I am trying to build a dynamic set of comboboxes/listMenus getting data from a MySQL DB. My database has 5 fields, 1st being id and
topic, sub_topic, info and url
I want to make it so that until user selects a valid choice from box1 that the others are disabled. Once user selects from box 1 box 2 will be activated. Once you make a selection from box 2 then the info and url will be shown.
I have followed a tutorial http://www.ssdtutorials.com/tutorials/series/dependable-dropdown.html and so most of this code is not mine apart from the SELECT statements
I am having problems writing the MySQL for update.php as this populates the other boxes (currently I am sticking with the comboboxes until I have it working.)
I would be grateful for some help, due to the amount of code it can be seen here http://pastebin.com/QNbHR9JK
Thanks in advance.
The first thing I see is that in update.php query, you aren't actually using a where clause. When you execute the prepared query, you pass in a value array, but there aren't any placeholders in the prepared query.
I would expect something like:
$sql = "SELECT `topic`,`sub_topic`,`info`,`url`
FROM `links` WHERE sub_topic=?";
$statement = $objDb->prepare($sql);
$statement->execute(array($value));
One other thing I notice is that in your foreach in update.php, you are using $row['id'] but you aren't selecting that column in your query.
EDIT
I updated the query to use the proper column in where clause, and removed to group by clause based on discussion.
Related
I'm trying to execute 2 queries, but whenever I follow the guides online about multi queries, its not doing either of the queries.
What I'm trying to do on the first query is to INSERT or ADD whatever the user inputs on $HISTORY on the record that's currently on colHistory; I.E.:
Current data on colHistory:
A
User inputs 'B' on $HISTORY, the syntax should add 'B' on the 'A' that's currently on record, or 'AB'. Then use the second query to UPDATE all the other records or columns on this particular row.
Here's the code (Please note that the '...' means more code that's unnecessary):
$query = INSERT INTO tbInventory SET colHistory='$HISTORY' WHERE colSerno='$SERIALNUM';";
$query .= "UPDATE tbInventory SET
colImage='$IMAGE',
colSerno='$SERIALNUM',
...
...
colHistory=''
WHERE colSerno='$SERIALNUM'";
mysqli_multi_query($con,$query);
Please note where I declared colHistory as '' before I insert the data from the form. I'm not sure if I'm doing it right on this part. Is there anything that I'm missing?
*Edit:
I have already tried executing the queries one by one as:
mysqli_query($con,"INSERT INTO tbInventory SET colHistory='$HISTORY' ");
mysqli_query($con,"UPDATE tbInventory SET
...
...
colHistory=''
WHERE colSerno='$SERIALNUM'";
Yet it doesn't seem to work either, the whole thing gets ignored.
(** I have a script below the code block above where I could print the results already, and it does run)
Well I can tell you why your first query is broken.
INSERT INTO tbInventory SET colHistory='$HISTORY'
This query is using UPDATE syntax but you are telling the query processor to expect INSERT INTO syntax. So the query is unable to execute.
Decide whether you are needing to UPDATE an existing record or INSERT a new one and alter your query to reflect that. (Change INSERT INTO to UPDATE or change "Set colHistory = '$ History'" to "Values ('$ History', 'col2Val', and so on..")
As for your second query, the syntax looks alright from what you have shown but since you didn't post the entire query its hard to say what is happening there. If you can show more of that query I can update this response.
Here's a good SO question on inserts vs updates.
What are differences between INSERT and UPDATE in MySQL?
I ended up dropping the multi-query method and I did got my intended results by somehow cheating:
I assigned the old data or the data that's currently on the colHistory cell, displayed it, but I disabled the textarea. I then created one more hidden textbox in the script with the old data in it and then hid it to the users view.
I then concatenated both textareas with the new one that I've created that the user could modify, emulating the results wanted.
I have two tables, named shows and show_connections. I also ask the user to put in TV show names via POST and those values are show1connection and show2connection. query is a separately defined function that essentially takes your input and puts it in SQL.
