EDIT:
The drop down menus have the following listed in them:
Typing Course
Daily Marketing Course
When using the code below to add selected text form the dropdown into the MySQL statement, only the first word appears ie. 'Typing' and 'Daily', the code looks like this:
SELECT * FROM `acme` WHERE `course` IN('Typing', 'Daily')AND `date` IN('2010-08-27', '2010-08-31')
it should be this:
SELECT * FROM `acme` WHERE `course` IN('Typing Course', 'Daily Marketing Course')AND `date` IN('2010-08-27', '2010-08-31')
Original question below:
Hi all,
Ok, I'll do my best to explain what I would like to do.
I have two dropdown menus set to multiple, the first is Course and the second is Date, here is the code that populates each dropdown:
Course
echo "<select name='course' value='' multiple='multiple'>";
// printing the list box select command
echo "<option value=''>All</option>";
while($ntc=mysqli_fetch_array($queryc)){//Array or records stored in $nt
echo "<option value=$ntc[course]>$ntc[course]</option>";
/* Option values are added by looping through the array */
}
echo "</select>";// Closing of list box
Date
echo "<select name='date' value='' multiple='multiple'>";
// printing the list box select command
echo "<option value=''>All</option>";
while($nt=mysqli_fetch_array($queryr)){//Array or records stored in $nt
echo "<option value=$nt[dates]>$nt[dates]</option>";
/* Option values are added by looping through the array */
}
echo "</select>";// Closing of list box
The main problem I have is passing the results of each dropdown to a MySQL query. For example, if a user select from the Course dropdown 'Typing' AND 'Marketing' - I need the MySQL query to be:
SELECT * FROM acme WHERE course = 'Typing' OR course = 'Marketing'
In addition, I also need to add the second dropdown into the equation, so working on the assumption the user has selected 'Typing' AND 'Marketing', they then select 21-06-2010 from the Date dropdown, so the query then needs to be:
SELECT * FROM acme WHERE course = 'Typing' OR course = 'Marketing' AND date = '21-06-2010' OR date = '18-05-2010'
Clearly, I also need to build in if they select more than one date form the dropdown.
I hope I have explained clearly enough what I'm looking to achieve..any and all help gratefully received. Really struggling to get my head around this one.
Thanks in advance,
Homer.
Use WHERE value IN ('a', 'b'):
SELECT * FROM acme WHERE course IN ('Typing','Marketing') AND date IN ('21-06-2010', '17-09-2010');
In HTML (or the PHP that outputs HTML), add [] to fieldnames:
<select name='course[]' value='' multiple='multiple'>
in PHP:
$courses=$_POST['course'];
$courses=array_map('mysql_real_escape_string', $courses);
$dates=$_POST['date'];
$dates=array_map('mysql_real_escape_string', $dates);
$query = 'SELECT * FROM `acme` WHERE ';
$query.='`course` IN(\''. join("', '", $courses). '\')';
$query.='AND `date` IN(\''. join("', '", $dates). '\')';
OK, first of all, your SQL is a bit off. Rather than WHERE course = 'Typing' OR 'Marketing', you want WHERE course = 'Typing' OR course = 'Marketing'. Alternatively, you could use WHERE course IN ('Typing', 'Marketing'). You can then create this using the array_map function to add the quotes and the join function to link them together:
<?php
...
function escape_and_add_quotes($string) {
return '\'' . mysql_real_escape_string($string) . '\'';
}
...
$sql = 'SELECT * FROM acme WHERE course IN (' . join(',', array_map('escape_and_add_quotes', $courses)) . ')';
?>
Related
I have SQL command, which will get list of all categories that I used within my table. (writting categories into "categories" column)
SQL:
SELECT category FROM `events` GROUP BY category
In PHPMYADMIN the result is correct, so I know my SQL command is good (each of them is separate category):
MEDICINE
SLEEP
SPORT
I need to get these values and wrap each of them in OPTION html tag, so I can use them on page in SELECTION element. I have a strong feeling I need to use PHP to generate something like this. Can you please inspire me with code?
Here is my attempt to at least see the list via PHP, but I have failed
<html>
<body>
<table>
<?php
include_once('config.php');
$query1 = mysqli_query($query, "SELECT category FROM `events` GROUP BY category");
//nefunkcny
echo $query1;
?>
</table>
</body>
</html>
This is what I would like to get, the ability to select the category on page
I would appreciate any advice on this, thank you in advance.
If further clarification needed, please ask.
Have a nice day.
use a while to fetch the results.
// Perform queries
$query1 = mysqli_query($query, "SELECT category FROM `events` GROUP BY category");
if (mysqli_num_rows($query1) > 0) {
// output data of each row
echo "<select>";
while($row = mysqli_fetch_assoc($query1)) {
echo '<option value="' .$row['category'] . '">' . $row['category'] . "</option>";
}
echo "</select>";
}
I have built a dropdown list using PHP to show all the Unique names in my Table. I want to use that dropdown list to then use the selected value to create a MySQL Statement Dynamically.
Select * From iot_sensors WHERE Sensor_ID = ['USE the DROPDOWN MENU TO SELECT A NAME']
$select2 = "SELECT DISTINCT Sensor_ID FROM iot_sensors;";
$result2 = mysqli_query($conn, $select2);
$counter2 = mysqli_num_rows($result2);
echo "<select name ='Sensor Names'>";
while ($row = mysqli_fetch_assoc($result2)){
echo "<option value ='".$row['Sensor_ID']."'>".$row['Sensor_ID']." </option>";
}
$dynamic_query = "SELECT * FROM iot_sensors WHERE Sensor_ID = ['option value']";
echo "</select>";
I understand usually if I had manually populated the dropdown menu all I would have to do is call the option value but here the option value is on there for HTML rendering purposes.
