text into <textarea>

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
dizeta
Forum Commoner
Posts: 47
Joined: Mon Feb 02, 2004 9:53 am

text into <textarea>

Post by dizeta »

hi,

i'm trying to extract the value of a field and print its into a textarea.
i have some articles into DB .

i extract the titles of the articles:

Code: Select all

<?php
include("dbconnect.php");

$query = "SELECT titolo_studio FROM studi ";
$result = mysql_query($query) or die(mysql_error());

while(list($data) = mysql_fetch_row($result)) {
echo "
    <a href="lista_campi.php?id_studio=$data">$data</a>
    
";
}
?>
i select one of them and i get the list of fields:

Code: Select all

<?php
$name = $_GET['id_studio'];

$connect = mysql_connect('localhost', 'root', '');

$fields = mysql_list_fields("glocal", "studi", $connect);
$column = mysql_num_fields($fields);

for ($i = 6; $i < $column; $i++) {
   
 $campo=mysql_field_name($fields, $i);

echo "<a href='change_dati.php?id_studio=$name&campo=$campo'>$campo<br />\n";
}
?>
last step, i select a field and i want to edit the value ( text) into a textarea,
but it doesn't work. i have textarea, but just a "<br />" inside.

Code: Select all

<?php
include("dbconnect.php");

$table = "studi";

$result = mysql_query("SELECT '" . $_REQUEST["campo"]  . "' FROM $table")or die(mysql_error());
  
for ($i=0; $i<mysql_num_rows($result); $i++)
 ?>
 <br><input type='text' name='<? echo "text".$i ?>' value='<? echo mysql_result($result,$i,$campo) ?>'>
what can i do?
thanks!
User avatar
phpScott
DevNet Resident
Posts: 1206
Joined: Wed Oct 09, 2002 6:51 pm
Location: Keele, U.K.

Post by phpScott »

do you mean something like this?

Code: Select all

<?php
include("dbconnect.php");

$table = "studi";

$result = mysql_query("SELECT '" . $_REQUEST["campo"]  . "' FROM $table")or die(mysql_error());
  
for ($i=0; $i<mysql_num_rows($result); $i++)
{
$data=mysql_result($result, $i);
$row.="<br /><input type="text" name="text$i" id="text$i" value="$data" />\n";
}
echo $row;
?>
phpScott
User avatar
dizeta
Forum Commoner
Posts: 47
Joined: Mon Feb 02, 2004 9:53 am

Post by dizeta »

hi, thanks for reply,

now it's better, in this way i get the names of the fields but i no need to edit that, but the record inside.
thanks
User avatar
phpScott
DevNet Resident
Posts: 1206
Joined: Wed Oct 09, 2002 6:51 pm
Location: Keele, U.K.

Post by phpScott »

what about

Code: Select all

<?php
while ($data = mysql_fetch_assoc($result)) {
$row.="<br /><input type="text" name="text$i" id="text$i" value="".$data[$_REQUEST["campo"]]."" />\n";   
}
echo $row;
?>
using the fetch_assoc we can use the db field name to access the data. so hopefully this will get you the data that is in the db field.
User avatar
dizeta
Forum Commoner
Posts: 47
Joined: Mon Feb 02, 2004 9:53 am

Post by dizeta »

Code: Select all

<?php
include("dbconnect.php");

$table = "studi";

$result = mysql_query("SELECT '" . $_REQUEST["campo"]  . "' FROM $table")or die(mysql_error());
  
while ($data = mysql_fetch_assoc($result)) {
$row.="<br /><input type="text" name="text$i" id="text$i" value="".$data[$_REQUEST["campo"]]."" />\n";   
}
echo $row;
?>
we have the same problem....i still have the name of the fields inside the textarea :(
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Could you do:

Code: Select all

while ($data = mysql_fetch_assoc($result)) {
    echo '<pre>';
    print_r($data);
    echo '</pre>';
}
and tell us what the output is.

Also note that you're opening your database to all sorts of attacks if you don't check the data that the user is sending for the query, basically you need to use [php_man]mysql_escape_string()[/php_man] on $_REQUEST["campo"].

Mac
User avatar
dizeta
Forum Commoner
Posts: 47
Joined: Mon Feb 02, 2004 9:53 am

Post by dizeta »

this is the output:

Code: Select all

<?php
Array
(
    [titolo_studio] => titolo_studio
)

Array
(
    [titolo_studio] => titolo_studio
)

?>
twigletmac wrote:
Also note that you're opening your database to all sorts of attacks if you don't check the data that the user is sending for the query, basically you need to use [php_man]mysql_escape_string()[/php_man] on $_REQUEST["campo"].

Mac
ok, thanks but now what i want is to understand how the scripts works.
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

If you change:

Code: Select all

$result = mysql_query("SELECT '" . $_REQUEST["campo"]  . "' FROM $table")or die(mysql_error());
to

Code: Select all

$sql = "SELECT '" . $_REQUEST["campo"]  . "' FROM $table";
echo 'SQL statement: '.$sql;
$result = mysql_query($sql) or die(mysql_error());
what is the SQL statement?

Edit: think I just spotted your problem, basically your SQL looks like this:

Code: Select all

SELECT 'field_name' FROM table
Remove the single quotes from around the field name as these (the quotes) tell MySQL that you want to select a string not a field. Thus you don't get the results you expect.

Mac
User avatar
dizeta
Forum Commoner
Posts: 47
Joined: Mon Feb 02, 2004 9:53 am

Post by dizeta »

i solved!

Code: Select all

<?php
$table = "studi";

$result = mysql_query("SELECT " . $_REQUEST["campo"]  . " FROM $table WHERE id_studio = " . $_REQUEST["id_studio"]  . "")or die(mysql_error());
  
while ($data = mysql_fetch_assoc($result)) {

echo" <form method="POST" action="modifica.php">";
$row.="<br /><textarea name="text$i" id="text$i" cols="80" rows="20\> ".$data[$_REQUEST["campo"]]."</textarea>\n";

}

echo $row;

?>
first, i removed double quotes into query on " . $_REQUEST["campo"] . "

i've forgot to use clause WHERE id_studio = " . $_REQUEST["id_studio"] . "

the problem was there..

thanks!!! :)
kettle_drum
DevNet Resident
Posts: 1150
Joined: Sun Jul 20, 2003 9:25 pm
Location: West Yorkshire, England

Post by kettle_drum »

Please check variables before you put them into an sql query so people dont inject bad content.
Post Reply