I apologize in advance, I am a PHP noob!
I have form with some hidden fields. I need the values to POST to "submit_rma.php" so that they're not missing from the db--I need $qty, $estmate_id and $rma_type.
The rest of the fields are just displaying data for the user and are readonly. Currently I only get value from the qty text field.
Is there any easier way to pass these values? URL is out of the question due to security issues.
<form method="post" action="submit_rma.php";>
<table>
<tr>
<td>
Quantity
</td>
<td>
<input type="text" name="qty" value="<?php echo $qty ?>" size="1"/><br/>
</td>
</tr>
<tr>
<td>
Part #
</td>
<td>
<input type="text" name="" value="<?php echo $model ?>" size="8" READONLY/><br/>
</td>
</tr>
<tr>
<td>
Description
</td>
<td>
<input type="text" name="" value="<?php echo $name_EN ?>" size="50" READONLY/><br/>
</td>
</tr>
<tr>
<td>
Paid Date
</td>
<td>
<input type="text" name="" value="<?php echo $sold_date ?>" size="6" READONLY/><br/>
</td>
</tr>
<tr>
<td>
Amount Each
</td>
<td>
<input type="text" name="" value="<?php echo $dealer_price ?>" size="8" READONLY/>
</td>
</tr>
</table>
<input type="hidden" name="estmate_id" value="<?php echo $estmate_id ?>">
<input type="hidden" name="rma_type" value="Short Shipped">
<input type="submit" name="submit";">
</form>
Maybe use a hidden <INPUT>:
<input type="hidden" name="qty" value="<?= $qty ?>">
This won't show anything to the user. If you're unfamiliar, <?= x ?> is effectively equivalent to: <?php echo x; ?>.
However, this is a security problem, as an attacker could craft a fake request and put a different value into the field (sidestepping your page and doing the request directly). You should try and get the value some other way, such as through running the INSERT on page generation, then using an UPDATE on the POST, or something like that.
Am I pointing out the obvious to say that you forgot NAME attributes for all of the text boxes after "qty"? The values won't persist beyond this page if the names aren't there :-)
Related
I am currently trying to build a booking system for a theatre. I have 5 different productions which are found from my database with a query in php.
I have a table showing the productions and their associated ticket price. Each row states the production, ticket price and a submit button (using $_POST) to choose that production.
I am trying to send the title of the selected production as production_'production title'. e.g. if hamlet was selected I would retrieve the selection using $_POST['production_hamlet'].
However I do not know how to replace the title of each production found in the query when retrieving the POST.
e.g. on the next page when echoing out to see if it's submitted I don't know what to write after echo $POST['production.....'].
Here is my code:
<form method="post" action="choose_performance.php">
<table name="choose_performance">
<thead id="td">
<tr>
<td>Production</td>
<td>Basic Ticket Price</td>
<td>Select</td>
</tr>
<thead>
<tbody>
<?php
$production_set = find_productions();
while($row = mysqli_fetch_assoc($production_set)){?>
<tr>
<td><?php echo $row['Title']?>
<input type="hidden" name="<?php echo "production_".$row['Title']?>" value="<?php echo $row['Title']?>" />
</td>
<td><?php echo $row['BasicTicketPrice'];?>
<input type="hidden" name="<?php echo "price_".$row['Title']?>" value="<?php echo $row['BasicTicketPrice']?>" />
</td>
<td>
<input type="submit" name="submit" value="Submit"
onclick='alert("Thank you for your selection. Please choose your preferred performance time and date on the next page.");'>
</td>
</tr>
<?php
}
?>
</form>
Any advice on how to retrieve the POST would be amazing.
Thanks.
Just put the <form> tag inside your while loop so that each row has its own form for submission. This way, when the form is submitted, you only have 2 posted params (production & price). See below:
<tr>
<td>
<?php echo $row[ 'Title']?>
</td>
<td>
<?php echo $row[ 'BasicTicketPrice'];?>
</td>
<td>
<form method="post" action="choose_performance.php">
<input type="hidden" name="production" value="<?php echo $row['Title'] ?>" />
<input type="hidden" name="price" value="<?php echo $row['BasicTicketPrice'] ?>" />
<input type="submit" name="submit" value="Submit" onclick='alert("Thank you for your selection. Please choose your preferred performance time and date on the next page.");'>
</form>
</td>
</tr>
Let's say that I have an HTML structure that looks like this. Each left-context-field and right-context-field are related and in the backend it should be possible to link left to its right colleague.
