I need to fetch the rows based on form submission values.
Here is my form
<form name="choose" method "post" t" action="search.php">
<table>
<tr>
<tr>
<td height="3">
</td>
</tr>
<td width="60">
<font1>Prof</font1>
</td>
<td>
<select name proffession on>
<option value=""></option>
<option value="doctor"><font4>Doctor</font></option>
<option value="designer">Designer</option>
</select>
</td>
</tr>
<tr>
<tr>
<td height="3">
</td>
</tr>
<td width="60">
<font1>Source</font1>
</td>
<td>
<select name source>
<option value=""></option>
<option value="x"><font4>X</font></option>
<option value="y">Y</option>
<option value="z">Z</option>
</select>
</td>
</tr>
<tr>
<tr>
<td height="3">
</td>
</tr>
<td width="60">
<font1>Location</font1>
</td>
<td>
<select name location on>
<option value=""></option>
<option value="bangalore">Bangalore</option>
<option value="delhi">Delhi</option>
</select>
</td>
</tr>
<tr>
<td>
<input name=look type=submit value=submit>
</td>
</tr>
</form>
If there is any empty field submission i need to fetch the rows excluding that column.
Here is my search.php
<?php
mysql_connect("localhost","root","");//database connection
mysql_select_db("alldata");
$qry = "SELECT * FROM data WHERE location LIKE '" . mysql_escape_string($_POST['location']) . "' And proffession LIKE '" . mysql_escape_string($_POST['proffession']) . "' And source LIKE '" . mysql_escape_string($_POST['source']) . "'";
$res = mysql_query($qry);
function mysql_fetch_all($res) {
while($row=mysql_fetch_array($res)) {
$return[] = $row;
}
return $return;
}
function create_table($dataArr) {
echo "<tr>
"; for($j = 0; $j < count($dataarr); $j++) { echo "<td>".$dataArr[$j]."
</td>
"; } echo "
</tr>
"; } $all = mysql_fetch_all($res); echo "
<table class='data_table'>
"; for($i = 0; $i < count($all); $i++) { create_table($all[$i]); } echo "</table>";
?>
But this script is not able to get me a solution.
Please help
1.Correct your function mysql_fetch_all($res). There is no query
inside the function.
2. Deprecated: mysql_escape_string(): This
function is deprecated; use mysql_real_escape_string()
3. Correct: <select name source> to: <select name="source"> and <select name location on> to <select name="location"> and <input name=look type=submit value=submit> to <input name="look" type="submit" value="submit"> and delete t" from choose form AND <form name="choose" method="post" action="search.php">
Firstly, you should not be using mysql_* functions, see the big red box here. Consider using PDO or MySQLi instead.
Second, you appear to be missing some = such as method="post" You may want to check you're actually receiving your POST values correctly with var_dump($_POST)
Thirdly to exclude non-submitted values, you could construct the query string based on these. Something like:
$qry = "SELECT * FROM data WHERE ";
if($_POST['location']) {
$qry .= 'LIKE "%'. mysql_real_escape_string($_POST['location']) .'%"';
}
// etc...
$qry = "SELECT * FROM data WHERE location LIKE '%" . mysql_escape_string($_POST['location']) . "%' And proffession LIKE '%" . mysql_escape_string($_POST['proffession']) . "%' And source LIKE '%" . mysql_escape_string($_POST['source']) . "%'";
Related
<?php
require '../common/connect-db.php';
require_once 'admin-template.php';
?>
<form id="form1" name="form1" method="post" action="test.php">
<?php
// add button
if(isset($_POST['add_dayoff'])) {
$AddQuery = "INSERT INTO dayoff (fname,lname,datef)
VALUES ('$_POST[select1]')";
mysqli_query($db,$AddQuery);
};
?>
<?php
$query="SELECT DISTINCT fname, lname FROM employees";
$result = $db->query($query);
?>
<table><caption>Dayoff Table</caption>
<tr>
<th>First Name</th>
<th>Employee Dayoff</th>
</tr>
<tr>
<td><select name="select1" id="select1" >
<?php
echo '<option value="">Please select...</option>';
while ($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['fname'] . $row['lname'] . "'>" . $row['fname'] ." ". $row['lname'] . "</option>";
}
?>
<td><input type="date" name="date" required /></td>
</select></td>
<td><input type="submit" name="add_dayoff" /></td>
</tr>
</table>
the primary key is email in employees table, i know it's not a secure way to do it, and i should use prepare statements, but it's just a small project. 'dayoff' has an auto incremented int 'id' as primary key.
