0

I am attempting to get the sql row that a user checks with a checkbox and post the id to a script that will save the users selected rows to a db so they can pull "saved" rows at a later data.

Below is my code -- the issue is when I post the checkbox value it is appearing as "1" and I am not sure why this is happening. All checkbox values are appearing as "1".

require('./wp-blog-header.php');

$current_user = wp_get_current_user();

$school = $_POST['school'];

$connection = mysql_connect('198.71.225.63:3306', 'newmslsuper', ''); 
mysql_select_db('msl_data');

$query = "INSERT INTO searches (ID, school, type) VALUES('$current_user->ID', '$school', '1')";

mysql_query($query);

$search = mysql_query("SELECT * FROM `data` WHERE `school` LIKE '%$school%'");

$count=mysql_num_rows($search);
if ($count==0) { 
    echo 'Sorry your search for'; echo " $school "; echo 'returned no results. Please try again.'; 
}
else {
    $fields_num1 = mysql_num_fields($search);

    echo "<form action='save.php' method='post'>";
    echo "<p>Check the box next to a Scholarship you would like to save and hit the SAVE button.<p/><table><tr><th>Save Search</th>";

    // printing table headers
    for($i=0; $i<$fields_num1; $i++)
    {
        $field1 = mysql_fetch_field($search);
        echo "<th>{$field1->name}</th>";
    }
    echo "</tr>\n";

    // printing table rows

    while($row = mysql_fetch_array($search)){
        foreach($row as $rowarray)
            while($row1 = mysql_fetch_row($search)){
                echo "<tr>";
                echo "<td><input type='checkbox' value='$rowarray' name='cell'></td>";
                // $row is array... foreach( .. ) puts every element
                // of $row1 to $cell1 variable
                foreach($row1 as $cell1)
                    echo "<td>$cell1</td>";
                echo "</tr>\n";
            }
    }
}

echo "<input type='submit' value='SAVE'>";

mysql_close(); //Make sure to close out the database connection
miken32
  • 42,008
  • 16
  • 111
  • 154
Tom Canfarotta
  • 743
  • 1
  • 5
  • 14
  • You will always get the value as 1 if the checkbox is checked. What you need to do is, name the the checkbox based on the DB id values. – Maximus2012 Dec 21 '15 at 22:15
  • You should not be doing that. http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php – miken32 Dec 22 '15 at 00:16

2 Answers2

0

Your checkboxes should be as array as they are multiple. The reason why you get them all as 1 as they override each other.

<form method='post' id='form' action='page.php'> 

    <input type='checkbox' name='checkboxvar[]' value='Option One'>1
    <input type='checkbox' name='checkboxvar[]' value='Option Two'>2
    <input type='checkbox' name='checkboxvar[]' value='Option Three'>3
    <input type='submit'> 
</form>


    <?php
 if(isset($_POST['submit']){
   $v = $_POST['checkboxvar'];

   foreach ($v as $key=>$value) {
             echo "Checkbox: ".$value."<br />";
        }
}
?>
Chaibi Alaa
  • 1,346
  • 4
  • 25
  • 54
0

TBH, this thing was a mess. The base of your problem was a) only having a single named element (as the other answer pointed out) and b) trying to give it an array as a value. But even after fixing that this was never going to work.

You had your database results inside four separate loops, I don't know what the thinking was there. As well, if you presented me with this web page, I could easily erase your entire database with a single click.

Here's what it looks like after 5 minutes of work. I'd still not call this a reasonable script, but hopefully it will give you something to learn from. You need to make a priority to learn about preventing SQL injection, and the first way to do this is to stop using a database engine that's been unsupported for 5 years. PDO is the easiest alternative as it's built into PHP for nearly a decade now. It provides convenient methods for dumping a result set into an array easily.

<html>
<head>
<link rel="stylesheet" type="text/css" href="results.css">
</head>
</html>

<?php
require('./wp-blog-header.php');
$current_user = wp_get_current_user();
$school = $_POST['school'];
$db = new PDO("mysql:host=198.71.225.63;dbname=msl_data", "newmslsuper", "");
$stmt = $db->prepare("INSERT INTO searches (ID, school, type) VALUES(?,?,?)";
$stmt->execute(array($current_user->ID, $school, 1));

$stmt = $db->prepare("SELECT * FROM `data` WHERE `school` LIKE ?");
$stmt->execute(array("%$school%"));
// put it in an array. presto!
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (count($result) === 0) { 
    echo "Sorry your search for '$school' returned no results. Please try again.";
}
else {
    $fields = array_keys($result[0]);

    echo "<form action='save.php' method='post'>";
    echo "<p>Check the box next to a Scholarship you would like to save and hit the SAVE button.<p/><table><tr><th>Save Search</th>";

    // assume "id" field is first
    unset($fields[0]);
    // printing table headers
    foreach($fields as $field) {
        echo "<th>$key</th>";
    }
    echo "</tr>\n";

    // printing table rows
    // just one loop
    foreach($result as $row) {
        echo "<tr>";
        // assume the column is named "id"
        echo "<td><input type='checkbox' value='$row[id]' name='cell[]'></td>";
        unset($row["id"]);
        foreach($row as $cell) {
            echo "<td>$cell</td>";
        }
        echo "</tr>\n";
    }

    echo "<input type='submit' value='SAVE'>";
    echo "</form>";
}
?>
Community
  • 1
  • 1
miken32
  • 42,008
  • 16
  • 111
  • 154