Dynamic PHP / mysql dropdown menu issue

Question

I can't seem to get this to work. Part of a $_POST.

<?
foreach ($db->query("SELECT * FROM clients WHERE TID = '".$_SESSION['UID']."'") as $row) 

{
echo '<option value=\" '.$row['UID'].' \">'.$row['FNAME'].' '.$row['LNAME'].'</option>';
}?>
</select>

The _POST'ed value for ['UID'] keeps coming up as \"

Tearing my hair out on this one, can't see what must be a very simple error. FNAME and LNAME appearing ok, echoing [UID] on this page shows the right value so it is something here that is wrong.

Its because you escape the value, while you don't need to escape it. echo ' — Arthur, Apr 10 '14 at 22:09

score 1 · Answer 1 · answered Apr 10 '14 at 22:11

1

You don't need to slash double quotes here, as you're declaring strings in single quotes.

i.e., try:

echo '<option value="'.$row['UID'].'">'.$row['FNAME'].' '.$row['LNAME'].'</option>';

answered Apr 10 '14 at 22:11

meta-nickname

83
1
4

score 0 · Answer 2 · edited Apr 10 '14 at 22:29

0

Your query is going to return a result set, not an array. You have to get the result set, THEN extract the data

$vals = $db->query("SELECT * FROM clients WHERE TID = '".$_SESSION['UID']."'");
while( $row = $vals->fetch_assoc()) {
    echo '<option value="' . $row['UID'] . '">' . $row['FNAME'] . ' ' . $row['LNAME'] . '</option>';
}

edited Apr 10 '14 at 22:29

Arthur

921
3
13
25

answered Apr 10 '14 at 22:10

Machavity

30,841
27
92
100

You're making assumptions about what database driver he's using. It's entirely possible to have a custom db wrapper that returns an iterable result set when you run `query()` – Sam Dufel Apr 10 '14 at 22:21

Dynamic PHP / mysql dropdown menu issue

2 Answers2