I have a survey type form, and in a number of the questions, the user has the option to tick more than one box.
I am storing these answers in a mysql database however at the moment, the database only stores the very last checkbox that is ticked. Is there anyway to store all the checked values, possible separated by a coma, or semi-colon?
Here is my code:
$q1 = mysql_escape_string($_POST['q1']);
$q2 = mysql_escape_string($_POST['q2']);
$q3 = mysql_escape_string($_POST['q3']);
$q4 = mysql_escape_string($_POST['q4']);
$q5 = mysql_escape_string($_POST['q5']);
$q6 = mysql_escape_string($_POST['q6']);
$q7 = mysql_escape_string($_POST['q7']);
$q8 = mysql_escape_string($_POST['q8']);
$q9 = mysql_escape_string($_POST['q9']);
$q10 = mysql_escape_string($_POST['q10']);
$q11 = mysql_escape_string($_POST['q11']);
$q12 = mysql_escape_string($_POST['q12']);
$q13 = mysql_escape_string($_POST['q13']);
$q14 = mysql_escape_string($_POST['q14']);
$email = mysql_escape_string($_POST['email']);
require_once('connection.php');
$sql="INSERT INTO survey (Question1, Question2, Question3, Question4, Question5, Question6, Question7, Question8, Question9, Question10, Question11, Question12, Question13, Question14, eMail) VALUES ('$q1', '$q2', '$q3', '$q4', '$q5', '$q6', '$q7', '$q8', '$q9', '$q10', '$q11', '$q12', '$q13', '$q14', '$email')";
if (!mysql_query($sql,$conn))
{
die('Error: ' . mysql_error());
}
mysql_close($conn);
First, mysql_escape_string is depreciated - you should use mysql_real_escape_string.
Secondly, this would allow anyone malicious to insert different values into the results, such as 2's and 3's. You need to make every value conform to 0 or 1. To do that, I'd recommend you cast to a bool then an int:
$q1 = (int)((bool)$_POST['q1']);
$q2 = (int)((bool)$_POST['q2']);
...
For your HTML, each checkbox needs a value attribute of '1'.
Since these are integer only, there is no need to escape them.