Page 1 of 1

php self submit quiry

Posted: Tue Jan 09, 2007 5:49 am
by mark16
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hey guys,
               im currently trying to self_submit a form and pass the selected drop options by the user to itself as variables. 
I have it working but when i press submit, it loads a blank page with the desired results on it, how do i make it show the results on the same page as i choose them from.

Code: Select all

<form method="post" action="<?php echo $me;?>">

$Year = $_POST["DYear"];
if (!isset($_POST['submit'])) { // if page is not submitted to itself echo the form
?>

<?
} else {
echo "<b>$Squad</b>";
}
?>
Above is some of the code i used.
Any help appreciated.
mark


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Tue Jan 09, 2007 6:23 am
by mark16
i removed the if else part and it seems to be working now the way i want, would that be ok or is there a better way

Posted: Tue Jan 09, 2007 8:20 am
by feyd
How are you generating $me?

The output from the script would have to match the original output in some fashion. If removing the conditional does this for you, then it is certainly a viable solution.

Posted: Tue Jan 09, 2007 9:01 am
by mark16
im not generating $me, i thought it was some reserved word for self_submitting.
I saw it on some site.

Other than that im not sure because im new to php.
It seems to post data and the data is stored in variables because i can display the contents of the variables.
But i can not use those variables in sql statements, would you have any idea why?

Posted: Tue Jan 09, 2007 9:35 am
by feyd
mark16 wrote:im not generating $me, i thought it was some reserved word for self_submitting.
I saw it on some site.
I see. $me is not automatically generated by PHP. The reason I've asked is because all too often many people, newcomers and old farts alike, use the PHP_SELF variable because it refers to the URL that is currently being requested. The problem is it includes user input; input that can lead to injection of information into the HTML that was not intended. To submit back to the page which is displaying the form you can simply use "#" as the action to avoid this security hole. Pretty simple solution.
mark16 wrote:But i can not use those variables in sql statements, would you have any idea why?
I'd like to see the code before I attempt to give you a reason.

Posted: Tue Jan 09, 2007 11:34 am
by mark16
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


sorry about the mess, ive been changing and shifting code all over the place.

Basically i wanted just to pull info from a database to populate 4 drop down boxes.

then have user select info from the 4 boxes.

then submit page to itself, store those 4 selected options in variables.

then on the same page display a table, made up of info from a database, the mysql statement is dependent on the reults from the user choices.

Code: Select all

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Results Page</title>
</head>

<body>
<form method="post" action="<?php echo $me;?>">

<?php
$Squad = $_POST["DSquad"];
$Swimmer = $_POST["DSwimmer"];
$Event = $_POST["DGala"];
$Year = $_POST["DYear"];
if (!isset($_POST['submit'])) { // if page is not submitted to itself echo the form
?>

<?php
   $dbh=mysql_connect ("localhost", "*******", "<*******>") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("waterfo1_Results");
?>
<div align="center">
	&nbsp;<p>&nbsp;</p>
	<table border="0" width="100%" cellspacing="0" cellpadding="0" id="table1">
		<tr>
			<td>Choose Squad</td>
			<td>Choose Swimmer</td>
			<td>Choose Gala</td>
			<td>Choose Year</td>
		</tr>
		<tr>
			<td><select size="1" name="DSquad">
                       <?php
                       $query2 = "SELECT DISTINCT Squad FROM Swimmers";
                       $squad=mysql_query($query2);
                       $num2=mysql_numrows($squad);
                       $i2=0;
                      while ($i2 < $num2) {
                      $squad2=mysql_result($squad,$i2,"Squad");
                       ?>
                       <option><?php echo "$squad2"; ?></option>
                       <?php $i2++; }?>
                       </select></td>

                        <td><select size="1" name="DSwimmer">
                        <?php
                        $query3 = "SELECT Name FROM Swimmers";
                        $Name=mysql_query($query3);
                        $num3=mysql_numrows($Name);
                        $i3=0;
                        while ($i3 < $num3) {
                        $Name2=mysql_result($Name,$i3,"Name");
                         ?>
						<option><?php echo "$Name2"; ?></option>
                        <?php $i3++; }?>

						</select></td>
						<td><select size="1" name="DGala">
						<?php
                        $query3 = "SELECT DISTINCT Gala FROM Results";
                        $Result=mysql_query($query3);
                        $num4=mysql_numrows($Result);
                        $i4=0;
                        while ($i4 < $num4) {
                        $Result2=mysql_result($Result,$i4,"Gala");
                         ?>
                         <option><?php echo "$Result2"; ?></option>
                         <?php $i4++; }?>
						</select></td>
						
						<td><select size="1" name="DYear">
						<?php
                        $query4 = "SELECT DISTINCT Year FROM Results";
                        $Year=mysql_query($query4);
                        $num5=mysql_numrows($Year);
                        $i5=0;
                        while ($i5 < $num5) {
                        $Year2=mysql_result($Year,$i5,"Year");
                         ?>
                         <option><?php echo "$Year2"; ?></option>
                         <?php $i5++; }?>
						</select></td>
		</tr>
	</table>
</div>

<table border="0" width="10%">
	<tr>
		<td><input type="submit" value="Submit" name="submit"></td>
		<td><input type="reset" value="Reset" name="B2"></td>
	</tr>
</table>
</form>
<?php
} else {
              
   $dbh=mysql_connect ("localhost", "*******", "<*****>") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("waterfo1_Results");

             $Event_query = "SELECT Event FROM Results where Swimmer='$Swimmer' && Gala='$Event' && Year='$Year'";
                       $Event_Result=mysql_query($Event_query);
                       $num6=mysql_numrows($Event_Result);
                       $i6=0;
                       while ($i6 < $num6) {
                       $Event2=mysql_result($Event_Result,$i6,"Event");
                       ?>
 

 <table align="center" border="0" width="50%" id="table2">
	<tr>
		<td width="306">Swimming Event</td>
		<td>Time</td>
	</tr>
    <tr>
		<td width="306"><?php echo "<b>$Event2</b>"; $i6++; } ?> </td>
		<td></td>
	</tr>
</table>
<?php
}

?>
</body>

</html>
any help appreciated or links to good examples.

mark


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]