开发者

PHP - Passing db value to a $_POST - value wrong

I'm having problems with my code - when I run it, it seem to only pass through the ID information for the last record rather than the one in the row I am trying to list and have a button for. The code for the page is the following (Sorry if there is heaps there - I'm only very new to this):

<?php require_once('Connections/Demand.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$colname_Recordset1 = "-1";
if (isset($_COOKIE['DRLogin'])) {
  $colname_Recordset1 = $_COOKIE['DRLogin'];
}
mysql_select_db($database_Demand, $Demand);
$query_Recordset1 = sprintf("SELECT Title, `Action`, Type, Information, `Date`, Status, ID FROM username WHERE Username = %s AND Active = '1' ORDER BY `Date` ASC", GetSQLValueString($colname_Recordset1, "text"));
$Recordset1 = mysql_query($query_Recordset1, $Demand) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$row=0; 
$numrows=mysql_num_rows($row_Recordset1);

$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login - Demand &amp; Resolve</title>
<script type="text/javascript">
    function ChangeColor(tableRow, highLight)
    {
    if (highLight)
    {
      tableRow.style.backgroundColor = '#dcfac9';
    }
    else
    {
      tableRow.style.backgroundColor = 'white';
    }
  }

  function DoNav(theUrl)
  {
  document.location.href = theUrl;
  }
  </script>

</head>

<body>
<form id="form1" name="form1" method="post" action="">
  <p>
    <input name="hiddenField"  type = "hidden" id="GUsername" value="<?php echo $_COOKIE['DRLogin'] ?>" />
  To Do List</p>
  <p>&nbsp;</p>
</form>
<table border="1">
  <tr>
    <td>Title</td>
    <td>Action</td>
    <td>Type</td>
    <td>Information</td>
    <td>Date</td>
    <td>Status</td>
    <td>Task ID</td>
  </tr>
  <?php do { ?>
    <tr onmouseover="ChangeColor(this, true); " 
              onmouseout="ChangeColor(this, false);" 
              >
      <td><?php echo $row_Recordset1['Title']; ?></td>
      <td><?php echo $row_Recordset1['Action']; ?></td>
      <td><?php echo $row_Recordset1['Type']; ?></td>
      <td><?php echo $row_Recordset1['Information']; ?></td>
      <td><?php echo $row_Recordset1['Date']; ?></td>
      <td><?php echo $row_Recordset1['Status']; ?></td>
      <td><form method="post" action="full.php"><input type="hidden" name="pull0" value="<?php echo $row_Recordset1['ID']; ?>"/><input type="submit" name="Action" id="Submit" value="Action" /></td>


    &l开发者_开发技巧t;/tr>
    <?php } while ($row_Recordset1 = mysql_fetch_assoc($Recordset1));  ?>
</table>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>

On the full.php I am using a $_POST action to pick up the value.


You have to close the form:

<td>
    <form method="post" action="full.php">
        <input type="hidden" name="pull0" value="<?php echo $row_Recordset1['ID']; ?>"/>
        <input type="submit" name="Action" id="Submit" value="Action" />
    </form> <!-- add this line -->
</td>

Besides that: Use a while loop instead of a do-while loop. Your code is a bit "hackish" because when you use the do_while loop, $row_Recordset1 is not defined in the first iteration. You circumvent this problem by making a single call to mysql_fetch_assoc at the beginning of the file.

A while loop would be much easier to understand and it makes sure that $row_Recordset1 is defined in every iteration:

<?php while(($row_Recordset1 = mysql_fetch_assoc($Recordset1))): ?>
    <tr onmouseover="ChangeColor(this, true); " 
              onmouseout="ChangeColor(this, false);" 
              >
      <td><?php echo $row_Recordset1['Title']; ?></td>
      <td><?php echo $row_Recordset1['Action']; ?></td>
      <td><?php echo $row_Recordset1['Type']; ?></td>
      <td><?php echo $row_Recordset1['Information']; ?></td>
      <td><?php echo $row_Recordset1['Date']; ?></td>
      <td><?php echo $row_Recordset1['Status']; ?></td>
      <td><form method="post" action="full.php"><input type="hidden" name="pull0" value="<?php echo $row_Recordset1['ID']; ?>"/><input type="submit" name="Action" id="Submit" value="Action" /></form></td>   
    </tr>
<?php endwhile; ?>

Note that I use the alternative syntax for control structures here which I personally find much easier to read and to use when dealing with HTML. Also note that when using the while loop, you should not call mysql_fetch_assoc at the beginning of the file, otherwise you skip the first record.

And applying mysql_num_rows on one row does not make sense to me ;)


function GetSQLValueString should be something like this

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  switch ($theType) {
    case "text":
      if (function_exists("mysql_real_escape_string")) {
        $theValue = mysql_real_escape_string($theValue);
      } else {
        $theValue = mysql_escape_string($theValue);
      }
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
  }
  return $theValue;
}

though I'd say even this one is overkill
and theType concept is totally wrong. Why do you think that defined values shouldn't be escaped as well?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