Multiple SQL insertions in one query

HI All, I'm concerned, I have an array coming in from a server. The array is then translated into variables. Such as:

$fpage = $_SESSION['scores'];

$score1 = $fpage['0'];
$score2 - $fpage['1'];
//Start of Queries


 // This is what I would like to do, but Its not working: 
$sql ="INSERT INTO Score (ScoreID,ResponseID,AssessorID,CriteriaID,Score,StudentID)"
       . "VALUES ('$rand','$rand2','$adminname','1-22','$score1', '$student')"; 

           $new = mysql_query($sql, $db);
$sql2 ="INSERT INTO Score (ScoreID,ResponseID,AssessorID,CriteriaID,Score,StudentID)"
       . "VALUES ('$rand','$rand2','$adminname','1-21','$score2', '$student')"; 

           $new1 = mysql_query($sql3, $db);
$sql3 ="INSERT INTO Score (ScoreID,ResponseID,AssessorID,CriteriaID,Score,StudentID)"
       . "VALUES ('$rand','$rand2','$adminname','1-21','$score3', '$student')"; 

           $new2 = mysql_query($sql3, $db);

My question is, What is the best way of doing this. I have tried to loop the queries, but I could not get that to work. What is th开发者_如何转开发e best way to accomplish this?

Well, there is a typo in the middle call to mysql_query -- you passed in $sql3 instead of $sql2.

Also, you can do this:

INSERT INTO Score (ScoreID, ResponseID, AssessorID, CriteriaID, Score, StudentID)
    VALUES
        (score1, response1, assessor1, criteria1, etc.),
        (score2, response2, assessor2, criteria2, etc.),
        (score3, response3, assessor3, criteria3, etc.),
        etc.

which will only hit the database once for all the inserts instead of once per insert.

Finally, your code appears to be vulnerable to SQL injection.