form input inside a function.php - php

I have two php files insert.php and function.php
In insert.php
<form action="<?php echo htmlspecialchars( $_SERVER['PHP_SELF'] ); ?>"
method="post">
<input type="hidden" name="Entry" value="<?php print $data; ?>"/>
<hr>
<h3>Entry your new entry</h3>
<?php
include('function.php');
$query_start = "SHOW COLUMNS FROM $data";
$result = mysqli_query( $conn, $query_start );
while($row = mysqli_fetch_array($result)){?>
<label for="<?php echo "$row[0]";?>"><?php display_text($row[0]);?></label>
<br>
<?php display_value($row[0]);
} ?>
<input class="btn btn-primary" type="submit" name="add" value="Add Entry">
</form>
And in function.php
<?php
function display_value($row){?>
<input class='form-control' type='text' placeholder='".$row."' name='".$row."'>
}?>
But I am not getting the form on the web page.


firstly you need to add a <form> tag
<?php
include('function.php');
$query_start = "SHOW COLUMNS FROM $data";
$result = mysqli_query( $conn, $query_start );
while($row = mysqli_fetch_array($result)){
$data = display_value($row[0]);
echo $data;
}
?>
you're just calling that function, for printing the values inside the function, you need to return data from function and store or print the data from you're calling.
$data = display_value($row[0]);
here variable $data will store the output, also you need to return the result from your function
<?php
function display_value($row) {
$data = '<input class="form-control" type="text" placeholder="'. $row .'" name="'. $row .'"><br /><br />';
return $data; //this return will be printed on another page
} ?>


I guess with "form" he meant the fields not the form tag.
#Rohit Sahu answer is wrong.. you dont need to pass the output with a return. Your way of doing it is not a beautiful way. But it is even working this way.
Are you sure your Mysql Query give results?
Example Code:
<?php
// functions.php
function display_value($row) { ?>
<input class='form-control' type="text" placeholder="<?php echo $row;?>" name="<?php echo "$row";?>"><br><br>
<?php } ?>
// insert.php
<form action="....">
<?php
$arr = array(1,2,3,4);
foreach($arr as $row) {
display_value($row);
}?>
</form>
Output:
<form action="....">
<input class='form-control' type="text" placeholder="1" name="1"><br><br>
<input class='form-control' type="text" placeholder="2" name="2"><br><br>
<input class='form-control' type="text" placeholder="3" name="3"><br><br>
<input class='form-control' type="text" placeholder="4" name="4"><br><br>
</form>
Result: It is working fine. You should better post all code to understand where is your mistake. It could be some whitespaces in files, it could be no results from MYSQL.. there are many options. It is difficult to say this way.

Related

displaying php in an echo nested in html

I'm trying to echo a piece of text with PHP nested in it, anyone know how? I've tried it like this:
function update_category(){
global $connection;
if (isset($_GET['edit'])) {
$edit_cat_key = $_GET['edit'];
$query = "SELECT * FROM categories WHERE cat_id = {$edit_cat_key }";
$edit_cat_query = mysqli_query($connection, $query);
echo '<form action="categories.php" method="post">
<div class="form-group">
<label for="new-cat-title">New name of category</label>
<input value="<?php if(isset($cat_title)){echo $cat_title;} ?>" type="text" class="form-control" name="new-cat-title">
</div>
<div class="form-group">
<input class="btn btn-primary" type="submit" name="submit" value="Rename Category">
</div>
</form>';
while($row = mysqli_fetch_assoc($edit_cat_query)) {
$cat_title = $row['cat_title'];
$cat_id = $row['cat_id'];
}
}
}
It prints: <?php if(isset($cat_title)){echo $cat_title;} ?>
I've tried it like this:
<input value="' . <?php if(isset($cat_title)){echo $cat_title;} ?> . '" type="text" class="form-control" name="new-cat-title">

I'd do it like this (showing only the echo part inside the php code):
echo '<form action="categories.php" method="post">
<div class="form-group">
<label for="new-cat-title">New name of category</label><input value="';
if(isset($cat_title)){echo $cat_title;};
echo '" type="text" class="form-control" name="new-cat-title"></div>
<div class="form-group">
<input class="btn btn-primary" type="submit" name="submit" value="Rename Category">
</div>
</form>';
This echoes the two strings (in single quotes) and in between them the variable depending on the condition, keeping the double-quote pairs of the attribute values intact.

