How to store multiple values from dropdown in php variable - php

I am trying to get a table to generate based on the sql query in this page, and I have it working with one item in the dropdown menu.
However if I select two, nothing happens, probably because I am either storing the variable incorrectly in $forum or I am accessing it incorrectly in the if $row statement further down.
Please help me understand what to do.
Thanks!
<select name="forums" multiple>
<option disabled selected value> -- Select a forum -- </option>
<?php
$con = mysqli_connect("host","user","pass","db");
if (!$con) {
die('Connection failed: ' . mysqli_connect_error() . '<br>');
}
$productName='
SELECT p.name
FROM product as p
JOIN ownedproducts as o
on o.productID = p.productID
WHERE usersID = 2;
';
$result=mysqli_query($con, $productName);
while ($row = mysqli_fetch_assoc($result)) {
unset($id);
$id = $row['name'];
echo '<option value="'.$id.'">'.$id.'</option>';
}
if(isset($_GET["forums"])){
$forum=$_GET["forums"];
echo "selected forum => ".$forum;
}
?>
</select>
<input type="submit" class = "submit" value="submit" onclick="this.form.submit();" />
</form>
</div>
<hr>
<table class = "table">
<tr id=table-row>
<th id=table-header>Name</th>
<th id=table-header>Company</th>
<th id=table-header>Type</th>
</tr>
<?php
while ($row = $query1->fetch())
{
if ($row['name']== $forum) {
echo "<tr id=" . $row['productID'] . ">";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['company'] . "</td>";
echo "<td>" . $row['Type'] . "</td>";
echo "</tr>";
}
}
?>```

Related

Adding css to a form

I am trying to add CSS to my form but not sure how to do this. The form is created in php and MySQL, in browser it looks like: http://gyazo.com/5d099ead9bd6ea83859a5114b2438748
I need to allign the text and drop downs so they are in the equal throughout and add some spacing. Anyone help with CSS for this?
html currently:
<div class="wrap">
<img src="/images/logo.png" alt="Highdown logo" />
<h1>Entry form</h1>
</div>
css currently:
.wrap {
position: relative;
}
The form is produced with this:
if ($event_result = $con->query("SELECT Event.Name FROM event")) {
echo "<form method =\"POST\" action=\"save.php\"> ";
while ($row = $event_result->fetch_assoc()) {
echo $row['Name']. ' ';
if ($student_result = $con->query("SELECT Student.Form, Teacher.Form, Student.Forename, Student.Surname, Student_ID " .
"FROM Student, Teacher " .
"WHERE Student.Form = Teacher.Form AND Teacher.Username = '" . $_SESSION['Username'] . "'")) {
if ($student_result->num_rows) {
echo "<select name ='". $row['Name']."'>";
while ($row1 = $student_result->fetch_assoc()) {
echo '<option value="" style="display:none;"></option>';
echo "<option value ='" . $row1['Student_ID'] . "'>" . $row1['Forename'] . ' ' . $row1['Surname'] . "</option>";
}
echo "</select> <br />";
}
}
}
echo '<input type="submit" value ="Submit">';
echo '<input type="reset" value ="Reset">';
echo '<input type="button" value = "Add student" onclick="location.href=\'http://localhost/sportsday/addstudent.php\'">';
echo '<input type="button" value = "Delete student">';
echo "</form>";
}

Use
<form>
<table>
<tr> //1st Table row
<td></td> //Table column data
<td></td> //table column data
</tr> //1st row ends
<tr> // 2nd Table row
<td></td> //Table column data
<td></td> //table column data
</tr> //2nd row ends
</table>
</form>
This will give you a better layout of the form.

