There is a problem to show checked in checkbox on edit page.
There is my code below:
SSC<input type="checkbox" name="ssc"class="form-control" value="SSC"
<?php if(isset($ssc)) echo ($data[6] == 'SSC') ? 'checked':''; ?>/>
HSC<input type="checkbox" name="hsc" class="form-control" value="HSC"
<?php if(isset($hsc)) echo ($data[6] == 'HSC') ? 'checked':''; ?>/>
Where did you assign $hsc/$ssc ? Why don't you make it like this :
if(isset($data[6]) && $data[6] == 'SSC') echo 'checked';
or
if(isset($data[6]) && $data[6] == 'HSC') echo 'checked';
for the other checkbox
Okay, lets go throw the issues
mysql functions were deprecated
currently it is possible for an attacker can inject malicious SQL because the way you pass your variables
beacuse your $data variable always contains the education column
the value of a checkbox is sent only if it was checked otherwise it's not even set
the educatio column can contain three value currently and none of them equals with your data
SSC
SSC HSC
HSC
Solutions:
Use mysqli functions instead mysql
Use prepared statements and parameterized queries.
Don't check if a column is set if it is defined by your select query
Always check if a checkbox value was sent with isset or add a hidden input with the same name and empty value above the checkbox so if the box is not checked the value of the hidden input will be sent
check if the string contains those "words" (strpos($a, 'SSC') !== false - it's true when not false)
(And do not use the answer section to give aditional data update your question instead)
Related
I ran into a problem in my php/html code here, and I can't seem to locate the bug. The form seems to be posting everything except this one field, which seems to return "empty" every time.
(trying to set the variable "active" from the "select" option in the form, defaults to database value. The problem is, it's always returning to the default [database] value, regardless of the "select" option below...even after posting the form.) *Note that the database value of "active" is a 0/1 bit value. Does this affect the result?
php:
$active = (!empty($_REQUEST["active"]))?$_REQUEST["active"]:$row["active"];
html:
<select class="sel" name="active" id="active">
<option value="0" <?php echo ($active=="0"?"selected":"");?>>Not Active</option>
<option value="1" <?php echo ($active=="1"?"selected":"");?>>Active</option>
</select>
In your PHP code, empty will return true for the string "0", thus setting $active to the pre-existing value in such cases. What you maybe want instead is something like:
$active = (array_key_exists('active', $_REQUEST) ? (!empty($_REQUEST['active']) ? true : false) : $row['active']);
This will set the $active variable to true if the provided string is not considered empty (i.e. anything other than 0 or an empty string), false if it's present but empty, and preserve the existing value if the array key doesn't exist in the data.
I want to mark a checkbox as 'checked' automatically when an if condition is fulfilled. Here is an example of the if condition-
if($wp_session['tdwa_verification_checks'] < 2){
}
And the checkbox is-
<input class="input-text a-save" type="checkbox" id="chkboxclicked" name="tdwa-foreign-citizen" value="1">
I am trying with this but its not working.
if($wp_session['tdwa_verification_checks'] < 2){
echo '<input class="input-text a-save" type="checkbox" id="chkboxclicked" name="tdwa-foreign-citizen" value="1" checked>';
}
I would appreciate if anyone can give me a clue. Thanks :)
A couple issues. One is that you're wrapping you're entire checkbox inside an if statement. Another is that it's very strange to check for a boolean value by comparing it to less than 2 as you'll generally compare it to equal 1. Another is that chkboxclicked is a very vague ID to say that least, you should probably change that to something more similar to the name. You should also add the closing slash since checkbox inputs are void elements.
Now, looking at your code, you're also checking $wp_session['tdwa_verification_checks'] but the input name is tdwa-foreign-citizen, are you sure that the key you're checking in $wp_session is correct?
Lastly, WordPress has a neat function called checked() that will compare and check values for you if applicable. This is how you should probably be using it in your markup:
<input class="input-text a-save" type="checkbox" id="tdwa-foreign-citizen" name="tdwa-foreign-citizen" value="1" <?php checked( $wp_session['tdwa_verification_checks'], 1 ); ?> />
you're printing the checkbox correctly, you have to verify to value for
$wp_session['tdwa_verification_checks']
you can find the value by doing
echo json_encode($wp_session['tdwa_verification_checks']);
once you find the value you can compare correctly
I am building a site with a number of independant check boxes that collect information about industry topics. I user will check the ones of interest and store “Yes” in the database which is Filemaker.
When they return, they will see the ones previously checked and can uncheck if needed.
To this end, I am trying to get a check box to display as checked if the database value is equal to “Yes” and display as unchecked if the value is blank. Also, of the user checks the checkbox on the form, it will send the value of “Yes” back to the database and a value of blank if the check box is unchecked.
So far, I am only able to display the “Yes” or blank for fields. Here is my code so far:
<input type="text" name="Core_Compentencies__Marketing" value="<?php echo $port_row->getField('Core_Compentencies::Marketing'); ?>"></td>
Any help is appreciated.
Thanks.
usually i use helper function to decide whether field value is checked or not.
<?php
function isChecked($value = '', $defaultVal = 'Yes')
{
if($value == $defaultVal)
{
return 'checked';
}
}
?>
<input name="checkbox" type="checkbox" value="Yes" <?php echo isChecked(Core_Compentencies::Marketing); ?>>
i have a form field
<input type="checkbox" name="page" value=""/>
and corresponding field in mysql db is true and false, if someone click the checkbox i would like to send TRUE value to db via POST, how do i achieve it ?