First some warnings:
Little Bobby says your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi. Even escaping the string is not safe! Don't believe it?
First, do not use names with spaces for HTML elements:
echo "<select name ='Sensor_Names'>";
Once selected and submitted (without knowing what your form method= is) the item will be in the $_REQUEST array:
$sensor_name = $_REQUEST['Sensor_Names'];
$dynamic_query = "SELECT * FROM iot_sensors WHERE Sensor_ID = '$sensor_name'";
My PHP code is returning a list of users out of a MySQL database and putting them in a select list using a JQuery combo box each of them in their own field. There are a couple names out of the DB that need to stay in the DB but don't really need to be in the drop down list as selectable names... is there a way to emit options in my code before the MySQL Query even runs? Or what is the best way to handle this?
Here is my current code:
// Write out our query.
$query = "SELECT DISTINCT FULLNAME FROM cimssystem.cimsusers ORDER BY FULLNAME;";
// Execute it, or let it throw an error message if there's a problem.
$stmt = $pdo->query( $query );
$datalist = "<select id='name-select' name='name'>";
$datalist .= "\n<option value='0' selected></option>";
foreach ($stmt as $row) {
$datalist .= "\n<option value='{$row['FULLNAME']}'>{$row['FULLNAME']}</option>";
}
$datalist .= "\n</select>";
echo $datalist;
?>
There are lots of possibilities here, but this is one example:
$query = "SELECT DISTINCT FULLNAME FROM cimssystem.cimsusers WHERE FULLNAME NOT IN ('name1', 'name2', 'name3') ORDER BY FULLNAME;";
If you are capable of modifying the database, you can add an 'Enabled' column and set the values to true/false accordingly for each entry. You can then simply modify the query to add a check for that column's values. I find this easier than modifying the query to exclude a specific list of people, and it reduces the possibility of a typo on my end in the query.
I was so caught up in my code I didn't think about going back and selecting them in the database! Just have to make sure to move the order by to the end of the statement for this to work correctly!
SELECT DISTINCT FULLNAME FROM cimssystem.cimsusers
WHERE FULLNAME NOT IN ('Berryville CSR Intern', 'name', 'name')
ORDER BY FULLNAME ;
My drop down boxes are working fine using multiples of this code which, I admit, is very rudimentary:
$sql = "SELECT Country FROM engravers order by Country";
$result = mysql_query($sql);
echo "<select name\\='Country'>";
echo "<option value='$_POST'>Country</option>";
while ($row = mysql_fetch_array($result)) {
echo "<option value='" . $row['Country'] . "'>" . $row['Country'] . "</option>";
}
echo "</select>";
The only problem is that if I have more than one item in the field I get a response for each item, for instance, in my testing database there are two rows with Australia as the country. My dropdown then puts Australia in twice. Later, when there will be about a hundred Australian entries this will be a problem.
Also if there is a blank field I get a blank line in the drop down box. I don't seem to be able to find a solution to this. Is there a better way to write the drop down code that doesn't do this. Unfortunately, as a novice, I am using the simplest code I can understand but the results look just like that. Any help would be gratefully accepted.
Try this query:
SELECT DISTINCT Country
FROM engravers
WHERE Country <> ''
ORDER BY Country
SELECT DISTINCT will take care of multiples - if there are 100 rows with Country = Australia, it will only select one.
WHERE Country <> '' will exclude any rows that have a blank value for Country. You could also include AND Country IS NOT NULL to exclude NULL values as well.
References:
<> (Not equal operator), SELECT DISTINCT ...
I am trying to take multiple selections from a drop down, and insert them into a single column/row in a table.
So that it would look like this (ColumnB):
ColumnA | ColumnB | ColumnC
---------------------------
Stuff | A, B, C | Stuff
This is the dropdown:
echo "<select NAME='SysName_1' SIZE='1' multiple tabindex='7'>\n";
echo "<option>Choose One or More</option>\n";
To populate dropdown I use a select statement
$strSQL = "SELECT STATEMENT";
$rsSQL = odbc_exec($connSQL,$strSQL) or die ('Error Executing Subsystems SQL');
$strOptions = "";
while ($row=odbc_fetch_array($rsSQL)){
$id = trim($row["SysName"]);
$thing = trim($row["SysDesc"]);
$strOptions .= "<OPTION VALUE='$id'>$thing</option>";
}
echo $strOptions;
echo "</select>\n";
And this is what I have at my Insert:
Should combine multiple selections separated by , correct?
$SysName_1 = implode(',',$_POST['$SysName_1']);
$SQLIN = 'INSERT INTO TABLE (COLUMNA) VALUES ($SysName_1)';
I tried doing what was located here, as his code seems to be doing what I want (although he doesn't want it to) Multiple dropdown values inserting in a single row not in multiple row
But it does not work at all. I get an invalid argument for the implode in my server log, and the insert statement is just blank for that variable.
Any help would be appreciated.
The name attribute in your form needs to end with [] to indicate an array. This should work
echo "<select NAME='SysName_1[]' SIZE='1' multiple tabindex='7'>\n";
But you should be careful. Never trust user input! Don't insert the value from your $_POST directly into the db. Always escape at least