I'm using Codeigniter for building a website. The website has an option called 'update record' which allows the user to update 50 different values. The update page has the old value along with an empty text box for the user to enter the new value. Updating the whole record even though the user has not actually updated anything makes no sense (website uses MySQL database). I've tried using hidden form field with the original value and tried to update only modified fields. Though it is working fine, the process looks so lengthy every time comparing the old value with the new one and updating only if there is a change.
Is there a better way to do this (with or without using codeigniter)? Just curious to know.
Thanks in advance.
I would parse the post array and remove any entries that don't have a value for updated (which would mean the input was submitted empty).
Then you could only update the modified records
I don't know how code igniter passes the post array into the controller after form submission but you could do something like
<?php
foreach ($postData as $key => $value) {
if (empty($value)) {
unset($postData[$key]);
}
}
The only place this would fall down is if you legitimately want to store an empty record as the updated value.
I use javascript to do filter only updated values
1 - I use hashes.js to calculate a sha1 when page loaded. store it in hidden or just a variable, or you can do sha in the server.
2 - I also do a snapshot of the form in array when page loaded. I put all my input in one class and use jQuery('forminputs').each to put them in array.
3 - when user click submit, first I do another snapshot of the form as No. 2 and compare the hash. if the hash diff, I use php.js get the updated value php.array_diff_assoc(newsnapshot, oldsnapshot). and post this to server.
Though these seems like a lot of computation, but in fact it is not slow at all in firefox or chrome(never try IE).
Related
I've just started recently to delve into the depths of html/php & co, so basically I'm a noob.
My question is simple: I'm using a php session to store a variable I'm using for an operation on the successive page. This variable is 'id' which is the primary key of my postgreSQL table. The user has a form on the web page in which it inserts the 'id' so as to select a particular row of the database to visualize and modify. Since the operations of visualization and modification are all in successive pages, I wanted the variable to remain memorized through the session (so that it's not required to post it again every time)
$_SESSION[id] = $_POST[id]
The problem arises when on a successive page I try to use a form to modify data on that particular row. I don't want the user to have to submit the 'id' again, so I use a select that involves $_SESSION[id]. But when the user submits the form, $_POST[id] is not specified in that form and its value goes to null. The result is that $_SESSION[id] is null and I cannot access the database using the query.
I found a way to solve the problem, but I find it extremely inelegant. I basically add a hidden section on the form that sends the id variable like this
<input type="hidden" name="id" value="$_SESSION[id]">
Is there a better way to do this?
I really hope my question makes sense to you, feel free to comment for additional info.
Thanks a lot :)
Problem
I am developing an application (in PHP) in which, I will show the user a report of some derived values based on previous entries he had done and the user will check for correctness - if correct, then the user can press Save button to submit it to database. Otherwise, the user should be able to edit previous entries, but he should not be able to change derived values in that report.
For that purpose, I have enclosed these values in a hidden input field, so a normal user can not alter these values, but if web developers could inspect the element in their browser and change these values.
Can we prevent these type of attack? If so, how?
My thoughts
I can make a string of all hidden fields, encrypt it and save in another hidden field - after postback I can cross-verify actual value and encrypted value.
Is this the correct way to achieve this? and how to do this
What do you think?
It's very hard to get a good idea of what you are trying to do but perhaps a solution could be to display a form with input fields disabled (http://www.w3schools.com/tags/att_input_disabled.asp) then have at the bottom of your page e.g. Is this information correct? .. Then 1 option to Save, and one option for No/Edit. Then do an if(isset($_POST['edit'])) { .. run form again but with input fields not disabled }
Only have your SQL update code in the 'edit' section of the code, and have a seperate SQL update code for the save section which just moves the values from wherever you are grabbing them from, to wherever they need to be.
Hope that helps.
If there are derived values that you need to fill out your form, but don't want to use hidden fields - I suggest using session variables that would contain those derived values as needed. Depending on how many of these forms there are, and how many users will be using them - the overhead is usually negligible with this number of fields (in the 30s)... if you discard them when not needed of course.
I have a file which displays the resultset of a query. Now there is an option to compare the individual records (maximum upto 4 simultaneously). Problem is when I switch to next page, the previously selected values for comparison are lost (as the same file loads new records afresh, through pagination algorithm). Is there anyway, I could pass the selected values from the first selection and thereon to the final call(of same page). Technology being used is PHP, MySQL & Javascript. Any help would be highly appreciated. Thanks!
This is a shot in the dark without some sample code or a clear explanation of the pagination, but if you are using a form then you can pass the selections to hidden fields, session variables or some other scoped variable. It appears you are using AJAX, but without the code, I can't give you specifics. If you have full access to the code then a click function on the selection of the elements would allow you to pass the variables via AJAX store them via JAVASCRIPT.
If you can provide a few more details, my answer can be more specific. I would have just asked for clarification but I just joined and don't have the 'reputation' for that yet. ;-)
I'm a bit rusty in PHP,
I'm curently doing an PHP assignment where a user can select and save listed images/data/values into their own collection.
I have inputted all the data and printed it out in a repeat region with recordset paging.
I'm confused about how I am supposed to save a checked checkbox temporary before submission as there a more then 1 page as I'm using recordset paging to output the options.(Meaning: i have selected 2 values in the first page then i click next page to select balance values and finally submit my selection)
TIA
I have read an article on storing in session , that is the solution I guess, but I wonder how I'm supposed to send the value to the session when chaging the page (recordset paging generated by Dreamweaver)
To clarify the previous answers, you will most likely want to create a new $_SESSION variable for each check-box and associate a boolean with it.
You can store the result of a form post in PHP's $_SESSION variable.
Read this post for more information: Storing Form Data as a Session Variable
Also, there has to a tutorial or something in Google Land.
If you need to save the form results without submitting the form, try a JavaScript/AJAX approach. The idea is that you actually do submit the form, but in a behind-the-scenes kind of way (that is, the user never notices it). Essentially, you're going to want to build a "autosave" functionality. Look at these two posts:
Autosaving Form Input Using Prototype and PHP
AJAX Autosave functionality
They probably won't fit your needs exactly, but they should give you a good idea of what you should do.
Note: both of these posts use a timer to trigger their autosave functionality. I would suggest tweaking the trigger to detect any changes in your form instead.
Store them in _SESSION and process when needed.
I have piece of code which refresh data periodically (after 5 sec.), and put it into a table.
This table has sorting option, and checkbox to select a particular row.
Now problem is when i want to sort or choose a row using checkbox, because of auto refresh it set whole table data in previous position. Means if any data i had sorted will not show sorted and/or checked row will be unchecked again.
Please provide me some suggestion how to handle this issue.
Thanks
Your alternative might be to do an AJAX call to pull the data periodically instead of refreshing the whole page via PHP. That way you'll be able to send the correct parameters to handle the sort towards the logic within PHP.
OR
You can push named parameters/actions within the url for sorting purposes. Then use URL's on the table header and the page reloads with a url of something like:
http://example.com/table/sort:asc
http://example.com/table?sort=asc
And then your logic could appropriately pick the previously selected areas up.
if (isset($_GET['sort'])) {
//Do sorting stuff
}