<table>
<tbody>
<tr>
<td>
<input type="text" class="left-context-field" value="First left value">
</td>
<td>
<input type="text" class="right-context-field" value="First right value">
</td>
</tr>
<tr>
<td>
<input type="text" class="left-context-field" value="Second left value">
</td>
<td>
<input type="text" class="right-context-field" value="Second right value">
</td>
</tr>
<tr>
<td>
<input type="text" class="left-context-field" value="Third left value">
</td>
<td>
<input type="text" class="right-context-field" value="Third right value">
</td>
</tr>
<tr>
<td>
<input type="text" class="left-context-field" value="Fourth left value">
</td>
<td>
<input type="text" class="right-context-field" value="Fourth right value">
</td>
</tr>
</tbody>
</table>
and a user can add as many additional rows as they please. How would I go about posting the values to a PHP file?
Should I wrap all rows in one single huge form, and then call .serializeArray()? Or one form per row?
From a data-oriented approach, what's the best way to deal with this? I'll be sending the data to the back-end, but I want to make the data ass easily accessible for the the backend developer as possible.
I've Edited meda's Answer, but he is not approving that Edit, So I'm posting it here again.
In HTML forms the way you send arrays is using brackets.
For example
name="values[]"
like this.
<form name = 'vals_form' action = 'php_page.php' method = 'post'>
<table>
... <!-- Your all code -->
<tr>
<td>
<input type="text" class="left-context-field" value="First left value" name="values[]">
</td>
<td>
<input type="text" class="right-context-field" value="First right value" name="values[]">
</td>
</tr>
...
<input type = 'submit' value = 'Post Values' />
</table>
</form> <!--and close the form tag-->
In PHP you get the array back
$values = $_POST['values'];
In HTML forms the way you send arrays is using brackets.
For example
name="values[]"
like this.
<form name = 'vals_form' action = 'php_page.php' method = 'post'>
<table>
... <!-- Your all code -->
<tr>
<td>
<input type="text" class="left-context-field" value="First left value" name="values[]">
</td>
<td>
<input type="text" class="right-context-field" value="First right value" name="values[]">
</td>
</tr>
...
<input type = 'submit' value = 'Post Values' />
</table>
</form> <!--and close the form tag-->
In PHP you get the array back
$values = $_POST['values'];
I'm trying to pass multiple values from same parameters of a form using POST, but can't figure out how to proceed. I've used bootstrap css such that I can add multiple products. And I want to process the data of multiple orders by passing the values using POST method.
On clicking 'Add another' link, additional set of data field appear which enables recording of multiple transactions of a same user.
The code is as follows:
<div class="col-xs-5 col-lg-offset-3">
<form action="billingProceed.php" method="post" role="form">
<table id="itemElement">
<tr>
<td>
<select class="form-control">
<option class="form-control"> Customer Name</option>
<option class="form-control"> Customer ID</option>
</select>
</td>
<td><input type="text" name="<?php echo $data["name"]; ?>" class="form-control" /></td>
</tr>
<tr>
<td>
<select class="form-control">
<option class="form-control"> Item Name</option>
<option class="form-control"> Item ID</option>
</select>
</td>
<td ><input type="text" name="<?php echo $data["item"]; ?>" class="form-control" /></td>
</tr>
<tr>
<td style="float:right;">Quantity
</td>
<td><input type="text" name="<?php echo $data["quantity"]; ?>" class="form-control" /></td>
</tr>
<tr>
<td style="float:right;">Price
</td>
<td><input type="text" name="<?php echo $data["price"]; ?>" class="form-control" /></td>
</tr>
<tr>
<td style="float:right;">Discount
</td>
<td><input type="text" name="<?php echo $data["discount"]; ?>" class="form-control" /></td>
</tr>
</table>
<input type="submit" value="Proceed" class="btn btn-primary" />
<p style="float:right;">Add another</p>
You can use an array name.
