I have the following code that doesn't work. It doesn't work because it will do a query
WHERE column = ' * ', instead of WHERE column = *
I tried to think of a way to get it so it will do WHERE variable = 'var' if a variable is posted in the form and WHERE column = * if not posted, but I can't think of a way, and everything I tried is hacky or not working.
if(isset($_POST['variable'])){
$variable=$_POST['variable'];
}
else{$variable='*';}
$sql="SELECT * FROM table WHERE column = '$variable'";
EDIT, Here is the actual code:
<form method='post' action='policy.php?go'>
<input type='radio' name='gen' value='M'>Male
<input type='radio' name='gen' value='F'>Female
<select name='state'>
<option value='AK'>AK</option>
<option value='WY'>WY</option>
</select>
<input type='radio' name='logic' value='>'>Older Than
<input type='radio' name='logic' value='<'>Younger Than
<select name='age'>
<option value='5'>5</option>
<option value='11'>11</option>
<option value='17'>17</option>
<option value='65'>65</option>
</select>
<input type='submit' name='submit' value='Search'>
</form>
<?php
if(isset($_GET['go']) && isset($_POST['submit'])){
if(isset($_POST['state'])){
$state="'".mysql_real_escape_string( $_POST['state'] )."'";
}
else{ $state='*';}
if(isset($_POST['age'])){
$age=$_POST['age'];
//append to query string
}
if(isset($_POST['logic'])){
$log=$_POST['logic'];
//append to query string
}
else{$log='';}
if(isset($_POST['gen'])){
$gen="'".mysql_real_escape_string( $_POST['gen'] )."'";
}
else {$gen='*';}
echo "<table id='hor-minimalist-b' summary='Employee Pay Sheet' class='tablesorter'>
<caption>Age: ".$log." ".$age." Gender: ".$gen." </caption>
<thead>
<tr>
<th scope='col'>State</th>
<th scope='col'>Number</th>
</tr>
</thead>
<tbody>";
// (WHY IS THIS NOT WORKING?)
$sql = "SELECT SUM(num) AS sum, state,gen,age FROM `policy-ssi`
WHERE age $log $age AND gen = $gen
GROUP BY state
ORDER BY sum DESC";
$result = mysql_query($sql);
while ($row = mysql_fetch_assoc($result)) {
In MySQL, the wildcard character for strings is % rather than *. In order to match the field regardless of what's in it, change else {$gen='*';} to else {$gen='\"%\"';}
Also, in order to use the wildcard, your query should become
$sql = "SELECT SUM(num) AS sum, state,gen,age FROM `policy-ssi`
WHERE age $log $age AND gen LIKE $gen
GROUP BY state
ORDER BY sum DESC";
Related
So i been trying this for a week, which is the value inside the table is missing after i select submit button for the date
So when enter the this page it will display
'SELECT * FROM attendance WHERE lect_id = 'CS0198289' AND dateofupdate LIKE '%0%' AND codeofsubject = 'CSNB214' ORDER BY studname ASC'
which is it will display my lect_id, dateofupdate=0, and the code of subject. When I select the submit(SELECT) button which is to date it will become
'SELECT * FROM attendance WHERE lect_id = 'CS0198289' AND dateofupdate LIKE '%2019-01-23%' AND codeofsubject = '' ORDER BY studname ASC'
so can anyone help me? much appreciate
<?php
$connect = mysqli_connect ("localhost","root","","ubas")
or die("Cannot connect to server".mysqli_error($connect));
if (!isset($_POST['dates'])){
$_POST['dates']=0;
}
$id = #$_POST["lect_id"];
$codeofsubject = #$_POST['code'];
$display = "SELECT * FROM attendance WHERE lect_id = '$_SESSION[id]' AND dateofupdate LIKE '%".$_POST['dates']."%'
AND codeofsubject = '$codeofsubject' ORDER BY studname ASC";
echo $display;
$result = mysqli_query ($connect,$display)
or die ("Cannot view due to".mysqi_error($connect));
echo"<form role='form' method='post'>
<div class='form-group'>
<label>Date</label>
<input style='width:180px; display:inline' class='form-control' type='date' name='dates' id='dates'>
