Hi folks
Thanks for all your contributions.
I use prepared statements to avoid the possibility of SQL injection attacks.
I've actually solved it (if very inelegantly) with a twelve-fold if statement which I've just tested and it actually works, which is all I care about.
My priority is that we (my wife and I) can straightforwardly upload into the database between 1 and 12 photos for each stock item.
The very ugly solution (which bothers me not one jot) I've opted for is:
//12-fold if statement to deal with photos
if ($n == 1){
//create an INSERT statement to deal with $photo1
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
} else {
if ($n == 2){
//create an INSERT statement to deal with $photo1&2
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
} else {
if ($n == 3){
//create an INSERT statement to deal with $photo1&2&3
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
} else {
if ($n == 4){
//create an INSERT statement to deal with $photo1&2&3&4
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
} else {
if ($n == 5){
//create an INSERT statement to deal with $photo1&2&3&4&5
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
} else {
if ($n == 6){
//create an INSERT statement to deal with $photo1&2&3&4&5&6
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
} else {
if ($n == 7){
//create an INSERT statement to deal with $photo1&2&3&4&5&6&7
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo7, $nextStockID));
} else {
if ($n ==
{
//create an INSERT statement to deal with $photo1&2&3&4&5&6&7&8
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo7, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo8, $nextStockID));
} else {
if ($n == 9){
//create an INSERT statement to deal with $photo1&2&3&4&5&6&7&8&9
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo7, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo8, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo9, $nextStockID));
} else {
if ($n == 10){
//create an INSERT statement to deal with $photo1&2&3&4&5&6&7&8&9&10
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo7, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo8, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo9, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo10, $nextStockID));
} else {
if ($n == 11){
//create an INSERT statement to deal with $photo1&2&3&4&5&6&7&8&9&10&11
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo7, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo8, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo9, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo10, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo11, $nextStockID));
} else {
if ($n == 12){
//create an INSERT statement to deal with $photo1&2&3&4&5&6&7&8&9&10&11&12
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo1, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo2, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo3, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo4, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo5, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo6, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo7, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo8, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo9, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo10, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo11, $nextStockID));
$stmt = $con->prepare("INSERT INTO photos (photoID, photofile, stock_stockID) VALUES(null, ?, ?)");
$result = $stmt->execute(array($photo12, $nextStockID));
} else {
print "<h2>too many photos!</h2>";
} // end if $n == 12
} // end if $n == 11
} // end if $n == 10
} // end if $n == 9
} // end if $n == 8
} // end if $n == 7
} // end if $n == 6
} // end if $n == 5
} // end if $n == 4
} // end if $n == 3
} // end if $n == 2
} // end if $n == 1
Thanks again for all your comments.
All the best
Mike