I'm playing around with a form trying to learn PDO.
The problem is that nothing is submitted. Nothing is saved and I don´t receive any errors.
I have a class (ABB). In that class I have a function called "spara_abb" (along with several functions used in the script).
Questions:
Is there any way to complete this code to work?
Is this the right way to solve this?
Any suggestions?
The form:
<?php
if (isset($_POST["submit"])){
$save_abb = $abb->spara_abb($_POST['ident']);
}
?>
<!-- FORM START - Create new ABB -->
<form action="abb_ny.php?amne_id=<?php echo $_GET['amne_id']; ?>&abb_arskurs=<?php echo $_GET['abb_arskurs']; ?>" method="post" enctype="multipart/form-data" id="sky-form1" class="sky-form">
<input type='Hidden' name='lid' value='<? echo $_SESSION['lid']; ?>'>
<input type='Hidden' name='datum' value='<? echo date('Y-m-d'); ?>'>
<input type='Hidden' name='ident' value='<? echo $abb->skapa_ident($_GET['amne_id']); ?>'>
<input type='Hidden' name='amne_id' value='<? echo $_GET['amne_id']; ?>'>
<input type='Hidden' name='arskurs' value='<? echo $_GET['abb_arskurs']; ?>'>
<input type='Hidden' name='aktiv' value='1'>
<header>Skapa ny ABB</header>
<fieldset>
<section>
<label class="label">Arbetsomrade</label>
<label class="input">
<i class="icon-append fa fa-tag"></i>
<input type="text" name="arbetsomrade" id="arbetsomrade" placeholder="Arbetsområde">
</label>
</section>
<label class="label">Syfte</label>
<section>
<label class="textarea">
<i class="icon-append fa fa-comment"></i>
<textarea rows="5" name="syfte" placeholder="Syfte"></textarea>
</label>
</section>
<label class="label">Overgripande mal</label>
<section>
<label class="textarea">
<i class="icon-append fa fa-comment"></i>
<textarea rows="5" name="overgripande_mal" placeholder="Övergripande mål"></textarea>
</label>
</section>
<label class="label">Undervisning</label>
<section>
<label class="textarea">
<i class="icon-append fa fa-comment"></i>
<textarea rows="5" name="undervisning" placeholder="Undervisning"></textarea>
</label>
</section>
<label class="label">Redovisningsform</label>
<section>
<label class="textarea">
<i class="icon-append fa fa-comment"></i>
<textarea rows="5" name="redovisningsform" placeholder="Redovisningsform"></textarea>
</label>
</section>
</fieldset>
<footer>
<button type="submit" name="Spara" value="Spara" class="btn-u">Save ABB</button>
</footer>
</form>
<!-- END FORM -->
The function called from my class ABB:
# Save ABB
public function spara_abb($ident) {
// Does IDENT exist?