So what happens is that all records are inserted more than once. And some records fname and lname are concatenated and stored in fname in dayoff table
You have syntax error
INSERT INTO dayoff (fname,lname,datef) VALUES ($_POST[select1]).$_POST[select1] will contains fnamelname.
Moreover you didn't get date value ie:$_post['date']. Try this and let me know the result
<?php
require_once 'admin-template.php';
?>
<form id="form1" name="form1" method="post" action="test.php">
<?php
// add button
if(isset($_POST['add_dayoff'])) {
$fname=$_POST['select1'];// get the value which stores firstname-lastname
$n=explode('-',$fname);//explode the value with -
$datef=$_POST['date'];
$AddQuery = "INSERT INTO dayoff (fname,lname,datef) VALUES ('$n[0]','$n[1]',$datef)";// query should be like this
mysqli_query($db,$AddQuery);
};
?>
<?php
$query="SELECT DISTINCT fname, lname FROM employees";
$result = $db->query($query);
?>
<table><caption>Dayoff Table</caption>
<tr>
<th>First Name</th>
<th>Employee Dayoff</th>
</tr>
<tr>
<td><select name="select1" id="select1" >
<?php
echo '<option value="">Please select...</option>';
while ($row = mysqli_fetch_array($result)) {
echo "<option value='". $row['fname']."-".$row['lname'] . "'>" . $row['fname'] ." ". $row['lname'] . "</option>";
}
?>
<td><input type="date" name="date" required /></td>
</select></td>
<td><input type="submit" name="add_dayoff" /></td>
</tr>
</table>
I'm trying to allow a user to specify how many rows they would like to add to the order form for the customer's purchase. This allows the user to have as many rows as needed for purchasing products rather than having a set list. I have the functionality working properly, where if you type in 3 and submit, it will give you three rows to enter in product order information.
The problem I am running into is where I am populating a listbox with the product id and name for the user to select. It populates the first row's list box, but the following list boxes only get the " - " and not the $row[] values. It seems like it's not passing in the sql statement anymore, why is this?
This is the area in my code where I'm running into a problem with the functionality:
<?
if (isset($_POST['update']))
{
//Execute this code if the update button is clicked.
$num = $_POST['rows'];
for ($i=0; $i<$num; $i++) { ?>
<tr>
<td class="inputCol2">
<select name="'product<?= $i ?>">
<option value="selectProduct">Select Product</option>
<!-- Populate listbox with Product ID and Product Name -->
<?
do { ?>
<option value="<?= $row[0]; ?>"><?= $row[0] . " - " . $row[2]; ?></option>
<? } while($row = mysqli_fetch_array($result)) ?>
</select>
</td>
<td class="inputCol2"><input type="text" name="'quantity<?= $i ?>" ></td>
<td class="inputCol2">$<input type="text" name="'unit<?= $i ?>" value=""></td>
<td class="inputCol2">$<input type="text" name="'total<?= $i ?>" value="" ></td>
</tr>
<? } ?>
And this is my entire code:
<?
