Integrating href with $_GET value into a select option

Question

I am trying to get some data of a certain item selected in a select option and automatically display it on the textfield as shown in this image:

But it is not working. Is there a remedy for this or such type of coding is not workable at all? Hopefully someone can help me on this.

Here is the code I made:

$credit_accounts = $db->query("SELECT * FROM credits");

echo'<select id="customer_order_id" name = "customer_order_id">
         <option value = "">SELECT ACCOUNT</option>';  
      foreach($credit_accounts as $key){
        $id = $key['purchase_order_id'];
        $name = $key['customer_firstName']."\t\t".$key['customer_lastName'];
              echo'<option value = "'.$id.'"><a href="?info='.$id.'">'.$name.'</a></option>';
      }
      echo'  
      </select>';

Note: The link will execute a query that will retrieve certain data of the selected item. If link is declared outside the loop without the <option></option> tag, it works accordingly. But if it is place within the loop of course with the <option></option> tag, it is not working like a link at all. Please help me out.

What I did is a dropdown of the customer names, and these names are like links as shown in the code above - the variable name is within "href" and the href is within — Count Dracula, Sep 15 '16 at 02:25
if(isset($_GET['info']){ $details = $db->query("SELECT * FROM payment WHERE c_id = "'.$_GET['info'].'" "); // The returned values of this query will then be placed in their respected textfields automatically. @**nogad** — Count Dracula, Sep 15 '16 at 02:38
either you will have to reload the page on user section, and then run your query and populate, or add some ajax — , Sep 15 '16 at 03:33

score -2 · Answer 1 · edited May 23 '17 at 10:34

Sorry for my english , I will write some long answer hopefully it will also help others,so i am giving solution for doing following.

Please not : this solution is written and use SIMPLE MYSQL,AJAX and PHP function If you further want DATA SECURITY refer [PHP MySQLI Prevent SQL Injection

Objective : To get/display DATA from DATABASE related to a particular(ly 1) user/product and then fetch/display it in HTML page (additionally: without page refresh ) IN A FORM.

CODE :

<?php
//php-database connection script
$db_config = mysqli_connect("localhost", "username", "pass", "database_name");
// Evaluate the connection
if (mysqli_connect_errno()) {
echo mysqli_connect_error();
exit();
} 
?>
<?php
//this pHP SCRIP FIRES when you select a USERNAME (if u want not to                     SELECT but type then change ONCHANGE to ONKEYUP function & change     username input type to text)
if(isset($_POST['uname'])){
$u = $_POST['uname'];
$sql = "SELECT email , gender FROM credits WHERE username='$u' LIMIT 1";
$query= mysqli_query($db_config,$sql);
while($row2 = mysqli_fetch_array($query)){
    //Here we form a STRING  SEPRATED BY QUAMMAS and  ECHO IT  TO PAGE
    //later on we will fill this data in input fields
    echo $row2['email'].",".$row2['gender']; 
    exit();
}exit();}

?>
<!-- HERE is your form where user will select or type his username-->
<form >
Select username :<br/>
<select id="user_name" onchange="load_data()"> 
<option value=""> select an ouser</option>
<option value="v1111"> v111</option>

</select><br/>
Email<br/>
<input type ="text" id="email" value=""><br/>
Gender : 
<select id="gender">
    <option value='m'>male</option>
    <option value='f'>female</option>
</select>
</form>
<span id='status' ></span>
<script>
//AJAX OBJECT CREATION script it works as get or post mechanism
function ajaxObj(meth, url) {
var x = new XMLHttpRequest();
x.open(meth, url, true);
x.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
return x;
}
function ajaxReturn(x){
if(x.readyState === 4 && x.status === 200){
    return true;    
}
}
//here is function which fires when username is selected
function load_data(){
var value = document.getElementById('user_name').value;
//declare ajax obj, and name(url) of same page you are coding.
var ajax = ajaxObj("POST", "url.php");
    ajax.onreadystatechange = function() {
        if(ajaxReturn(ajax) == true) {

                var str = ajax.responseText;
            //split STRING and  extract individual data
                var res = str.split(',');

            //here we fetch his username into input field BINGO!do same for gender.
            _('email').value = res[0];
            //res[1] will have gender related data.

            }

        }
    //Declaration to send URL encoded variable (username in this     case)
    ajax.send("uname="+value);
}
</script>

If you want further resources and info about data security see BRAD's comments in comments section

This code is **wide open** to SQL injection attacks, and should never be used as-is. Parameterized queries should be used to avoid this problem. Otherwise, automated scanning scripts will wreck your database and leak all your information. — Brad, Sep 15 '16 at 04:04
Additionally, this data format is completely broken. What if the data returned had a comma in it? Use a transport data format like JSON, which has defined escaping built-in, and relatively fast native browser support. Don't re-invent a transport data format. — Brad, Sep 15 '16 at 04:06
Sorry, but that's totally wrong. I'd downvote this answer 10x if I could. There is no tradeoff between simplicity and security in this case. In fact, in my view it's simpler to use a parameterized query than it is to concatenate a bunch of stuff in a query the way you do. And, it's definitely far simpler to use JSON than your CSV-ish transport format here. If you're using this code anywhere, you should fix it. No doubt you've been hacked. — Brad, Sep 15 '16 at 04:16
Some resources for you, if you wish to modify your answer: http://php.net/manual/en/mysqli.prepare.php http://php.net/manual/en/function.json-encode.php — Brad, Sep 15 '16 at 04:19

Integrating href with $_GET value into a select option

1 Answers1