$abb_existerar = $this->abb_existerar($ident);
try{
if ($abb_existerar === true){
$query2 = $this->db->prepare("
UPDATE `abb` SET `arbetsomrade` = :arbetsomrade,`syfte` = :syfte,
`overgripande_mal` = :overgripande_mal, `undervisning` = :undervisning,
`redovisningsform` = :redovisningsform, `lid` = :lid, `datum` = :datum,
`aktiv` = :aktiv
WHERE (`ident`=:ident)");
$query2->bindParam(':ident', $ident, PDO::PARAM_STR);
$query2->bindParam(':arskurs', $arskurs, PDO::PARAM_STR);
$query2->bindParam(':amne_id', $amne_id, PDO::PARAM_INT);
$query2->bindParam(':arbetsomrade', $arbetsomrade, PDO::PARAM_STR);
$query2->bindParam(':syfte', $syfte, PDO::PARAM_STR);
$query2->bindParam(':overgripande_mal', $overgripande_mal, PDO::PARAM_STR);
$query2->bindParam(':undervisning', $undervisning, PDO::PARAM_STR);
$query2->bindParam(':redovisningsform', $redovisningsform, PDO::PARAM_STR);
$query2->bindParam(':lid', $lid, PDO::PARAM_INT);
$query2->bindParam(':datum', $datum, PDO::PARAM_STR);
$query2->bindParam(':aktiv', $aktiv, PDO::PARAM_INT);
$query2->execute();
}else {
$query2 = $this->db->prepare("
INSERT INTO `abb`
(ident, arskurs, amne_id, arbetsomrade, syfte, overgripande_mal, undervisning, redovisningsform,lid,datum,aktiv) VALUES (:ident, :arskurs, :arbetsomrade, :syfte, :overgripande_mal, :undervisning,
:redovisningsform, :lid, :datum, :aktiv) ");
$query2->bindParam(':ident', $ident, PDO::PARAM_STR);
$query2->bindParam(':arskurs', $arskurs, PDO::PARAM_STR);
$query2->bindParam(':amne_id', $amne_id, PDO::PARAM_INT);
$query2->bindParam(':arbetsomrade', $arbetsomrade, PDO::PARAM_STR);
$query2->bindParam(':syfte', $syfte, PDO::PARAM_STR);
$query2->bindParam(':overgripande_mal', $overgripande_mal, PDO::PARAM_STR);
$query2->bindParam(':undervisning', $undervisning, PDO::PARAM_STR);
$query2->bindParam(':redovisningsform', $redovisningsform, PDO::PARAM_STR);
$query2->bindParam(':lid', $lid, PDO::PARAM_INT);
$query2->bindParam(':datum', $datum, PDO::PARAM_STR);
$query2->bindParam(':aktiv', $aktiv, PDO::PARAM_INT);
$query2->execute();
}
}catch(PDOException $e){
die($e->getMessage());
}
} // END save ABB
You can add all the form variables inside of an array and send it to the function like this:
$array = Array(':ident' => array($_POST['ident'], PDO::PARAM_INT),
':lid' => array($_POST['lid'], PDO::PARAM_INT),
':datum' => array($_POST['datum'], PDO::PARAM_STR),
':amne_id' => array($_POST['amne_id'], PDO::PARAM_INT));
$save_abb = $abb->spara_abb($array);
Now in class you could do something like this:
# Save ABB
public function spara_abb($array) {
// Does IDENT exist?
$abb_existerar = $this->abb_existerar($array);
try{
if ($abb_existerar === true){
$query2 = $this->db->prepare("
UPDATE `abb` SET `arbetsomrade` = :arbetsomrade,`syfte` = :syfte,
`overgripande_mal` = :overgripande_mal, `undervisning` = :undervisning,
`redovisningsform` = :redovisningsform, `lid` = :lid, `datum` = :datum,
`aktiv` = :aktiv
WHERE (`ident`=:ident)");
foreach($array as $key => $val){
$query2->bindParam($key,$val[0],$val[1]);
}
$query2->execute();
....
....
That way you pass all the variables to the class. I would recommend to make sure that all the variables exist with the function isset(), for example:
$idnent = isset($_POST['ident'])? $_POST['ident'] : '';
edit: Use var_dump($array);
to print all the array and see if this is what you wanted.
Related
I am having trouble of finding why my code is not working . I tried to look up on the internet but I can't seem to find the error.