Echo is a php statement. You use it to display an output, as a string. What you need is, replacing echo ' with ?> and </form>'; with </form><?php. These closing(?>) and opening(<?php) tags let you decide which part of your document should be processed as PHP. So PHP will ignore the rest of the document.

Based on Johannes' answer I managed to figure out an answer. I need to close the PHP tags and instead of echoing the wished result, put it in the while loop.
Like this:
function update_category(){
global $connection;
if (isset($_GET['edit'])) {
$edit_cat_key = $_GET['edit'];
$query = "SELECT * FROM categories WHERE cat_id = {$edit_cat_key }";
$edit_cat_query = mysqli_query($connection, $query);
while($row = mysqli_fetch_assoc($edit_cat_query)) {
$cat_title = $row['cat_title'];
$cat_id = $row['cat_id'];
?>
<input value="<?php echo $cat_title; ?>" type="text" class="form-control" name="cat_title">
<?php
}
}
}

PHP & MySqli - How to search and work on 'LIKE' even there is additional characters on the textbox?

how can I search the like value or similar value even there is an additional characters on the textbox? right now i cant get rid of the additional characters because the are fixed.
here is the sample image
so that is my textbox now i want to get the similar value like the 44444444
and here is my table content
and here there is the similar and like values
here is my code
<form method="POST" action="">
<input type="text" name="id" id="card-code" value='<?php echo $code ?>' class="form-control">
<input type="submit" name="search" value="Search Data" class="btn btn-primary"></input>
</form>
<?php
$connection =mysqli_connect("localhost","root","");
$db = mysqli_select_db($connection,'inflightapp');
if (isset($_POST['search'])) {
$id = $_POST['id'];
$query = "SELECT * FROM scratch_cards WHERE code LIKE '$id' ";
$query_run = mysqli_query($connection,$query);
while($row = mysqli_fetch_array($query_run))
{
?>
<form action="" method="POST">
<input type="hidden" name="id" value="<?php echo $row['id'] ?>"></input>
<input type="text" name="amount" value="<?php echo $row['amount'] ?>"></input>
</form>
<?php
}
}
?>

You can play with the php string functions to get the exact string as:
$str = ltrim( strstr("Qr Code: 444444444 | 123",":"),":");
$strFinalString = trim(substr($str,0,strpos($str, "|")));
echo $strFinalString;
Please suggest if this code requires some optimisation.

How to submit values from form

I have a form that is being created dynamically
<form action="addtable.php" method="post" enctype="multipart/form-data" >
<?php
$sql="SELECT * FROM `tracker_item` ";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result)>0)
{
while($row = mysqli_fetch_assoc($result))
{ ?>
<input type="text" placeholder="<? echo $row['heading']?>" name="<? echo $row['heading']?>" />
<?}?>
<button type="submit" name="add" alt="Add" value="Add" class="btn blue">Add</button>
</form>
But i a not able to understand how to carry the value of input to the addtable.php page
Can anyone please tell how to submit these values from this form

In your addtable.php, you need to print_r $_POST and see what inputs you're getting.
// addtable.php
echo "<pre>";
print_r($_POST);
print_r($_FILES); // If you're expecting a file input
Also, you should modify your HTML a little:
<form action="addtable.php" method="post" enctype="multipart/form-data" >
<?php
$sql="SELECT * FROM `tracker_item` ";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result)>0) {
while($row = mysqli_fetch_assoc($result)) { ?>
<input type="text" placeholder="<? echo $row['heading']?>" name="<? echo $row['heading']?>" />
<? } ?>
<button type="submit" name="add" alt="Add" value="Add" class="btn blue">Add</button> <!--Place submit button outside loop -->
<?php } ?>

I think there is issue in submit button, you looping submit button with same name, try to put submit button out of while loop.

