Re: [PHP] Question before I end up writing alot of extra code...

---- Jason Pruim <japruim@raoset.com> wrote:
> Hi everyone!
>
> So it's been a nice long weekend, I come in to work and try and mess
> with a project that I'm working on to get some new features added. All
> was going well until I realized that now my application is breaking...
>
> Here's the details...
>
> PHP 5.2
> MySQL 5.2
>
> I store the info in the database which is submitted from a HTML form..
> Some of it text boxes, some check boxes, some radio buttons... I
> $_POST the info from the form into the processing script.
>
> The problem I'm running into though, is when a value has not changed
> it doesn't get $_POSTed back and my update script erases the info in
> the database... I'm trying to avoid using $_GET since it can be quite
> a few variables.
>
> Is there anyway I can do it without comparing the original field to
> what I am displaying?

Gone for a weekend and we have to retrain, at least I'm not the only one... ;)

POSTed variables are ALWAYS posted back, changed or not.

More then likely you are forgetting a piece of code, but since you didn't post the offending code, I can't point out where you forgot the $ or to restate a variable. :-P

Have you tried echoing the mysql query to verify it is correct? Have you checked the logs?

Wolf

On Jul 7, 2008, at 3:36 PM, Wolf wrote:

> ---- Jason Pruim <japruim@raoset.com> wrote:
>> Hi everyone!
>>
>> So it's been a nice long weekend, I come in to work and try and mess
>> with a project that I'm working on to get some new features added.
>> All
>> was going well until I realized that now my application is
>> breaking...
>>
>> Here's the details...
>>
>> PHP 5.2
>> MySQL 5.2
>>
>> I store the info in the database which is submitted from a HTML
>> form..
>> Some of it text boxes, some check boxes, some radio buttons... I
>> $_POST the info from the form into the processing script.
>>
>> The problem I'm running into though, is when a value has not changed
>> it doesn't get $_POSTed back and my update script erases the info in
>> the database... I'm trying to avoid using $_GET since it can be quite
>> a few variables.
>>
>> Is there anyway I can do it without comparing the original field to
>> what I am displaying?
>
> Gone for a weekend and we have to retrain, at least I'm not the only
> one... ;)
>
> POSTed variables are ALWAYS posted back, changed or not.
>
> More then likely you are forgetting a piece of code, but since you
> didn't post the offending code, I can't point out where you forgot
> the $ or to restate a variable. :-P

Here is a VERY simplified test :)
MAIN PAGE:
<?PHP
if($row['Tab'] == "done"){
$Tchecked1 = "CHECKED";
$Tchecked2 = NULL;
}else{
$Tchecked1 = NULL;
$Tchecked2 = "CHECKED";
}

echo"
<fieldset>Tab<BR>
<input type="radio" name="rdoTab" value="done" $Tchecked1>Done <BR>
<input type="radio" name="rdoTab" value="on" $Tchecked2>Not Done<BR>
</fieldset>";
?>
PROCESSING:
<?PHP
$tab = $_POST['rdoTab'];
$record = $_POST['txtRecord'];
$updateQuery = "UPDATE `current` SET Tab='$tab' WHERE
Record='$record'";

mysqli_real_query($link, $updateQuery);

?>

--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
11287 James St
Holland, MI 49424
www.raoset.com
japruim@raoset.com

Jason Pruim wrote:
>
> MAIN PAGE:
> <?PHP

echo $row['Tab']; //what do you get?

> if($row['Tab'] == "done"){
> $Tchecked1 = "CHECKED";
> $Tchecked2 = NULL;
> }else{
> $Tchecked1 = NULL;
> $Tchecked2 = "CHECKED";
> }
>
> echo"
> <fieldset>Tab<BR>
> <input type="radio" name="rdoTab" value="done" $Tchecked1>Done <BR>
> <input type="radio" name="rdoTab" value="on" $Tchecked2>Not Done<BR>
> </fieldset>";
> ?>
> PROCESSING:
> <?PHP

print_r($_POST); //what do you get?

> $tab = $_POST['rdoTab'];
> $record = $_POST['txtRecord'];
> $updateQuery = "UPDATE `current` SET Tab='$tab' WHERE
> Record='$record'";
>
> mysqli_real_query($link, $updateQuery);
>
> ?>

You're saying now that that record now has field Tab=''?