Here's my function
public function AddNews($newsDate,$title,$content){
try{
$stmt = $this->db->prepare("INSERT INTO news(newsDate,title,content) VALUES (:newsDate,:$title,:$content)");
$stmt->bindParam(":newsDate", $newsDate);
$stmt->bindParam(":title", $title);
$stmt->bindParam(":content", $content);
$stmt->execute();
return $stmt;
}catch(PDOException $ex){
echo $ex->getMessage();
}
}
and the form action
/*---------DEVELOPMENT-----------*/
require_once '/database/database.php';
/*---------ENVIRONMENT-----------*/
// require_once 'database/database.php';
if(isset($_POST['btn-news-submit'])){
$newsDate = trim($_POST['newsDate']);
$title = trim($_POST['bodyContent']);
$content = trim($_POST['newsContent']);
if($user->AddNews($newsDate,$title,$content)){
header("Location: admin-index.php?successfully-uploaded");
}
}
and lastly my html form
<div class="news">
<form action = "upload-news" method="POST" enctype="multipart/form-data">
<div class="form-group">
<input type="hidden" name="newsDate" id="newsDate" value="<?php echo date('Y-m-d H:i:s'); ?>" readonly="readonly">
<label for="bodyContent"><b>Title</b></label>
<textarea class="form-control" rows="1" id="bodyContent" name="bodyContent"></textarea>
<br>
<label for="exampleFormControlFile1">Content of News</label>
<textarea class="form-control" rows="5" id="newsContent" name="newsContent"></textarea>
<br />
<br>
<div class="btn-news">
<button type="submit" name="btn-news-submit" class="btn btn-primary">Post</button>
</div>
</div>
</form>
</div>
Could someone please point out where is the error here . It says
SQLSTATE[HY093]: Invalid parameter number: parameter was not defined
But I checked several times and all my bindParam are matched
Don't use dollar signs in your bind handles here:
"INSERT INTO news(newsDate,title,content) VALUES (:newsDate,:$title,:$content)"
^ ^
Just use plain strings like this:
"INSERT INTO news(newsDate,title,content) VALUES (:newsDate,:title,:content)"
I'm having issues with a PHP form that is using the isset() function for input values that have been pulled from a database. When I use the below code, the isset function is returning nothing to the input fields on an edit client form. I'm in need of some help on how I can get this head scratching problem solved.
edit-client.php
<?php
require_once __DIR__ . '/inc/bootstrap.php';
require_once __DIR__ . '/inc/head.php';
require_once __DIR__ . '/inc/nav.php';
$client = getClient(request()->get('client_id'));
$firstName = $client['first_name'];
$lastName = $client['last_name'];
$notes = $client['notes'];
$buttonText = 'Update Client';
?>
<div class="container-fluid">
<div class="row">
<?php include __DIR__ . '/inc/sidebar-nav.php'; ?>
<main role="main" class="col-md-9 ml-sm-auto mt-4 col-lg-10 px-4 main">
<h1 class="h3 border-bottom pb-3 mb-4 text-primary">Edit Client</h1>
<form method="post" action="/procedures/procedure-edit-client.php">
<label for="first_name" class="text-muted">First Name</label>
<input type="hidden" name="first_name" value="<?php if(isset($firstName)) echo $firstName; ?>">
<label for="last_name" class="text-muted">Last Name</label>
<input type="text" id="last_name" name="last_name" class="form-control" value="<?php if(isset($lastName)) echo $lastName; ?>" required>
<label for="notes" class="text-muted">Notes</label>
<textarea id="notes" name="notes" class="form-control" rows="10"><?php if(isset($firstName)) echo $firstName; ?></textarea>
<button type="submit" class="btn btn-action btn-primary">
<?php
if(isset($buttonText)) echo $buttonText;
else echo 'Add New Client';
?>
</button>
</form>
</main>
</div>
</div>
<?php require_once __DIR__ . '/inc/footer.php';
functions.php
function getClient($clientId) {
global $db;
try {
$query = "SELECT * FROM client WHERE client_id = ?";
$stmt = $db->prepare($query);
$stmt->bindParam(1, $clientId);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
} catch(\Exception $e) {
throw $e;
}
}
Try this i assume you only get one result so returning that first result:
function getClient($clientId) {
global $db;
try {
$query = "SELECT * FROM client WHERE client_id = ?";
$stmt = $db->prepare($query);
$stmt->bindParam(1, $clientId);
$stmt->execute();
$result = $stmt->fetchAll();
return (!empty($result)) ? $result[0] : false;
} catch(\Exception $e) {
throw $e;
}
}
After that check you var_dump($client) again to see your data. Also when client is false, it could not find the client. Adjust your code to check for that also else $client is still empty.
I have a form that echoes values for a specific user from a MySQL database using PHP. I am trying to figure out how to allow the user to submit the form to update their user information but have the form skip any field they have no filled out.
