I've got a dropdown menu that is supposed to update my SQL query. If I create the dropdown from the select HTML, it works fine, but when I run it from a PHP array it doesn't select the other options when posted (though it does select them if I manually select the array element from in the program.
Moreover, I've put several echo statements throughout the program to trouble shoot, and I can clearly see that the correct item is being selected, AND that it's posting to the SQL code, but it's just not working right.
For example, my echo statements print out the SQL query
sql = SELECT * from finished_goods WHERE BrandDesc LIKE '%Alma Rosa%'
which works fine. but if I use the drop down to select "alere" it doesn't work.
sql = SELECT * from finished_goods WHERE BrandDesc LIKE '%Alere%'
<table>
<form id = "myform" method="post" action="">
<th>FG id : <input type = "text" name = "finished_goods_id2"/></th>
<th>Product No : <input type = "text" name = "ProdNo"/></th>
<th>Product Name : <input type = "text" name = "ProductName"/></th>
<th>Product Group : <input type = "text" name = "ProductGroup"/></th>
<!-- this code puts a drop down in, but it doesnt update the form -->
<th>Brand : <!-- this select statement works fine
<select name = "BrandDesc">
<option value = "Alma Rosa">Alma Rosa text</option>
<option value = "Alere">Alere</option>
<option value = "Hitching Post">Hitching Post text</option>
</select>
-->
<?php // this array replaces the select dropdown, but doesn't update
$name = 'BrandDesc';
$selected = 0;
$options = array( 'Alma Rosa', 'Alere', 'Hitching Post' );
echo dropdown( $name, $options, $selected );
?>
<th>Varietal : <input type = "text" name = "Varietal"/></th>
<th>Vintage : <input type = "text" name = "VintYear"/></th>
<th>Quantity :</th>
<th><input type = "submit" name = "send" value = "Submit"/></th>
<tr></tr>
<?php
// new connection
$conn = dbConnect('read', 'thereal8_work', 'PDO'); // database for online
$brandNo = 0; // sets the brand so that it displays the first select statement
$brandAccess = $options[$brandNo];
echo " first Brand Access = ".$brandAccess. " <br>";
if ($_POST['BrandDesc']) {
echo " base brandNo = ".$brandNo. "<br>";
$brandNo = $_POST['BrandDesc'];
echo " posted brandNo = ".$brandNo. " <br> ";
echo "options in the function = ".$options[$brandNo]. "<br>";
//$brandAccess = $_POST['BrandDesc'];
$brandAccess = $options[$brandNo];
echo "submitted brand = ".$brandAccess. " <br> ";
}
$sql = "SELECT * from finished_goods WHERE BrandDesc LIKE '%$brandAccess%' ";
echo "sql = ".$sql." <br>";
// get the result
Thanks,
Related
in my html i have:
<form method = "post" action = "creablog.php">
<p id = "titolosfondo"> Sfondo </p>
<select id = "sfondo" name = "sfondo" >
<option hidden></option>
<option value = "green"> Verde </option>
<option value = "blue"> Blu </option>
<option value = "red"> Rosso </option>
</select></br>
<input type = "submit" id = "crea" name = "crea" value = "Crea Blog" />
</form>
I have a form, where inside there is a SELECT OPTION, where I can select a color. When I click the button I would like the background color to be saved on another page.
i made this function in jquery:
$(document).ready(function(){
function cambiosfondo()
{
var x = document.getElementById("sfondo");
var bgcolor = x.options[x.selectedIndex].value;
document.body.style.backgroundColor = bgcolor;
}
});
in the database I have a table called BLOG where I have the SFONDO attribute.
this is the query I use in the CREA BLOG page to insert the data.
$query2 = "INSERT INTO blog (titoloBlog,nomeSottotema,nomeUtente,sfondo, font, colorefont) VALUES ('$titoloblog','$sottotema',(SELECT nomeUtente FROM utentiregistrati WHERE nomeUtente = '$nomeutente'),'$sfondo','$font','$colore');";
$result2 = mysqli_query($mysqli, $query2);
if(!$result2){
echo 'errore 2';
} else {
header("Location: blog.php?blog=$titoloblog");
}
this is the query I use on the BLOG page to get the data. The BLOG page is the page where I want the background to change color.
$blog = $_GET['blog'];
$query = "SELECT * FROM `blog` WHERE titoloBlog = '$blog'";
$result = mysqli_query($mysqli, $query);
if(!$result){
echo 'errore';
}
no error appears. the INSERT query executes successfully. But there is no background change on the BLOG page.
please help me!
I am having a form, which contains select option for data entry, (the options are fetching from MySQL database) if I want to update the form at later stage, is it possible to get the form select option as pre-selected?