This should work i did not try as i dont have the database
//Query to display all events
if ($event_result = $con->query("SELECT Event.Name FROM event")) {
echo "<form method =\"POST\" action=\"save.php\"> ";
echo '<table>';
echo '<tr>';
echo '<td>';
while ($row = $event_result->fetch_assoc()) {
echo $row['Name']. ' ';
echo '</td>';
if ($student_result = $con->query("SELECT Student.Form, Teacher.Form, Student.Forename, Student.Surname, Student_ID " .
"FROM Student, Teacher " .
"WHERE Student.Form = Teacher.Form AND Teacher.Username = '" . $_SESSION['Username'] . "'")) {
if ($student_result->num_rows) {
echo '<td>';
echo "<select name ='". $row['Name']."'>";
while ($row1 = $student_result->fetch_assoc()) {
echo "<option value ='" . $row1['Student_ID'] . "'>" . $row1['Forename'] . ' ' . $row1['Surname'] . "</option>";
}
echo "</select> <br />";
echo '</td>';
echo '</tr>';
}
}
}
echo '</table>';
echo '<input type="submit" value ="Submit">';
echo '<input type="reset" value ="Reset">';
echo '<input type="button" value = "Add student" onclick="location.href=\'http://localhost/sportsday/addstudent.php\'">';
echo '<input type="button" value = "Delete student">';
echo "</form>";
}
?>

you can directly write in css
form {
⋮ declare css
}
or give name to form
form[name="value"]{
⋮ declare css
}
or add any class or id on form
#formid{
⋮ declare css
}
.formclass{
⋮ declare css
}

First , check your database...
May be there is Another Issue not related to Tabular Output.
So , First remove Table Tag..and check whether its working ?
Then try in HTML TABLE TAG
Otherwise give me sample database .sql File and complete PHP code in google drive or on shared drive.
So that I can check and identify where is problem ?

Click a table row to display the data of that chosen row in a new php page

At the moment, I can use a drop down list to retrieve data which is presented on a table. I want to make every row of a table clickable. Once I have clicked on that particular row, I want the data of that row (id, age, state, city, healthcare, team, cause, planned date, from and AAA_diam) to be displayed in a new php page. It should look like this and I hope that I'm being clear enough.
Display of information in a new PHP page once I've clicked on a row of a table.
Id: $id (from the table row)
age: $age
city: $city
healthcare: $healthcare
team: $team
cause: $cause
planned date: $planned date
from: $from
AAA_diam: $AAA_diam
<html>
<head>
<script type="text/javascript" src="script.js"></script>
</head>
<body>
<form name="Select_filter3" method="POST" action="index.php">
<select id="dropdown3" name="filter3">
<option value=""></option>
<option value="1">Amount of present</option>
<option value="2">Amount of absent</option>
<option value="3">Amount of present: destination</option>
<option value="4">Antal of absent: destination</option>
<option value="5">Amount A_diam > 3cm</option>
<option value="6">Amount A_diam > 5cm</option>
</select>
<input id="search_box2" type="text" name="search_box3" value="" />
<input id="submit2" type ="submit" name ="search3" value ="Ok">
</body>
</html>
<?php
include "connection1.php";
mysql_query ('SET NAMES UTF8;');
mysql_query ('SET COLLATION_CONNECTION=utf8_general_ci;');
mysql_client_encoding($connect);// where $conn is your connection
if (isset($_POST['search3'])) {
switch($_POST['filter3']) {
Default:
$sql = " ";
break;
case 1:
$sql = "SELECT * FROM mytable WHERE age = '35' AND city != 'Los Angeles' ";
echo "<table border='1'>
<tr>
<th>ID</th>
<th>age</th>
<th>state</th>
<th>city</th>
<th>healthcare</th>
<th>Team</th>
<th>cause</th>
<th>Planned date</th>
<th>From</th>
<th>diameter</th>
</tr>";
$query = mysql_query($sql) or die(mysql_error());
while($row = mysql_fetch_array($query)) {
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['age'] . "</td>";
echo "<td>" . $row['state'] . "</td>";
echo "<td>" . $row['city'] . "</td>";
echo "<td>" . $row['healthcare'] . "</td>";
echo "<td>" . $row['Team'] . "</td>";
echo "<td>" . $row['cause'] . "</td>";
echo "<td>" . $row[’planned date’] . "</td>";
echo "<td>" . $row['from'] . "</td>";
echo "<td>" . $row['AAA_diam'] . "</td>";
echo "</tr>";
}
echo "</table>";
break;
mysql_close($connect);
?>

you can handle the click event of row using jQuery like
$(document).ready(function(){
$("#your_table_id").delegate("tr.rows", "click", function(){
/*find the clicked row id column and redirect to user for that record
some thing like this http://www.yoursite.com/showrecord.php?id=5
using location.href='http://www.yoursite.com/showrecord.php?id=5';
*/
});
});