Current update statement
if (!isset($_POST['btnLogin'])) {
$db = DB();
$stmt = "UPDATE users SET fName = :fName,
lName = :lName,
emailAddress = :emailAddress
WHERE user_id = $user->user_id";
$query = $db->prepare($stmt);
$query->bindParam(':fName', $_POST['fName'], PDO::PARAM_STR);
$query->bindParam(':lName', $_POST['lName'], PDO::PARAM_STR);
$query->bindParam(':emailAddress', $_POST['emailAddress'], PDO::PARAM_STR);
$query->execute();
};
Form echoing user information
<form class="form-horizontal" action="profile.php" method="post">
<div class="form-group">
<label class="col-lg-3 control-label">First name:</label>
<div class="col-lg-8">
<input class="form-control" type="text" name="fName" placeholder="<?php echo $user->fName ?>"/>
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">Last name:</label>
<div class="col-lg-8">
<input class="form-control" type="text" name="lName" placeholder="<?php echo $user->lName ?>">
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">Email:</label>
<div class="col-lg-8">
<input class="form-control" type="email" name="emailAddress" placeholder="<?php echo $user->emailAddress?>">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label">Username:</label>
<div class="col-md-8" style="margin-top: 7px;">
<?php echo $user->username ?>
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"></label>
<div class="col-md-8">
<input class="btn btn-primary" name="btnUpdate" value="Save Changes" type="button">
<span></span>
<input class="btn btn-default" value="Cancel" type="reset">
</div>
</div>
</form>
Currently this doesnt appear to update the database at all. If I leave the form completely blank and submit it, the values that existed in the database are now empty. i.e., just blank columns.
I have been looking at other examples on how to do this but I cannot seem to figure this out. Any help would be appreciated.
Just to be sure I am in fact updating the correct user, I made sure that my $user->user_id statement is in fact returning the correct user_id from the database for the update.
UPDATE
Currently this is how I have the update statement / code
if(!empty(['btnUpdate'])) {
$stmt = "UPDATE users SET fName = IF(:fName = '', fName, :fName),
lName = IF(:lName = '', lName, :lName),
emailAddress = IF(:emailAddress = '', emailAddress, :emailAddress)
WHERE user_id = $user->user_id";
$db = DB();
$query = $db->prepare($stmt);
$query->bindParam("fName", $fName, PDO::PARAM_STR);
$query->bindParam("lName", $lName, PDO::PARAM_STR);
$query->bindParam("emailAddress", $emailAddress, PDO::PARAM_STR);
$query->execute();
}
Using <?php var_dump($_POST) ?> returns 0 after submitting the form and I still end up with empty database columns
This isn't ignoring empty fields, but a more user friendly solution would be to stick the database values into each input's value attribute. That way, you don't have to skip the fields if they're blank, and a user won't get confused when editing their data. If you don't want them to be able to edit the value, just include the readonly attribute.
If you don't want to do this, than you could either create a dynamic query or use an if statement to decide which value to use, the form's or the database's.
You can make the query check whether the value is empty, and reuse the existing value.
$stmt = "UPDATE users SET fName = IF(:fName = '', fName, :fName),
lName = IF(:lName = '', lName, :lName),
emailAddress = IF(:emailAddress = '', emailAddress, :emailAddress)
WHERE user_id = $user->user_id";
You could also build the query and parameters dynamically.
$sets = array();
$params = array();
foreach (array('fName', 'lName', 'emailAddress') as $field) {
if (!empty($_POST[$field])) {
$sets[] = "$field = :$field";
$params[":$field"] = $_POST['field'];
}
}
if (!empty($sets)) {
$sets_string = implode(', ', $sets)
$stmt = "UPDATE users SET $sets_string WHERE user_id = :id";
$params[":id"] = $user->user_id;
$query = $db->prepare($stmt);
$query->execute($params);
}
I Have a profile page and admin can edit profile users,
all process on one page done,How i can refresh and update value form data after success query update ?
