Welcome to WebmasterWorld Guest from 54.196.238.210

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

Multipule selects in form for MySQL

Using a php form

     

Knowles

6:17 pm on Jun 22, 2002 (gmt 0)

10+ Year Member



Ok here is what I am wanting to do. I want set up a form that has multiple selects and depending on the ones you select if pulls from the DB and displays on screen.

EX:

Selection 1 checked
Selection 2
Selection 3 checked

OUTPUT

Selection 1
Selection 3

I am kinda lost on how to form the sql query. Am I going to have to make an if statment for each possiblity? Or is there a way for me to set one query that will only pull the active selections?

jatar_k

6:27 pm on Jun 22, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I think you will have to build the select with if statements but this is just off the top of my head.

$fields = "";
if ($selection1 == "yes")
{
$fields .= "selection1,";
}
if ($selection2 == "yes")
{
$fields .= "selection2,";
}
if ($selection3 == "yes")
{
$fields .= "selection3";
}
$query = "select " . $fields . " from table where somefield=somevalue";
mysql_query($query);

etc..is that what you mean? I didn't add the check for proper commas between the fields but you get the idea.

Knowles

6:31 pm on Jun 22, 2002 (gmt 0)

10+ Year Member



Yes Jatar that is exactly what I was looking for I was making it so much harder than that!

I was thinking if(fields=1,2,3){ query
}ifelse (fields=1,2) {query} and so forth. (note that is not correct coding) Your way will still be long because there will be probably 25 selections but much easier. Thank you again!

jatar_k

6:37 pm on Jun 22, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



the only thing to add to that is some kind of check within each if to make sure you only add a comma if there is already a value in the $fields var.

jatar_k

6:41 pm on Jun 22, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



afterthought

are these 25 select boxes or 25 values within 1 select box?

or are they just 25 checkboxes?

I can think of a few different methods for each of these scenarios.

Knowles

6:43 pm on Jun 22, 2002 (gmt 0)

10+ Year Member



It would be like 25 check boxes each having its own DB select. Does that make sense?

jatar_k

6:44 pm on Jun 22, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



each its own full select statement or each would add a portion to one massive select?

Knowles

6:46 pm on Jun 22, 2002 (gmt 0)

10+ Year Member



Each would have its own.
cb1=select1
It would be all in one database table.

Knowles

6:47 pm on Jun 22, 2002 (gmt 0)

10+ Year Member



Well wait it would be one massive sql query calling all the selected checkboxes.

jatar_k

6:49 pm on Jun 22, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



if it is a massive amout of variables to add to one select statement you could use a foreach statement and then run through them and buil you select statement that way. It would save a ton of code.

If you could show it to me or sticky it I could give you something better maybe.

Knowles

6:50 pm on Jun 22, 2002 (gmt 0)

10+ Year Member



Ok I have to now but Ill work up and example of what the form will look like I havent really started on it yet I was just thinking about it and didnt want to get to far into it. Ill sticky you once its done. Thank you for your help.

Knowles

3:55 am on Jun 23, 2002 (gmt 0)

10+ Year Member



Got it up check your sticky jatar

jatar_k

5:35 pm on Jun 23, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



here you go knowles, I tested this

your form

<form action="result.php" method="post" enctype="multipart/form-data">
<input type="checkbox" name="Select1" value="field1" />Select 1<br />
<input type="checkbox" name="Select2" value="field2" />Select 2<br />
<input type="checkbox" name="Select3" value="field3" />Select 3<br/>
<input type="submit" name="Submit" id="Submit" value="Submit"><input type="reset" name="Reset" id="Reset" value="Reset">

result.php file

$fields = "";

if (isset($Select1))
{
$fields .= $Select1 . ",";
}
if (isset($Select2))
{
$fields .= $Select2 . ",";
}
if (isset($Select3))
{
$fields .= $Select3;
}

if (empty($fields))
{
$query = "no fields selected";
} else {
$query = "select " . $fields . " from table where somefield=somevalue";
}
echo $query;

Lisa

6:13 pm on Jun 23, 2002 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



jatar_k,
You have bug in that. Try adding a comma after every cat even the last one on number 3. Then trim the last comma after you are done making the string $fields.

Knowles

6:16 pm on Jun 23, 2002 (gmt 0)

10+ Year Member



Ty jatar thats what I needed now I can finally get this ball rollin.

