PHP - Passing db value to a $_POST - value wrong
I'm having problems with my code - when I run it, it seem to only pass through the ID information for the last record rather than the one in the row I am trying to list and have a button for. The code for the page is the following (Sorry if there is heaps there - I'm only very new to this):
<?php require_once('Connections/Demand.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$colname_Recordset1 = "-1";
if (isset($_COOKIE['DRLogin'])) {
$colname_Recordset1 = $_COOKIE['DRLogin'];
}
mysql_select_db($database_Demand, $Demand);
$query_Recordset1 = sprintf("SELECT Title, `Action`, Type, Information, `Date`, Status, ID FROM username WHERE Username = %s AND Active = '1' ORDER BY `Date` ASC", GetSQLValueString($colname_Recordset1, "text"));
$Recordset1 = mysql_query($query_Recordset1, $Demand) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$row=0;
$numrows=mysql_num_rows($row_Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login - Demand & Resolve</title>
<script type="text/javascript">
function ChangeColor(tableRow, highLight)
{
if (highLight)
{
tableRow.style.backgroundColor = '#dcfac9';
}
else
{
tableRow.style.backgroundColor = 'white';
}
}
function DoNav(theUrl)
{
document.location.href = theUrl;
}
</script>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<p>
<input name="hiddenField" type = "hidden" id="GUsername" value="<?php echo $_COOKIE['DRLogin'] ?>" />
To Do List</p>
<p> </p>
</form>
<table border="1">
<tr>
<td>Title</td>
<td>Action</td>
<td>Type</td>
<td>Information</td>
<td>Date</td>
<td>Status</td>
<td>Task ID</td>
</tr>
<?php do { ?>
<tr onmouseover="ChangeColor(this, true); "
onmouseout="ChangeColor(this, false);"
>
<td><?php echo $row_Recordset1['Title']; ?></td>
<td><?php echo $row_Recordset1['Action']; ?></td>
<td><?php echo $row_Recordset1['Type']; ?></td>
<td><?php echo $row_Recordset1['Information']; ?></td>
<td><?php echo $row_Recordset1['Date']; ?></td>
<td><?php echo $row_Recordset1['Status']; ?></td>
<td><form method="post" action="full.php"><input type="hidden" name="pull0" value="<?php echo $row_Recordset1['ID']; ?>"/><input type="submit" name="Action" id="Submit" value="Action" /></td>
&l开发者_开发技巧t;/tr>
<?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1)); ?>
</table>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>
On the full.php I am using a $_POST action to pick up the value.
You have to close the form:
<td>
<form method="post" action="full.php">
<input type="hidden" name="pull0" value="<?php echo $row_Recordset1['ID']; ?>"/>
<input type="submit" name="Action" id="Submit" value="Action" />
</form> <!-- add this line -->
</td>
Besides that: Use a while
loop instead of a do-while
loop. Your code is a bit "hackish" because when you use the do_while
loop, $row_Recordset1
is not defined in the first iteration. You circumvent this problem by making a single call to mysql_fetch_assoc
at the beginning of the file.
A while
loop would be much easier to understand and it makes sure that $row_Recordset1
is defined in every iteration:
<?php while(($row_Recordset1 = mysql_fetch_assoc($Recordset1))): ?>
<tr onmouseover="ChangeColor(this, true); "
onmouseout="ChangeColor(this, false);"
>
<td><?php echo $row_Recordset1['Title']; ?></td>
<td><?php echo $row_Recordset1['Action']; ?></td>
<td><?php echo $row_Recordset1['Type']; ?></td>
<td><?php echo $row_Recordset1['Information']; ?></td>
<td><?php echo $row_Recordset1['Date']; ?></td>
<td><?php echo $row_Recordset1['Status']; ?></td>
<td><form method="post" action="full.php"><input type="hidden" name="pull0" value="<?php echo $row_Recordset1['ID']; ?>"/><input type="submit" name="Action" id="Submit" value="Action" /></form></td>
</tr>
<?php endwhile; ?>
Note that I use the alternative syntax for control structures here which I personally find much easier to read and to use when dealing with HTML. Also note that when using the while
loop, you should not call mysql_fetch_assoc
at the beginning of the file, otherwise you skip the first record.
And applying mysql_num_rows
on one row does not make sense to me ;)
function GetSQLValueString should be something like this
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
switch ($theType) {
case "text":
if (function_exists("mysql_real_escape_string")) {
$theValue = mysql_real_escape_string($theValue);
} else {
$theValue = mysql_escape_string($theValue);
}
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
}
return $theValue;
}
though I'd say even this one is overkill
and theType concept is totally wrong. Why do you think that defined values shouldn't be escaped as well?
精彩评论