Page 1 of 1

Pass hidden values on submit - sense-check needed please

Posted: Mon Dec 01, 2008 4:31 pm
by sjk1000
Hi all
I'm having mental issues trying to understand how variables should be handled on my site when a Confirm button is pressed. The screenshot below shows the table of values the user is being asked to confirm before the updates are made in the database. I'd be really grateful if someone could take a look at the code below to make sure I'm heading in the right direction.

The form action should self-submit the hidden vars back to the same function in the seller_confirmation page where I have an IF ISSET waiting above to pick up the submit button click. Am I doing the right thing passing these as hidden and if so is the script +/- correct?
Any help is very much appreciated.
Thanks, Steve
confirmation_table.jpg
confirmation_table.jpg (53.08 KiB) Viewed 104 times

Code: Select all

if(isset($_POST['submitall'])) //checks whether the "Send All" button has been clicked from the main page
{   
    $qty=$_POST['qty'];
    $price=$_POST['price'];
    $shipping=$_POST['shipping'];
    $sdprice=$_POST['sdprice'];
    $productid=$_POST['productid'];    
        
    print("<form action='http://www.mywebsite.co.uk/catalog/index.php?main_page=seller_confirmation' method='post'>");
    print("<div class= 'divScroll-2'>");
    print("<TABLE class='seller' ALIGN=center VALIGN=TOP width='850 '>\n");  
    print("<TR  align=center><TH>Prod ID</TH><TH>Title</TH><TH>Qty</TH><TH>Price</TH><TH>Shipping</TH><TH>SD Price</TH></TR>");
    for($x=0; $x<count($_POST['productid']); $x++)
        {       
        if($qty[$x]!= ''||$price[$x] != ''||$shipping[$x] != ''||$sdprice[$x] != '')
        {           
        print("<TR><TD>" .$productid[$x]. " </TD><TD> " .query_get_product_name($productid, $x). "</TD><TD>".$qty[$x]."</TD><TD>" .$price[$x]. "</TD><TD>" .$shipping[$x]. "</TD><TD>" .$sdprice[$x]. "</TD></TR>");
        }            
        }
    print ("</TABLE>\n");   
    print ("</div>");
    print ("<div style='float:right' > <input class='mybtn' SIZE='5' type='submit' name='confirm_db_update' value='Confirm'> </div>"); 
    print ("<input type='hidden' name='productid[]' id='productid' value= ".$productid. ">");
    print ("<input type='hidden' name='qty[]' id='quantity' value= ".$qty. ">");
    print ("<input type='hidden' name='price[]' id='price' value=".$price. ">");
    print ("<input type='hidden' name='shipping[]' id='shipping' value=".$shipping. ">");
    print ("<input type='hidden' name='sdprice[]' id='sdprice' value=".$sdprice. ">");
    print ("</form>");
    }
    unset ($_POST['submitAll']);
}