In this code, I'm trying to take a user that wants to change event statuses from a dropdown. The dropdown consists of three options:
"Contacted"
"Verified"
"Completed"
I want a user to click "Submit status" and take them to change.php, as specified in the action attribute. Change.php should have 2 get parameters: the id of the database column of the event they want to alter, and the new status they want to change it to. For example it should look like this: http://localhost/schedule/change.php?id=60?status=verified
But this is what I'm getting right now:
http://localhost/schedule/change.php?status=verified&submitStatus=Change+status
And also, the dropdown is showing an error: Notice: Undefined index: status in line 1
// Assume this is line 1
echo "<form method='get' action='change.php?id=".urlencode($e['id'])."?url=".urlencode($_GET['status'])."'><select name='status' id='status'>'";
if ($e['status'] == "contacted") {
echo "<option value='contacted' selected>Contacted</option>";
echo "<option value='verified'>Verified Appointment</option>";
echo "<option value='completed'>Job Completed</option>";
$counter++;
} else if ($e['status'] == "verified") {
echo "<option value='verified' selected>Verified Appointment</option>";
echo "<option value='contacted'>Contacted</option>";
echo "<option value='completed'>Job Completed</option>";
$counter++;
} else if ($e['status'] == "completed") {
echo "<option value='completed' selected>Job Completed</option>";
echo "<option value='contacted'>Contacted</option>";
echo "<option value='verified' selected>Verified Appointment</option>";
$counter++;
} else {
echo "No event status found!";
}
if ($counter == 1) {
echo "<input type='submit' name='submitStatus' value='Change status'></form></select>
</td>";
echo "</tr>";
}
I know the real issue lies in the first echo line, where I start the form tag, and I know the issue is in the action parameter, but I just don't know what to do! Please help me out here...
The error is that you are using ? to separate parameters instead of using & or &&. So your code should be:
echo "<form method='get' action='change.php?id=".urlencode($e['id'])."&url=".urlencode($_GET['status'])."'><select name='status' id='status'>'";
Also, as said by Phil, try using POST if you don't want to change the data values from url. For example, if you change, id from url, change.php will make changes on the basis of id parameter from url. It seems to me like you should use POST as change to me means quite secure thing and not the thing to be done via GET.
Obviously, it does not mean you should not use GET. These methods are equally important, but not as secure in the sense that data can be changed from url so easily. GET can be used in search process, for example where you don't have to change to the database, you just have to retrive.
I might have gone off topic, but I think that was quite important for you to know which method you should be using. Thank you!!!
Related
The issue I have been experiencing deals with input from HTML which was generated using PHP echo statements. Here is the function I have that outputs the form:
function confirm_recipients()
{
echo "<form action = ' ' name ='email_options' method='post'>";
echo "<input type='submit' name='sendRecipients' value='Yes, I want to send the emails' >";
echo "</form>";
}
Later on in the same PHP page, I call the function and then check to see if the submit button was set.
confirm_recipients();
if (isset($_POST['sendRecipients']))
{
//perform actions
}
However, this code is not functional seeing as even when the submit button is set (clicked by the user), the if statement block is never executed. Perhaps there is an issue with posting from the same file I want to "read in" from? Thanks for any advice.
Updates
Thank you for such immediate response. Sadly none of the suggestions have worked (removing the space in the action value or the suggestion made by user623952). No errors have been reported, the button is just failing to be set. I am looking for other places in the file that might have errors, perhaps in the order I call the function.
This works fine for me:
<?php
print "<pre>".print_r($_POST,true)."</pre>";
confirm_recipients();
function confirm_recipients() {
echo "<form action = ' ' name ='email_options' method='post'>";
echo "<input type='submit' name='sendRecipients' value='Yes, I want to send the emails' >";
echo "</form>";
}
if (isset($_POST['sendRecipients']))
{
print "<br/>sendRecipients is set!<br/>";
}
?>
I think your problem might be somewhere else in the code.
It's okay to POST the form data to the same script that contains the form. Change the action attribute to the URL of the script, do not set it to whitespace, which is what you did.
I don't think the value of a submit input is sent as part of the POST. Try using an input type="hidden" with the name 'sendRecipients'.
I have researched many places to find an answer to this question, but they never quite answer my real question: What is the best/approved way to move to a new page within the same website? I have read that it is bad to use window.location because search engines will think you are hiding something. But, when I don't want to open a new window (window.open), then I don't know how else to do it. I use href anchors in links and form actions, where appropriate. But when I have menus or buttons with onclick, then I need something else.