can * be substituted for a value in mysql WHERE

I am trying to filter my results using a series of dropdown boxes which are populated from other tables within the database, except for a primary option which is returned from the form as *
Currently the form submits the data as expected, but no results are returned. I suspect it is because the query is searching for * in the respective columns.
So the question is, can an asterisk be used as a wildcard in a WHERE statement?
And if not, how would I go about this instead?
offending code is included, i understand that using a $variable in a query is bad practice, but at this stage i'm searching for a functional solution, rather than production code.
cheers.
echo " <form method=\"post\" action=\"$self\">
<table>
<tr>
<th>ID</th>
<th>REGISTER</th>
<th>LOCATION</th>
<th>TYPE</th>
<th>CAPACITY</th>
<th>LENGTH</th>
<th>QTY</th>
<th>SERIAL#</th>
<th>CERT#</th>
<th>LAST INSPECTION</th>
<th>BY</th>
<th>DATE IN</th>
<th>DATE OUT</th>
<th>STATUS</th>
<th>NOTES</th>
</tr>";
?>
<!-- START OF FILTER ROW -->
<tr>
<td></td>
<td> <select name="register" id="register">
<option value="*">---</option>
<?php
$sql = "SELECT * FROM valid_registers";
foreach ($dbh->query($sql) as $row)
{
echo "<option value\"" . $row['register'] . "\">" . $row['register'] . "</option>";
}
?>
</select></td>
<td> <select name="location" id="location">
<option value="*">---</option>
<?php
$sql = "SELECT * FROM valid_locations";
foreach ($dbh->query($sql) as $row)
{
echo "<option value\"" . $row['location'] . "\">" . $row['location'] . "</option>";
}
?>
</select></td>
<td> <select name="type" id="type">
<option value="*">---</option>
<?php
$sql = "SELECT * FROM valid_types";
foreach ($dbh->query($sql) as $row)
{
echo "<option value\"" . $row['type'] . "\">" . $row['type'] . "</option>";
}
?>
</select> </td>
<td><input type="radio" name="capacity" id="cap_asc" value="cap_asc">
<
<input type="radio" name="capacity" id="cap_dec" value="cap_dec">
></td>
<td><input type="radio" name="length" id="length_asc" value="length_asc">
<
<input type="radio" name="length" id="length_des" value="length_des">
></td>
<td> </td>
<td> </td>
<td> </td>
<td><input type="radio" name="lastinsp" id="lastinsp_asc" value="lastinsp_asc">
<
<input type="radio" name="lastinsp" id="lastinsp_dec" value="lastinsp_dec">
></td>
<td> </td>
<td><input type="radio" name="datein" id="datein_asc" value="datein_asc">
<
<input type="radio" name="datein" id="datein_dec" value="datein_dec">
></td>
<td><input type="radio" name="dateout" id="dateout_asc" value="dateout_asc">
<
<input type="radio" name="dateout" id="dateout_dec" value="dateout_dec">
></td>
<td> <select name="status" id="status">
<option value="*">---</option>
<?php
$sql = "SELECT * FROM valid_status";
foreach ($dbh->query($sql) as $row)
{
echo "<option value\"" . $row['status'] . "\">" . $row['status'] . "</option>";
}
?>
</select> </td>
<td> </td>
<td><input type="submit" name="submit_filter" id="submit_filter" value="Filter"></td>
</tr>
<!--END OF FILTER ROW -->
<?
//get data from the db
if(isset($_POST['submit_filter'])) {
//fetch filter options
$register = $_POST['register'];
$location = $_POST['location'];
$type = $_POST['type'];
$status = $_POST['status'];
//prepare and execute the query
$sql = "SELECT * FROM register WHERE register=$reigster AND location=$location AND type=$type AND status=$status ";
}
else { $sql = "SELECT * FROM register"; }
foreach ($dbh->query($sql) as $row)
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['register'] . "</td>";
echo "<td>" . $row['location'] . "</td>";
echo "<td>" . $row['type'] . "</td>";
echo "<td>" . $row['capacity'] . "</td>";
echo "<td>" . $row['length'] . "</td>";
echo "<td>" . $row['qty'] . "</td>";
echo "<td>" . $row['serial'] . "</td>";
echo "<td>" . $row['cert'] . "</td>";
echo "<td>" . $row['lastinsp'] . "</td>";
echo "<td>" . $row['inspby'] . "</td>";
echo "<td>" . $row['datein'] . "</td>";
echo "<td>" . $row['dateout'] . "</td>";
echo "<td>" . $row['status'] . "</td>";
echo "<td>" . $row['notes'] . "</td>";
echo "<td><a href='" . $self . "?edit=" . $row['id'] . "'>Edit</a></td>";
//echo "<td><input type=\"submit\" name=\"edit\" id=\"edit\" value=\"Edit\" /></td>";
echo "<td><a href='" . $self . "?delete=" . $row['id'] . "'>Delete</a></td>";
//echo "<td><input type=\"submit\" name=\"delete\" id=\"delete\" value=\"Delete\" /></td>";
echo "</tr>";
}
echo "</table></form>";
}

