[While] Generate a button with a name that i can use later.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Goofan
Forum Contributor
Posts: 305
Joined: Wed Nov 04, 2009 2:11 pm
Location: Sweden

[While] Generate a button with a name that i can use later.

Post by Goofan »

can someone tell me what is wrong with my code:

It is supposed to generate a button with a users name as value and a specific number "saved_id" as name. I should be able to take the name of the button so that I can use it later. Exampel: if button 1 is generated to have the name 1, button 2 is generated to have the name 2. I should be able press the button and put the number into my database. With my current code that dont work as it generates the numbers then it savs the last number given out "this case 5". then only that i can use "still i get a parse error:
Notice: Undefined index: Num_5 in C:\Program Files\wamp\www\mine\Projektarbete\sidor\Attack.php on line 49

Code: Select all

 
<?php
include "../login/database.php";
  $id =(isset($_GET['saved_id'])) ? (int)$_GET['saved_id'] : false;
    if($id !== false)
 {
    $sql="SELECT * FROM konto WHERE saved_id=$id";      //selecting all from DB "Konto" where saved_id is the same as in the array $id
 }
    else
 {
    echo "NO saved_id!";
 }
$result = mysql_query($sql) or die("Kunde inte lägga till ny text:<br />" . mysql_error());//Skicka info till tabell.
                 
while($row = mysql_fetch_array( $result ))      //fetching info from file and putting it in $row
{
    
}
?>
<?php
include "../login/database.php";
 
  $id =(isset($_GET['saved_id'])) ? (int)$_GET['saved_id'] : false;
    if($id !== false)
 {
    $sql="SELECT * FROM konto";      //selecting all from DB "Konto" where saved_id is the same as in the array $id
 }
    else
 {
    echo "NO saved_id!";
 }
$result = mysql_query($sql) or die("Kunde inte lägga till ny text:<br />" . mysql_error());//Skicka info till tabell.
        
while($row = mysql_fetch_array( $result ))      //fetching info from file and putting it in $row
{
        $user=$row['user'];
        $enemy_id=$row['saved_id'];
        echo '<form action="" method="post" ENCTYPE="multipart/form-data">';
        echo '<input style="width:75;height:25;font-weight:bold" name=Num_'.$enemy_id .' type="submit" value='.$user.'>';
        echo '</form>';
        
 
}
if (($_POST["Num_".$enemy_id]))
{
    $sql="UPDATE konto SET enemy_id=$enemy_id WHERE saved_id=$id";//Sätt upp SQL fråga.
    $result = mysql_query($sql) or die(mysql_error());//Välj all info i tabell.
}
 
?> 
 

If i press the button it should update the database and SET the $enemy_id (specified number) into the database so that i can use the number "of the database" later.
dgreenhouse
Forum Newbie
Posts: 20
Joined: Tue Mar 10, 2009 5:13 am

Re: [While] Generate a button with a name that i can use later.

Post by dgreenhouse »

I haven't fully reviewed your code yet, but I'd change the assignment and conditional to this:

Code: Select all

 
$id = (int) (isset($_GET['saved_id']) ? $_GET['saved_id'] : 0);
if (!$id) {
...
...
}
 
Also, your button creation statement should be this:
(note the added double parentheses encapsulating: Num_'.$enemy_id & $user and the terminating ; after the styling attributes.
the terminating ; is a good habit to form in case you add additional styling attributes in the future.)

Code: Select all

 
...
echo '<input style="width:75;height:25;font-weight:bold;" name=[i]"[/i]Num_'.$enemy_id .'[i]"[/i] type="submit" value=[i]"[/i]'.$user.'[i]"[/i]>';
...
 
And depending on your DOCTYPE; which doesn't appear to be set, you should end the input element with a space before the close:

Code: Select all

 
echo '<input style="width:75;height:25;font-weight:bold;" name="Num_'.$enemy_id .'" type="submit" value="'.$user.'" [b]/>[/b]';
 
Finally, in: if (($_POST["Num_".$enemy_id])), $_POST["Num_".$enemy_id]] should be validated for type and length and cleansed of any extraneous characters before used in a query to guard against SQL injection attacks. The coercion; using (int), of the $id assignment shown, automatically protects against injection attacks.
User avatar
Goofan
Forum Contributor
Posts: 305
Joined: Wed Nov 04, 2009 2:11 pm
Location: Sweden

Re: [While] Generate a button with a name that i can use later.

Post by Goofan »

ok i dont really see if uve solved the "problem" or if you have only made a few improvments. Anyway thanks both ways.. :D
Post Reply