User.class file :
class User {
...
public function updateUser($id, $firstname, $lastname, $phone, $birthday, $managerid)
{
$con = $this->DBconnect();
$id = (int)$id;
$managerid = $this->checkParam($managerid);
$firstname = $firstname;
$lastname = $lastname;;
$mobile = $phone;
$birthday = $this->checkParam($birthday);
$query = "UPDATE `users` SET `manager_id` = :manager_id,`firstname` = :firstname,`lastname` = :lastname,`birthday` = :birthday,`mobile` = :mobile WHERE `id` = :id";
$result = $con->prepare($query);
$result->BindParam(':id', $id, PDO::PARAM_INT);
$result->BindParam(':manager_id', $managerid, PDO::PARAM_INT);
$result->BindParam(':firstname', $firstname);
$result->BindParam(':lastname', $lastname);
$result->BindParam(':birthday', $birthday);
$result->BindParam(':mobile', $mobile);
$check = $result->execute();
return true;
}}
profile.php file :
<?php
if (isset($_GET['id'])) {
$id = (int)$_GET['id'];
}
$user = new User();
$user_info = $user->getuser($id);
while ($info = $user_info->fetch(PDO::FETCH_ASSOC)) {
$firstname = $info['firstname'];
$lastname = $info['lastname'];
$mobile = $info['mobile'];
$birthday = $info['birthday'];
$managerid = $info['manager_id'];
}
$manager_ob = new Manager();
$managers = $manager_ob->getAllManager();
$managers_name = array();
while ($manager = $managers->fetch(PDO::FETCH_ASSOC)) {
$managers_list[] = $manager;
}
if (isset($_POST['edit-profile'])) {
$update_result = $user->updateUser($_POST['user_id'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_mobile'],$_POST['user_birthday'],$_POST['manager_id']);
if($update_result){
echo 'Profile Edited';
}
}
?>
<form method="post" action="#" class="form-horizontal">
<div class="form-group"><label class="col-sm-2 control-label">ID</label>
<div class="col-sm-10"><input type="text" readonly class="form-control" name="user_id" id="user_id" value="<?php echo check_param($id); ?>"/></div>
</div>
<div class="form-group"><label class="col-sm-2 control-label">Firstname</label>
<div class="col-sm-10"><input type="text" class="form-control" name="user_firstname" value="<?php echo check_param($firstname); ?>" /></div>
</div>
<div class="form-group"><label class="col-sm-2 control-label">Lastname</label>
<div class="col-sm-10"><input type="text" class="form-control" name="user_lastname" value="<?php echo check_param($lastname); ?>"/></div>
</div>
<div class="form-group"><label class="col-sm-2 control-label">Phone</label>
<div class="col-sm-10"><input type="text" class="form-control" name="user_mobile" value="<?php echo check_param($mobile); ?>"/></div>
</div>
<div class="form-group"><label class="col-sm-2 control-label" for="birthday">Birthday
</label>
<div class="col-sm-10"><input id="birthday" type="text" class="form-control" name="user_birthday"></div>
</div>
<div class="form-group"><label class="col-sm-2 control-label">Manager</label>
<div class="col-sm-10"><select class="form-control m-b" name="manager_id">
<?php foreach ($managers_list as $managers_n) { ?>
<option <?php if ($managers_n['id'] == $managerid) {
echo 'selected';
} ?>
value="<?php echo $managers_n['id']; ?>"> <?php echo $managers_n['name']; ?></option>;
<?php }
?>
</select>
</div>
</div>
<input type="submit" name="edit-profile" class="btn btn-block btn-w-m btn-success"
value="Edit profile">
</form>
i load profile data after submit edit :
$update_result = $user->updateUser($_POST['user_id'],$_POST['user_firstname'],$_POST['user_lastname'],$_POST['user_mobile'],$_POST['user_birthday'],$_POST['manager_id']);
if($update_result){
echo 'Profile Edited';
}
only display message Profile Edited but must be refresh page for renew data
I must fetch again query for update values? or have better way ?
