zachatk1

I hate to be the guy to bump this... perhaps I worded the question a little bit too long!

My site is nearly done. This is the last bug I have to work out. I have a form and a user can fill out all the fields. I have the data $_POST over onto the verify page into $_SESSION variables (no reason really... it can just be a variable I suppose and no need for a session). Each variable is checked to see if it is filled out. If it is not, it re-displays that input field that wasn't filled in. The input fields that are filled in are put into a hidden input so when the user re-submits the form after filling out the forgotten field, the already filled in data is there. Now here's the problem. There is a large textarea form. The problem is with quotes. I'll give an example with some code: //Bunch of variables... $_SESSION['type'] = $_POST["type"]; //radio buttons //ect... //Large text form $_SESSION['details'] = $_POST["details"]; //not escaping strings, explanation and example later //TYPE if ( empty($_SESSION['type']) ) { $flag[] = 1; ?> <input type="radio" name="type" value="Modification" /> Modification <input type="radio" name="type" value="Maintenance" /> Maintenance <?php } else { echo $_SESSION['type']; ?> <input type="hidden" name="type" value="<?php print $_SESSION['type'] ?>" /> //put back in form <?php } //DETAILS if ( empty($_SESSION['details']) ) { $flag[] = 1; ?> //this is a tinymce form, not sure if that makes a difference, but it could output something different. <textarea name="details" style="width:100%"> </textarea> <?php } else { echo $_SESSION['details']; ?> <input type="hidden" name="details" value="<?php print $_SESSION['details'] ?>" /> <?php } ?> //theres a bunch of other error checking with the other variables... <input type="submit" value="Submit" name="different" class="btn" /> //submit button //now check if flag = 1 which means theres an error <?php if ( in_array ( 1, $flag ) ) { } else { //this is where the data will be sanitized, escaped and submitted to the database... } So for example if I were to type this into the details box WITHOUT mysql_real_escape_string: This is a "quote". It would output this the first time: This is a "quote". This is perfect and how it should be. But lets say the user forgot another text box. This is now sending the data again through the whole $_SESSION POST deal. This is how it looks sending it through again: This is a That's it! No quotes and everything past the first quote is gone. What's the deal with that!? Now if I were to do mysql_real_escape_string on the $_SESSION variable $_POST, it'd work the first time like this: This is a \"quote\". But the the second time it's this: This is a \\ Now there's multiple ways to fix this I believe... except I don't really know how to use these methods. I believe I could check if the characters are entities, then convert them to entities if they aren't. So a quote would be &#34; instead of ". My original plan was to have the data that was submitted go onto a session that would store it until everything was correct. Then pull it off the session and sanitize and submit. For some reason I couldn't get that to work because if I have those $_SESSION['var'] = $_POST["var"]; at the top of the page it will overwrite the existing data on the session. To fix this I'd have to check if that specific variable was $_POST'ed, but I don't exactly know how to do that (if you even can). Wow, that was long... hopefully you understand, thanks!

WOW... duh. Can't believe I never saw that... thanks!

Here's the code: $year_values = array('Any', 'N/A', '2000', '2001', '2002', '2003', '2004', '2005', '2006', '2007', '2008', '2009', '2010', '2011', '2012'); $db_year = explode(', ', $row['YEAR']); foreach($year_values as $year_value) { $selected_year = null; $year_label = $year_value; if(in_array($year_value, $db_year)) { $selected_year = ' checked="checked"'; $year_label = "<b>$year_value</b>"; } echo '<input type="checkbox" name="year" value="' . $year_value . '"' . $selected_year . ' />' . $year_label . ' '; } ?> [/code That pulls the data of the database and puts it in check boxes. The user can check/uncheck certain boxes but the problem is when it goes to the verify page it has only one value from the array that was selected. On the verify page it just checks if a box was checked and then implodes the array before submitting it into the database. [code] $year_s=implode($year,", "); So like I said there is only one value from the array when there should be as many as the user checks. So basically I believe the value isn't added to the array.

Hey, I don't know javascript and I have this code that is a dynamic drop down list. The 2 PHP variables are these: $sel1 = $_POST["sel1"] $sel2 = $_POST["sel2"] Here's the javascript, I took out the huge amounts of selections: First_selection = new Array( "1", "2", "3", .... Lots of data ); First selection second array = new Array( ...more data ); function changeval() { var val1 = document.change.sel1.value; var optionArray = eval(val1); for(var df=0; df<optionArray.length; df++) { var ss = document.change.sel2; ss.options.length = 0; for(var ff=0; ff<optionArray.length; ff++) { var val = optionArray[ff]; ss.options[ff] = new Option(val,val); } } } </script> <form name="change" action="verify.php" method="post"> <select name=sel1 onchange=changeval()> <script type="text/javascript"> for(var model=0; model<make.length; model++) { document.write("<option value=\""+make[model]+"\">"+make[model]+"</option>"); } </script> </select> <select name=sel2> </select> When the page loads, the drop down menu needs to have sel1 and sel2 selected in the drop down list. Any ideas?