connectDB();
$sql = "SELECT * FROM product";
$sql2 = "SELECT DISTINCT emp_id, emp_fname, emp_lname FROM employee";
$sql3 = "SELECT DISTINCT status_id FROM salesorder ORDER BY status_id asc";
$sql4 = "SELECT * FROM salesorder ORDER BY order_id desc";
$result = mysqli_query($db, $sql) or die("SQL error: " . mysqli_error());
$result2 = mysqli_query($db, $sql2) or die("SQL error: " . mysqli_error());
$result3 = mysqli_query($db, $sql3) or die("SQL error: " . mysqli_error());
$result4 = mysqli_query($db, $sql4) or die("SQL error: " . mysqli_error());
$row = mysqli_fetch_array($result);
$row2 = mysqli_fetch_array($result2);
$row3 = mysqli_fetch_array($result3);
$row4 = mysqli_fetch_array($result4);
?>
<div id="order-wrap">
<form method="post" action="order.php">
<table class="orderInfo"><br>
<tr>
<th class="textCol">Product Rows:</th>
<td class="inputCol"><input type="text" name="rows"></td>
<td><input class="update" type="submit" name="update" value="Update"></td>
<td class="inputCol"></td>
</tr>
</table>
</form><!-- Order Rows -->
<form class="orderform" action ="order-report.php" METHOD = "post">
<h2>Order Form</h2>
<h3>Piedmont Furnishings</h3>
<img id="couch-img" src="couch.jpg" alt="couch">
<table class="orderInfo">
<tr>
<th class="textCol">Order Number:</th>
<td class="inputCol"><input type="text" name="orderNumber" value="<?= $row4[0] + 1; ?>" disabled></td>
<th class="textCol">Order Date:</th>
<td class="inputCol"><input type="text" name="orderDate" value="<?= date("Y-m-d") ?>"></td>
</tr>
<tr>
<th class="textCol">Customer:</th>
<td class="inputCol"><input type="text" name="customer"></td>
<td class="textCol"></td>
<td class="inputCol"></td>
</tr>
<tr>
<th class="textCol">Sales Agent:</th>
<td class="inputCol">
<select name="salesAgent">
<option value="selectAgent">Select One</option>
<!-- Populate listbox with Sales Agents ID -->
<?
do { ?>
<option value="<?= $row2[0]; ?>"><?= $row2[1] . " " . $row2[2]; ?></option>
<? } while($row2 = mysqli_fetch_array($result2)) ?>
</select>
</td>
<th class="textCol">Order Status:</th>
<td class="inputCol">
<select name="orderStatus">
<option value="selectStatus">Select One</option>
<!-- Populate listbox with Status ID -->
<?
do { ?>
<option value="<?= $row3[0]; ?>"><?= $row3[0] ?></option>
<? } while($row3 = mysqli_fetch_array($result3)) ?>
</select>
</td>
</tr>
</table>
<!-- Where the product rows input show go ??? -->
<table class="bottomTable">
<tr>
<th class="textCol">Product</th>
<th class="textCol">Quantity</th>
<th class="textCol">Unit Price</th>
<th class="textCol">Total Price</th>
</tr>
<?
if (isset($_POST['update']))
{
//Execute this code if the update button is clicked.
$num = $_POST['rows'];
for ($i=0; $i<$num; $i++) { ?>
<tr>
<td class="inputCol2">
<select name="'product<?= $i ?>">
<option value="selectProduct">Select Product</option>
<!-- Populate listbox with Product ID and Product Name -->
<?
do { ?>
<option value="<?= $row[0]; ?>"><?= $row[0] . " - " . $row[2]; ?></option>
<? } while($row = mysqli_fetch_array($result)) ?>
</select>
</td>
<td class="inputCol2"><input type="text" name="'quantity<?= $i ?>" ></td>
<td class="inputCol2">$<input type="text" name="'unit<?= $i ?>" value=""></td>
<td class="inputCol2">$<input type="text" name="'total<?= $i ?>" value="" ></td>
</tr>
<? } ?>
<tr>
<td class="textCol"></td>
<td class="textCol"></td>
<td class="textCol">Total Order:</td>
<td class="inputCol2">$<input type="text" name="totalfinal"></td>
</tr>
<input class="submit" type="submit" value="Submit" name="orderSubmit"/>
</table>
</form>
<? } else {?>
<tr>
<td class="textCol"></td>
<td class="textCol"></td>
<td class="textCol">Total Order:</td>
<td class="inputCol2">$<input type="text" name="totalfinal"></td>
</tr>
<input class="submit" type="submit" value="Submit" name="orderSubmit"/>
</table>
</form>
<? } ?>
<?