I suggest you use Ajax for this this is probably the best way to change the data without refreshing. More info about (jQuery) ajax http://api.jquery.com/jquery.ajax/
Your other option is to force a refresh after the submit. You can do this in PHP like so:
Header('Location: '.$_SERVER['PHP_SELF']);
I would suggest choosing ajax to tackle this problem though.
Good luck :)
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
PHP: “Notice: Undefined variable” and “Notice: Undefined index”
In html code:
<select name="123023d">
<option value="default">Not Share</option>
<option value="read">Read Only</option>
<option value="edit">Editable</option>
</select>
In php code:
$rights=$_POST['123023d'];
Why i can not retrieve the value of this select box?
Notice: Undefined index: 123023d in C:\xampp\htdocs\fyp\list\add.php on line 87
Thank you.
I am sure it is in the form and it is a post method. It is located after foreach ($result as $set) as you can see i draw some sql value to generate that select box and the name of the select box is userID
Whole part:
<form id="addlist" method="post" action="add.php" >
<h1>Create your new subscriber list</h1>
<p>Create a new list before adding subscriber <label class="right"><em class="dot">*</em> indicates required</label></p>
<label><em class="dot">*</em> List name:
<span class="small">Add your list name</span>
</label>
<input id="lname" name="lname" class="required" />
<div class="spacer"></div>
<label>Reminder:
<span class="small">Remind the details of your list</span>
</label>
<textarea id="creminder" name="creminder" cols="52" ></textarea>
<div class="spacer"></div>
<div class="spacer"></div>
<p>Email me when ...</p>
<label>People subscribe:</label> <input type="checkbox" class="checkbox" name="subscribe" value="1">
<label>People unsubscribe:</label> <input type="checkbox" class="checkbox" name="unsubscribe" value="1">
<div class="spacer"></div>
</div>
</br>
<div id="stylized" class="myform">
<p>Permission Setting ...</p>
<label>Open to other users:</label> <input type="checkbox" class="checkbox" name="public" value="1">
Or
<div class="spacer"></div>
Select the permission for individual user:
<?
$sql =
"SELECT UserID,Name,Rights,Position
FROM user
WHERE UserID != ?
AND Rights != 'Admin'
";
$stmt = $conn->prepare($sql);
$stmt->execute(array($_SESSION['username']));
$num_rows= $stmt->rowCount();
if ($num_rows != 0){
$result = $stmt->fetchAll();
?>
<table width="100%" class="display" id="viewSub">
<thead>
<tr>
<th field="col1" width="40%">Name:</th>
<th field="col2" width="40%">Position:</th>
<th field="col2" width="20%">Permission:</th>
</tr>
</thead>
<tbody>
<?
foreach ($result as $set)
{
echo "<tr><td>".$set['Name']."</td><td>".$set['Position']."</td><td><select name=".$set['UserID']."><option value='default'>Not Share</option><option value='read'>Read Only</option><option value='edit'>Editable</option></select></td></tr>";
}
?>
</tbody>
</table>
<?
}
else
echo "There is no another user in this system";
?>
<input class="submit" type="submit" name="submit" value="Submit"/>
<div class="spacer"></div>
</form>
add.php which is the form and the result process
<?