Is there a way to check if a value needs to be imploded and if it does, it implodes the variable? And vice versa with explode? How would this be done? Thanks!

Thanks everyone! I got it figured out!!!

Wow, sorry! I can't believe I didn't see that missing ). Except the code is triggering the error handling part.

Oh I should have probably said that sel2 is the model! That's why $_SESSION['model'] = $_POST['sel2']. I tried your code, but I get this: Parse error: syntax error, unexpected '{'

That makes sense! So I tried doing a session but I get the same thing. I'm not exactly sure how to have it post to the same page, so I don't know if this is right. session_start(); $_SESSION['make'] = $_POST["sel1"]; $_SESSION['model'] = $_POST["sel2"]; //then i just stuck $_SESSION['make and model'] in the search query like this: $sql = "SELECT COUNT(*) FROM ACTIVE WHERE MODEL='$_SESSION[model]'"; //and $sql = "SELECT * FROM ACTIVE WHERE MODEL='$_SESSION[model]' ORDER BY INDEX_ID DESC LIMIT $offset, $rowsperpage"; I think I need to retrieve the session, but I'm not exactly sure how...

I had originally created a topic on my pagination not working, but I found out what the problem was. The topic I had created was irrelevant to what the problem was... but anyway, here's my situation: I've got a query that searches in a MySQL table for a certain value. Then it list's all the findings in a table (pretty simple). Anyway, I obviously want to have a pagination system to make it easier to manage the amount of data per page. The pagination works fine, it's used for another query that just pulls data (so NO WHERE clause is used!). That is what is causing the problem. I spent hours trying to figure out why this is happening, then I figured out that the only difference between the pagination that works and the one that doesn't is the query have the where clause. What happens when the where clause is used is that the pagination works fine on the first page, but if you click the link to go to a different page, the page is empty and turns up no results so the mysql data that is pulled is lost. So here is my code. I don't know exactly why the where clause causes the pagination to not work. $conn = mysql_connect("$mysql_host","$mysql_user","$mysql_password") or trigger_error("SQL", E_USER_ERROR); $db = mysql_select_db("$mysql_database",$conn) or trigger_error("SQL", E_USER_ERROR); // find out how many rows are in the table $sql = "SELECT COUNT(*) FROM ACTIVE WHERE MODEL='$model'"; $result = mysql_query($sql, $conn) or trigger_error("SQL", E_USER_ERROR); $r = mysql_fetch_row($result); $numrows = $r[0]; // number of rows to show per page $rowsperpage = 5; // find out total pages $totalpages = ceil($numrows / $rowsperpage); // get the current page or set a default if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) { // cast var as int $currentpage = (int) $_GET['currentpage']; } else { // default page num $currentpage = 1; } // end if // if current page is greater than total pages... if ($currentpage > $totalpages) { // set current page to last page $currentpage = $totalpages; } // end if // if current page is less than first page... if ($currentpage < 1) { // set current page to first page $currentpage = 1; } // end if // the offset of the list, based on current page $offset = ($currentpage - 1) * $rowsperpage; $sql = "SELECT * FROM ACTIVE WHERE MODEL='$model' ORDER BY INDEX_ID DESC LIMIT $offset, $rowsperpage"; $result = mysql_query($sql, $conn) or die('Error: ' . mysql_error()); echo " <table width=100% align=center border=1 class=\"mod\"><tr> <td align=center bgcolor=#00FFFF><b>Rating</b></td> <td align=center bgcolor=#00FFFF><b>Title</b></td> <td align=center bgcolor=#00FFFF><b>Make/Model</b></td> <td align=center bgcolor=#00FFFF><b>Type</b></td> <td align=center bgcolor=#00FFFF><b>Difficulty</b></td> <td align=center bgcolor=#00FFFF><b>Comments</b></td> <td align=center bgcolor=#00FFFF><b>Views</b></td> </tr>"; while ($row = mysql_fetch_assoc($result)) { { // Begin while $title = $row["TITLE"]; $type = $row["TYPE"]; $difficulty = $row["DIFFICULTY"]; $comments = $row["COMMENT_TOTAL"]; $id = $row['INDEX_ID']; $rating = $row["RATING_AVERAGE"]; $make = $row["MAKE"]; $model = $row["MODEL"]; $views = $row["HITS"]; echo " <tr> <td>$rating/10</td> <td><a href=\"mod.php?id=$id\">$title</a></td> <td>$make - $model</td> <td>$type</td> <td>$difficulty</td> <td>$comments</td> <td>$views</td> </tr>"; } } echo "</table><br />"; /****** build the pagination links ******/ echo "<center>"; // range of num links to show $range = 3; echo "<i>Page: </i>"; // if not on page 1, don't show back links if ($currentpage > 1) { // get previous page num $prevpage = $currentpage - 1; // show < link to go back to 1 page echo " <a stylehref='{$_SERVER['PHP_SELF']}?currentpage=$prevpage'>Previous</a> - "; } // end if // loop to show links to range of pages around current page for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) { // if it's a valid page number... if (($x > 0) && ($x <= $totalpages)) { // if we're on current page... if ($x == $currentpage) { // 'highlight' it but don't make a link echo " <b>$x</b> "; // if not current page... } else { // make it a link echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$x'>$x</a> "; } // end else } // end if } // end for // if not on last page, show forward and last page links if ($currentpage != $totalpages) { // get next page $nextpage = $currentpage + 1; // echo forward link for next page echo " - <a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage'>Next</a> "; } // end if /****** end build pagination links ******/ mysql_close($conn); } echo "$pagination</center>"; ?> I really appreciate the help! Thanks.