Example:
<input name="data['name'][1]">
<input name="data['name'][2]">
Firstly you should be aware of the name array, for input names.
HTML Example:
<form>
<a id="add_another" href="#">Add Another</a>
<table>
<tr class="product_item">
<td>
<input type="text" name="product[1][name]" value=""/>
</td>
<td>
<input type="text" name="product[1][item]" value=""/>
</td>
</tr>
<tr id="dummy">
<td>
<input type="text" name="product[0][name]" value=""/>
</td>
<td>
<input type="text" name="product[0][item]" value=""/>
</td>
</tr>
</table>
</form>
On POST, in your PHP script, you will access them as follows:
foreach($_POST['product'] as $product)
{
$name = $product['name'];
$item = $product['item'];
}
Shoot for the JS
//You'll always start with one product row.
var productCount = 1;
$('#add_another').click(function() {
var dummyproduct = $('#dummy').clone();
//Increment Product count
productCount += 1;
//Rename all inputs
dummyproduct.find('input[name^="product[0]"]').each(function(){
$(this).attr('name',$(this).attr('name').replace('product[0]','product['+productCount +']'));
});
//Remove Id from cloned dummy
dummyproduct.removeAttr('id').addClass('product_item');
//Insert row before Dummy
dummyproduct.insertBefore('#dummy');
});
I have a 5x2 HTML table: http://jsfiddle.net/duxTU/
The table is enclosed in a form.
When the form is submitted it redirects to same page
The input field values are stored in an associative array
The values are displayed in respective fields where they were initially entered.
Code:
<?php
if(isset($_POST['submit'])) {
$contacts_array array(
$_POST["name1"] => $_POST['name2'],
$_POST["name3"] => $_POST['name4'],
$_POST["name5"] => $_POST['name6'],
$_POST["name7"] => $_POST['name8'],
$_POST["name9"] => $_POST['name10']);
$array_filtered=array_filter($contacts_array);
$arrayKeys = array_keys($array_filtered);
$arrayValues = array_values($array_filtered);
}
?>
The array has been filtered to omit null values that may creep in.
Now, how do I make the the HTML form display values? I know about sticky forms but since i must keep the form size constant(5x2), I am trying to use code similar to following
<input type="text" value="<?php echo $arrayKeys[0]; ?> ">
<input type="text" value="<?php echo $arrayValues[0]; ?> ">
... till $arrayKeys[4] and $arrayValues[4], respectively.
This gives me undefined offsets, for example $arrayKeys[5] was not set as no value was entered in the respective form column before submission.
Any solution to this issue??
Maybe this would work for you:
<?php
function getPost($param){
return isset($_POST[$param])?$_POST[$param]:"";
}
?>
<form action="#" method="post">
<table>
<tr>
<td>Name</td><td>Age</td>
</tr>
<tr>
<td><input type="text" name="name1" value="<?= getPost("name1") ?>"></td>
<td><input type="text" name="name2" value="<?= getPost("name2") ?>"></td>
</tr>
<tr>
<td><input type="text" name="name3" value="<?= getPost("name3") ?>"></td>
<td><input type="text" name="name4" value="<?= getPost("name4") ?>"></td>
</tr>
<tr>
<td><input type="text" name="name5" value="<?= getPost("name5") ?>"></td>
<td><input type="text" name="name6" value="<?= getPost("name6") ?>"></td>
</tr>
<tr>
<td><input type="text" name="name7" value="<?= getPost("name7") ?>"></td>
<td><input type="text" name="name8" value="<?= getPost("name8") ?>"></td>
</tr><tr>
<td><input type="text" name="name9" value="<?= getPost("name9") ?>"></td>
<td><input type="text" name="name10" value="<?= getPost("name10") ?>"></td>
</tr>
<tr>
<td><input type="submit" value="submit" name="submit"></td>
</tr>
</table>
</form>
The getPost helper was created because I didn't want to have to type the conditional every time.