include("../connection/conn.php");
session_start();
if($_SERVER['REQUEST_METHOD'] == "POST"){
print_r($_POST);
exit();
if (!isset($_POST['subscribe']))
$_POST['subscribe']=0;
if (!isset($_POST['unsubscribe']))
$_POST['unsubscribe']=0;
if (!isset($_POST['public']))
$_POST['public']=0;
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
try {
$listName = $_POST['lname'];
$listRemindSub = $_POST['subscribe'];
$creator = $_SESSION['username'];
$listRemindUnSub = $_POST['unsubscribe'];
$isPublic = $_POST['public'];
$listReminder = $_POST['creminder'];
$query="INSERT INTO list (ListID,ListName,Creator,IsRemindSub,IsRemindUnSub,IsPublic,CreateDate,Reminder) VALUES ('',?,?,?,?,?,CURDATE(),?)";
$stmt = $conn->prepare($query);
$stmt->bindParam(1, $listName , PDO::PARAM_STR);
$stmt->bindParam(2, $creator, PDO::PARAM_STR);
$stmt->bindParam(3, $listRemindSub, PDO::PARAM_INT);
$stmt->bindParam(4, $listRemindUnSub, PDO::PARAM_INT);
$stmt->bindParam(5, $isPublic, PDO::PARAM_INT);
$stmt->bindParam(6, $listReminder, PDO::PARAM_STR);
$stmt->execute();
}
catch(PDOException $e)
{
die ($e->getMessage().' Back');
$conn->rollBack();
}
try {
$lastID=$conn->lastInsertId();
$query="INSERT INTO require_attributes (ReqID,ListID,Attribute,Tag) VALUES ('',$lastID,'Email','{email}')";
$stmt = $conn->prepare($query);
$stmt->execute();
$query="INSERT INTO require_attributes (ReqID,ListID,Attribute,Tag) VALUES ('',$lastID,'FirstName','{fname}')";
$stmt = $conn->prepare($query);
$stmt->execute();
$query="INSERT INTO require_attributes (ReqID,ListID,Attribute,Tag) VALUES ('',$lastID,'LastName','{lname}')";
$stmt = $conn->prepare($query);
$stmt->execute();
}
catch(PDOException $e)
{
die ($e->getMessage().' Back');
$conn->rollBack();
}
try{
$sql = '
SELECT UserID
FROM user
WHERE Rights != ?';
$stmt = $conn->prepare($sql);
$stmt->execute(array('admin'));
$result= $stmt->fetchAll();
}
catch(PDOException $e)
{
die ($e->getMessage().' Back');
}
foreach ($result as $set)
{
if ($set['UserID']==$_SESSION['username'])
$rights='edit';
else
{$rights=$_POST[$set["UserID"]];
$rights=$_POST['123023d'];}
if ($rights != 'default' || $set['UserID']==$_SESSION['username'] || $_POST['public']==0)
{
$user=$set['UserID'];
try {
$query="INSERT INTO user_list(UserID,ListID,UserRights) VALUES ('$user',$lastID,'$rights')";
$stmt = $conn->prepare($query);
$stmt->execute();
}
catch(PDOException $e)
{
die ($e->getMessage().' Back');
$conn->rollBack();
}
}
}
$conn = null;
?>
<div id="stylized" class="myform">
<div style="text-align:center;font-weight:bold;">You have created a list. By default Mail Address, First Name , Last Name is in your list. Add more field if you want. <a href='add.php'>Back</a></div>
<div class="spacer"></div>
</div>
<?
}else{?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style type="text/css">
#import "../plugin/easyui/themes/default/easyui.css";
#import "../plugin/easyui/themes/icon.css";
#import "../style/form.css";
#import "../plugin/datatable/media/css/demo_page.css";
#import "../plugin/datatable/media/css/demo_table.css";
</style>
<script src="../plugin/jquery-1.6.1.min.js"></script>
<script type="text/javascript" src="../plugin/easyui/jquery.easyui.min.js"></script>
<script src="../plugin/jquery.validate.min.js"></script>
<script type="text/javascript" src="../plugin/datatable/media/js/jquery.dataTables.js"></script>
<script src="../plugin/jquery.form.js"></script>
<script>
$(document).ready(function(){
$("#addlist").validate();
});
$(document).ready(function() {
$('#viewSub').dataTable();
} );
</script>
</head>
<body>
<div id="stylized" class="myform">
<form id="addlist" method="post" action="add.php" >
<h1>Create your new subscriber list</h1>
<p>Create a new list before adding subscriber <label class="right"><em class="dot">*</em> indicates required</label></p>
<label><em class="dot">*</em> List name:
<span class="small">Add your list name</span>
</label>
<input id="lname" name="lname" class="required" />
<div class="spacer"></div>
<label>Reminder:
<span class="small">Remind the details of your list</span>
</label>
<textarea id="creminder" name="creminder" cols="52" ></textarea>
<div class="spacer"></div>
<div class="spacer"></div>
<p>Email me when ...</p>
<label>People subscribe:</label> <input type="checkbox" class="checkbox" name="subscribe" value="1">
<label>People unsubscribe:</label> <input type="checkbox" class="checkbox" name="unsubscribe" value="1">
<div class="spacer"></div>
</div>
</br>
<div id="stylized" class="myform">
<p>Permission Setting ...</p>
<label>Open to other users:</label> <input type="checkbox" class="checkbox" name="public" value="1">
Or
<div class="spacer"></div>
Select the permission for individual user:
<?