I don't understand why this is happening. I use the same exact code (but different mysql table) and the pagination works fine. Here's the code: ..... <body id="set-database"> <div class="wrapper"> <?php include("navigation.php"); ?> <div class="full"> <?php $make = $_POST["sel1"]; $model = $_POST["sel2"]; echo "$make - $model"; if ( $make == "--MAKES--" ) { echo "<div class=\"red\">Please select a Make</div>"; } else { echo "<center><font color=\"#3333FF\">$make</font> - <font color=\"#3333FF\">$model</font></center><br />"; $mysql_host = -- $mysql_database= -- $mysql_user = -- $mysql_password = -- $conn = mysql_connect("$mysql_host","$mysql_user","$mysql_password") or trigger_error("SQL", E_USER_ERROR); $db = mysql_select_db("$mysql_database",$conn) or trigger_error("SQL", E_USER_ERROR); // find out how many rows are in the table $sql = "SELECT COUNT(*) FROM ACTIVE WHERE MODEL='$model'"; $result = mysql_query($sql, $conn) or trigger_error("SQL", E_USER_ERROR); $r = mysql_fetch_row($result); $numrows = $r[0]; // number of rows to show per page $rowsperpage = 5; // find out total pages $totalpages = ceil($numrows / $rowsperpage); // get the current page or set a default if (isset($_GET['currentpage']) && is_numeric($_GET['currentpage'])) { // cast var as int $currentpage = (int) $_GET['currentpage']; } else { // default page num $currentpage = 1; } // end if // if current page is greater than total pages... if ($currentpage > $totalpages) { // set current page to last page $currentpage = $totalpages; } // end if // if current page is less than first page... if ($currentpage < 1) { // set current page to first page $currentpage = 1; } // end if // the offset of the list, based on current page $offset = ($currentpage - 1) * $rowsperpage; $sql = "SELECT * FROM ACTIVE WHERE MODEL='$model' ORDER BY INDEX_ID DESC LIMIT $offset, $rowsperpage"; $result = mysql_query($sql, $conn) or die('Error: ' . mysql_error()); echo " <table width=100% align=center border=1 class=\"mod\"><tr> <td align=center bgcolor=#00FFFF><b>Rating</b></td> <td align=center bgcolor=#00FFFF><b>Title</b></td> <td align=center bgcolor=#00FFFF><b>Make/Model</b></td> <td align=center bgcolor=#00FFFF><b>Type</b></td> <td align=center bgcolor=#00FFFF><b>Difficulty</b></td> <td align=center bgcolor=#00FFFF><b>Comments</b></td> <td align=center bgcolor=#00FFFF><b>Views</b></td> </tr>"; while ($row = mysql_fetch_assoc($result)) { { // Begin while $title = $row["TITLE"]; $type = $row["TYPE"]; $difficulty = $row["DIFFICULTY"]; $comments = $row["COMMENT_TOTAL"]; $id = $row['INDEX_ID']; $rating = $row["RATING_AVERAGE"]; $make = $row["MAKE"]; $model = $row["MODEL"]; $views = $row["HITS"]; echo " <tr> <td><div class=\"\">$rating/10</div></td> <td><div class=\"\"><a href=\"mod.php?id=$id\">$title</a></div></td> <td><div class=\"\">$make - $model</div></td> <td><div class=\"\">$type</div></td> <td><div class=\"\">$difficulty</div></td> <td><div class=\"\">$comments</div></td> <td><div class=\"\">$views</div></td> </tr>"; } } echo "</table><br />"; /****** build the pagination links ******/ echo "<center>"; // range of num links to show $range = 3; echo "<i>Page: </i>"; // if not on page 1, don't show back links if ($currentpage > 1) { // get previous page num $prevpage = $currentpage - 1; // show < link to go back to 1 page echo " <a stylehref='{$_SERVER['PHP_SELF']}?currentpage=$prevpage'>Previous</a> - "; } // end if // loop to show links to range of pages around current page for ($x = ($currentpage - $range); $x < (($currentpage + $range) + 1); $x++) { // if it's a valid page number... if (($x > 0) && ($x <= $totalpages)) { // if we're on current page... if ($x == $currentpage) { // 'highlight' it but don't make a link echo " <b>$x</b> "; // if not current page... } else { // make it a link echo " <a href='{$_SERVER['PHP_SELF']}?currentpage=$x'>$x</a> "; } // end else } // end if } // end for // if not on last page, show forward and last page links if ($currentpage != $totalpages) { // get next page $nextpage = $currentpage + 1; // echo forward link for next page echo " - <a href='{$_SERVER['PHP_SELF']}?currentpage=$nextpage'>Next</a> "; } // end if /****** end build pagination links ******/ mysql_close($conn); } echo "$pagination</center>"; ?> <br /> <FORM><INPUT TYPE="button" class="btn" VALUE="Back" onClick="history.go(-1);return true;"> </FORM> </div> <?php include("footer.html"); ?> When I click the link for the next page and goes to it, there is nothing in the table (so the information isn't there). So the links and everything bring you the correct page, but that page doesn't have any of the information. Like I said, I use the same exact code except it pulls different information and that works no problem. Thanks!

