You can see this in action at IDEOne.com by clicking here.
I'm assuming your $_POST
looks something like this:
$_POST = array(
'id' => array(
0 => 14,
1 => 15,
2 => 16
),
'name' => array(
0 => 'Jill',
1 => 'Jack',
2 => 'John'
)
); //I won't do any other columns because what's the point?
So, your entries are aggregated currently by column. You want to aggregate them by row.
Here's a naive solution. Assuming that every row has to have an id
associated with it, find out how many id
s were sent back.
$total = sizeof($_POST['id']);
Now, loop over the $_POST array that many times:
$rows = array();
for ($i = 0; $i < $total; $i++) {
$rows[] = array(
'id' => $_POST['id'][$i],
'name' => $_POST['name'][$i]
);
}
Now, $rows
is populated with the information grouped by row instead of column.
For better performance, it might be possible to do this using a callback and a built-in array function.
If you are going to be reusing this logic a lot, consider placing it in a static function, or building a helper class that will perform this logic in a reusable/portable manner.
You can see this in action at this IDEOne.com demonstration by clicking here.
You're saying that you don't want to have to manually specify which fields get entered. That can be accomplished, but first, ask yourself the following question:
Can I reasonably guarantee that only the fields will exist in $_POST
?
The answer is no, but I'll answer this as if it's yes first.
Again, we will use id
as the field that tells us how many rows there will be:
$total = sizeof($_POST['id']));
$rows = array();
for ($i = 0; $i < $total; $i++) {
//This part changes.
}
Now, inside of our for loop, we need to loop over the $_POST array, and get the key names:
for ($i = 0; $i < $total; $i++) {
$array = array(); //Create a blank array.
foreach ($_POST as $key => $value) {
$array[$key] = $value[$i]; //Add the key with it's value. Remember $value is an array here too.
}
$rows[] = $array;
}
The reason I said the answer is no to the question above is because the user could manipulate the data they send from the client (browser) in an attempt to make the page do things other than it was intended (e.g. SQL Injection, XSS Attacks, feature/server discovery, etc.).
In the above example, if a user submitted the form, but manipulated it by adding a form element such as:
<input type="hidden" name="breakpage" value="true" />
You'll now have an element of the $_POST
array that isn't an array itself. When the $_POST
array gets iterated over, the page is going to throw an error about an undefined index which will be echo'd out to the user. You can disable the display of the error, but it would still stop the page from functioning.
Assuming you are using prepared statements to actually write to the database, and are checking for XSS attempts in the values, this is probably as bad as it would get.
To combat this, you could setup an array of keys that are accepted in $_POST, and iterate that instead of $_POST
itself. However, you explicitly stated that you didn't want to do this.