-Shawn

please oh please also run that through filter_input() before throwing
a $_POST directly into the db query ;p


On 7/7/08, Shawn McKenzie <nospam@mckenzies.net> wrote:
> Jason Pruim wrote:
> >
> > MAIN PAGE:
> > <?PHP
> >
>
> echo $row['Tab']; //what do you get?
>
> > if($row['Tab'] == "done"){
> > $Tchecked1 = "CHECKED";
> > $Tchecked2 = NULL;
> > }else{
> > $Tchecked1 = NULL;
> > $Tchecked2 = "CHECKED";
> > }
> >
> > echo"
> > <fieldset>Tab<BR>
> > <input type="radio" name="rdoTab" value="done" $Tchecked1>Done <BR>
> > <input type="radio" name="rdoTab" value="on" $Tchecked2>Not Done<BR>
> > </fieldset>";
> > ?>
> > PROCESSING:
> > <?PHP
> >
>
> print_r($_POST); //what do you get?
>
> > $tab = $_POST['rdoTab'];
> > $record = $_POST['txtRecord'];
> > $updateQuery = "UPDATE `current` SET Tab='$tab' WHERE
> Record='$record'";
> > mysqli_real_query($link, $updateQuery);
> > ?>
> >
>
> You're saying now that that record now has field Tab=''?
>
> -Shawn
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

doh - and mysql_escape_string or equivalent.



On 7/7/08, mike <mike503@gmail.com> wrote:
> please oh please also run that through filter_input() before throwing
> a $_POST directly into the db query ;p
>
>
> On 7/7/08, Shawn McKenzie <nospam@mckenzies.net> wrote:
> > Jason Pruim wrote:
> > >
> > > MAIN PAGE:
> > > <?PHP
> > >
> >
> > echo $row['Tab']; //what do you get?
> >
> > > if($row['Tab'] == "done"){
> > > $Tchecked1 = "CHECKED";
> > > $Tchecked2 = NULL;
> > > }else{
> > > $Tchecked1 = NULL;
> > > $Tchecked2 = "CHECKED";
> > > }
> > >
> > > echo"
> > > <fieldset>Tab<BR>
> > > <input type="radio" name="rdoTab" value="done" $Tchecked1>Done <BR>
> > > <input type="radio" name="rdoTab" value="on" $Tchecked2>Not Done<BR>
> > > </fieldset>";
> > > ?>
> > > PROCESSING:
> > > <?PHP
> > >
> >
> > print_r($_POST); //what do you get?
> >
> > > $tab = $_POST['rdoTab'];
> > > $record = $_POST['txtRecord'];
> > > $updateQuery = "UPDATE `current` SET Tab='$tab' WHERE
> > Record='$record'";
> > > mysqli_real_query($link, $updateQuery);
> > > ?>
> > >
> >
> > You're saying now that that record now has field Tab=''?
> >
> > -Shawn
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >
>

> Here is a VERY simplified test :)
> MAIN PAGE:
> <?PHP
> if($row['Tab'] == "done"){
> $Tchecked1 = "CHECKED";
> $Tchecked2 = NULL;
> }else{
> $Tchecked1 = NULL;
> $Tchecked2 = "CHECKED";
> }
>
> echo"
> <fieldset>Tab<BR>
> <input type="radio" name="rdoTab" value="done" $Tchecked1>Done <BR>
> <input type="radio" name="rdoTab" value="on" $Tchecked2>Not Done<BR>
> </fieldset>";
> ?>
> PROCESSING:
> <?PHP
> $tab = $_POST['rdoTab'];
> $record = $_POST['txtRecord'];
> $updateQuery = "UPDATE `current` SET Tab='$tab' WHERE
> Record='$record'";
>
> mysqli_real_query($link, $updateQuery);

Checkboxes and radio buttons only post back the values for the ones
selected.

If you have:

<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="checkbox" name="ids[]" value="1">Option 1<br/>
<input type="checkbox" name="ids[]" value="2">Option 2<br/>
<input type="checkbox" name="ids[]" value="3">Option 3<br/>
</form>

view that, and tick options 1 and 3, only they will be available in $_POST.

This has not changed in any version of php, it has always been this way
- and it will be exactly the same in perl, python, ruby and any other
language.

--
Postgresql & php tutorials
http://www.designmagick.com/

On Jul 7, 8:11*pm, dmag...@gmail.com (Chris) wrote:
> Checkboxes and radio buttons only post back the values for the ones
> selected.

It's an HTML feature (IMO a bad one, but well established)
http://www.w3.org/TR/html401/interac....html#checkbox
"When a form is submitted, only "on" checkbox controls can become
successful"

It's best that your form handler be aware of all form elements, not
just handle whatever it gets back.

Steve