One of the reasons your PHP is not functioning correctly is because your PHP block, is not placed inside of PHP tags.
Your code should look like this:
<form action="addtable.php" method="post" enctype="multipart/form-data" >
<?php // added the PHP tags
$sql="SELECT * FROM `tracker_item` ";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result) > 0){
while($row = mysqli_fetch_assoc($result)){
?> // escaped the php tag
<input type="text" placeholder="<?= $row['heading']; ?>" name="<?= $row['heading']; ?>" />
<button type="submit" name="add" alt="Add" value="Add" class="btn blue">Add</button>
<?php
}
}
?>
Notice how I also escaped PHP when I wanted to display any HTML. Of course, you could simply echo these out, but you can do this too! Personal preference, really.
Another little alteration I made was, rather than using <?php echo ... ?> you can simply use <?= $row['...']; ?>. It is faster and cleaner too!

In your addtable.php:
<?php
$inputValue = $_POST['input_name'];
//the $inputValue is the input value that you posted from form.
echo $inputValue;
?>

To receive data in addtable.php you have to get them by name property of inputs in the form. So you have to define the names of inputs or to retrieve them again from db in addtable.php

try this ,
addtable.php
<?php
foreach ($_POST as $key => $value){
echo "Field ".htmlspecialchars($key)." is ".htmlspecialchars($value)."<br>";
}
?>
i hope it will be helpful.

You can create array of heading and access it in php:
<form action="addtable.php" method="post" enctype="multipart/form-data" >
<?php
$sql="SELECT * FROM `tracker_item` ";
$result = mysqli_query($con, $sql);
if(mysqli_num_rows($result)>0)
{
while($row = mysqli_fetch_assoc($result))
{
?>
<input type="text" placeholder="<?php echo $row['heading']; ?>" name="heading[]"> />
<?
}
?>
<button type="submit" name="add" alt="Add" value="Add" class="btn blue">Add</button>
<?php
}
?>
</form>
In addtable.php:
$headingArray = $_POST['heading']; // here you will get all the heading in array format

If content exists in database, provide form to update it - else provide form to add new row

It's all going wrong. I need to output a form onto my website that will do 1 of 2 things:
If the user already has content in the database, provide a form that posts to self to update the existing content.
If the user does not have content in the database, provide a form to let the user add information to the database.
The forms should submit to themselves to keep coding tidy. I'm getting into a right mess. I'll show what I have so far, but I'm getting in a muddle.
//look in db to see if content exists, if it does set variable
$result = mysql_query(
"SELECT * from tbl_profiles
WHERE user_id = $who
");
while($row = mysql_fetch_array($result))
{
$profileText = $row['text'];
}
// Check if user has content in db
$result = mysql_query(
"SELECT * FROM tbl_profiles WHERE user_id='$who'");
if(mysql_fetch_array($result) !== false){
echo
'<form action="../edit/indexUpdate.php" method="post" name="edit">
Comments:<br />
<textarea name="updatedText" id="comments">' .
$profileText .'
</textarea><br />
<input type="submit" value="Submit" />
</form>'
;}
else{
$profileText = $row['text'];
echo
"<form action='../edit/index.php' method='post' name='add'>
Comments:<br />
<textarea name='comments' id='comments'>" .
$profileText
."</textarea><br />
<input type='submit' value='Submit' />
</form>"
;}?>

You've pretty much got the functionality there, just needs tidying up.
Try something like this:
<?php
//look in db to see if content exists, if it does set variable
$profileText="";
if($result = mysql_query("SELECT * from tbl_profiles WHERE user_id = $who")) {
while($row = mysql_fetch_array($result))
{
$profileText .= $row['text'];
}
?>
<form action="../edit/indexUpdate.php" method="post" name="edit">
Comments:<br />
<textarea name="updatedText" id="comments">
<?php echo $profileText; ?>
</textarea><br />
<input type="submit" value="Submit" />
</form>
<?php
} else {
?>
<form action='../edit/index.php' method='post' name='add'>
Comments:<br />
<textarea name='comments' id='comments'>
<?php echo $profileText; ?>
</textarea><br />
<input type='submit' value='Submit' />
</form>
<?php
}
?>