<button type='submit' style='display:inline' name='select'>Select</button>
</div>
</form>";
echo"
<form method = post action = updateattend.php>
<table width='100%' class='table table-striped table-bordered table-hover' id='dataTables-example'>
<thead>
<tr>
<th><center>Date</center></th>
<th><center>Student Name</center></th>
<th><center>Student ID</center></th>
<th><center>View</center></th>
<th><center>Attend Status</center></th>
</tr>
</thead>";
while($row = mysqli_fetch_array($result,MYSQLI_NUM))
{
$attendid = $row [0];
$studname = $row [1];
$studid = $row [2];
$lect_id = $row [3];
$codeofsubject = $row [4];
$date = $row [5];
$dateofenroll = $row [6];
$attendstatus = $row [7];
echo"<tbody>
<tr>
<td><center>$date</center></td>
<td><center>$studname</center></td>
<td><center>$studid</center></td>
<td align = center>
<a class ='btn-warning btn' href ='updatestud.php?id=".$row['2']."'>VIEW</a>
</td>";
echo"
<td align = center>
<select class = 'form-control' name = 'attendstatus[]'>
<option value='$attendstatus' selected>$attendstatus</option>";
if($attendstatus =="Attend")
{
echo "<option value='Not Attending'>Not Attending</option>
<option value='Not Attending with Reason'>Not Attending with Reason</option>";
}
elseif ($attendstatus =="Not Attending") {
echo"<option value='Attend'>Attend</option>
<option value='Not Attending with Reason'>Not Attending with Reason</option>";
}
else{
echo"<option value='Attend'>Attend</option>
<option value='Not Attending'>Not Attending</option>";
}
echo"</select>
</td>
</tr>
</tbody>";
}
?>
</table>
There is no limit of AND operator in SQL statement. You can use as many ANDs as you need but your logic should be correct in the sense of SQL statement.
For Example
SELECT something FROM something WHERE something=something AND something=something AND something=something AND something=something;
So, the part something=something becomes a separate logical statement that is separately evaluated from other something=something statements based on the AND operator. But keep in mind that the whole statement above is a single statement.
into schooling entry form, I am not able to get value of employee_id from post.
I did Print_r for $employee_id, blank output is rendered.
Also if allocated static value to $employee_id, $sum contains only value posted through the form, instead it should show the value from input form plus value from existing value available in database.
<?php
$get = db_query("SELECT field_employee_id_value FROM field_data_field_employee_id ORDER BY field_employee_id_value ASC");
$getempnames = db_query("SELECT field_employee_id_value FROM field_data_field_employee_id ORDER BY field_employee_id_value ASC");
if(isset($_POST['apply'])){
$sql = db_query("SELECT COUNT(id) as count_id FROM schooling WHERE employee_id = '$_POST[employee_id]' AND claim_year = '$_POST[claim_year]'");
$row = $sql->fetchAssoc();
if('1' == $row['count_id']){
$sqlupdate = db_query("UPDATE schooling SET limit_amount = '".$_POST['limit_amount']."' WHERE employee_id = '$_POST[employee_id]'");
echo "Schooling limit updated to user ";
} elseif ('0' == $row['count_id']){
$sqlinsrt = db_query("INSERT INTO schooling (employee_id, limit_amount, claim_year) VALUES ('".$_POST["employee_id"]."','".$_POST["limit_amount"]."','".$_POST["claim_year"]."')" );
echo "Schooling limit applied to user";
} else{
echo "Already Applied schooling limit";
}
}
if(isset($_POST['save'])){
$employee_id = $_POST['employee_id'];
$claim_amount = $_POST['claim_amount'];
$claim_year = $_POST['claim_year'];
$sqlchkemp = db_query("SELECT COUNT(id) as count_id FROM schooling WHERE employee_id = '$employee_id' AND claim_year = '$claim_year'");
$empavailable = $sqlchkemp->fetchAssoc();
if('1' == $empavailable['count_id']){