Here I am showing the code for form having select options
<?php
$queryjob = "SELECT * FROM `job`";
$result2 = mysqli_query($con, $queryjob);
$options = "";
while($row2 = mysqli_fetch_array($result2))
{
$options = $options."<option>$row2[1]</option>";
}
?>
<tr>
<td ><div class='tabdata' align="right"> Name of Job/Survey: </div></td>
<td > <div class='tfieldz' align="right">
<select class='tfieldz' id="job_name" name="job_name" required='required'>
<?php echo $options;?>
</select></div>
</td>
</tr>
You can add a selected="" attribute to the option to have the option pre-selected.
Example would look like:
//You could use this in your loop
if($saved_value == $row[1]){
echo "<option selected>$row[1]</option>";
}else{
echo "<option>$row[1]</option>";
}
As I understand you are trying to set the default selected value of the selectbox. To set this value you can use following code:
/** The selectbox default value. This can come from database */
$selectbox_value = "selectbox default value";
while($row2 = mysqli_fetch_array($result2))
{
if ($selectbox_value == $row2[1]) $options = $options."<option SELECTED value='".$row2[1]."'>$row2[1]</option>";
else $options = $options."<option value='".$row2[1]."'>$row2[1]</option>";
}
In the above code the value attribute is added to the option tag. When the form is submitted, the value of the value attribute is sent to the server and stored in database. This stored value should be read from database and saved to $selectbox_value
I'm currently doing a project for my class project. I'm currently trying to update into the database but I get some errors along the way basically it's a radio button to setup to link to a update page. Any help and insights would be appreciated!
<html>
<head>
<title>asdf</title>
<link rel="stylesheet" type="text/css" href="Background.css">
</head>
<?php
session_start();
if(!isset($_SESSION["login"]))
header("location:admin.php");
?>
<body>
<h1 style="color:white"><u><center></center></u></h1>
<div id="BG"></div>
<form action = "update1.php" method = "GET">
<table border = 0>
<tr>
<td>Image: <input type = "text" name = "image" id = "image"></td>
<br/>
<td>Hero Name: <input type = "text" name = "heroes" id = "heroes"></td>
<br/>
<td>Role: <input type = "text" name = "roles" id = "roles"></td>
<br/>
<td>Attribute: <input type = "text" name = "attribute" id = "attribute"></td>
<br/>
<td>Description: <input type = "text" name = "description" id = "description"></td>
<br/>
<td>General: <input type = "text" name = "general" id = "general"></td>
<br/>
</tr>
</table>
</br>
<input type = "submit" name="update" value = "Update">
</form>
</center>
</html>
<?php
ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL);
define("DB_USER","*****");
define("DB_PASSWORD","****");
define("DB_HOST","*****");
define("DB_NAME","*****");
$dbc=mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
if(isset($_GET['update']))
{
$image = $_GET['image'];
$heroes = $_GET['heroes'];
$roles = $_GET['roles'];
$attribute = $_GET['attribute'];
$description = $_GET['description'];
$general = $_GET['general'];
$sql = "update `Dota 2 select` set (`image` = '$image',`heroes` = '$heroes') WHERE (heroes= '$heroes', image = '$image')";
// $sql = "Update `Dota 2 select` SET (`image`= [$image]) = WHERE `image`)";
// $sql = "Update `Dota 2 select` SET (`image`= [$image],`heroes` =[$heroes],`roles` =[$roles],`attribute`=[$attribute],`description`=[$description],`general`=[$general]) = WHERE `heroes`='$heroes')";
// $sql = "Update `Dota 2 select` SET (`image`= [$image],`heroes`,`roles`,`attribute`,`description`,`general`) = WHERE (`image`,`heroes`,`roles`,`attribute`,`description`,`general`) = ('$image','$heroes','$roles','$attribute','$description','$general')";
if(!mysqli_query($dbc, $sql))
{
echo(mysqli_error($dbc));
}
else
{
echo 'Data successfully updated!';
}
mysqli_close($dbc);
}
?>
This is the error for this page
"
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(image = 'a',heroes = 'a') WHERE (heroes= 'a', image = 'a')' at line 1
"
Seems you are getting MySQL insert and update syntax mixed..
UPDATE `table` set `col1`='val1', `col2`='val2',....
which when set as a PHP var might look like
$sql = 'UPDATE `table` set `col1`=\''. $val1.'\', `col2`=\''.$val2.'\',....
More than one way to do that, but this is my preferred way. backticks around column names, and escaped apostrophes around values, since I use single quote strings here
The table name has invalid space !
