0

I have a option list populated by a mysql query and I am having issues getting my results when i click the submit button. 

include_once 'dropfunc.php';
connect ();
if($_SERVER["REQUEST_METHOD"] == "post")
{
// Create connection
$con=mysqli_connect("localhost","root","","maintenance");

 // Check connection
 if (mysqli_connect_errno()) {
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
    // Do one thing
 }
 else {
    $site_id=$_POST["site_id"];


    $result = mysqli_query($con,"select *  from record where site_id=$site_id");

    mysql_close();
     }
 }
  else
 echo "this is not working"
 ?>

Now my dropdown menu works fine and runs off a function and a connect page. For now im just trying to get my submit to work then i will work and making its function page as well. Now if i add an else"this is not working" out side all of the if statement at the top i can get it to echo so i know the IF is not getting anything done. 

  <!doctype html>
  <html>
  <div class="box-content">
  <form method="post" action="<?php echo $_SERVER["PHP_SELF"];?>">
    <div class="control-group">
        <label class="control-label" for="selectError">Select Site</label>

        <div class="controls">

            <select name ="site_id" id="site_id" data-rel="chosen" >
                <?php query() ?>
            </select>
            <input type="submit" value="Submit">
            <?php close() ?>
 </form>
 </div>

 <?php

Now i know this is working because i can run it on its own. 

 while($row = mysqli_fetch_array($result)) {

 $luant = $row['luant'];
 $ludish = $row['ludish'];
 $lucable = $row['lucable'];
 $lubrace = $row['lubrace'];

 IF ($luant==1 and $ludish==1 and $lucable==1 and $lubrace==1){
    echo "The page is working";
 }

 else {
    echo "Still working but they don't equal 1";
 }

 }


?>
Cœur
  • 37,241
  • 25
  • 195
  • 267
Scott
  • 3
  • 4
  • 1
    **Danger**: You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Aug 25 '14 at 18:32
  • Thanks! I know I need to add the htmlspecialchars. This is all local so far and i will get it secure before its out. – Scott Aug 25 '14 at 18:48
  • `htmlspecialchars` is a defence against XSS not SQL Injection. – Quentin Aug 25 '14 at 18:49
  • Thanks again. Do you have any ideas on my issue regardless of its security status? – Scott Aug 25 '14 at 18:57
  • I'm not sure I completely follow. What is the result/output of submitting the form now? – chandlermania Aug 25 '14 at 19:25
  • As of now the dropdown menu is just that with a submit button that does not work. My second query that i want to run on Submit is just check 4 fields if they are 1 or 0. This is checking the status of the site. – Scott Aug 25 '14 at 19:35
  • What about the submit button doesn't work? The button in the UI isn't clickable? The form submits but one of your error cases gets echoed? You're getting a blank screen? If you var_dump($_POST) / $site_id is your option being passed? – chandlermania Aug 25 '14 at 19:41
  • Sorry i did not explain my self enough. The button itself is fine. When i have something selected in the drop down menu and i click submit the page refreshes but it does not echo any of my results. IE echo "The page is working","STill working but they dont equal 1". @chandlermania Thanks for helping me out on this.$site_id is the option being passed. – Scott Aug 25 '14 at 19:48
  • Ok. The way your code is written in your qeustion, you don't have anything happening after all of the checks and the mysqli_query call. Perhaps you need to add your while loop from the second code section there? Unless there is additional code you haven't shown, there won't be anything output upon a successful query. Oh. If this is all one file, you're closing the mysql connection before fetching results – chandlermania Aug 25 '14 at 19:53
  • @chandlermania Thanks so much for your help on this. I found my issue and it was that POST was not capital. I have the server on a Linux box. – Scott Aug 25 '14 at 20:20

0 Answers0