$getlimit = db_query("SELECT limit_amount FROM schooling WHERE employee_id = '$employee_id' AND claim_year = '$claim_year'");
$limit = $getlimit->fetchAssoc();
$getemptotalclaim = db_query("SELECT claim_amount FROM schooling
WHERE employee_id = '$employee_id' AND claim_year = '$claim_year'");
$emptotalclaim = $getemptotalclaim->fetchAssoc();
$totalclaimed = array_sum($emptotalclaim);
$availability = $limit['limit_amount'] - $_POST['claim_amount'];
$sum = $totalclaimed['claim_amount'] + $claim_amount;
if ($sum <= $limit['limit_amount']){
$sqlinsert = db_query("UPDATE schooling SET claim_amount = '$sum' WHERE employee_id = '$employee_id'");
echo "values updated successfuly";
}
else{
echo "limit is over, you can avail total amount ".$availability." as per ".$limit['limit_amount']." alloted";
}
}
else{
echo "employee schoolig limit is not set";
}
}
?>
<html>
<body>
<form id='applylimit' action='' method='post' accept-charset='UTF-8'>
<fieldset>
<label>Apply Schooling Limit amount to Employee</label>
<label for='employee_id'>Employee Id</label>
<select name='employee_id'>
<option value="0">Please Select</option>
<?php
while($row = $getempnames->fetchAssoc())
{
?>
<option value = "<?php echo($row['field_employee_id_value'])?>">
<?php echo($row['field_employee_id_value']) ?>
</option>
<?php
}
?>
</select>
<label for='limit_amount'>Limit Amount</label>
<input type='number' name='limit_amount' id='limit_amount' maxlength="50" />
<label for='claim_year'>Claim Year</label>
<select type='number' name='claim_year' id='claim_year' maxlength="50">
<option value="2018-19">2018-19</option>
<option value="2019-20">2019-20</option>
</select>
<button type="submit" name="apply">Apply</button>
</fieldset>
</form>
<form id='schoolingentry' action='' method='post' accept-charset='UTF-8'>
<fieldset>
<label for='employee_id'>Employee Id </label>
<select name='employee_id'>
<option value="0">Please Select</option>
<?php
while($rowemp = $get->fetchAssoc())
{
?>
<option value = "<?php echo($row['field_employee_id_value'])?>" >
<?php echo($rowemp['field_employee_id_value']) ?>
</option>
<?php
}
?>
</select>
<label for='claim_amount'>Claim Amount</label>
<input type='number' name='claim_amount' id='claim_amount' maxlength="50" />
<label for='claim_year'>Claim Year</label>
<select name='claim_year' id='claim_year' maxlength="50">
<option value = "2018-19">2018-19</option>
<option value = "2019-20">2019-20</option>
</select>
<button type="submit" name="save">save</button>
</fieldset>
</form>
</body>
</html>
word of warning, do not put anything submitted from a $_POST straight into a database query. You should sanitize it all by passing in the parameters.
e.g.
$result = db_query('SELECT n.name FROM users n WHERE n.name = :name', array(':name' => $name));
If the first query isn't returning any results, it's likely those two parameters you are passing into the string are not what you expect, or not valid. Try echoing out the two variables, then running the SQL query manually.
Or if you want Drupal to be a bit more verbose, wrap it in a exception catcher..
e.g.
catch (\PDOException $e) {
$error = $e->getMessage();
I am trying to find a way in PHP to combine data from several drop down boxes into one SQL statement. I can get this to partly work. Here is the SQL query:
$sql = "
SELECT *
FROM books
WHERE
author = '$bird'
AND genre = '$cat'
AND year= '$mouse'
AND publisher = '$goat'
";
$bird, $cat etc are the variables that hold the selection from each drop down box.
I am getting mixed results. All four will work together fine and all will work individually.
So If I select from authors, genre, year and publisher, then press select it works and if I select these individually they work as well.