mysqli_free_result($result);
mysqli_close($db);
?>
</div>
the problem with your code is for first iteration while($row = mysqli_fetch_array($result)) the internal pointer of $result reached at the end... so for next iteration $i=1 there is nothing in the $result but As you use do-while loop the loop must run at least one time and $row[0] & $row[2] is null so you get only "-" . to fix the problem you need to change code slightly.
remove this line $row = mysqli_fetch_array($result);
and add
$options = '<option value="selectProduct">Select Product</option>';
while($row = mysqli_fetch_array($result,MYSQLI_NUM)){
$options .= '<option value="'.$row[0].'">'.$row[0].' - '.$row[1].'</option>';
}
then change like this inside for loop :
<td class="inputCol2">
<select name="'product<?= $i ?>">
<?php
echo $options;
?>
</select>
</td>
i m working on a php page
data is getting retrieved from database and everything is working fine
except that the retrieved data is not getting passed along the form but all others does. only the data i select in the sql drop down box is not saving.
<html>
<head>
<?php
include('connection.php');
$options = '';
$filter=mysql_query("select distinct username from user");
while($row = mysql_fetch_array($filter)) {
$options .="<option value=".$row['username'].">" . $row['username'] . "</option>";
}
$menu="<form>
<select>
" . $options . "
</select>
</form>";
? >
<title>Bug Report</title>
</head>
<body>
<form action="bugprocess.php" method="get">
<table width="274" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<td width="95"><div align="right">name:</div></td>
<td width="171"><input type="text" name="name" /></td>
</tr>
<tr>
<td><div align="right">description:</div></td>
<td><input type="text" name="description" /></td>
</tr>
<tr>
<td><div align="right">priority:</div></td>
<td><select name="priority"><option value="high">high</option>
<option value="low">low</option>
<option value="medium">medium</option>
</select></td>
</tr>
<tr>
<td><div align="right">assign:</div> </td> <td><name="assign"><?php echo $menu?></td>
<td><div align="right"></div></td>
</table>
<br /><center><input name="submit" type="submit" value="Submit" /></td>
</form>
thank you
your select does not have a "name" attribute , also remove additional form tag from $menu. I have corrected the code for you(shown below). the name of select input is "assign"
$menu="
<select name="assign">
" . $options . "
</select>";
Ok, you got 2 bugs in your code, one is that you have not set name for the select input, the other is that you got tag <form> set twice. This won't work.
Try to change this:
$menu="<form>
<select>
" . $options . "
</select>
</form>";
into this:
$menu = "<select name='assign'>".$options."</select>";
I have some search fields that look across a few different tables.
"display_name" form field and "last" form field show different results then what it does directly into phpmyadmin.
If i echo out the mysql query in my php script and paste it into phpmyadmin. It lists of correct results. However on the php/html page it is not listing the same.
For example. If someones name full name is nathan spencer and i put spencer into the "last" form field it will only show 1 result or 2 results. HOWEVER there are actually 5 results found by pasting it directly into phpmyadmin and running it.
I have been battling for ages with this and its driving me nuts.
