drop down form + php using sql - SOLVED

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
hgmmy
Forum Commoner
Posts: 25
Joined: Sun Aug 26, 2007 9:16 am

drop down form + php using sql - SOLVED

Post by hgmmy »

Ok, so once again I'm trying to "hack" my wordpress database. I'm wanting to create a page for users to view other user then there user info. Plus I'm going to make an option as to if they want to share there info, but that's yet to come. At any rate what i'm trying to do at the moment is list the users by accessing the database then using "while" to list the users in the form.

Code: Select all

<?php
  $tm_users = mysql_query("SELECT * FROM wp_users");
?>

<form action="userinfo.php" method="get"> 
Select a User:
<select name="users">
<?php  while (    $tm_listusers = mysql_fetch_array($tm_users))
 {
  echo "<option name=\" " . theuser . " \"> " . $tm_listusers['user_login'] . " </option>\n" ;
  $number++;
 }
?>
<input type="submit" value="submit" />
</select>
</form>
Then when it's submitted, have it processed as you see below on the same page but below the form.

Code: Select all

<?php
  $tm_viewuser = $_GET['theuser'];

  $tm_loggedinuser = mysql_query(" SELECT * FROM wp_usermeta WHERE meta_value='$tm_viewuser' ") or die("Failed: ".mysql_error());

  $tm_row = mysql_fetch_array($tm_loggedinuser);

 echo "<div> " . $tm_row . " </div>";

  $first_nameq = mysql_query(" SELECT * FROM wp_usermeta WHERE user_id='$tm_row[id]' AND meta_key='first_name' ")or die("Failed: ".mysql_error()); 

  $first_namef = mysql_fetch_array($first_nameq);

  echo "<div id=\"textHint\"> " . $first_namef['meta_value'] . " </div>";
//note I've only gotten as far as displaying the first name

?>
After you pick a user with then form and click submit it doesn't display any of the user information (but still displays the form :)). Something I don't know is that if I need to have different names for each option in the drop down list for this to work, though I think that is my problem. In which case how do I give each option a different name (which i know how to do) and the have one form for all of them that'll take the value of each option (which is one of my problems)?
Last edited by hgmmy on Sun Sep 16, 2007 7:59 am, edited 2 times in total.
hgmmy
Forum Commoner
Posts: 25
Joined: Sun Aug 26, 2007 9:16 am

Post by hgmmy »

Note:I've just changed the last section of code to,

Code: Select all

<?php
  $tm_viewuser = mysql_real_escape_string($_GET['$theuser']);

  $tm_loggedinuser = mysql_query(" SELECT * FROM wp_usermeta WHERE meta_value='$tm_viewuser' ") or die("Failed: ".mysql_error());

  $tm_row = mysql_fetch_array($tm_loggedinuser);

 echo "<div> " . $tm_row . " </div>";

  $first_nameq = mysql_query(" SELECT * FROM wp_usermeta WHERE user_id='$tm_row[id]' AND meta_key='first_name' ")or die("Failed: ".mysql_error()); 

  $first_namef = mysql_fetch_array($first_nameq);

  echo "<div id=\"textHint\"> " . $first_namef['meta_value'] . " </div>";

?>

The change being i added "mysql_real_escape() to "$tm_row".
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

1) You have *a lot* of unnecessary spaces in your strings. It shouldn't affect the queries or the HTML display, but I'm fairly sure that it will affect the attributes, namely the "name" attribute that you use on your <option> elements, which brings me to the next thing I noticed.
2) You are using the "name" attribute instead of the "value" attribute. The "value" attribute is the data that is actually posted when the option is selected.
3) There is no element in your form with the name "theuser," so $_GET['theuser'] won't exist.
4) You can't put the <input> element inside of the <select> element.
5) You are using a constant, "theuser," as the "name" attribute of of the options. I'm assuming that is not what you were trying to do.
6) In your new code, you have "$_GET['$theuser']," which I'm certain was a mistake. Even if you have a variable named $theuser, it wouldn't parse since it's in single quotation marks.

I'm sure I've missed other things. At this point, I stopped reading the code.
hgmmy
Forum Commoner
Posts: 25
Joined: Sun Aug 26, 2007 9:16 am

Post by hgmmy »

Ok, here's the code as it is now,

Code: Select all

<form action="userinfo.php" method="get"> 
Select a User:
<select name="theusers">
<?php  while ($tm_listusers = mysql_fetch_array($tm_users))
 {
  echo "<option value=\"" . $tm_listusers['user_login'] . "\">" . $tm_listusers['user_login'] . "</option>\n" ;
 }
?>
</select>

<input type="submit" value="submit" />
</form>

Code: Select all

<?php
  $tm_viewuser = mysql_real_escape_string($_GET[$theusers]);