Here's an snippet of my code:
my javascript: (with one option commented)
function gotoCat() {
var catcdF = document.catSelect.catcd.value;
<?php
echo "window.location.href='http://www.mysite.org".$pgmdir."services/busMenu.php?catF='+catcdF; ";
/*
echo "window.open('http://www.mysite.org".$pgmdir."services/busMenu.php?catF='+catcdF,'','resizable=1,scrollbars=1,toolbar=1,top=50,left=300,width=950,height=800,location=0'); ";
*/
?>
}
My dynamic SELECT list in a form (within PHP):
echo " <select name='catcd' id='catcd' size='8' onclick=gotoCat() > \n";
// display list of categories
if ($numcats == 0) { // print message text only
echo "<option value='0' >".$catMsg."</option> \n";
}
else {
for ($i=1; $i<=$numcats; $i++) {
$catcd_db = $catAry[$i][1];
$catName_db = $catAry[$i][2];
echo "<option value='".$catcd_db."'> ".$catName_db." </option> \n";
}
}
echo "</select>";
So, as you can see, I just want a method to allow the user a choice and then automatically go to the correct web page once selected. This is not always in a select list. Often it's when they want to exit or get an error:
if (mysqli_connect_errno()) {
echo "<br/> <p style='text-align:center;'> <button type='button'
class='buttonStyle' style='padding: 4px 20px;' value='Exit' ";
echo "onClick=\"window.location.href='http://www.mysite.org/services/catSelbus.php?rc=1&func=Rev'\" > ";
echo "Exit </button></p> ";
}
I cannot use "go back" because they need to go to a prior page, not the form they came from.
So, unless my navigation methods are really off-the-mark, I guess I need to know the acceptable method for using javascript onClick to move to the next page in the same website. Is window.location okay, or should I use something else?
Any opinions or suggestions are welcome!
To navigate to another page using Javascript, use:
window.location.href = "url";
That's how it's done and there's nothing wrong about it.
For the sake of argument, you could create a hidden link and simulate a click on it, but as I said, there's really no need.
You can use php header('location') instead:
<form action="submit.php">
<input type="hidden" value="test" name="hidden1" />
<input type="submit" Value="Exit" ... />
submit.php
<?php
if (isset($_POST['hidden1'])
{
header('Location: http://www.mysite.org/services/catSelbus.php?rc=1&func=Rev');
exit;
}
?>
More info about header('Location ...');:
http://php.net/manual/en/function.header.php
Instead of a hidden, you use your select's value and get it via the $_POST variable.
I'm working on this code in PHP and basically I have 5 checkboxes, for 5 individual items, each called "ItemCheck" and they have values of 0-4. Now I wrote a code where it has it so it displays the numbers that are checked from those 5 check lists.
Form:
for ($i=0;$i<count(5);$i++){
echo "
<input type='checkbox' name='ItemCheck' value='$i.check'>$i</input><br>"}
PHP Process:
if (isset($_POST['ItemCheck'])){
for ($o=0;$o<$ItemCount;$o++){
if($_POST['ItemCheck'] == $o.'.check') {
echo "Item " . $o . "<br>";
}
}
}
else{ echo "You must select at least one product";}
Although say if I check box #1,2 & 3, the final output will only display "Item 3". Now matter how many checkboxes you select, it will only display the one with the highest value and none other. Does anybody know what's wrong with the code and how to have it so it displays each individual number that's selected, and not just the one with the highest value?
What you want to do is set the name of the checkbox element ItemCheck[] this will make $_POST["ItemCheck"] an array.
Example:
for ($i=0;$i<count(5);$i++){
echo "<input type='checkbox' name='ItemCheck[]' value='$i.check'/> $i<br>";
}
Another thing to note is the browser won't post up anything for an unchecked checkbox so I think your processor needs to be like this.
<?php
if (isset($_POST['ItemCheck'])){
for ($o=0;$o<count($_POST['ItemCheck']);$o++){
echo "Item " . $_POST['ItemCheck'] . "<br>";
}
} else {
echo "You must select at least one product";
}
?>
Another thing so make sure of is that your form has the method set to POST
it is only displaying the first select box and the last one ..
here is the code.
function select_nom_of_guests($guest_type){
$i=0;
echo $guest_type;
echo "<select name=\"adults_num\" id= \"a\">";
while ($i<=5){
echo "<option value= $i>$i</option>" ;
$i++;
}
}
echo "<p>";
select_nom_of_guests("מספר מבוגרים");
select_nom_of_guests("מספר ילדים");
select_nom_of_guests("מספר תינוקות");
echo "</p>";
Close your <select> tags and it should work better ;-)
Note that a for loop would be more appropriate in your case.
