djs1971 Posted June 1, 2010 Share Posted June 1, 2010 Complete newbie - have battled with this all day and going nowhere - completely stumped so throwing myself on your mercy!! I have a simple form which has a select drop down populated from my sql database. When I hit submit nothing seems to get passed to the hidden field in the next page. My code for the form is as follows: <form action="selectday.php" method="get"> <select> <?php //connect to MySQL $connect = mysql_connect("localhost","root","") or die ("Could not connect to database."); //choose the database mysql_select_db("lakeside"); //Query from database $sql="SELECT year_id, year FROM years"; $result=mysql_query($sql); $options=""; while ($row=mysql_fetch_array($result)) { $year_id=$row["year_id"]; $year=$row["year"]; $options.="<OPTION VALUE=\"$year_id\">".$year.'</option>'; } ?> <SELECT NAME=year_id> <OPTION VALUE=0>Choose Year Group <?=$options?> </SELECT> <input type="submit" /> </select> </form> Drop down works fine but does not seem to pass any data across. I believe by using GET I should see the data passed in the url?? Any advice would be great! Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 1, 2010 Share Posted June 1, 2010 First do a "show source" on the generated form to see if the HTML looks correct. Second, put <?php echo '<pre>' . print_r($_POST,true) . '</pre>' ?> at the start of the processing script. This will show you what is being sent from the form to your script. Ken Quote Link to comment Share on other sites More sharing options...
jdavidbakr Posted June 1, 2010 Share Posted June 1, 2010 What is the code on the next page? Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 1, 2010 Share Posted June 1, 2010 Assuming you see values in the drop-down the query is apparently not failing. Have you verified that the options actually have values? Do a view source on the HTML page to see if the $year_id is getting set correctly. [edit]OK: on looking at the code again you have TWO select fields. The first one at the top has no name and is not closed until after the second select list. Also, your first option has no closing tag. The problem is incorrectly formatted HTML <?php //connect to MySQL $connect = mysql_connect("localhost","root","") or die ("Could not connect to database."); //choose the database mysql_select_db("lakeside"); //Query from database $sql = "SELECT year_id, year FROM years"; $result = mysql_query($sql); $options="<option value=\"0\">Choose Year Group</option>\n"; while ($row=mysql_fetch_array($result)) { $options .= "<option value=\"{$row['year_id']}\">{$row['year']}</option>\n"; } ?> <form action="selectday.php" method="get"> <select name="year_id"> <?=$options?> </select> <input type="submit" /> </form> Quote Link to comment Share on other sites More sharing options...
riwan Posted June 2, 2010 Share Posted June 2, 2010 <form action="selectday.php" method="get"> Its better to use method post in your form Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 2, 2010 Share Posted June 2, 2010 <form action="selectday.php" method="get"> Its better to use method post in your form And what do you base that on? There's nothing inherently wrong with using GET. Although I do prefer to use POST most of the time so the address doesn't get messy. Quote Link to comment Share on other sites More sharing options...
riwan Posted June 2, 2010 Share Posted June 2, 2010 well, many people will always assume that when you submit your form the method is always 'POST' so address won't get messy, and many other things. You would see that second reply by kenrbnsn also assume that, for suggesting to print the output of $_POST array Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 2, 2010 Share Posted June 2, 2010 well, many people will always assume that when you submit your form the method is always 'POST' so address won't get messy, and many other things. You would see that second reply by kenrbnsn also assume that, for suggesting to print the output of $_POST array OK, but you still haven't supplied a valid reason for stating "Its better to use method post in your form". That fact that someone assumed he used POST doesn't mean he should have used POST. Based upon the code posted, the form consists of a single value: "name_id". So, the address will look something like "selectday.php?name_id=xxx". Although the user would be selecting the value in a form, it makes perfect sense to use GET. That way the processing page can be repurposed to use direct links if needed/wanted. Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted June 2, 2010 Share Posted June 2, 2010 I made a mistake when I posted that. My fingers type $_POST easier than they type $_GET... There are two reasons that most people assume that POST is better than GET for forms [*]When you use GET, the information is passed on the URL and makes it easier to spoof and is less secure. Using POST makes the information more secure, but a knowledgeable person can still spoof it. [*]There is a limit on how much information you can sent via the URL Ken Quote Link to comment Share on other sites More sharing options...
Psycho Posted June 2, 2010 Share Posted June 2, 2010 Valid points kenrbnsn. In this case, the form is sending only a single value. As for spoofing, I believe too many inexperienced programmers rely upon the fact that users don't directly "see" the posted data as a form of security - leading to code that can be easily compromised. I'm in agreement with you, I just took exception to the previous statement "Its better to use method post in your form". It's simply not true as it stands. There are many times when using GET is appropriate over POST. It's a pet peeve of mine when people make such statements and don't provide credible reasons for it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.