You can filter out the nulls for whatever other form processing you are doing.
If you just want to display values, a foreach would work great:
foreach ($array_filtered as $k=>$v) {
echo "<input type='text' value='".$k."'>";
echo "<input type='text' value='".$v."'>";
}
foreach loops through an array. $k is the current key. $v is the current value.
Of course, this should be inside of your form HTML.
I don't know if this is even possible, though I sure it is, just beyond my ability.
I want to filter a table generated from an SQL query using a set buttons in the browser, i.e. have checkboxes for if a task has been completed or not, and radio buttons for the timeframe (e.g. last 24hrs, week to date, date range etc..). All without constantly refreshing the page.
Can someone point me in the right direction, I'm not asking for someone to do it for me, but I'm self taught and need some guidance. Any help appreciated.
These are the filters I would like to use:
<form id="filters">
<input type="checkbox" id="live" name="filter_live" value="Live" /> <label for="live">Outstanding</label>
<input type="checkbox" id="completed" name="filter_completed" value="completed" /> <label for="completed">Complete</label>
|
<input type="radio" id="last24" name="filter_radio" checked="checked" onchange="return hide_range(this.checked);"/><label for="last24">Last 24hrs</label>
<input type="radio" id="WTD" name="filter_radio" onchange="return hide_range(this.checked);"/><label for="WTD">WTD</label>
<input type="radio" id="last_week" name="filter_radio" onchange="return hide_range(this.checked);"/><label for="last_week">Last Week</label>
<input type="radio" id="range" name="filter_radio" onchange="return show_range(this.checked);" /><label for="range">Range</label>
<div id="date_range" style="display: none;">
<br />
<label for="from">From: </label><input type="text" id="from" name="from"/>
<label for="to">To: </label><input type="text" id="to" name="to" />
<input type="button" value="Go" />
</div>
</form>
I would like to use them on the following table:
<table class="general">
<tr>
<th colspan='8'>Current Tasks</th>
</tr>
<tr>
<th>Created</th>
<th>Updated</th>
<th>Location</th>
<th>Task</th>
<th>Priority</th>
<th>Status</th>
<th>Completed</th>
<th>Action</th>
</tr>
<?php
while($row = mysql_fetch_array($eng_result)) : ?>
<tr>
<form action="Eng_update.php" method="post">
<td><?php if($row['Created'] == NULL){echo "";}else{ echo date("d/m/y", $row['created_ts']);} ?></td>
<td><?php if($row['LastModified']==NULL){echo "";} else {echo date("d/m/y", $row['Last_Modified_ts']);} ?></td>
<td><?php echo $row['Location'] ?><input type="hidden" name ="eng_loc[]" value="<?php echo $row['Location']; ?>" /></td>
<td><?php echo $row['Task'] ?><input type="hidden" name="eng_task[]" value="<?php echo $row['Task']; ?>" /></td>
<td><?php echo $row['Priority'] ?><input type="hidden" name="eng_priority[]" value="<?php echo $row['Priority']; ?>"</td>
<td><?php echo $row['Status'] ?><input type="hidden" name="eng_status[]" value="<?php echo $row['Status']; ?>"</td>
<td>
<?php if($row['Completed']==1){echo "yes";} else {echo "no";}?>
<input type="hidden" name="eng_task_complete[]" value="<?php echo $row['Completed'];?>"
</td>
<td>
<input type="hidden" name="update_id[]" value="<?php echo $row['ID']; ?>" />
<input type="submit" value="Update" onClick="return checkAction('Do you wish to update the status of this task?')"/>
</td>
</form>
</tr>
<?php endwhile; ?>
</table>
Thanks for taking the time to look :)
There is a jquery plugin called DataTables (if you are familiar with JQuery, this will be a breeze to use): http://datatables.net/
It has lots of features for sorting/filtering your data and even has the option to load data dynamically (through AJAX).
I think you want functionality like this: http://datatables.net/release-datatables/examples/api/multi_filter.html
edit:
for date ranges, create a custom sorting function, a similar question is answered here: http://www.datatables.net/forums/discussion/7218/sort-column-by-numerical-range/p1