here my code- $things = mysql_real_escape_string(implode(‘,’, $_POST[‘things’]),$link); $q = INSERT INTO tblslider(src) VALUES (‘.$things.’);

Question

0

Asked: May 18, 20262026-05-18T04:06:56+00:00 2026-05-18T04:06:56+00:00

here my code- $things = mysql_real_escape_string(implode(‘,’, $_POST[‘things’]),$link); $q = INSERT INTO tblslider(src) VALUES (‘.$things.’);

0

here my code-

$things = mysql_real_escape_string(implode(',', $_POST['things']),$link);

$q = "INSERT INTO tblslider(src) VALUES ('".$things."')";
print_r($q);
$result = $mysqli->query($q) or die(mysqli_error($mysqli));

but my query is getting generated
INSERT INTO tblslider(src) VALUES ('4368122.jpg,5440051.jpg,1047428.jpg') but it should be
INSERT INTO tblslider(src) VALUES ('4368122.jpg'),('5440051.jpg'),('1047428.jpg') thats why it is taking it as one record not three.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-18T04:06:57+00:00

You could do:

$things = array_map('mysql_real_escape_string', $_POST['things']);
$q = "INSERT INTO tblslider(src) VALUES ('". implode("'),('", $things)."')";

It generates (with my test data):

INSERT INTO tblslider(src) VALUES ('a.jpg'),('b.jpg'),('c.jpg')

I forgot: Only use functions like mysql_real_escape_string on the real data, not the SQL string. In your example you apply the function on the already concatenated data.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

here my code- $things = mysql_real_escape_string(implode(‘,’, $_POST[‘things’]),$link); $q = INSERT INTO tblslider(src) VALUES (‘.$things.’);

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply