seany123 Posted June 17, 2009 Share Posted June 17, 2009 okay so im making this page where it allows my players to change who the leader of their gang is... so i used php to create a drop-down menu of all the players but now ive got myself confused about how i use that value, heres the code... <form method="POST" action="../your_gang/edit.php"> <table width='100%'> <tr> <td>Change Leader:</td> <td colspan='3'> <?php $query = $db->execute("select id, username from players where gang_id =" . $gang['id'] . ""); echo "<select name=\"username\"><option value=''>Username</option>"; while($result = $query->fetchrow()){ echo "<option value=$result[username]>$result[username]</option>"; } echo "</select>"; ?> <input type='submit' name='change_leader' value='Change'> </td> </tr> </form> basically i want it so if ($_POST['change_leader']) then update $gang['leader'] to the selected value in the drop down menu. im quite confused about all this >.< all help would be great Seany Quote Link to comment Share on other sites More sharing options...
EchoFool Posted June 17, 2009 Share Posted June 17, 2009 Form: <form method="POST" action="../your_gang/edit.php"> <table width='100%'> <tr> <td>Change Leader:</td> <td colspan='3'> <?php $query = $db->execute("select id, username from players where gang_id =" . $gang['id'] . ""); echo "<select name=\"username\"><option value=''>Username</option>"; while($result = $query->fetchrow()){ echo "<option value=$result[username]>$result[username]</option>"; } echo "</select>"; ?> <input type='submit' name='change_leader' value='Change'> <input type='hidden' name='GangID' value='<?php echo $gang['id'];?>'> </td> </tr> </form> PHP processing (needs validation added): <?php if (isset($_POST['username']) && isset($_POST['change_leader'])){ $Username = $_POST['username']; //USE string escape here and also check your database that this username exists first $GangID = $_POST['GangID']; $UPDATE = mysql_query("UPDATE tablename SET Leader='$Username' WHERE GangID='$GangID'") Or die(mysql_error()); If(mysql_affected_rows()>0{ Echo 'w000'; }Else{ Echo 'oops'; } } ?> Rename table n fields to your table though Also add hidden input into your form to carry the GangID Quote Link to comment Share on other sites More sharing options...
Alex Posted June 17, 2009 Share Posted June 17, 2009 if(isset($_POST['change_leader'])) { $result = mysql_query("SELECT gang_id FROM players WHERE username=" . mysql_real_escape_string($_POST['username']) . "' LIMIT 1"); $row = mysql_fetch_assoc($result); if($row['gang_id'] == $_POST['gang_id']) // Make sure he's a member of that gang { mysql_query('UPDATE players SET leader="yes" WHERE username="{$_POST['username']}"'); } } You should add a hidden field to your form which has the value of the gang id. So that you can confirm that the person they're choosing is actually a member of that gang (in case someone trys to hack it) I'm not exactly sure how your tables are setup, so it might be a little different. Quote Link to comment Share on other sites More sharing options...
seany123 Posted June 17, 2009 Author Share Posted June 17, 2009 if(isset($_POST['change_leader'])) { $result = mysql_query("SELECT gang_id FROM players WHERE username=" . mysql_real_escape_string($_POST['username']) . "' LIMIT 1"); $row = mysql_fetch_assoc($result); if($row['gang_id'] == $_POST['gang_id']) // Make sure he's a member of that gang { mysql_query('UPDATE players SET leader="yes" WHERE username="{$_POST['username']}"'); } } You should add a hidden field to your form which has the value of the gang id. So that you can confirm that the person they're choosing is actually a member of that gang (in case someone trys to hack it) I'm not exactly sure how your tables are setup, so it might be a little different. with that i got this error: Parse error: syntax error, unexpected T_STRING on line 15 which is this part mysql_query('UPDATE players SET leader="yes" WHERE username="{$_POST['username']}"'); Quote Link to comment Share on other sites More sharing options...
Alex Posted June 17, 2009 Share Posted June 17, 2009 Use: mysql_query('UPDATE players SET leader="yes" WHERE username="' . $_POST['username'] . '"'); Also, remember if your database isn't setup like this.. then it won't work. That query is made assuming that there's a colunm called 'leader' and when set to 'yes' it signifies that he/she is a leader. Quote Link to comment Share on other sites More sharing options...
seany123 Posted June 17, 2009 Author Share Posted June 17, 2009 the way i have it is... i have a table called "gang" it has different infomation on the gang in it: id, money, leader, etc. $gang['leader'] is a players username. for the players i have table called "players" in it i have a value called gang_id.... so to check if the player is the the gang i do if ($player['gang_id'] == $gang['id']){ } so all i want the above form to do is set $gang['leader'] to a different username... received from here <?php $query = $db->execute("select id, username from players where gang_id =" . $gang['id'] . ""); echo "<select name=\"username\"><option value=''>Username</option>"; while($result = $query->fetchrow()){ echo "<option value=$result[username]>$result[username]</option>"; } echo "</select>"; ?> sorry if im confusing... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.