Here is the PHP up the top of the page:
<?php
// SEARCH
if(isset($_POST['submit'])) {
// define the list of fields
$fields = array('display_name', 'last', 'suburb', 'state', 'user_type', 'active');
$conditions = array();
// loop through the defined fields
foreach($fields as $field){
// if the field is set and not empty
if(isset($_POST[$field]) && $_POST[$field] != '') {
// create a new condition while escaping the value inputed by the user (SQL Injection)
$conditions[] = "`$field` LIKE '%".mysql_real_escape_string($_POST[$field])."%'";
}
}
// builds the query
$query = "SELECT display_name, first, last, suburb, state, user_type, active FROM nfw_users ";
// if there are conditions defined
if(count($conditions) > 0) {
// append the conditions
$query .= "WHERE " . implode (' AND ', $conditions) .""; // you can change to 'OR', but I suggest to apply the filters cumulative
}
else {
echo "No records found";
}
$result = mysql_query($query);
$score = mysql_fetch_assoc($result);
}
?>
and here is the html form
<form method="post" action="index.php">
<tr>
<td>Name:</td>
<td><input type="text" name="display_name" /></td>
</tr>
<tr>
<td>Street:</td>
<td><input type="text" name="last" /></td>
</tr>
<tr>
<td>Suburb:</td>
<td><input type="text" name="suburb" /></td>
</tr>
<tr>
<td>State:</td>
<td>
<select name="state">
<option>
<option value="qld">QLD</option>
<option value="sa">SA</option>
<option value="nt">NT</option>
<option value="wa">WA</option>
<option value="vic">VIC</option>
<option value="tas">TAS</option>
<option value="act">ACT</option>
</select>
</td>
</tr>
<tr>
<td>Type:</td>
<td>
<select name="user_type">
<option>
<option value="franchise">Franchisee</option>
<option value="regional">Regional</option>
<option value="state">State</option>
<option value="national">National</option>
<option value="office">Headoffice Staff</option>
</select>
</td>
</tr>
<tr>
<td>Active:</td>
<td>
<select name="active">
<option></option>
<option value="1">Active</option>
<option value="0">Not Active</option>
</select>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="Search" /></td>
</tr>
</form>
<form method="post" action="index.php">
<tr>
<td>Name:</td>
<td><input type="text" name="display_name" /></td>
</tr>
<tr>
<td>Street:</td>
<td><input type="text" name="last" /></td>
</tr>
<tr>
<td>Suburb:</td>
<td><input type="text" name="suburb" /></td>
</tr>
<tr>
<td>State:</td>
<td>
<select name="state">
<option>
<option value="qld">QLD</option>
<option value="sa">SA</option>
<option value="nt">NT</option>
<option value="wa">WA</option>
<option value="vic">VIC</option>
<option value="tas">TAS</option>
<option value="act">ACT</option>
</select>
</td>
</tr>
<tr>
<td>Type:</td>
<td>
<select name="user_type">
<option>
<option value="franchise">Franchisee</option>
<option value="regional">Regional</option>
<option value="state">State</option>
<option value="national">National</option>
<option value="office">Headoffice Staff</option>
</select>
</td>
</tr>
<tr>
<td>Active:</td>
<td>
<select name="active">
<option></option>
<option value="1">Active</option>
<option value="0">Not Active</option>
</select>
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="submit" value="Search" /></td>
</tr>
</form>
and here is the results that get printed into a table
<?php if(isset($score)){
while($score=mysql_fetch_assoc($result)){
$display_name = $score['display_name'];
$lastname = $score['last'];
$state = $score['state'];
$active = $score['active'];
if ($active=='1') {
$activeother = "<i class='fa fa-check' style='color:green;'></i>";
}
else {
$activeother = "<i class='fa fa-times' style='color:red;'></i>";
}
?>
<?php
$content = "<tr><td>" . $score['display_name'] . "</td><td>" . $score['first'] . "</td><td>" . $score['last'] . " </td><td>" . $score['email'] . " </td><td> " . $score['mobile'] . " </td><td> " . $score['landline'] . "</td><td>$activeother</td><td> " . $score['user_type'] . "</td><td> " . date('d-m-Y', strtotime($score['date_join'])) . "</td><td class='invoicing-columns'><a class='btn btn-yellow' href='view-invoices.php?id=" . $score['id_num'] . "'><i class='fa fa-eye'></i></a></td><td class='invoicing-columns'><a class='btn btn-red' href='del-customers.php?id=" . $score['id_num'] . "' onclick='return check();' class='delete'><i class='fa fa-minus-circle'></i></a></td></tr>";
echo $content;
}}
?>
If I got your code right there might be issue:
Here you actually fetching first row.
$result = mysql_query($query);
$score = mysql_fetch_assoc($result);
Then it seems that you simply skip it and go with loop:
if(isset($score)){
while($score=mysql_fetch_assoc($result)){
What you really want to do is:
$result = mysql_query($query);
if (!$result) {
//TODO: Query error handling
}
// This is how you check for results count
if (mysql_num_rows($result) == 0) {
while ($score = mysql_fetch_assoc($result)) {
//Here you go with result
}
}
You can also check this manual link as reference.
Next thing to check, get exact string from query and try it from phpMyAdmin. Make sure that you use same user as your code does, when doing query.
