>
                <div class="sep"></div>
                <div class="li-label" style="width:100px;">Status</div>

            </div>

            <div class="cBoth"></div>
            <?php                
                if($newCount > 0){

                    for($i=0; $i<=$newCount; $i++){

                        $name = $infoArr[$i]['name'];
                        $gender = $infoArr[$i]['gender'];
                        $class = $infoArr[$i]['class'];
                        $section = $infoArr[$i]['section'];
            ?>


                <div class="vLine"></div>
                <div>
                <div class="li-txt" style="width:50px;"><?=$i;?></div>
                <div class="sep"></div>
                <div class="li-txt" style="width:250px;"><input type="hidden" id="name_<?=$i;?>" name="name_<?=$i;?>"/><?=$name;?></div>
                <div class="sep"></div>
                <div class="li-label" style="width:100px;"><input type="hidden" id="stud_<?=$i;?>" name="stud_<?=$i?>"/>Student ID</div>
                <div class="sep"></div>
                <div class="li-label" style="width:50px;"><input type="hidden" id="clas_<?=$i?>" name="clas_<?=$i;?>"/><?=$class;?></div>
                <div class="sep"></div>
                <div class="li-label" style="width:80px;"><input type="hidden" id="sec_<?=$i?>" name="sec_<?=$i?>"/><?=$section;?></div>
                <div class="sep"></div>
                <div class="li-txt" style="width:100px;"><input type="hidden" id="gen_<?=$i;?>" name="gen_<?=$i?>"/><?=$gender;?></div>
                <div class="sep"></div>
                <div class="li-txt" style="width:100px;">
                <select id="status_<?=$i;?>" name="status_<?=$i;?>"/>
                    <option value="Present" />Present</option>
                    <option value="Absent" />Absent</option>
                </select>                
                </div>
           </div>

            <div class="cBoth"></div>            
            <?php
                    }
                }
            ?>

// submitAttendence.php

<?php
include('config.php');
@session_start();
if(isset($_REQUEST['cnt']) && $_REQUEST['cnt'] > 0){



    $newCount = $_REQUEST['cnt'];

    //echo $newCount; exit;

    for($i=0; $i<=$newCount; $i++){

        $name = "name_".$i;
        echo $name; exit;
        $nameVal = $_REQUEST[$name];

        $stud = "stud_".$i;
        $studVal = $_REQUEST[$stud];

        $clas = "clas_".$i;
        $clasVal = $_REQUEST[$clas];

        $ins = "INSERT INTO tbl_attendence(fld_studentname, fld_class) VALUES('$nameVal', '$clasVal')";
        //echo $ins; exit;
        mysql_query($ins);
    }
}
?>

I am not getting any error but i am not geting any value in my table. Please guide me , i highly appreciate your response.

Member Avatar for diafol

Couple of things:

1) Do not run multiple insert queries using a loop. Use the loop to build up a VALUES clause and submit a single INSERT query
2) Do not use mysql_* functions - they are deprecated, use PDO or mysqli instead and bind values instead of escaping input. BTW - you don't seem to escape input anyway, so you're open to SQL injection.

All references to the above points in '2' can be found in the php manual.

Hi diafol,

i will change mysql to mysqli , but please guide me how to achive this task, i really appreciate you, please help me

Hi, It is pretty simple to migrate from mysql_ to mysqli_ . You just need to replace all the mysql_ expressions with similar mysqli_ expressions.

Just refer PHP mysqli documentation to find the similar expression in mysqli_ that matches your mysql_ statement and replace it. That's it!

PS: If you have a really lengthy code, you could use mysql to mysqli converter tool.

Member Avatar for diafol

Hmm, I don't think I agree with the above. mysqli introduced prepared queries and binding parameters/values (and binding results!), so it's not the same as changing mysql for mysqli. Also prepared statements do away with the need for a mysqli_real_escape_string(), although this does exist.

@zeeshan

Why all the hidden fields?
Why are you using REQUEST not POST? ARe you planning on letting users use GET etc too?

did you check the repository I posted above? It saves you from all the preparing and stuff. It automatically does the parameterization and has a nice syntax for insert queries. Check out these examples

Member Avatar for diafol

I did actually look at it, but I'm more inclined to use dependency injection rather than use statics or singletons. Without an OOP envirnoment, the PDO/mysqli obj is pretty straightforward anyhow, but a wrapper, I grant you, can be useful nonetheless.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.