0

What I would like to do is as following : I have 3 table's with data from an sql database.(just an simple SQL query).

SQL:

"SELECT * FROM Customers WHERE employee = '"  . $name. "'

I also have an form where I can select an option that then goes into the SQL query

while ($row = mysql_fetch_array($sql)) {

    echo "<option value = " . ($row['name']) . ">". $row['name'] ." </option>";
}

echo '  </select>';
echo '  <input type="submit" id="submit" name="submit">';
echo '</form>';

With the form I use an simple GET to get the form output and put it in the SQL query. Now the problem is that I have 3 tables that almost do the same but i would like to have 3 forms where I can give input and then where I give my input that table shows. Is this possible ? And are there any examples.

Rahul Sharma
  • 194
  • 1
  • 3
  • 18
  • `mysql_*` is officially [**deprecated**](https://wiki.php.net/rfc/mysql_deprecation). You need to change to prepared statments. See [this post for more information](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). – Ben Jan 13 '16 at 11:40
  • It's possible.try it – user3386779 Jan 13 '16 at 11:46
  • This code does work at the moment with mysql but I am trying to add some code so that the tables only show when I give input in my form. So the problem is not with the connection – Rahul Sharma Jan 13 '16 at 12:02
  • I'm not sure what you mean by "*only show when I give input in my form*"? Can you explain your question better? – Qirel Jan 13 '16 at 12:15
  • I would like to have 3 buttons and 3 drop downs and when I choose one of the options and then press the button the page will refresh and return 1 table – Rahul Sharma Jan 13 '16 at 12:52

1 Answers1

0

As mentioned in the comment mysql_* is depreciated, you need to use mysqli or PDO. Using mysqli your code should be like this

$con = mysqli_connect("localhost","my_user","my_password","my_db");
//use your host name, mysql user name, mysql password and your database name in place of "localhost","my_user","my_password","my_db"
$sql ="SELECT * FROM Customers WHERE employee = '"  . $name. "'";
$result = mysqli_query($con,$sql);
while ($row = mysqli_fetch_assoc($result)) {

echo "<option value = " . ($row['name']) . ">". $row['name'] ." </option>";
}

The simple solution for your problem is to make action page of all your three forms to same and use if statements to use the different queries for different input eg: 

if(isset($_GET['name'])){
 $sql ="query1";
} elseif(isset($_GET['yourSecondOption'])){
 $sql ="query1";
}elseif(isset($_GET['yourThirdOption'])){ 
$sql ="query3";
}
Arjan Shrestha
  • 98
  • 8
  • 2
    While very true that `mysql_*` is old and outated, and that `mysqli_*` is better - this does in no way solve OP's question - you also did not say anything about *prepared statements* - so his code is still vulnerable to SQL-injection! – Qirel Jan 13 '16 at 11:53
  • I am aware of the old metod that I use but I think that is not the problem in my code. – Rahul Sharma Jan 13 '16 at 11:59
  • Sorry I misunderstood the question. – Arjan Shrestha Jan 13 '16 at 12:09
  • Thank you so much for you're answer. It helped me very much. And I changed the mysql content to PDO – Rahul Sharma Jan 13 '16 at 13:34