Knowles

6:18 pm on Jun 23, 2002 (gmt 0)

10+ Year Member



WOOOOOOO Ok I see what your saying Lisa but why would you put the comma there if its the last field? There would never be a field after that one?

jatar_k

8:19 pm on Jun 23, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



thx Lisa, I knew that. It is a bit lazy as I mentioned above. I should've added it in though.

knowles, if you always add the comma then you cut it every time it makes it more consistent and easier to handle. Otherwise you have to add a test to see if its the last field and then not cut the comma. Might as well just do it every time, easy.

Knowles

1:10 pm on Jun 24, 2002 (gmt 0)

10+ Year Member



Ok that makes sense. Thanks for your help now to find the time to finish!

toadhall

6:04 pm on Jun 24, 2002 (gmt 0)

10+ Year Member



If you take care of the security issues surrounding the use of HTTP_POST_VARS (test for referrer?) you could cut your code to a minimum:

Form:


<form method="post" action="makequery.php">
First: <input type="checkbox" name="one" value="first"><br>
Second: <input type="checkbox" name="two" value="second"><br>
Third: <input type="checkbox" name="three" value="third"><br>
<input type="submit">
</form>

PHP:

$selected = implode(",", $HTTP_POST_VARS);
echo $selected;

It forms a string ($selected) with comma delimited values.

jatar_k

6:06 pm on Jun 24, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



though wouldn't implode cause a problem if the checkboxes weren't the only fields in the form?

toadhall

6:38 pm on Jun 24, 2002 (gmt 0)

10+ Year Member



> problem if the checkboxes weren't the only fields

Test it using the in_array [php.net] function.

jatar_k

6:59 pm on Jun 24, 2002 (gmt 0)

WebmasterWorld Administrator jatar_k is a WebmasterWorld Top Contributor of All Time 10+ Year Member



interesting, I'll run some numbers on that

thx toadhall

ergophobe

7:18 pm on Jun 24, 2002 (gmt 0)

WebmasterWorld Administrator ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Knowles,

The thing about the comma - this is a good trick to know, because the situation comes up a lot. It's easiest to add a comma after every field so you know it's always going to be there, then you always trim it:

$fields = substr($fields, -1);

This just trims off the last character and you can use this technique to simplify putting together WHERE conditions or any number of other things in addition to the situation where you are using it. It's simple and failsafe.

Tom

Knowles

7:50 pm on Jun 24, 2002 (gmt 0)

10+ Year Member



Ok I hate to admit this but I was following everything up until the impode thing. I guess I need to do some reading! It seems to take a lot less code but I dont understand how it works and if there are security issues I wanna make sure I understand how it works first. Thanks for the help and the suggestions.

toadhall

8:14 pm on Jun 24, 2002 (gmt 0)

10+ Year Member



The security issue comes from importing the values via the HTTP_POST_VARS server variable. It will contain every value sent to the php script, not just those you defined (named) in your form. So there's an opening for malice. Best to validate the input, perhaps by testing the HTTP_REFERER or by an .htaccess disallow (?).

Here are two methods for extracting the checked values from a form containing other input types:

('four' and 'five' are hypothetical names of two non-checkbox fields)


$selected = $HTTP_POST_VARS;
unset($selected[four]);
unset($selected[five]);
$qstr = implode(",", $selected);
echo $qstr;

-and-

$nix = array("four","five");
while (list($key, $val) = each($HTTP_POST_VARS))
{
if(!in_array($key, $nix) ){
$selected .= $key . ",";
}
}
$qstr = substr($selected,0,-1);
echo $qstr;

ergophobe

9:28 pm on Jun 24, 2002 (gmt 0)

WebmasterWorld Administrator ergophobe is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month




I was following everything up until the impode thing

From the PHP manual:

implode
(PHP 3, PHP 4 >= 4.0.0)

implode -- Join array elements with a string
Description
string implode ( string glue, array pieces)
Returns a string containing a string representation of all the array elements in the same order, with the glue string between each element.

Example 1. implode() example

$colon_separated = implode(":", $array);

So if the array has
$array[0] = "elem1"
$array[1] = "elem2"

implode(",", array);

yields the string: "elem1, elem2".

Of course, wathc out for this particularly if you are sending data via GET - any idiot could change the params and, in your case, select any columns he wants as long as he can figure out the names.

Tom

 

Featured Threads

Hot Threads This Week

Hot Threads This Month