  $tm_vieweduser = mysql_query(" SELECT * FROM wp_usermeta WHERE meta_value='$tm_viewuser' ") or die("Failed: ".mysql_error());

  $tm_row = mysql_fetch_array($tm_vieweduser);
  
  echo "<div> " . $tm_row['user_id'] . " </div>";

  $first_nameq = mysql_query(" SELECT * FROM wp_usermeta WHERE user_id='$tm_row[user_id]' AND meta_key='first_name' ") or die("Failed: ".mysql_error()); 

  $first_namef = mysql_fetch_array($first_nameq);

  echo "<div id=\"textHint\"> " . $first_namef['meta_value'] . " </div>";

?>
Ok superdezign, I'm going to address what you said with the same number for indexing.
1) Some how or nother I got the impression it had to be spaced as it was, but thinking back it makes me go "duh, stupid".
2)I was under the impression that "name" or "id" were used for the string name, then the text between the opening and closing "<option>" was the value, but I guess that's for text areas, but that's a different topic for a different time.
3)makes sense now.
4)Didn't notice...
5)I'm aware it was giving each option the same name. The url after you click the submit button was showing ...usinfo.php?theuser=admin (or whatever the user name is that was selected). But after changing everything to what it is now it shows ...userinfo.php?users=admin so I've learned that it uses the name given to "<selected>"
6)oh...

So I've changed the stuff that needed changing and it's still not working. Something seems to be wrong with the first sql query cause I'm not getting the user_id when I do that query through this method, but if i take that query and give it straight to my sql and switch out the "$tm_vieweduser" with say admin which is my account it returns the proper results... It's probably a typo I'm not seeing but I've been looking at it to long...

Thanks for your help thus far superdezign.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Code: Select all

SELECT * FROM wp_usermeta WHERE user_id='$tm_row[user_id]' AND meta_key='first_name'
In this line, it should be WHERE user_id = '" . $tm_row['userid'] . "'

You have to concatenate the array value into there, or php will throw notices about the use of undefined constants.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

scottayy wrote:

Code: Select all

SELECT * FROM wp_usermeta WHERE user_id='$tm_row[user_id]' AND meta_key='first_name'
In this line, it should be WHERE user_id = '" . $tm_row['userid'] . "'

You have to concatenate the array value into there, or php will throw notices about the use of undefined constants.
Actually, Everah showed me that it wouldn't throw notices.
Anyway, instead of using concatenation, you could use brackets:

Code: Select all

SELECT * FROM wp_usermeta WHERE user_id='{$tm_row['user_id']}' AND meta_key='first_name'
If he used the brackets and omitted the single-quotes around the array index, then it would throw a notice. However, without them, it won't (and according to the manual, should work as well).
hgmmy
Forum Commoner
Posts: 25
Joined: Sun Aug 26, 2007 9:16 am

Post by hgmmy »

Ok so I did as you said, but my first problem is in the query before that, cause I'm not getting the user id returned.

This is what that section of code is now.

Code: Select all

<?php
  $tm_viewuser = mysql_real_escape_string($_GET[$theusers]);

  $tm_vieweduser = mysql_query(" SELECT * FROM wp_usermeta WHERE meta_value='$tm_viewuser' ") or die("Failed: ".mysql_error());

  $tm_row = mysql_fetch_array($tm_vieweduser);
  
  echo "<div> " . $tm_row['user_id'] . " </div>";

  $first_nameq = mysql_query(" SELECT * FROM wp_usermeta WHERE user_id='{$tm_row[user_id]}' AND meta_key='first_name' ") or die("Failed: ".mysql_error()); 

  $first_namef = mysql_fetch_array($first_nameq);

  echo "<div id=\"textHint\"> " . $first_namef['meta_value'] . " </div>";

?>
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

I'm almost positive $_GET[$theusers] isn't a real variable.

Code: Select all

echo $_GET[$theusers];
See if it displays anything. Maybe you mean $_GET['theusers']? What is your query string?

@superdesignz that's very interesting to note :) I didn't know that. I think I'll stick to the concatenation or brackets, though.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

scottayy wrote:@superdesignz that's very interesting to note :) I didn't know that. I think I'll stick to the concatenation or brackets, though.
Hehe, I feel you. The section in the manual on variables in strings is too long and feels slightly inconsistent. Bad parser, bad. :P
hgmmy
Forum Commoner
Posts: 25
Joined: Sun Aug 26, 2007 9:16 am

Post by hgmmy »

[quote=scottayy]I'm almost positive $_GET[$theusers] isn't a real variable.[/quote]

once again i got the wrong impression somewhere... I thought the name of any form became a variable and the value/input was just that the value of the variable. So the problems solved. Thanks superdezign, and scotteyy.
Post Reply