You can set your instruction as :
"update Dota_2_select set image = $image , heroes = $heroes where heroes= $heroes, image = $image";
Removing the spaces between table name and using " instead of ' because you can call de php variables $ directly .
Your first where is wrong:
WHERE (heroes= '$heroes', image = '$image')";
It should be
WHERE (heroes= '$heroes' AND image = '$image')";
^^^^
You are also vulnerable to sql injection attacks
Your second one fails because you test for the existence of your $_GET value AFTER you already tried using it:
if (isset($_GET['Heroes'])) {
$Heroes = $_GET['heroes'];
...
}
I tried to build an admin page. The admin will fill a form to add new product in the database and display it in the shop website. The problem is when I tried to select a gender from the dropbox, the new product doesn't add in the product table in the database as you can see below: (I want to select gender such as Boys)
The Admin Page and database result:
The code I used:
$host = "";
$userMS = "";
$passwordMS = "";
$connection = mysql_connect($host,$userMS,$passwordMS) or die("Couldn't connect:".mysql_error());
$database = "projectDataBase";
$db = mysql_select_db($database,$connection) or die("Couldn't select database");
if (isset($_POST['sAddProduct']))
{
addNewProduct();
}else if(isset($_POST['delete']))
{
$Product_ID=$_POST['Product_ID'];
$mysqlquery="delete from Product where Product_ID= ".$Product_ID."";
mysql_query($mysqlquery);
echo "Deleted successfully";
echo("<FORM><INPUT Type='button' VALUE='Back' onClick='history.go(-1);return true;'></FORM>");
}else{
showForm();
}
// add new product
function addNewProduct()
{
$ProductName = $_POST['Product_Name'];
$ProductPrice = $_POST['Price'];
$Gender = $_POST['Gender_ID'];
//database query to add product
$insertStringProduct = "INSERT into Product(Product_Name, Price,Gender_ID)
VALUE('$ProductName', '$ProductPrice', '$Gender')";
$result = mysql_query($insertStringProduct);
echo ("<p1>Product added Successfully</p1>");
echo("<FORM><INPUT Type='button' VALUE='Back' onClick='history.go(-1);return true;'></FORM>");
}
//function for the form page
function showForm()
{
//First form for adding new product
$self = htmlentities($_SERVER['PHP_SELF']);
echo("<form action = '$self' method='POST'>
<fieldset>
<legend>Adding New Product</legend>
Product Name: <input name='Product_Name' type='text' size = '40'>
<br /><br />
Price: <input name='Price' type='text' size = '20'><br><br />
Gender:
<select name='Gender_Description'>
<option value = '%'> <-- select--></option>");
$dbQuary = " SELECT DISTINCT Gender_Description from Gender";
$result = mysql_query($dbQuary);
while($row = mysql_fetch_row($result)){
echo("<option value ='$row[0]'> $row[0]</option>");
}
echo("
</select>
<br/><br/>
<input type='submit' name='sAddProduct' value = 'Add'/>
<input type='reset' value='Clear' />
</fieldset>
</form>");
}
The result ( nothing added)
However, when I change the code to
Gender:
<select name='Gender_ID'>
<option value = '%'> <-- select--></option>");
$dbQuary = " SELECT DISTINCT Gender_ID from Gender";
$result = mysql_query($dbQuary);
It's working
Can anyone help me with this?
In addNewProduct you are expecting $_POST['Gender_ID'] to be set. So of course, <select name='Gender_Description'> would not work, because Gender_Description != Gender_ID. That's also why it does work when you change it.
I'm assuming what you want to achive is to display the gender description, and it still to work. For that, you need both the id and the description:
$dbQuary = " SELECT DISTINCT Gender_ID, Gender_Description from Gender";
$result = mysql_query($dbQuary);
while($row = mysql_fetch_row($result)){
echo("<option value ='$row[0]'> $row[1]</option>");
}
Security
Your code is extremely unsafe. You are using mysql_* which is deprecated since 2013, and you are not sanitizing the input in any way, so your code is open to SQL injection (which is possibly in all kinds of queries; insert, update, delete, etc, and allows for data leaks, DOS, and possibly code execution and deletion/changing of data). The preferred way to prevent this are prepared statements (either using mysqli_* or PDO). They are not difficult to use, and the resulting code is also nicer.