No, the * is really only valid in the columns you select, not in the where clause.
The usual way to do this is to catch the * from the form and use that to modify the actual SQL statement by removing that part of the where clause altogether, something like (pseudo-code):
if param['userid'] == '*':
query = 'select name from users'
else:
query = 'select name from users where id = ?'
Although I have seen cases where parameterised queries needed a consistent number of parameters regardless of wild-carding (in some BIRT reports I've looked at where the query is modified dynamically but the parameter count is harder to change), so you would get something like:
if param['userid'] == '*':
query = 'select name from users where (id = ? or 1 = 1)'
else:
query = 'select name from users where id = ?'
That's a bit of a kludge but it's sometimes used to ease the developers workload. I'd rather do it the first way where possible.
To do that for multiple conditions, you can do something like:
joiner = " where "
query = "select something from mytable"
if param['userid'] != '*':
query = query + joiner + "user_id = '" + param['id'] + "'"
joiner = " and "
if param['age'] != '*':
query = query + joiner + "user_age = " + param['age']
joiner = " and "
if param['gender'] != '*':
query = query + joiner + "user_sex = '" + param['gender'] + "'"
joiner = " and "
keeping in mind that, unless you have already sanitised your param[] array values, you risk SQL injection attacks). I leave out the solution for that since it's irrelevant to the question at hand.

How to get data from mysql database?

I am having problem in getting values from db. Iam new in php
I am using checkboxes to get values from database. Only checked values should be printed.
<form method="POST" action="gradoviexport.php" id="searchform">
<div id="GRADOVI BIH">
<h3>GRADOVI BOSNE I HERCEGOVINE</h3><hr/>
<input type="checkbox" name="gradovi[]" value="sarajevo"> Sarajevo
<input type="checkbox" name="gradovi[]" value="banovici"> Banovići
<input type="checkbox" name="gradovi[]" value="banjaluka"> Banja Luka
<input type="checkbox" name="gradovi[]" value="bihac"> Bihać
<input type="checkbox" name="gradovi[]" value="bileca"> Bileća
</div>
<div id="snimi">
<input type="submit" name="submit" value="EXPORT">
</div>
</form>
If Sarajevo is checked I want to print values from database. It does not have to be only one value checked If all values are checked it should print all values.
$con=mysqli_connect("$host","$username","$password", "$database");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
//connecting to db
$variable=$_POST['grad'];
foreach ($variable as $variablename)
{
$sql_select="SELECT * FROM `clanovi` WHERE `GRAD` = $variablename " ;
$queryRes = mysql_query($sql_select);
print"$sql_select";
}
echo "<table border='5'>
<tr>
<th>IME</th>
<th>PREZIME</th>
<th>FIRMA</th>
<th>ADRESA</th>
<th>TELEFON</th>
<th>FAX</th>
<th>MOBITEL</th>
<th>EMAIL </th>
<th>WEB_STRANICA </th>
<th>GRAD </th>
<th>KATEGORIJA </th>
</tr>";
while($row = mysqli_fetch_array($queryRes))
{
echo "<tr>";
echo "<td>" . $row['IME'] . "</td>";
echo "<td>" . $row['PREZIME'] . "</td>";
echo "<td>" . $row['FIRMA'] . "</td>";
echo "<td>" . $row['ADRESA'] . "</td>";
echo "<td>" . $row['TELEFON'] . "</td>";
echo "<td>" . $row['FAX'] . "</td>";
echo "<td>" . $row['MOBITEL'] . "</td>";
echo "<td>" . $row['EMAIL'] . "</td>";
echo "<td>" . $row['WEB_STRANICA'] . "</td>";
echo "<td>" . $row['GRAD'] . "</td>";
echo "<td>" . $row['KATEGORIJA'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);