And one more thing, extension you are using is long time deprecated, you should consider to switching to MySQLi or PDO_MySQL
I am using this code to serach database and I am using 4 fields in this code but this code does not serach database value.
where problem in this code tell me plz edit my code for full working serach with 4 fields
my code :
<?php
{
include ('connection.php');
if(isset($_REQUEST['submit'])){
$optid = $_POST['OPRID'];
$optdec = $_POST['OPRDEFNDESC'];
$empid = $_POST['EMPLID'];
$empmail = $_POST['EMAILID'];
$query ="SELECT * FROM OPERATOR WHERE OPRID LIKE '%".$optid."%'
or OPRDEFNDESC LIKE '%".$optdec."%' or EMPLID LIKE '%".$empid."%'
or EMAILID LIKE '%".$empmail."%' ";
}
else{
$query="SELECT * FROM OPERATOR";
$objParse = oci_parse ($ora_conn, $query);
}
?>
<form action="multi.php" method="get" action="<?=$_SERVER['SCRIPT_NAME'];?>">
<table width="500" border="1" align="center">
<tr>
<th>Operator ID
<input name="OPRID" type="text" id="OPRID" value="";>
<tr>
<th>Operator Name
<input name="OPRDEFNDESC" type="text" id="OPRDEFNDESC" value="";>
<tr>
<th>Person ID
<input name="EMPLID" type="text" id="EMPLID" value="";>
<tr>
<th>Email ID
<input name="EMAILID" type="text" id="EMAILID" value="";>
<input type="submit" value="Search"></th>
</tr>
</table>
</form>
<table>
<tr>
<td>Operator ID</td>
<td>Operator Name</td>
<td>Person ID</td>
<td>Email ID</td>
</tr>
<?
$success = oci_execute($objParse);
//while($objResult = oci_fetch_array($objParse,OCI_BOTH))
while($objResult = oci_fetch_array($objParse, OCI_RETURN_NULLS+OCI_ASSOC))
{
?>
<tr>
<td><div align="center"><?=$objResult["OPRID"];?></div></td>
<td><?=$objResult["OPRDEFNDESC"];?></td>
<td><?=$objResult["EMPLID"];?></td>
<td><div align="center"><?=$objResult["EMAILID"];?></div></td>
<td align="center"><a href="Optr_Edit.php?OprID=
<?=$objResult["OPRID"];?>">Edit</a></td>
</tr>
<?
}
?>
</table>
<?
oci_free_statement($objParse);
oci_close($ora_conn);
}
?>
Try like this
<tr>
<td><div align="right"><strong>Password Encrypted:</strong></div></td>
<td>
<select name="txtENCRYPTED">
<option value="">Select</option>
<option <?php if ($objResult["ENCRYPTED"] == "Y") {echo 'selected';} ?>value="Y">Y</option>
<option <?php if ($objResult["ENCRYPTED"] == "N") {echo 'selected';} ?> value="N">N</option>
</select>
</td>
</tr>
You are doing it wrong
Select element do not have value attribute
You have value attribute only in options element.
For eg:
<select name="txtENCRYPTED" id="txtENCRYPTED">
<option value="">Select</option>
<option value="Y">Y</option>
<option value="N">N</option>
</select>
In your code you have provided the db-retrived-data in tags setting .
The tag defines the menu. It can have the following settings
The name setting adds an internal name to the field so the program that handles the form can identify the fields.
The size option defines how many items should be visible at a time. Default is one item.
The multiple setting will allow for multiple selections if present.
The tag defines the single items in the menu.
The value setting defines what will be submitted if the item is selected.
one solution :-
<form method="post" action="" >
<select name="encrypt" value="encrypted" id='select'>
<option value="">Select</option>
<option value="<?php if($objResult["ENCRYPTED"]=='Y'){ echo 'Y'; } ?>">Y</option>
<option value="<?php if($objResult["ENCRYPTED"]=='N'){ echo 'N'; } ?>">N</option>
</select>
<input type="submit" value="submit" id='form'/>
</form>
</td>
</tr>
//script type jquery.js
//script type javascript
$(document).ready(function(){
$('form').submit(function(){
alert($('#select').val());
});
});
</script>