You are not concatenating values as it should
Change
echo("<option value ='$row[0]'> $row[0]</option>");
to
echo("<option value =". '$row[0]' . "> ". $row[0]. "</option>");
OR
echo("<option value ='{$row[0]}'> {$row[0]}</option>");
EDIT:
Change your While-loop
while($row = mysql_fetch_array($result,MYSQL_BOTH)) {
echo("<option value ='{$row['gender_id']}'> {$row['gender_description']}</option>");
}
This will generate a Select list showing the Gender Description and and values will be numeric(of database)
I'm trying to insert multiple rows in a while loop with a form using implode but cannot seem to make it work. I want to insert multiple values named "weight". Like values 30,20,15,10,5 and the remaining emp_id and task_id.
page1.php
$sql = mysql_query("SELECT
task_tbl.task_id,
task_tbl.task_name,
task_tbl.task_sem,
task_tbl.task_yr,
task_tbl.post_id,
post_tbl.post_id,
post_tbl.post_name AS ppost_name
FROM
task_tbl
LEFT JOIN
post_tbl
ON
task_tbl.post_id = post_tbl.post_id
WHERE
task_sem = '$sem'
AND
task_yr = '$yr'
ORDER BY
task_id ASC");
echo '<form action = "upds_peval.php" name = "add" method = "post">';
while($row = mysql_fetch_assoc($sql)){
echo "<br/>";
echo "<b>Employee ID No.:</b>";
echo '<input size = "2" type = "text" name = "emp_id'.$id.'" value = "';
echo $_POST['emp_id'];
echo '"/>';
echo "<br/>";
echo "<b>Work/Activity ID No.:</b> ";
echo '<input size = "2" type = "text" name = "task_id'.$row['task_id'].'" value = "';
echo $row['task_id'];
echo '"/>';
echo "<br/>";
echo "<b>Work/Activity:</b> ";
echo $row['task_name'];
echo "<br/>";
echo "<b>Weight:</b> ";
echo '<input size = "1" type="text" name="weight" value = ""/>';
echo "%";
echo "<br/>";
}
echo '<input type="submit" name="submit" value="ADD"/>';
echo "</form>";
the output would be like:
Employee ID No.: 1001
Work/Activity ID No.: 2002
Work/Activity: Supervises Maintenance and Troubleshooting of Computers
Weight: [__]%
Employee ID No.: 1001
Work/Activity ID No.: 2003
Work/Activity: Supervises Software Installation and Maintenance
Weight: [__]%
Employee ID No.: 1001
Work/Activity ID No.: 2004
Work/Activity: Maintains, Monitors, and Troubleshoots Virtual Terminals
Weight: [__]%
|SUBMIT|
page2.php
mysql_connect ("localhost", "root","") or die (mysql_error());
mysql_select_db ("emp_db0");
if(isset($_POST['submit'])){
$_POST['weight'];
$vals=implode(",",$_POST);
error_reporting(E_ALL ^ E_NOTICE);
mysql_query("INSERT INTO peval_tbl(weight,task_id,emp_id) VALUES('$vals')");
echo "<br/>";
echo "You have successfully added work/activities!";
echo "<br/>";
}
okay based on my impression of your question, you want a form that is extensible right, where you can access all of its instance in one name?
1st Instance of form sample:
<input size = "2" type = "text" name = "emp_id[]" value = "1">
<input size = "2" type = "text" name = "task_id[]" value = "5001">
<input size = "2" type = "text" name = "weight[]" value = "50">
2nd Instance sample:
<input size = "2" type = "text" name = "emp_id[]" value = "2">
<input size = "2" type = "text" name = "task_id[]" value = "5003">
<input size = "2" type = "text" name = "weight[]" value = "30">
this will convert your posts into arrays
to access:
$var_emp_id = $_POST["emp_id"];
$var_task_id = $_POST["task_id"];
$var_weight_id = $_POST["weight"];
use a loop to access those variables.
to access the first instance of emp_id u use:
$var_emp_id[0]; //will output 1
$var_emp_id[1]; //will output 2
$var_task_id[0]; //will output 5001
$var_task_id[1]; //will output 5003
to insert it on your database:
for ($i = 0; $i <= count($var_emp_id); $i++){
mysql_query("INSERT INTO peval_tbl(weight,task_id,emp_id) VALUES('$weight[$i]','$var_task_id[$i]','$var_emp_id[$i]')");
}
You are addressing the $_POST array incorrectly, so rather than recode your script try this.
Add this line to your code in page2.php before the mysql_connect
echo '<pre>' . print_r($_POST,true) . '</pre>';
This will dump a nice print of the post array so you can see how data arrives in $_POST.
$sql = "select * from login where nombre !='carlos'";
$result = $conn->query($sql);
$index = 1;
while($row = mysqli_fetch_array($result)){
$valor = $row["nombre"];
$valor2 = $row["apellido"];
$insertsql= "insert into lista (`dato1`,`dato2`)values ('$valor', now())";
// mysql_query($insertsql);
$conn->query($insertsql);
$index++;
}
http://www.baulphp.com/insertar-multiples-registros-ciclo-while-php/