Assume you posted gradovi[] array values to submitted page.
Submit page:
$grad = array();
$grad = $_POST['gradovi']; //get array value
$grad = implode(',',$grad); //convert it into comma separated string
//Insert it into data base
Getting from database:
//fetch the gradovi field from the db like below
echo $row['gradovi']; // print all values
or
$grad = explode(',',$row['gradovi']);
foreach($grad as $check) {
echo $check; //print one by one
}

There is few errors in your code.
There is no escaping of the string from POST data. Use mysqli_real_escape_string
There is an error in your while loop. You redefining mysql query result.
Fixed code:
//connecting to db
$variable=$_POST['grad'];
foreach($variable as $key => $val) {
$variable[$key] = mysql_escape_string($val);
}
$sql_select="SELECT * FROM `clanovi` WHERE `GRAD` IN ('" . implode("','", $variable) . "')" ;
$queryRes = mysql_query($sql_select);
print"$sql_select";

Get a mySQL line item id with PHP

Right now I have a table that displays menu items and I want an Admin to be able to delete and edit a particular line item. My delete.php code works correctly if I have the id equal to a particular number, but I want the id to be equal to the id of whichever row the delete button is in. So my question is how do I get that id number? Because what I'm doing now is not correct.
Here is my delete.php file:
<?php
$con = mysql_connect("localhost", "root", "");
if(!$con)
{
die('Could not connect: ' .mysql_error());
}
mysql_select_db("bics_place", $con);
echo "mysql connected";
$myid = $_POST['id'];
$sql = "DELETE FROM menu WHERE id='$myid'";
echo "sql = $sql";
if(!mysql_query($sql, $con))
{
die('Error: ' .mysql_Error());
}
echo "1 record deleted";
header("location:admin_menu.php");
mysql_close($con);
?>
This is the table being made in admin_menu.php
$result = mysql_query("SELECT * FROM menu");
echo "<table border='1' id='menu'>
<form method='post' action='delete.php'>
<tr>
<th> Id </th>
<th> Type </th>
<th> Product Name </th>
<th> Price </th>
<th></th>
<th></th>
</tr>";
while($row = mysql_fetch_assoc($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['type'] . "</td>";
echo "<td>" . $row['productName'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . '<input type="submit" name="delete" value="Delete">' . "</td>";
echo "<td>" . '<input type="submit" name="edit" value="Edit">' . "</td>";
echo "</tr>";
}
echo "</form>";
echo "</table>";

Take on hidden field in your form.Then button onclick event set id into hidden field before submit.
<script>
function setId(idValue){
document.getElementById('myid').value=idValue;
}
</script>
echo "<table border='1' id='menu'>
<form method='post' action='delete.php'>
<input type="hidden" name="id" id="myid" value="" />
<tr>
<th> Id </th>
<th> Type </th>
<th> Product Name </th>
<th> Price </th>
<th></th>
<th></th>
</tr>";
while($row = mysql_fetch_assoc($result))
{
$myID = $row["id"];
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['type'] . "</td>";
echo "<td>" . $row['productName'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . '<input type="submit" name="delete" value="Delete" onClick="setId('.$myID.');">' . "</td>";
echo "<td>" . '<input type="submit" name="edit" value="Edit">' . "</td>";
echo "</tr>";
}
echo "</form>";
echo "</table>";

Add a hidden field - id in the form :
while($row = mysql_fetch_assoc($result)) {
//your <td>'s here
echo '<input type="hidden" name="id" value="{$row[id]}">';
// echoes for form submit
}
Note : mysql_* functions are deprecated. You should use mysqli_ functions instead. Read here

Categories