0

I have looked at this answer enter link description here

but I am not able to make my code work, this is what i have in my selectcategory.php file. I want to have this variable $selectedcategory set up in this file. Echo command at the bottom is for testing purpose only.

My code:

<?php
include_once('config.php');
$query1 = mysqli_query($query, "SELECT category FROM `events` GROUP BY category");
echo "<select name'selectedcategory'>";    
while ($row = mysqli_fetch_assoc($query1)){
    echo "<option value='".$row['category']."'>".$row['category']."</option>";
}
echo "</select>";

$selectedcategory=$_POST['selectedcategory'];
echo $selectedcategory;
?>

Where do I make mistake? In other files I have taken variable by this POST method from INPUT or SELECT element with given name. In this file Error is on line 10 - UNDEFINIED VARIABLE, so where do I make mistake in getting it? Thank you in advance and if more clarification needed, please ask.

ps: I know my code has mistakes, but please concentrate only on getting the variable now. In other questions on this forum people just comment that my code is for example vulnerable for injections but no new information to the question itself or to prevent this injection (problem identified by commenter), I would like to prevent that. Identifing problem by commenter is great way of learning, but please than also provide some arguments why it is a problem or some links which relate to the problem.

Community
  • 1
  • 1
Brano
  • 57
  • 1
  • 12
  • Tried performing a Google Search?? Plus youve just given the duplicate of your question – Rotimi Apr 09 '17 at 11:11
  • You have a typo here: `` – aperpen Apr 09 '17 at 11:14
  • @Akin (did you see my PS note? :D) ofcourse, thats how I got back to this forum. Also I have tried some variations and after that I submit the question. – Brano Apr 09 '17 at 11:15
  • @aperpen great catch, thanks, hmm.... but it still does not work. I must have missed something important but I can't find it. – Brano Apr 09 '17 at 11:18
  • How about adding a `
    ` tag to your code? This is not a well formed question.
     – mickmackusa Apr 09 '17 at 11:22
  • I think the problem is you're trying to get the $_POST value before submiting the form – aperpen Apr 09 '17 at 11:23
  • @aperpen I was thinking about the same but was expecting it would work without it. I am beiginner. Can I not use submit at all? Can it just refresh and show what is currently selected? – Brano Apr 09 '17 at 11:28
  • With PHP no, you need to use JavaScript for that – aperpen Apr 09 '17 at 11:29
  • @mickmackusa i tried wrapping it in
    but no succes. How it should be formed?I would like to improve. Also if problem is in English, than I apologize, I do not use it daily.
     – Brano Apr 09 '17 at 11:30

1 Answers1

0

Your form fields/values are not stored in $_POST array until after you submit the form.

You will need to wrap your select field in <form method="POST"></form> and provide a submit button to even get started with this process.

Start reading: https://www.w3schools.com/tags/att_form_method.asp

If you are submitting to the same page, you may want to use something like this:

include_once('config.php');  // labeling your connection '$query' doesn't seem like good practice and may trip you up in the future.
$result=mysqli_query($db,"SELECT category FROM `events` GROUP BY category");
if(isset($_POST['selectedcategory'])){
    $selected=$_POST['selectedcategory'];
}else{
    $selected="";
}
echo "<form action=\"\" method=\"POST\">";
    echo "<select name=\"selectedcategory\">";
        echo "<option></option>";
        if($result){
            while($row=mysqli_fetch_assoc($result)){
                echo "<option value=\"{$row['category']}\"",($selected==$row['category']?" selected":""),">{$row['category']}</option>";
            }
        }
    echo "</select>";
    echo "<input type=\"submit\" value=\"Submit\">";
echo "</form>";
....

I understand that for someone new to php, an inline condition statement is pretty difficult to read.

Here is what it looks like over multiple lines:

echo "<option value=\"{$row['category']}\"";
if($selected==$row['category']){
    echo " selected";  // only mark this option as "selected" if values match
}else{
    echo "";  // otherwise, do not mark it with "selected"
}
echo ">{$row['category']}</option>";

If someone ever managed to POST a value that doesn't match any of the database values in the loop, then none of the <option>s would get the select attribute, and the <select> would show the first/top <option> by default.

mickmackusa
  • 43,625
  • 12
  • 83
  • 136
  • @Brano I have provided a sample code for you with some general good practices. I hope you will provide my answer the green tick for being helpful. – mickmackusa Apr 09 '17 at 11:47
  • thanks so much, your code gives me error already (syntax error, unexpected '{' in ... on line 3 from your snippet ). Thank you tho for inspiration for that check (yes, before submitting nothing is selected). Also you are right about labelling my connection as "query". I have learned it from tutorial, I need to start to call it "conn" as that is its purpose. – Brano Apr 09 '17 at 11:50
  • @Brano notice that I am advising that you change $query to $db because it is a poor variable name choice. While you are testing it, just switch it back to $query... but really you should change it to `$db` or `$conn` or something at `config.php`. – mickmackusa Apr 09 '17 at 11:51
  • if I change rename my connection as you describe I still get same error. I cannot make your code to work (even tho I would love to, because you have that extra condition there which I want to try) – Brano Apr 09 '17 at 12:00
  • @Brano sorry I found my typo. I didn't have enough `)` in my isset line. I updated my answer. – mickmackusa Apr 09 '17 at 12:02
  • perfect, it worked (but I don't really understand it, the condition is too advanced for me, need to play around more to understand it) but I will use your code, since its simply better. Thanks a lot. – Brano Apr 09 '17 at 12:12
  • @Brano I have broken down the condition statement so that it is easier to read. Please help to tidy up the page by deleting your answer. – mickmackusa Apr 09 '17 at 12:21