The basic idea is to add a record if new and update if not. What you can do is use an id to represent the record or -1 if it's a new entry
Something along the lines of:
//Defaults
$recordid=-1;
$name='';
$comments='';
//look in db to see if content exists, if it does set variable
$result = mysql_query(
"SELECT * from tbl_profiles
WHERE user_id = $who
");
// Check if user has content in db
$result = mysql_query(
"SELECT * FROM tbl_profiles WHERE user_id='$who'");
if(mysql_fetch_array($result) !== false){
//Yes. Get the id
$recordid = $result->id;
//Get the values
$name= $result->name;
$comments= $result->name;
}
<form action="../edit/index.php" method="post" name="formdata">
<input type="hidden" name="recordid" value="<? echo htmlspecialchars($recordid) ?>">
<input type="hidden" name="name" value="<? echo htmlspecialchars($name) ?>">
<textarea name="comments" id="comments"><? echo htmlspecialchars($comments) ?></textarea>
<input type="submit" value="submit"/>
</form>
This way a new form will have a -1 but an existing will have an id.
As an additional point it is very important to sanitize your inputs for SQL and what you output in HTML to stop SQL Injections. For your reference on this:
SQL
Little Bobby Tables
Cross Site Scripting

Edit record (should be so easy)

I have looked everywhere here in Stackoverflow and I´ve searced 16.493 sites on Google but no answers to the most basic thing in php (edit record)
I´ve managed to code the most complicated stuff - but this is like a cancer and would also help others.
I have to files - edit.php - and update.php
edit.php works and it retrieves the data from the record
Here is the edit.php
<?php
mysql_connect('localhost', 'user', 'pass') or die(mysql_error());
mysql_select_db("db") or die(mysql_error());
$UID = (int)$_GET['id'];
$query = mysql_query("SELECT * FROM cloudbig WHERE id = '$UID'") or die(mysql_error());
if(mysql_num_rows($query)>=1){
while($row = mysql_fetch_array($query)) {
$fs = $row['fs'];
$texti = $row['texti'];
}
?>
<form name="form1" method="post" action="update.php">
<input type="text" name="fs" value="<?php echo $texti ?>" size="60">
<textarea rows="8" name="texti" id="userName" cols="60"><?php echo $texti ?></textarea>
<input type="submit" name="save" value="submit" />
</form>
<?php
}
?>
and here is update.php
<?php
$id = $_REQUEST["id"];
$fs = $_POST["fs"];
$texti = $_POST["texti"];
mysql_connect('localhost', 'user', 'pass') or die(mysql_error());
echo "MySQL Connection Established! <br>";
mysql_select_db("db") or die(mysql_error());
echo "Database Found! <br>";
$query = "UPDATE cloudbig SET fs = '$fs', texti = '$texti' WHERE id = '$id'";
$res = mysql_query($query);
if ($res)
echo "<p>Record Updated<p>";
else
echo "Problem updating record. MySQL Error: " . mysql_error();
?>
I´ve done a whole news/online magazine site in php but simple edit.php function is a problem

I think that the short answer is that you never post the "id" up to the update.php script. Your form needs to look like this:
<form name="form1" method="post" action="update.php">
<input type="hidden" name="id" value="<?php echo $UID ?>">
<input type="text" name="fs" value="<?php echo $fs; ?>" size="60">
<textarea rows="8" name="texti" id="userName" cols="60"><?php echo $texti ?></textarea>
<input type="submit" name="save" value="submit" />
</form>
which will send the id into the POST array where it can be accessed by $id = $_REQUEST["id"];
You can also accomplish this by sending it via _GET by modifying the form action:
<form name="form1" method="post" action="update.php?id=<?php echo $UID ?>">
<input type="text" name="fs" value="<?php echo $fs; ?>" size="60">
<textarea rows="8" name="texti" id="userName" cols="60"><?php echo $texti ?></textarea>
<input type="submit" name="save" value="submit" />
</form>
which will put it in the $_GET array where it will also be seen in the $_REQUEST array.
Lastly, there are some MAJOR ISSUES with your code:
First and foremost, it is subject to SQL injection! You MUST escape
your variables before passing them into a MySQL query.
Second. As pointed out by iDifferent, you appear to bve echoing the wrong value into the fs field (you're setting it equal to the texti field)
Third, why do you have this loop?
if(mysql_num_rows($query)>=1){
while($row = mysql_fetch_array($query)) {
$fs = $row['fs'];
$texti = $row['texti'];
}
If you're fetching by ID you should never have duplicates. Make sure that ID is a primary key and there is no reason to check for multiple rows.

Categories