You give the input any value you like:
<input type="checkbox" name="page" value="true"/>
Then, if the checkbox is checked, it will be a successful control and submitted.
<?php
if (isset($_POST['page']) && $_POST['page'] == 'true') {
// Then insert something into the database as normal
}
?>
If you want to set it when the checkbox is not ticked, then you will need an else to go with the if.
For a checkbox, the value attribute determines what the value will be if the item is checked. If it isn't checked, then no value will be submitted at all. You should therefore always specify the value attribute on a checkbox.
If you want the checkbox to default to checked, then you also need to specify the checked attribute.
<input type="checkbox" name="page" value="1" checked='checked' />
The Form:
<form action="/path/to/processing_script.php" method="POST">
<!--... Other Form Elements go here -->
<input type="text" name="color" />
<input type="checkbox" name="page" value="True"/>
<input type="submit" value="Send to Database" />
</form>
Processing script:
(processing_script.php)
<?php
// Check is 'True'?
if ($_POST['page'] != 'True')
{
$_POST['page'] = 'False';
}
$con=mysqli_connect("your-db-loc","your-db-username","your-db-pass","db-name");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL Database: " . mysqli_connect_error();
}
mysqli_query($con,"INSERT INTO TableNameHere (True-false, Favorite Color)
VALUES ($_POST['page'], $_POST['color'])");
mysqli_close($con);
?>
This example I created add's 2 data types to a new row on the database.
Replace the text 'TableNameHere' with your db table name, should be in similar format to: 'prefix_colors_tble'
Replace the text "your-db-loc" with your databases location, usually 'localhost' for internal server, or could be a URL for live server.
Replace the text "your-db-username" the username used to login to mysql, must have sufficient privileges.
Replace the text "your-db-pass" the user's password
Replace the text "db-name" database name (not deemed important unless containing multiple databases)
Replace the text "True-false" & "Favourite Color" with your db table column headings as appropriate.
Good Luck! -p.s. I know this answer is a few years late, but I hope it can help somebody else. Send your appreciation to http://amazewebs.com/testimonial Thanks.
Collect the follows by reading $_POST after form submission, then write them to the database using mysql_query
the first thing you will have to do is to modify the current html code for checkbox and add something in the value field.
let say you set the value to 1.
The second thing is if you are posting the form, then you will have to process the form using a server side language like PHP,Perl, Java etc.
for e.g. in PHP you can get the catch what is sent for the page field using $_POST['page'].
Now you will have to do a bit of server side processing to see if the $_POST['page'] == '1' , then set $page = 'true';else set$page = 'false';
the you can insert the $page into the database by using the library functions of the language you are using.
I have two forms
a) post.php
b) edit.php
I am using the checkbox in both the form to set the binary value (0 and 1) to set the status for approve.
to process the value from the checkbox in the post.php I am using the code which checks and assume that if the checkbox is checked then the value will be 1 other wise it is 0 by default
if (isset($_POST['ad_approve'])) $ad_approve = htmlspecialchars(strip_tags(mysql_real_escape_string($_POST['ad_approve'])));
else { $ad_approve = 0; }
Now in the edit.php form I retrieve the data from the database and set the checkbox accordingly . if the approve has the value 1 then it is checked by default . look onto the following code
<input name="ad_approve" type="checkbox" value="1" <?php if($approve==1) echo 'checked="checked"';?> />
in the above code I cannot apply the same logic to catch the value from ad_approve i.e(by checking isset()) because if the value is 1 by default and if I try unchecking the checkbox then automatically the program assume that the value is set because it has been changed from checked to unchecked. now in the edit.php how do I again process the value from it such that if the checkbox is checked hold the value as 1 otherwise 0, ??
to be honest your question does not make a whole lot of sense but I can understand that you wish to check if check boxes are actually set.
firstly you don't need a value attribute on a check box because its the browser that decide what value if any to send via the GP headers.
http://www.w3.org/TR/html401/interact/forms.html
Checkboxes (and radio buttons) are
on/off switches that may be toggled by
the user. A switch is "on" when the
control element's checked attribute is
set. When a form is submitted, only
"on" checkbox controls can become
successful.
So basically if a checkbox is not selected then the entity will not be sent via the headers, there for isset() would be a perfectly usable check.
The way your using real escape is totally wrong, you should never user real escape for html, DATABASE ONLY.
Take this code for example
if(isset($_POST['some_check']))
{
echo $_POST['some_check']; //on
}else
{
echo 'some_check has not been checked';
}
Your code:
if (isset($_POST['ad_approve'])) $ad_approve = htmlspecialchars(strip_tags(mysql_real_escape_string($_POST['ad_approve'])));
else { $ad_approve = 0; }
Can you give me a good excuse why your using htmlspecialchars,strip_tags and mysql_real_escape_string on an entity that can be done like so:
$ad_approve = isset($_POST['ad_approve']) ? true : false;
for issues like this its not that hard to refer to the documentation to get a better understand of what exactly is being sent from the browser.
if you wish to add values to to the checkboxes that you would do this with hidden fields, example follows.
<input type="checkbox" name="check_box" />
<input type="hidden" name="check_box_value" value="01100001" />
And within the php server side.
if(isset($_POST['check_box']))
{
echo $_POST['check_box_value']; //01100001
}else
{
echo 'some_check has not been checked';
}
by adding another html input thats hidden you can hide elements from the user and then use as data holders, the reason why you should use the exact same name but append it with _value is just for best practises.
EDIT
if(isset($_POST['some_check_box']))
{
mysql_query('UPDATE profile SET receive_mail = 1');
}else
{
mysql_query('UPDATE profile SET receive_mail = 0');
}