Why my dropdown ins't working in my foreach loop? PHP

Question

I have a foreach loop to grab the id in a session where i select a product to add in the cart. Its working fine there. the problem is.. I have a select tag where it gets data from other table. the product that i select in my gallery is from table1 and the table1 works good in my foreach loop. My select tags does not display all my table2 rows in the foreach loop.

Whats wrong with it?

here are some pics

this grabs the id and store them in a session...

include_once '../incluedes/conn_cms.php'; 
if(isset($_GET['add'])){
    $select = "SELECT * FROM gallery2 WHERE id=" . escape_string($_GET['add'])." ";
    $run_selection = mysqli_query($conn,$select);
    while($rows = mysqli_fetch_assoc($run_selection)){
        if($rows['id'] != $_SESSION['product_'.$_GET['add']]){
            $_SESSION['product_' . $_GET['add']]+=1;
            header('Location: index.php');
        }else{
            $msg = "error";
            header('Location: checkout.php');
        }
    }
}

my code...

function cart(){
    global $conn;

    foreach ($_SESSION as $name => $value) {
        if($value > 0){
            if(substr($name, 0, 8 ) == "product_"){
                $length = strlen($name) -8;
                $item_id = substr($name,8 , $length);

                $query = "SELECT * 
                          FROM gallery2 
                          WHERE gallery2.id =".escape_string($item_id). "";
                $run_item = mysqli_query($conn,$query);

                $query2 = "SELECT * FROM almofadas";
                $run_item2 = mysqli_query($conn,$query2);

                while($rows = mysqli_fetch_assoc($run_item2)){
                        $fabric=$rows['tecido'];
                }

                while($rows = mysqli_fetch_assoc($run_item)){ 
                    $vari = $rows['variante'];
                    $num = $rows['title'];
                    $id = $rows['id'];

                    $btn_add='<a class="btn btn-success" href="cart.php?add='.$id.'"><i class="fa fa-plus fa-lg" aria-hidden="true" add_btn></i></a>';
                    $btn_remove = '<a class="btn btn-warning" href="cart.php?remove='.$id.'"><i class="fa fa-minus fa-lg" aria-hidden="true" remove_btn></i></a>';
                    $btn_delete='<a class="btn btn-default delete_btn" href="cart.php?delete='.$id.'"><i class="fa fa-times fa-lg" aria-hidden="true"></i></a>';
                    if($rows['variante'] < 1){
                        $vari="";
                    }else{
                        $vari = "-".$rows['variante'];
                    }
                    $product = '
                        <td style="width:100px; "><img src="../'.$rows['image'].'" style="width:90%;border: 1px solid black;"></td>
                        <td>'.$num.''.$vari.'</td>
                        <td>
                            <select name="" class="form-control selectpicker" required="">
                                <option value="" required="">'.$fabric.'</option>
                            </select>
                        </td>
                        <td>'.$value.'</td>
                        <td>R$100,00</td>
                        <td>sub.total</td>
                        <td> 
                         '.$btn_add.' '.$btn_remove.' '.$btn_delete.'
                        </td>
                        </tr>';
                    echo $product;
                } 
            }
        }
    }
}
?>

Some sensible code indentation would be a good idea. It helps us read the code and more importantly it will help **you debug your code** [Take a quick look at a coding standard](http://www.php-fig.org/psr/psr-2/) for your own benefit. You may be asked to amend this code in a few weeks/months and you will thank me in the end. — RiggsFolly, Sep 21 '16 at 14:11
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Sep 21 '16 at 14:11
You only place one item into `$fabric=$rows['tecido'];` in the loop as you overwrite `$fabric` each time round the loop — RiggsFolly, Sep 21 '16 at 14:20
yeah only that item is important for the select tag. my `$fabric` was suppose to display all my 3 rows in each loop. — James Allan, Sep 21 '16 at 14:23
You dont loop through an array of options so you will only EVER have one in the dropdown — RiggsFolly, Sep 21 '16 at 14:24

score 1 · Accepted Answer · answered Sep 21 '16 at 14:44

You select the whole table for your options dropdown each time round the loop here

$query2 = "SELECT * FROM almofadas";
$run_item2 = mysqli_query($conn,$query2);

while($rows = mysqli_fetch_assoc($run_item2)){
        $fabric=$rows['tecido'];
}

but overwrite the $fabric variable each time round the loop

It would be simpler, faster and more efficient to move that code outside the loop, and at the same time build a string containing the option tags

So I suggest a bit of a rewrite

function cart(){
    global $conn;

    // build the fabric dropdown option tags once
    // use as many times as you have a row ro put them in
    $fabric_options = '';
    $query = "SELECT * FROM almofadas";
    $result = mysqli_query($conn,$query2);
    while($rows = mysqli_fetch_assoc($run_item2)){

        // oh you will need a value in value=""
        // or this wont be any use to you later

        $fabric_options .= "<option value='{$row['A_id']}'>{$rows['tecido']}</option>";

    }

    foreach ($_SESSION as $name => $value) {
        if($value > 0){
            if(substr($name, 0, 8 ) == "product_"){
                $length = strlen($name) -8;
                $item_id = substr($name,8 , $length);

                $query = "SELECT * 
                          FROM gallery2 
                          WHERE gallery2.id =".escape_string($item_id). "";
                $run_item = mysqli_query($conn,$query);



                while($rows = mysqli_fetch_assoc($run_item)){ 
                    $vari = $rows['variante'];
                    $num = $rows['title'];
                    $id = $rows['id'];

                    $btn_add='<a class="btn btn-success" href="cart.php?add='.$id.'"><i class="fa fa-plus fa-lg" aria-hidden="true" add_btn></i></a>';
                    $btn_remove = '<a class="btn btn-warning" href="cart.php?remove='.$id.'"><i class="fa fa-minus fa-lg" aria-hidden="true" remove_btn></i></a>';
                    $btn_delete='<a class="btn btn-default delete_btn" href="cart.php?delete='.$id.'"><i class="fa fa-times fa-lg" aria-hidden="true"></i></a>';
                    if($rows['variante'] < 1){
                        $vari="";
                    }else{
                        $vari = "-".$rows['variante'];
                    }

                    // now concatenate the $fabric_options string
                    // in between this string after the select

                    $product = '
                        <td style="width:100px; "><img src="../'.$rows['image'].'" style="width:90%;border: 1px solid black;"></td>
                        <td>'.$num.''.$vari.'</td>
                        <td>
                            <select name="" class="form-control selectpicker" required="">'
                            . $fabric_options . '     
                            </select>
                        </td>
                        <td>'.$value.'</td>
                        <td>R$100,00</td>
                        <td>sub.total</td>
                        <td> 
                         '.$btn_add.' '.$btn_remove.' '.$btn_delete.'
                        </td>
                        </tr>';
                    echo $product;
                } 
            }
        }
    }
}
?>

this made it work, but now the problem is my `$value` that is not working after the containing of `$fabric_options` and when i click in a product it only shows in my cart the variables before `$fabric_options`. but when i click in a new product with a different id it shows the item row complete but the new item selected shows only things that comes before `$fabric_options` see this [see the picture](http://i.imgur.com/UzNFBGR.png) — James Allan, Sep 21 '16 at 16:43
i found what was wrong in the code... in the `$fabric_options .= "";` i took out the `value='{$row['A_id']}'` — James Allan, Sep 21 '16 at 16:47
A huge thx bro, you saved me, i've been trying to solve this for a week.Your awesome ! — James Allan, Sep 21 '16 at 16:52

Why my dropdown ins't working in my foreach loop? PHP

1 Answers1