0

I have some data in db that I want to load into an html dropdown and then use that text in dropdown to search db again, but Im not able to do so. The issue is that I have 1 form but 2 submit buttons (as I am not able to call a php function from html button, most of the codes online, they just dont work). I can fetch the data and populate the dropdown list but I am not able to use the text in the dropdown to search db again, I receive an undefined index error (please note that the dropdown is php generated), any hints, thanks.

<form method="post" action="">
        <label>ENTER DATA TO ADD AND SEARCH</label><br><br>
        <form id="newdata" method="post" action="">
        <label>ENTER MAKE : </label></td><td><input type="text" id="make" name="makev" /><br><br>
        <label>ENTER MODEL : </label></td><td><input type="text" id="model" name="model" /><br><br>
        <label>ENTER PRICE : </label></td><td><input type="text" id="price" name="price" /><br><br>
        <label>ENTER QUANTITY : </label></td><td><input type="text" id="quantity" name="quantity" /><br><br>
        </td><td><input type="submit" name="addv" value="ADD DATA"/> <INPUT TYPE="submit" name="search" value="SEARCH DATA" /><br><br>
    </form>

<?php

    function loaddata()
    {
    $servername = "localhost";
    $username = "root";
    $password = "";
    $dbname = "lab4";

    $conn = mysqli_connect($servername, $username, $password, $dbname);
    echo '<select name="selectd">';
    $query = "select distinct make from inventory";
    $result = mysqli_query($conn, $query);
        while ($row = mysqli_fetch_array($result))
        {
            echo '<option>' . $row['make'] . '</option>';
        }
            echo '</select>';
    }
?>

<?php
    $servername = "localhost";
    $username = "root";
    $password = "";
    $dbname = "lab4";

    $conn = mysqli_connect($servername, $username, $password, $dbname);
        if (!$conn) 
            {
                die("Connection failed: " . mysqli_connect_error());
            }

    if (isset ($_POST["makev"]) && isset ($_POST["model"]) && isset ($_POST["price"]) && isset ($_POST["quantity"]))
            {
                $makev = $_POST["makev"];
                $model = $_POST["model"];
                $price = $_POST["price"];
                $quantity = $_POST["quantity"];

            if (!empty($makev) || !empty($model) || !empty($price) || !empty($quantity))
                {
                    $query = "insert into inventory (make, model, price, quantity) values ('$makev', '$model', '$price', '$quantity');";
                    $result = mysqli_query($conn, $query);
                    echo 'NEW MAKE ADDED AND UPDATED<br><br>';
                    loaddata();
                }
            else
            {
                echo "EMPTY FIELDS FOUND, CANNOT ADD DATA";
            }
        }    

        if (isset($_POST['search']))
            {   
                    $makev = $_POST['selectd'];
                    echo $makev;
                    $query = "SELECT * FROM inventory where make='$makev'";
                    $result = mysqli_query($conn, $query);

                    echo '<br><br><table style="border-collapse:separate;border:1px solid silver;width:100%"><tr><th style="border-collapse:separate;border:1px solid silver;">Make</th><th style="border-collapse:separate;border:1px solid silver;">Model</th><th style="border-collapse:separate;border:1px solid silver;">Price</th><th  style="border-collapse:separate;border:1px solid silver;">Quantity</th></tr>';

                while($row = mysqli_fetch_assoc($result))
                    {
                        echo '<tr><td style="border-collapse:separate;border:1px solid silver;">' . $row['make'] . '</td><td style="border-collapse:separate;border:1px solid silver;">' . $row['model'] . '</td><td style="border-collapse:separate;border:1px solid silver;">' . $row['price'] . '</td><td style="border-collapse:separate;border:1px solid silver;">' . $row['quantity'] . '</td></tr>';
                    }
        }
                echo "</table>";
        mysqli_close($conn);
?>
</body>
</html>
Huud Rych
  • 21
  • 5
  • Which line gives you the error? Why do you think that particular index *should* be defined? – David Sep 21 '17 at 23:49
  • This line $makev = $_POST['selectd']; although there is data in the select option but the data is not being passed into query for some reason.. – Huud Rych Sep 22 '17 at 00:19
  • Your form doesn't contain an element with the name "selectd". So `$_POST['selectd']` won't have anything in it. (There are, by the way, a *variety* of other problems throughout this code. We can focus on the specific problem you're facing, but you will face others as well.) – David Sep 22 '17 at 00:22
  • I created a dropdown with PHP here: echo ' – Huud Rych Sep 22 '17 at 00:23
  • But it's not in the form. So it won't be posted with the form data. Form elements need to be *in* the `
    ` to be a part of its posted data.
     – David Sep 22 '17 at 00:24
  • Thanks for pointing to the form part... – Huud Rych Sep 22 '17 at 00:45
  • **WARNING**: When using `mysqli` you should be using [parameterized queries](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and [`bind_param`](http://php.net/manual/en/mysqli-stmt.bind-param.php) to add user data to your query. **DO NOT** use string interpolation or concatenation to accomplish this because you have created a severe [SQL injection bug](http://bobby-tables.com/). **NEVER** put `$_POST`, `$_GET` or **any** user data directly into a query, it can be very harmful if someone seeks to exploit your mistake. – tadman Sep 22 '17 at 03:09
  • Note: The object-oriented interface to `mysqli` is significantly less verbose, making code easier to read and audit, and is not easily confused with the obsolete `mysql_query` interface. Before you get too invested in the procedural style it’s worth switching over. Example: `$db = new mysqli(…)` and `$db->prepare("…”)` The procedural interface is an artifact from the PHP 4 era when `mysqli` API was introduced and should not be used in new code. – tadman Sep 22 '17 at 03:09

0 Answers0