Note that you don't end the <select> tag. I'm not sure how browsers would respond to that, but it definitely wouldn't help.
One helpful tool in these scenarios is the View Source tool that all major browsers have: instead of being confused about what's appearing on the screen, look at the HTML that the browser received to see why it might be showing what it's showing. If this is the issue, the source code would have revealed it lickity-split :)
You didn't close the select tag. You probably also want to make the name and id attributes different for each select.
function select_nom_of_guests($guest_type){
$i=0;
echo $guest_type;
echo "<select name=\"adults_num".$guest_type."\" id= \"select_".$guestType."\">";
while ($i<=5){
echo "<option value= $i>$i</option>" ;
$i++;
}
echo "</select>";
}
Thank you so much for being so helpful. Owe you all a thank you. I will be asking more questions in the future. Someone has solved the problem by giving me this code:
echo "" . strval($row['style']) . "" . "";
and it worked beautifully!!!!!!!!! You rock!
I am sorry, I don't know how to post follow up questions, so I keep posting each question as a new question. I've never joined any forum before, so don't know how to follow a thread :( Sorry
I previously asked a question, but didn't post my code, so many kind people (thank you so much) who respanded couldn't help me out.
So I'll post my partial code below.
";
echo "Select an item";
echo "";
}
while($row = mysql_fetch_array($result))
{
echo "$row[style] $row[color]";
}
mysql_close($con);
echo "";
echo "";
echo "Enter your 4 digit postcode";
echo "";
echo "";
echo "Enter quantity";
echo "";
echo "";
echo "";
echo "";
?>
Then to process form, I use $_POST['item'] to find out which item was selected, I get the first word, the rest of the words are missing.
For example, if the dropdown box was populated with the follwoing:
Dressmaker mannequin size 12
Mannequin torso PH-9 in skin color
...
if item selected was "Dressmaker manenquin size 12", $_POST['item'] gives me Dressmaker, the rests are missing.
I spent whole last night and today searching, but have made no progress, please help :(
This still applies from my previous post:
//====== Begin previous post
Hopefully, your MYSQL database has a primary key? If it does, set the value of each <option> to the primary key of the item.
For example:
SQL
id desc
1 "dressmaker thing with mannequin"
2 "dressmaker thing no mannequin"
Form PHP
echo "<option value='".$query['id']."'>".$query['desc']."</option>";
When the form is submitted, re-query the database for the desired description. You'll be doing this re-query anyway to retrieve prices and such, yes?
The reason this is happening is that spaces are discouraged in HTML attributes. You shouldn't have an attribute like value='this attribute is spaced'.
//====== End previous post
Basically, change this line:
while($row = mysql_fetch_array($result))
{
echo "<option value=$row[style]>$row[style] $row[color]</option><br />";
}
to
while($row = mysql_fetch_array($result))
{
echo "<option value='".$row['id']."'>$row['style'] $row['color']</option><br />";
}
and add this in process_form.php to get the description:
$desc = mysql_query("SELECT style FROM products WHERE id='".$_POST['item']."';");
You can also use this to get all other related info from the DB right when you need it.
// Another edit
#Cambraca - right on - I forgot to sanitize the quote.
#Ottoman - Your solution is a temporary fix. I strongly recommend applying an id/primary key system if it's not in place. An ounce of prevention is worth a pound of cure.
That is because in php you get what is in the "value" attribute of the dropdown's options.
You need to do something like this:
Replace
echo "<option value=$row[style]>$row[style] $row[color]</option><br />";
with
echo "<option value=\"$row[style] $row[color]\">$row[style] $row[color]</option><br />";
The problem is your lack of quotes in the option "echo" statement.
Try something like this
while($row = mysql_fetch_array($result))
{
printf('<option value="%s">%s %s</option>',
htmlspecialchars($row['style']),
htmlspecialchars($row['style']),
htmlspecialchars($row['color']));
}
Note also, the <br> element does not belong in the <select>
Edit: Added htmlspecialchars to properly escape any HTML entities that might exist in retrieved strings
If it gives you only the first word, then you forgot to enclose the option value="with quotes". Otherwise show us the constructed HTML source.