But if try and just select two items, let's say author and year, it does not work and can produce a variety of incorrect data. Here is the complete code. Any help appreciated:
<html>
<head>
<title>My Page</title>
</head>
<body>
<br>
<form name="myform" action="authors3.php" method="POST">
<select name="author" size="2">
<option value="ken davies">ken davies</option>
<option value= "arthur smith">arthur smith</option>
<option value="gill rafferty">gill rafferty</option><br />
<option value="molly brown">molly brown</option><br />
<option value="gilbert riley">gilbert riley</option><br />
<input type = "submit" name = "submit" value = "go">
<select name="genre" size="4">
<option value="adventure">adventure</option>
<option value="biography">biography</option>
<option value="crime">crime</option><br />
<option value="romance">romance</option>
<option value="thriller">thriller</option>
<input type = "submit" name = "submit" value = "go">
<select name="year" size="4">
<option value="2002">2002</option>
<option value="2003">2003</option>
<option value="2004">2004</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
<option value="2007">2007</option>
<option value="2008">2008</option>
<input type = "submit" name = "submit" value = "go">
<select name="publisher" size="4">
<option value="blue parrot">blue parrot</option>
<option value="yonkers">yonkers</option>
<option value="zoot">zoot</option>
<input type = "submit" name = "submit" value = "go">
<?php
$bird = (!empty($_POST['author'])) ? $_POST['author'] : null;
$cat = (!empty($_POST['genre'])) ? $_POST['genre'] : null;
$mouse = (!empty($_POST['year'])) ? $_POST['year'] : null;
$goat = (!empty($_POST['publisher'])) ? $_POST['publisher'] : null;
$con = mysql_connect("localhost","root","");
If (!$con) {
die("Can not Connect with database" . mysql_error());
}
mysql_select_db("authors",$con);
if (isset($bird) && isset($cat) && isset($mouse) && isset($goat)){
$sql = "SELECT * FROM books WHERE author = '$bird'
AND genre = '$cat' AND year = '$mouse' AND
publisher = '$goat' ";
}
else if (isset($bird)) {
$sql = "SELECT * FROM books WHERE author = '$bird' ";
}
else if (isset($cat)) {
$sql = "SELECT * FROM books WHERE genre = '$cat' ";
}
else if (isset($mouse)) {
$sql = "SELECT * FROM books WHERE year = '$mouse' ";
}
else if (isset($goat)) {
$sql = "SELECT * FROM books WHERE publisher = '$goat' ";
}
$myData = mysql_query($sql,$con);
echo"<table border=1>
<tr>
<th>id</th>
<th>author</th>
<th>title</th>
<th>publisher</th>
<th>year</th>
<th>genre</th>
<th>sold</th>
</tr>";
while($record = mysql_fetch_array($myData)){
echo "<tr>";
echo "<td>" . $record['id'] . "</td>";
echo "<td>" . $record['author'] . "</td>";
echo "<td>" . $record['title'] . "</td>";
echo "<td>" . $record['publisher'] . "</td>";
echo "<td>" . $record['year'] . "</td>";
echo "<td>" . $record['genre'] . "</td>";
echo "<td>" . $record['sold'] . "</td>";
echo "<tr />";
}
echo "</table>";
mysql_close($con);
?>
note: all four are working<br />
all work individually<br />
two or three dont work together
</form>
</body>
</html>
Apart from the fact that you're using a deprecated way connecting to MySQL (read up on SQL injection and PDO), you're not covering all the use cases in your code.
A better way might be to write a base query ($q = 'SELECT * FROM books WHERE), and extend that query with the appropriate extra WHERE clauses, based on checking if the parameter is empty or not (if (!empty($goat)) // append new clause to the WHERE portion).
You're query is half fine. Your declarations are the cause of your problem! The reason is you're essentially doing this:
genre ='adventure' and year = null.
What you want to do is edit your query accordingly. So you'll want to do
if (!is_null($year)) {
$sql.= "AND Year = $year";
}
Problem is the above method allows injection!! Which if you're fessed about is a BIG PROBLEM!!!!
So I would recommend using bind_params BUT having said that calling cal_user_func_array on bind_params is a bit tricky so I'd recommend using PDO where you can edit your query and manage your parameters safely and effectively
I am building a search form with multiple fields to search. Data is in 2 different tables depending on what you are searching for in each field.
I have a column that has the same name in each table. Because of this it obviously gives me the sql error of: Column 'state' in where clause is ambiguous
It would not be a problem if the form fields were not in a loop. I am new to php and this is trying me.
I have tried to use aliases in the SELECT for mysql but now i cant target them because it doesnt come through correctly.
