-1

I am having trouble getting this to work. I have been able to call data from a dropdown menu and place it into a table and have it actively update without reloading the page. I am now trying to get the database information that is called to appear within a text input field or another drop down menu.

So basically I have a drop down menu that will call up user information, I am trying to get that information that is called to appear within another form so I can update it. Here is the code I am working with;

table7.php

<html>
<head>
<script>
function showUser(str) {
if (str=="") {
document.getElementById("txtDisp").innerHTML="";
return;
}
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
} else { // code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
document.getElementById("txtDisp").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","getuser2.php?q="+str,true);
xmlhttp.send();
}
</script>
</head>
<body>

<form method="post" action="localhost/table7.php">
<select name="users" onchange="showUser(this.value)">
<option value="">Select a person:</option>
<?php
$con=mysqli_connect("localhost","user","password","database");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

$result = mysqli_query($con,"SELECT * FROM users");

while($row = mysqli_fetch_array($result)) {
echo "<option value='" . $row['id'] . "'>" . $row['uname'] . "</option>";
mysqli_close($con);
}
?>
</select>
</form>
<br>
<div id="txtDisp"><b>Person info will be listed here.</b></div>

</body>
</html>

getuser2.php

<?php
$q = intval($_GET['q']);
$con=mysqli_connect("localhost","user","password","database");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}


$sql="SELECT * FROM users WHERE id = '".$q."'";
$result1 = mysqli_query($con,$sql);


echo "<table border='1'>
<tr>
<th>Username</th>
<th>E-Mail</th>
<th>Info 1</th>
</tr>";

echo "<form action="getuser2.php" method="post">";

while($row1 = mysqli_fetch_array($result1)) {
echo "<tr>";
echo "<td><input type="text" name="info1" value=" . $row1['uname'] . "></td>";
echo "<td>" . $row1['email'] . "</td>";
echo "<td>" . $row1['info1'] . "</td>";
echo "</tr>";
}

echo "</form>";

echo "</table>";

mysqli_close($con);
?>

Within the getuser2.php code if you strip out the form input section and replace it with a call for uname using the format directly below for email and info it will display the data called from the database in standard text format.

However, I am encountering this error:

Parse error: syntax error, unexpected 'text' (T_STRING), expecting ',' or ';' in C:\wamp\www\getuser2.php on line 25

Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
Leo Frost
  • 55
  • 1
  • 1
  • 7
  • Yes, Parse error: syntax error, unexpected 'text' (T_STRING), expecting ',' or ';' in C:\wamp\www\getuser2.php on line 25 Line 25 being echo ""; – Leo Frost Aug 17 '14 at 16:08
  • Would you edit that error into the question? It is too important to be mentioned just in a comment. Aha... you need to escape the quotes in that piece of HTML with `\"`, otherwise they will act as string terminators. – halfer Aug 17 '14 at 16:16
  • Update your code according to the answer below and let me know if it helps – hex494D49 Aug 17 '14 at 16:16
  • I will try your method as well hex, I used serakfalcons and it worked, but having two working methods would be far more beneficial as at times one may not work... Many many thanks for your help!! I will place it as a question in a few minutes so others can more easily reference! – Leo Frost Aug 17 '14 at 16:20
  • Yes, your method works as well Hex, and I have updated the question title to reflect the parse error – Leo Frost Aug 17 '14 at 16:26

2 Answers2

2

The problem is the following:

echo "<td><input type="text" name="info1" value=" . $row1['uname'] . "></td>";

You have double quotes inside a double-quoted string. PHP doesn't know where the string ends.

An easy fix (since you're not using variables inside the string anyway) is to change the double quotes to single quotes:

echo '<td><input type="text" name="info1" value="' . $row1['uname'] . '"></td>';
serakfalcon
  • 3,501
  • 1
  • 22
  • 33
  • Good Jazz Serajfalcon!!! It works many many thanks. So when calling a variable within an echo and form I would always place a ' ' inside of the ""? Is there any instances where this would not be applicable or lead to further problems? – Leo Frost Aug 17 '14 at 16:19
  • single quotes passes the string as-is. It has a nice side-effect of letting you write out HTML without escaping anything since HTML mostly uses double quotes. Double quotes allows you to place variables inside the double quoted string. Another approach would be to use `\"` to escape each double quote, as in @hex494D49's answer. – serakfalcon Aug 17 '14 at 16:21
  • Is there any substantive benefit to using ' ' over \" or vice versa? – Leo Frost Aug 17 '14 at 16:35
  • it's largely a matter of personal preference. I prefer using single quotes because it avoids accidentally interpolating variables, but other people prefer them just so they can put variables inside strings! That said, I tend to use double quotes for SQL statements since that lets me use single quotes unescaped inside them. Whatever works for you! – serakfalcon Aug 17 '14 at 16:53
  • 1
    Just under 5 years on and this answer has fundamentally changed the way in which I program in js and php together. – Leo Frost Apr 20 '19 at 03:20
0

Update these lines as shown below 

$sql = "SELECT * FROM users WHERE id = " . $q . "";
// ...
echo "<table border='1'><tr><th>Username</th><th>E-Mail</th><th>Info 1</th></tr>";
// ...
echo "<form action=\"getuser2.php\" method=\"post\">";
// ...
while($row1 = mysqli_fetch_array($result1, MYSQLI_ASSOC)) {
// ...
echo "<td><input type=\"text\" name=\"info1\" value=" . $row1['uname'] . "></td>";
hex494D49
  • 9,109
  • 3
  • 38
  • 47
  • @Downvoter Please care to explain. – hex494D49 Aug 17 '14 at 16:16
  • I downvoted b/c the SQL statement would be vulnerable to SQL injection, then removed it since the odds it will matter are kinda low – serakfalcon Aug 17 '14 at 16:17
  • @serakfalcon: I agree SQL string concatenation is not good practice, but the OP has taken care to defend against SQL injection. – halfer Aug 17 '14 at 16:18
  • @serakfalcon Well, his code isn't working because of a few syntax errors and not because of not using prepared statements. – hex494D49 Aug 17 '14 at 16:19
  • While this is beyond the scope of the original question, what would be a better format to try and achieve the results I am aiming for? Simply having it redirect to another page for updating? – Leo Frost Aug 17 '14 at 16:29
  • @LeonardFrost Actually, I would have an object `user` with methods, `select`, `edit` / `update`, `add` and `insert` and at least two templates - one for `select` and `delete` and one for `insert` and `update`. So, three files, `user.php`, and tempaltes `user_details.php` and `user_form.php`. You may have another one, `user_list.php` tempalte to list them all together. – hex494D49 Aug 17 '14 at 16:37
  • I am attempting to develop that basically but I was wanting to try and call them all from a single page. The table7.php(or what ever variant I am working on at the time) would be the main page to call the other pages within it so the pages would not constantly be reloading(in the traditional sense) and create a streamlined experience for the end user through the use of the AJAX scripting. I take it this is not preferred since I am calling the data from the table7.php into the getuser2.php instead of having getuser2.php open its own database connection? I am sorry, I am a relative novice. – Leo Frost Aug 17 '14 at 17:16
  • I am possibly misunderstanding you completely though – Leo Frost Aug 17 '14 at 17:25