1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 6:22 pm Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

soorting out spaces on implode

cant get the full value into the MySQL database

         

togethercomms

10:40 am on Feb 8, 2010 (gmt 0)

10+ Year Member



Hi All,

I am having trouble with space in my array, i am using the implode function and have found that it is working correctly but when their is a space in one of the values it only takes the first word of the value and puts it into the database (MySQL)

eg.

"Change Management" looks like "Change" in the database. 


<?
$array_keywords=array('Payroll','Management Consultancy (HR)','Change Management/OD','Diversity','HR Systems', 'Reward/Expat/Mobility','Recruitment/Resourcing','L&D/Talent/Management Development','Employee Relations','HR Generalist'); 
foreach($array_keywords as $keywords){
echo "<td>";
echo "<input type=\"checkbox\" name=\"keywords[]\" id=\"keywords\" value=$keywords>$keywords</input>";
echo "</td><br> ";
}
?>


This is the code on the insert.

Many Thanks

togethercomms

10:42 am on Feb 8, 2010 (gmt 0)

10+ Year Member 




<?php
$mysqli = mysqli_connect("", "", "", "");
$arrays = implode(",",$_POST['keywords']);
$arrays2 = implode(",",$_POST['region']);

if (mysqli_connect_errno()) {
printf("Connect Failed: %s\n", mysqli_connect_error());
exit();
} else {
$sql = "INSERT INTO `` (`id`, `ref`, `title`, `salary`, `description`, `short`, `location`, `type`, `keywords`, `mean salary`, `region`)
VALUES ('','$_POST[ref]','$_POST[title]','$_POST[salary]','$_POST[description]','$_POST[short]','$_POST[location]', '$_POST[type]', '$arrays', '$_POST[meansalary]', '$arrays2')";

$res = mysqli_query($mysqli, $sql); 

if ($res === TRUE) {
header("location: ../amend.php");
} else {
printf("Could not insert record: %s\n", mysqli_error($mysqli));
}

mysqli_close($mysqli);
}
?>



and this is the implode feature

Matthew1980

11:29 am on Feb 8, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi there togethercomms,

Whether this is just bad copy & paste i dont know, but there seems to be no table name set on the INSERT:-


$sql = "INSERT INTO `` (`id`


And really if you are inserting directly from $_POST you should sanitise the data (strip_tags(), trim(), mysql_real_escape_string() etc) and the $_POST should have the $_POST['name'] around them. Sorry to pick fault, but your leaving yourself open to malicious code injection there.

Cheers,

MRb

togethercomms

11:52 am on Feb 8, 2010 (gmt 0)

10+ Year Member



yeah sorry that was my fault, i do have a table name, also, i just want to get it working after that i will use the escape string to clean the data.

Thanks
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 6:22 pm Apr 28, 2026