Here is what i have for my form:
<form method="post" action="index.php">
<tr>
<td>Name:</td>
<td>
<input type="text" name="display_name" id="display_name" class="display_name tt-query" autocomplete="off" spellcheck="false" placeholder="Type name of person"></td>
</tr>
<tr>
<td>Service Type:</td>
<td><select name="service_name">
<option>
<?php
$query1 = "SELECT service_type FROM nfw_service_type ORDER BY id_num";
$result1 = mysqli_query($conn, $query1); #$num_results1 = mysqli_num_rows($result1);
?>
<?php /*Loop through each row and display records */
for($i=0; $i<$num_results1; $i++) { $row1 = mysqli_fetch_assoc($result1);
?>
<?php // echo 'Name' .$row['ssfullname'] . 'email' . $row['ssemail'] . "\n"; ?>
<option value="<?php print $row1['service_type']; ?>"><?php print $row1['service_type']; ?></option>
<?php // end loop
} ?>
</select></td>
</tr>
<tr>
<td>Suburb:</td>
<input type="text" name="suburb" id="suburb" class="suburb tt-query" autocomplete="off" spellcheck="false" placeholder="Type name of person"></td>
</tr>
<tr>
<td>State:</td>
<td>
<select name="usersstate2">
<option>
<option value="qld">QLD</option>
<option value="sa">SA</option>
<option value="nt">NT</option>
<option value="wa">WA</option>
<option value="vic">VIC</option>
<option value="tas">TAS</option>
<option value="act">ACT</option>
</select>
</td>
</tr>
<tr>
<td>Type:</td>
<td>
<select name="user_type">
<option>
<option value="franchise">Franchisee</option>
<option value="regional">Regional</option>
<option value="state">State</option>
<option value="national">National</option>
<option value="office">Headoffice Staff</option>
</select>
</td>
</tr>
<tr>
<td>Active:</td>
<td>
<select name="active1">
<option></option>
<option value="1">Active</option>
<option value="0">Not Active</option>
</select>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="Search" /></td>
</tr>
</form>
And here is the code once the form is submitted:
<?php
// SEARCH
if(isset($_POST['submit'])) {
// define the list of fields
$fields = array('display_name', 'service_name', 'suburb', 'nfw_users.usersstate2', 'user_type', 'nfw_users.active1');
$conditions = array();
// loop through the defined fields
foreach($fields as $field){
// if the field is set and not empty
if(isset($_POST[$field]) && $_POST[$field] != '') {
$example = $_POST[$field];
// create a new condition while escaping the value inputed by the user (SQL Injection)
$conditions[] = "`$field` LIKE '%{$example}%'";
}
// builds the query
$query = "SELECT
nfw_users.id_num,
nfw_users.display_name,
nfw_users.first,
nfw_users.last,
nfw_users.email,
nfw_users.mobile,
nfw_users.landline,
nfw_users.user_type,
nfw_users.suburb,
nfw_users.active AS active1,
nfw_users.state AS usersstate2,
nfw_services.state AS servicesstate3
FROM
nfw_users
left JOIN nfw_services ON nfw_services.user_id = nfw_users.id_num
LEFT JOIN nfw_service_areas ON nfw_service_areas.service_id = nfw_services.id_num ";
if(count($conditions) > 0) {
// append the conditions
$query .= "WHERE " . implode (' AND ', $conditions) ." GROUP BY nfw_users.id_num ORDER BY nfw_users.display_name"; // you can change to 'OR', but I suggest to apply the filters cumulative
}
}}
$result = mysql_query($query);
var_dump($query);
if (mysql_num_rows($result) > 0) {
while ($score = mysql_fetch_assoc($result)) {
$active1 = $score['active1'];
if ($active1=='1') {
$activeother = "<i class='fa fa-check' style='color:green;'></i>";
}
else {
$activeother = "<i class='fa fa-times' style='color:red;'></i>";
}
$content = "<tr><td>" . $score['display_name'] . "</td><td>" . $score['first'] . "</td><td>" . $score['last'] . " </td><td>" . $score['email'] . " </td><td> " . $score['mobile'] . " </td><td> " . $score['landline'] . "</td><td>$activeother</td><td> " . $score['user_type'] . "</td><td> " . date('d-m-Y', strtotime($score['date_join'])) . "</td><td class='invoicing-columns'><a class='btn btn-yellow' href='view-invoices.php?id=" . $score['id_num'] . "'><i class='fa fa-eye'></i></a></td><td class='invoicing-columns'><a class='btn btn-red' href='del-customers.php?id=" . $score['id_num'] . "' onclick='return check();' class='delete'><i class='fa fa-minus-circle'></i></a></td></tr>";
echo $content;
}
}
?>
Yes i do know one part isnt using sqli and i will fix that. :)
You are on the right track, but your implementation of alias names is a bit off. To assign an alias use the format sometable as somealiasname. Use an alias different than your table names (t1, t2, t4,etc. are common).
