How to Insert Session Array into MySQL DB using PHP

I have a multi page form and am trying to capture an array as a session to insert into mysql. Page two of the form is the "Address" section. Here I ask for Address information. The user can hit a "enter another address" button which expands another box.

The user hits next to go to the next page (phone.php) where I ask for phone info. On this page I think I am registering the session data correctly like so:

if(!isset($_SESSION)) 
{ 
@session_start(); 
}  
header("Cache-control: private");
ob_start();

include('header.php');

//now, let's register our session variables from address.php
session_register('addressLineOne');
session_register('addressLineTwo');

//finally, let's store our posted values in the session variables
$_SESSION['addressLineOne'] = $_POST['addressLineOne'];
$_SESSION['addressLineTwo'] = $_POST['addressLineTwo'];

Eventually we hit the submit.php . If I disable the code to add an additional address, this is the insert I am using which works fine.

 $insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo)
 VALUES ( '$id','$_SESSION[addressLineOne]','$_SESSION[addressLineTwo]')";
 if (!mysql_query($insertAddress,$con))
   {die('Error: ' . mysql_error());}
 echo "";

When I enable the "add additional address" code, the insert above will insert "ARRAY" into every DB field. I have been trying out the following:

 foreach($_SESSION['idperson'] as $row=>$id)
{
    $idperson=$id;
    $addressLineOne=$_SESSION['addressLineOne'][$row];
    $addressLineTwo=$_SESSION['addressLineTwo'][$row];
}
 //enter rows into database
 foreach($_SESSION['idperson'] as $row=>$id)
{
    $idperson=mysql_real_escape_string($id);
    $addressLineOne=mysql_real_escape_string($_SESSION['addressLineOne'][$row]);
    $addressLineTwo=mysql_real_escape_string($_SESSION['addressLineTwo'][$row]);
}

 $insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo)
 VALUES ('.$id.','.$addressLineOne.','.$addressLineTwo.')";

 if (!mysql_query($insertAddress,$con))
 {
 die('Error: ' . mysql_error());
 }
 echo "$row record added";

Instead of working, however, the above just inserts a couple of dots like "..." into the database. I don't know what else开发者_如何学运维 to do. Am I not grabbing the session data correctly? Is my foreach code way off? Thanks for any help.

Here is the code i'm using to add another table on address.php:

 <?php for($i=1; $i<6; $i++):?>
 <div id='hidden<?php echo $i; ?>' style='display: none'>
<tr class="odd">
    <td width="33%">Street/Number</td>
    <td><input type="text" name="addressLineOne[]" id="addressLineOne<?php echo $i; ?>"/></td>
</tr>
<tr>
    <td>Address 2</td>
    <td><input type="text" name="addressLineTwo[]" id="addressLineTwo<?php echo $i; ?>"/></td>
</tr>
 <?php endfor; ?> 

Submit.php doesn't have anything besides connecting to the db and the above insert.

So just going through and doing some cleanup:

Your first block:

No need to condition calling session_start, it's safe to just call it at the top of your script. Also, don't suppress warnings there, if you're getting warnings, find the root cause and eliminate them.

session_start();
header("Cache-control: private");
ob_start();
include('header.php');

No need to register session variables with session_register, it's deprecated now and the manual says don't use it -- especially don't use it mixing with use of $_SESSION sets.

$_SESSION['addressLineOne'] = $_POST['addressLineOne'];
$_SESSION['addressLineTwo'] = $_POST['addressLineTwo'];

So $_SESSION now contains at least two keys corresponding to what's just been set.

The rest of your problem stems from likely iterating through your array structure incorrectly (show us some more of your code).

Some cleanup on your second block:

There's no need to iterate through your list twice -- assuming you're iterating correctly, you just need to go through once and run the insert every time (rather than at the end). This does assume you want one row per address indexed by the id.

Also, you might reconsider your use of die as an error control mechanism, it'll simply terminate the entire script execution -- is that really what you want?

// enter rows into database
foreach($_SESSION['addressLineOne'] as $row => $id){
    $idperson = mysql_real_escape_string($_SESSION['idperson']);
    $addressLineOne = mysql_real_escape_string($_SESSION['addressLineOne'][$row]);
    $addressLineTwo = mysql_real_escape_string($_SESSION['addressLineTwo'][$row]);
    $insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo)
                    VALUES ('.$id.','.$addressLineOne.','.$addressLineTwo.')";
    if(!mysql_query($insertAddress,$con)){
        // maybe not the best use of `die` here?
        die('Error: ' . mysql_error());
    }
    echo "$row record added";
}

Without knowing what your "add additional address code" is, it seems that the addressLineOne and addressLineTwo variables come out as arrays. To check exactly what you're storing, you can use PHP's var_dump function. I suggest adding var_dump($_SESSION); somewhere in your code to see exactly what is being stored in the session so you can make sure it's what you think it is.

As well:

$insertAddress="INSERT INTO address (idperson, addressLineOne, addressLineTwo) VALUES ('.$id.','.$addressLineOne.','.$addressLineTwo.')";

You're using double-quoted strings, so the ' single quotes within the query won't "break out" of string mode, so if $id,$addressLineOneand$addressLineTwo` are blank for whatever reason, your query ends up looking like:

INSERT INTO ... VALUES ('..', '..', '..')

which explains why you're getting dots in your fields.

Either rewrite the query to be

$insertAddress = "INSERT .... VALUES ('$id', '$addressLineOne', '$addressLineTwo')

or

$insertAddress = 'INSERT ... VALUES (\'' . $id . '\', \'' ....)

Personally, directly writing variables into double-quoted strings leads to far more readable code, especially in a syntax highlighting editor which is PHP-aware.