Jump to content

Allowing user to change (variable) mysql variable by a radio button


ryandward
 Share

Recommended Posts

I am trying to allow the user to update a variable he chooses by radio buttons, which they will then input text into a box, and submit, to change some attributes. I really need some help here.  :'( It works just fine until I add the second layer of variables on top of it, and I can't find the answer to this question anywhere.

 

<?PHP require('connect.php'); ?>

 

<form action ='' method='post'> <select name="id">

 

<?php

$extract = mysql_query("SELECT * FROM cars");

 

while($row=mysql_fetch_assoc($extract)){

$id = $row['id'];

$make= $row['make'];

$model= $row['model'];

$year= $row['year'];

$color= $row['color'];

 

echo "<option value=$id>$color $year $make $model</option>

";}?>

 

</select>

 

Which attribute would you like to change?<br />

<input type="radio" name="getchanged" value="make"/>Make<br />

<input type="radio" name="getchanged" value="model"/>Model<br />

<input type="radio" name="getchanged" value="year" />Year<br />

<input type="radio" name="getchanged" value="color" />Color<br /><br />

 

<br /><input type='text' value='' name='tochange'>

<input type='submit' value='Change' name='submit'>

 

</form>

 

//This is where I need help...

 

<?PHP

if(isset($_POST['submit'])&&($_POST['tochange'])){

mysql_query("

UPDATE cars

SET '$_POST[getchanged]'='$_POST[tochange]'

where id = '$_POST[id]'

");}?>

Link to comment
Share on other sites

It's really difficult to follow your code as it is poorly structured - plus you have no error handling in your code. If you did you would have seen the error in your UPDATE query.

mysql_query("
   UPDATE cars
   SET '$_POST[getchanged]'='$_POST[tochange]'
   where id = '$_POST[id]'
         ");

You have the field name enclosed in single quote marks. If you enclose a field name in quote marks, you have to use back quotes.

 

There are also several other problems in that code: No escaping of user input (i.e. preventing SQL injection), not referencing POST data correctly (no quote marks around index name), etc. Here is a rewrite of your code in a more logical format with error handling and other corrections.

 

<?php

require('connect.php');

$confirmMsg = '';
if(isset($_POST['submit']))
{
    //Parse user input
    $id    = (isset($_POST['id'])) ? (int) $_POST['id'] : false;
    $field = (isset($_POST['value'])) ? mysql_real_escape_string(trim($_POST['value'])) : false;
    $value = (isset($_POST['value'])) ? mysql_real_escape_string(trim($_POST['value'])) : false;
    //Create and run query
    $query = "UPDATE cars
              SET `{$field}` = '{$value}'
              WHERE id = '$id'"
    $result = mysql_query($query);
    //Check results
    if(!$result)
    {
        $confirmMsg = "There was a problem updating the record.";
    }
    elseif(mysql_affected_rows()==0)
    {
        $confirmMsg = "There was no record to update.";
    }
    else
    {
        $confirmMsg = "The record was successfully updated.";
    }
}

//Create the select list options
$recordOptions = '';
$query = "SELECT * FROM cars";
$result = mysql_query($query);
if(!$result)
{
    $recordOptions = "<option>Error Retrieving Records</option>\n";;
}
else
{
    while($row=mysql_fetch_assoc($extract))
    {
        $recordOptions .= "<option value=\"{$row['id']}\">";
        $recordOptions .= "{$row['color']} {$row['make']} {$row['model']} {$row['year']}";
        $recordOptions .= "</option>\n";
    }
}

?>
<html>
<body>

<?php echo $confirmMsg; ?><br />

<form action ='' method='post'>

<select name="id">
<?php echo $recordOptions; ?>
</select>

Which attribute would you like to change?<br />
<input type="radio" name="field" value="make"/>Make<br />
<input type="radio" name="field" value="model"/>Model<br />
<input type="radio" name="field" value="year" />Year<br />
<input type="radio" name="field" value="color" />Color<br /><br />

<br /><input type='text' value='' name='value'>
<input type='submit' value='Change' name='submit'>

</form>

</body>
</html>

Link to comment
Share on other sites

Very small changes, but it worked :) Thanks again!

 

<?php

require('connect.php');

$confirmMsg = '';
if(isset($_POST['submit']))
{
    //Parse user input
    $id    = (isset($_POST['id'])) ? (int) $_POST['id'] : false;
    $field = (isset($_POST['field'])) ? mysql_real_escape_string(trim($_POST['field'])) : false;
    $value = (isset($_POST['value'])) ? mysql_real_escape_string(trim($_POST['value'])) : false;
    //Create and run query
    
    $query = "UPDATE cars
              SET `{$field}` = '{$value}'
              WHERE id = '$id'";
    
    $result = mysql_query($query);
    //Check results
    if(!$result)
    {
        $confirmMsg = "There was a problem updating the record.";
    }
    elseif(mysql_affected_rows()==0)
    {
        $confirmMsg = "There was no record to update.";
    }
    else
    {
        $confirmMsg = "The record was successfully updated.";
    }
}

//Create the select list options
$recordOptions = '';
$query = "SELECT * FROM cars";
$result = mysql_query($query);
if(!$result)
{
    $recordOptions = "<option>Error Retrieving Records</option>\n";;
}
else
{
    while($row=mysql_fetch_assoc($result))
    {
        $recordOptions .= "<option value=\"{$row['id']}\">";
        $recordOptions .= "{$row['color']} {$row['make']} {$row['model']} {$row['year']}";
        $recordOptions .= "</option>\n";
    }
}

?>
<html>
<body>

<?php echo $confirmMsg; ?><br />

<form action ='' method='post'>

<select name="id">
<?php echo $recordOptions; ?>
</select>

Which attribute would you like to change?<br />
<input type="radio" name="field" value="make"	/>Make<br />
<input type="radio" name="field" value="model"	/>Model<br />
<input type="radio" name="field" value="year" 	/>Year<br />
<input type="radio" name="field" value="color" 	/>Color<br /><br />

<br /><input type='text' value='' name='value'>
<input type='submit' value='Change' name='submit'>

</form>

</body>
</html>

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.