Try this:
//as long as you only use each attribute name once, you could do it like this:
$fields=array();
$fields['t1'] = array('display_name', 'service_name', 'suburb', 'state', 'user_type', 'active');
$fields['t2'] = array('some_other_field_in_t2','yet_another_field_in_t2');
$fields['t3'] = array('some_other_field_in_t3','yet_another_field_in_t3');
foreach($fields as $table=>$these_fields){
foreach($these_fields as $field){
if(isset($_POST[$field]) && $_POST[$field] != '') {
$example = $_POST[$field];
// TODO: don't forget to sanitize inputs
$conditions[] = "`$table`.`$field` LIKE '%{$example}%'";
}
}
}
$conditions[] = "t1.`$field` LIKE '%{$example}%'"; //for values are coming from t1 (nfw_users)
$conditions[] = "t2.`$field` LIKE '%{$example}%'"; //as long as all values are coming from t1 (nfw_users)
Alternatively, you could try this approach to map unique keys to a specific location if you want to pull data from columns in different tables that have the same column name:
$fields=array();
$fields['display_name']=array('table'=>'t1','attribute'=>'display_name');
$fields['service_name']=array('table'=>'t1','attribute'=>'service_name');
$fields['suburb']=array('table'=>'t1','attribute'=>'suburb');
$fields['state']=array('table'=>'t1','attribute'=>'state');
$fields['user_type']=array('table'=>'t1','attribute'=>'user_type');
$fields['active']=array('table'=>'t1','attribute'=>'active');
$fields['some_other_field_in_t2']=array('table'=>'t2','attribute'=>'some_other_field');
$fields['yet_another_field_in_t2']=array('table'=>'t2','attribute'=>'yet_another_field');
$fields['some_other_field_in_t3']=array('table'=>'t3','attribute'=>'some_other_field');
$fields['yet_another_field_in_t3']=array('table'=>'t3','attribute'=>'yet_another_field');
foreach($fields as $field=>$field_data){
if(isset($_POST[$field]) && $_POST[$field] != '') {
$example = $_POST[$field];
// TODO: don't forget to sanitize inputs
$conditions[] = "`$field_data['table']`.`$field_data['attribute']` LIKE '%{$example}%'";
}
}
Either way....
$query = "SELECT
t1.id_num,
t1.display_name,
t1.first,
t1.last,
t1.email,
t1.mobile,
t1.landline,
t1.user_type,
t1.suburb,
t1.active AS active1,
t1.state AS usersstate2,
t2.state AS servicesstate3
FROM
nfw_users as t1
LEFT JOIN nfw_services as t2 ON t2.user_id = t1.id_num
LEFT JOIN nfw_service_areas as t3 ON t2.service_id = t1.id_num";
$query .= "WHERE " . implode (' AND ', $conditions) ." GROUP BY t1.id_num ORDER BY t1.display_name";
This page discusses aliases if you'd like more examples:
http://www.w3schools.com/sql/sql_alias.asp
I get the following form my database which contain for year 2011 week 1 to week 20 and for year 2012 currently week 1. I want my user to choose 2011 first and then call the week to choose for example so that they dont choose for example week 10 and year 2012( which are not yet available).Any help most welcome.
<form name="myform" action="http://www.website.com/displaybook.php" method="get">
<select size="1" name="d">
<?
$sql=mysql_query("SELECT DISTINCT (Week) FROM data ORDER BY Week ASC");
while($row = mysql_fetch_array($sql))
{
echo "<option value='". $row['Week']."'>Week - ". $row['Week']."</option>";
}
?>
</select>
<select size="1" name="y">
<?
$sql=mysql_query("SELECT DISTINCT (Year) FROM data ORDER BY Year Desc");
while($row = mysql_fetch_array($sql))
{
echo "<option value='". $row['Year']."'>Season - ". $row['Year']."</option>";
}
?>
</select>
<input type="submit" value="Get data">
</form>
You need to put the year select before the day select... It will ajust the GET string automaticaly... Then, you create a little javascript to enable the second select when the first is selected, like this:
<script type="text/javascript">
function getWeek()
{
if (document.getElementById('y').value != '')
{
document.getElementById('d').disabled = ''; // this will enable the select
}
}
</script>
And in your HTML:
<form name="myform" action="http://www.website.com/displaybook.php" method="get">
<select size="1" name="y" onchange="getWeek()">
<?
$sql=mysql_query("SELECT DISTINCT (Year) FROM data ORDER BY Year Desc");
while($row = mysql_fetch_array($sql))
{
echo "<option value='". $row['Year']."'>Season - ". $row['Year']."</option>";
}
?>
</select>
<select size="1" name="d" id="d" disabled="disabled">
<?
$sql=mysql_query("SELECT DISTINCT (Week) FROM data ORDER BY Week ASC");
while($row = mysql_fetch_array($sql))
{
echo "<option value='". $row['Week']."'>Week - ". $row['Week']."</option>";
}
?>
</select>
<input type="submit" value="Get data">
</form>
Something like this should work great!