Ok so for 2 things in the years array, this is what I got. Array ( [0] => N/A, 2004 ) Here's what the form looks like: <input type="checkbox" name="year[0]" value="Any" /> Any <input type="checkbox" name="year[1]" value="N/A" /> N/A <br /><br /> <input type="checkbox" name="year[2]" value="2000" /> 2000 <input type="checkbox" name="year[3]" value="2001" /> 2001 <input type="checkbox" name="year[4]" value="2002" /> 2002 <input type="checkbox" name="year[5]" value="2003" /> 2003 <input type="checkbox" name="year[6]" value="2004" /> 2004 <input type="checkbox" name="year[7]" value="2005" /> 2005 <input type="checkbox" name="year[8]" value="2006" /> 2006 <input type="checkbox" name="year[9]" value="2007" /> 2007 <input type="checkbox" name="year[10]" value="2008" /> 2008 <input type="checkbox" name="year[11]" value="2009" /> 2009 <input type="checkbox" name="year[12]" value="2010" /> 2010 <input type="checkbox" name="year[13]" value="2011" /> 2011 <input type="checkbox" name="year[14]" value="2012" /> 2012 Now here is where it is processed. $year = $_POST["year"]; //now checks if it was filled out //YEAR if(count($_POST['year'])==0) { echo "<div class=\"red\"><font color=\"#ff0000\">Please go back and check a Year Box</font></div>"; echo "<div class=\"space\"></div>"; $flag[] = 1; } else { $year_s=implode($year,", "); echo "Year(s): <font color=\"#3333FF\">$year_s </font><br /><br />"; } If $flag is 1, it won't submit the data to the database. If it's ok, it will submit the info, and redirect the user to the topic they just created. $year_s is the variable submitted to the base (the one that is imploded). I have a feeling that the implode has something to do with it not working.

Ok so here is everything used for the check boxes: $connect = mysql_connect("$mysql_host", "$mysql_user", "$mysql_password") or die(mysql_error()); mysql_select_db("$mysql_database") or die(mysql_error()); $res=mysql_query("SELECT * FROM ACTIVE WHERE INDEX_ID=$id"); if(mysql_num_rows($res)==0) echo "There is no data in the table <br /> <br />"; else { for($i=0;$i<mysql_num_rows($res);$i++) { $row=mysql_fetch_assoc($res); $db_year[] = $row[YEAR]; } } $year_values = array('Any', 'N/A', '2000', '2001', '2002', '2003', '2004', '2005', '2006', '2007', '2008', '2009', '2010', '2011', '2012'); <?php foreach($year_values as $year_value) { $selected_year = null; $year_label = $year_value; if(in_array($year_value, $db_year)) { $selected_year = ' checked="checked"'; $year_label = "<b>$year_value</b>"; } echo '<input type="checkbox" name="year" value="' . $year_value . '"' . $selected_year . ' />' . $year_label . ' '; } ?> Yea like I said, it doesn't work when more than one box is selected (but does work with only one selected).

Thanks!! It works great... except I think I have one problem. There is one input that has like 12 checkboxes... so more than one checkbox can be selected. When one is selected, it works fine. But when there is more than one, nothing is selected or bolded.