Welcome Guest, Not a member yet? Register   Sign In
Submit button in Insert Statement
#1

[eluser]Fielder[/eluser]
When I use $this->db->insert('bus',$_POST); in my method, it tries to insert my <input type="submit" name="submitnew" value="Submit" /> into the database. I get a returned error telling me the field submitnew is not in the table. ...but I dont want to insert it into the table. Am I missing something? I've never had to worry about this before.

Thanks.
#2

[eluser]Colin Williams[/eluser]
Don't throw $_POST at a db function. Typically you will have non-database-table related data in the form. Filter out what you need from the $_POST array first.
#3

[eluser]brianw1975[/eluser]
I'm surprised Colin didn't mention that you should check and process all of your data using $this->input->post("item_name") (or get or get_post, etc, check the userguide for more info) as CI does a bit of "data integrity" (XSS, etc) checking by default

Then create an appropriate array e.g.

Code:
$data = array("username"=>$this->input->post("username"),"password"=>$-this->input->post("password");

$this->db->insert('bus',$data);

Some people would argue that it's unnecessary if the site is password protected, or a intranet only application, but I postulate that at some point someone other than the existing user base will (hopefully) try to use the system (new employee for example) and could possibly do something naughty by quirk or design.
#4

[eluser]Colin Williams[/eluser]
If you have global XSS filtering on, the $_POST array is directly laundered. The input class has no method for getting the whole $_POST array.

You can either turn on global filtering or run it manually with xss_clean()
#5

[eluser]Fielder[/eluser]
Got it. If the form has numerous inputs, is there a way to do Brian's code without having to code in each field? Perhaps a loop statement of some sort?
#6

[eluser]Colin Williams[/eluser]
Code:
$schema = array('field' => '', 'field_2' => '');
$data_to_insert = array_intersect_keys($_POST, $schema);
#7

[eluser]Dam1an[/eluser]
As has been mentioned, its best to always process the data, and pull just what you need into a seperate array, but a quick and dirty way to solve the original problem, would be to unset the unwated variables
so you'd do unset($_POST['submitnew']);
Although I don't recommend using that approach in a real application
#8

[eluser]Fielder[/eluser]
Got it to work Colin - thx. However, I changed your array_intersect_keys to array_intersect_key.
#9

[eluser]Colin Williams[/eluser]
@Fielder Doh! Sorry for the extra 's'




Theme © iAndrew 2016 - Forum software by © MyBB