$sql =
"SELECT UserID,Name,Rights,Position
FROM user
WHERE UserID != ?
AND Rights != 'Admin'
";
$stmt = $conn->prepare($sql);
$stmt->execute(array($_SESSION['username']));
$num_rows= $stmt->rowCount();
if ($num_rows != 0){
$result = $stmt->fetchAll();
?>
<table width="100%" class="display" id="viewSub">
<thead>
<tr>
<th field="col1" width="40%">Name:</th>
<th field="col2" width="40%">Position:</th>
<th field="col2" width="20%">Permission:</th>
</tr>
</thead>
<tbody>
<?
foreach ($result as $set)
{
echo "<tr><td>".$set['Name']."</td><td>".$set['Position']."</td><td><select name=".$set['UserID']."><option value='default'>Not Share</option><option value='read'>Read Only</option><option value='edit'>Editable</option></select></td></tr>";
}
?>
</tbody>
</table>
<?
}
else
echo "There is no another user in this system";
?>
<input class="submit" type="submit" name="submit" value="Submit"/>
<div class="spacer"></div>
</form>
<div class="spacer"></div>
</div>
<br><br><br>
<div id="stylized" class="myform">
<?
try{
$sql = '
SELECT *
FROM list,user_list
WHERE user_list.UserID=?
AND list.ListID=user_list.ListID
';
$stmt = $conn->prepare($sql);
$stmt->execute(array($_SESSION['username']));
$result= $stmt->fetchAll();
$num_rows= $stmt->rowCount();
}
catch(PDOException $e)
{
die ($e->getMessage().' Back');
}
$conn = null;
if ($num_rows == 0) {
echo '<div style="text-align:center;font-weight:bold;">You have not created any list yet.</div>';}
else {
echo '<h1>Your Subscriber List</h1> <p>You have created '.$num_rows.' list(s).</p>';
foreach ($result as $set)
{
echo '<div style="font-weight:bold;">List Name : '.$set['FromName'].'</div><br>';
echo '<div style="font-weight:bold;">Subscriber : </div><br>';
echo '<div style="font-weight:bold;">Create Date : '.$set['CreateDate'].'</div><br>';
echo '<hr>';
}}
?>
<div class="spacer"></div>
</div>
</div>
</body>
</html>
<?
}
?>
Note the method you are using to submit the form. There are two general ways
GET Method <form method="GET" ... >
This is generally retrieved by using
echo $_GET['123023d'];
POST Method <form method="POST" ... >
This is generally retrieved by using
echo $_POST['123023d'];
If no method is defined, by default, it will be submitted using GET method so, use
$rights=$_GET['123023d'];
Update
I found your problem, there is no quotes in the title of select box
<select name=".$set['UserID'].">
Change it to this. You have to provide the quotes and escape them as well.
<select name=\"".$set['UserID']."\">
Update 2
Credit to #zerkms
The another problem was starting the name with a numeric value instead of a alphabetically character.
<select name="123023d">
Make sure you dont start with numbers like
<select name="a123023d">
How to retrieve value from a select box?
it is stored in the $_POST['123023d'] or $_GET['123023d'] variable depends on the method used.
If it is a 'post' request , use :
$rights=$_POST['123023d'];
For 'get' requests :
$rights=$_GET['123023d'];