I have the following code:
$show1_name = $_POST["show1connection"];
$show2_name = $_POST["show2connection"];
$fail = query ("INSERT INTO show_connections (show1_id) SELECT id FROM shows
WHERE name = '$show1name'");
$fail2 = query ("INSERT INTO show_connections (show2_id) SELECT id FROM shows
WHERE name = '$show2name'");
My main problem is that I want to set show1_id and show2_id as the proper ids in one row. Right now, this syntax (which is the closest I've come to solving this problem) does set show1_id as id of show 1 and show2_id as id of show 2, but they end up on two separate rows. How do I make sure they appear in the same row?
try -
INSERT INTO show_connections (show1_id, show2_id)
SELECT s1.id, s2.id
FROM shows s1, shows s2
WHERE s1.name = '$show1name'
AND s2.name = '$show2name'"
side note - make sure to properly sanitize your user data - $show1name/$show2name. Even better would be to update your code to mysqli_ or PDO and use prepared statements.
I found this piece of code from an answer on Several drop down list input to one field table. It really seems like something I can use in my current project. The current project is about populating a table with two dropdown boxes (which are populated themselves with tables). However, I don't understand what personal changes I need to do in order to make it work. attributes? :attributes? Can someone make sense of it?
$levels = $_POST['level1'][0].",".$_POST['level1'][1];
//Now you have a string called $levels
// Which contains a comma seperated list, to insert into db / one field
//Insert into your table...change your table and field names to real values...
$sql = "INSERT INTO yourTable (attributes) VALUES (:attributes)";
$q = $db->prepare($sql);
$q->execute(array(':attributes'=>$levels));
?>
:attributes is a bound parameter in a PHP prepared statement which inserts a row into a table with an attributes field, setting just that field.
I have a jQuery/PHP tutorial i followed in a book that created pagination that uses Ajax to retrieve the records from a MySQL table each time the page is changed using the limit clause in the SQL statement. I'd like to add the ability to have the user click the column headings to sort them but i tried tablesorter but that just sorts the visible records. Is there a way to sort in the SQL statement and have it remember the sorting if the user clicks the next or previous buttons?
I would suggest having a URL parameter for the page which holds the current column you would like to order by. You can then append something similar to "ORDER BY ".$_GET["order"] to the end of your SQL query. Then simply make each column heading a link to the page with ?order=column added to the end, replacing "column" with whatever column in the table you want it to be ordered by.
Of course, you should use something like mysql_real_escape_string to make sure that the URL parameter is safe to use in the query.
I've got this HTML form where I have multiple input elements: text, radio, and so on. These are intended to be options, conditional items to apply in an SQL query in order to pull more specific data from a database.
For example, the first input field is a textbox, the second a radio button, and the third a SELECT with two options. With the first, I would add a LIKE %name% sentence in the SQL query. The second is a radio button group with, let's say, a color, so I would add a WHERE color = $item comparing the one chosen with the database column. The third would pretty much be just like the second.
Now, I guess I could just use if sentences comparing the three items, in order to know which one to add to the SQL query, but my question is: is there a smarter way to do it? Like an array checking if those variables are set (I'm still using an if here, so nevermind).
I program simple things from time to time, since I've never done anything significantly complex, but sometimes, even for simple things, no matter how hard I strive to design something, I just can't.
In this case, I really can't figure (imagine, visualize) how would I structure the PHP code along with the SQL query, in order to add the these three conditions to the WHERE clause.
I'd greatly appreciate if you can help me out here. If you need more details, just let me know.
You can just build your sql statement as you go.
A simple example:
$sql = "SELECT ... WHERE 1=1"; // 1=1 is just an example to get the WHERE out of the way
if (first condition / certain $_POST variable is set)
{
$sql .= " AND LIKE %...%";
}
if (second condition)
{
$sql .= " AND something=...";
}
// etc.
// run query
Just for adding another solution, I can suggest you using stored procedure.
http://www.mysqltutorial.org/mysql-stored-procedure-tutorial.aspx
http://www.brainbell.com/tutorials/MySQL/Using_Stored_Procedures.htm
You'll just need to pass values to a sp and generate where condition inside it.
There's another option to generate parameterized query in PHP to prevent SQL Injections.
Here are some links on this topic.
http://us2.php.net/manual/en/security.database.php
http://www.roscripts.com/PHP_MySQL_by_examples-193.html
http://www.webmasterworld.com/php/3110596.htm
http://am.php.net/mysql_real_escape_string