Jump to content

variable not passing second time

turpentyne

By turpentyne
in PHP Coding Help

 Share

Recommended Posts

turpentyne Advanced Member

turpentyne

Posted
Posted

I'm trying to redo a page from scratch, and simplify things. I've gotten a "beginner-stumping" error.

 

It's a page where the user makes a selection from a form with fields generated by a database. Then the page reloads, with the php determining which options to pull from the database, based on which category they last chose.

 

It loops through the first time, and works fine. But the second time, I get an error:

 

"You have an error in your SQL syntax; ... near 'ORDER BY tbl_components.component_category' at line 6"

I echoed the query and I see its not carrying over the $var that second time the page reloads:

 

"SELECT ....... AND tbl_component_categories.ID = ORDER BY tbl_components.component_category"

 

Considering it worked on first selection, I'm kind of stumped. I did run the queries in MySQL just to make sure they work, and they do.

Not sure where I'm getting it wrong.

 

<?php 
session_start();

if(!isset($_SESSION['options_picked'])){
$_SESSION['options_picked'] = array();
} 

if (!isset($_POST['chosen'])) {


$var = "4";


} elseif(isset($_POST['chosen'])) {

array_push($_SESSION['options_picked'],$var);

// below section is hard coded for the moment.
// Later, when other things figured out, maybe I query the database for categories and category id, then I can loop to create the below statements
// so it would be like: if post == 'row[x] { var =  row[y];} etc.

if((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Buttstocks')){ $var = "1";
} 
// here's the loop that determines what they selected. the first one above works fine
elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Accessory_rail_mounts')){$var = "11";}
// the second one, above, is where I suddenly get an error.
elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Caliber')){$var = "2";}
elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Barrel_length')){$var = "10";}
elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Suppressors')){$var = "9";}

echo "cat= ".$_POST['what_category'];
echo "var= ".$var;

}


include("../builder-test-code/dbc.php");

// query here
$query  = "SELECT tbl_component_categories.ID, tbl_component_categories.folder_path, tbl_component_categories.comp_cat_name, tbl_components.component_name, tbl_components.image_filepath, tbl_components.component_category

FROM tbl_components

JOIN tbl_component_categories ON tbl_components.component_category = tbl_component_categories.ID AND tbl_component_categories.ID = $var
ORDER BY tbl_components.component_category";
$result = mysql_query($query)
or die(mysql_error());



// create templates
// CF: Using sprintf () and templates makes things a whole lot easier to read.
$ExpandTemplate = <<<OutHTML
<div id="%1\$s" style="width:550px;padding-top:20px;">

<!-- <a class='select-toggler' href="javascript:showHide('%2\$s-expander');"> this was the old thing -->


<img style="position:relative;top:-2px;" src="images/structural/red-plus.gif" /> %1\$s <!--</a>--><br>
<div id="%2\$s-expander" style="float:left;padding-right:25px;" width="90">
OutHTML;


$ExpandImageTemplate = <<<OutHTML
<div style='width:140px;padding:10px;float:left;'> %4\$s <br>
<form action="" method="post">
<button type="submit" name="chosen" id="chosen" value="%4\$s">
<input type="hidden" name="what_category" value="%2\$s">
<img src="%3\$s" width="147" height="34" alt="image to come" title="choice" />
</button>

<!-- this hidden field is what I can use to determine what category, I compare it to -->
</form>


</div> 
OutHTML;

$ExpandImageTafter = <<<OutHTML
</div></div>
OutHTML;

$Output = '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Build my rifle</title>
</head>

<body>
<div><!-- where the original image at top of page will go -->

';

//output section and sprintf

while ($row = mysql_fetch_assoc ($result)) {

if ($category != $row['component_category']) {
$category = $row['component_category'];	
if (!$firstime) {

$Output .= '</div><br><br>';

} else {
$firstime = true;
}


//CF: Changed output to be stored in a temp variable, as well as adding output escaping to prevent XSS etc.
$Output .= sprintf ($ExpandTemplate, htmlspecialchars ($row['comp_cat_name']), htmlspecialchars ($row['folder_path']));
}

//CF: Changed output to be stored in a temp variable, as well as adding output escaping to prevent XSS etc.
$Output .= sprintf ($ExpandImageTemplate, htmlspecialchars ($row['comp_cat_name']),htmlspecialchars ($row['folder_path']),htmlspecialchars ($row['image_filepath']),htmlspecialchars ($row['component_name']));

// when I get a chance, I need to figure out how to escape the /s in the image_filepath in code line above. It wasn't working when it was written: htmlspecialchars (rawurlencode($row['image_filepath'])). it just put %s

}


?>



<?php

echo $Output;

?>


</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/266553-variable-not-passing-second-time/
Share on other sites
turpentyne Advanced Member

turpentyne

Posted
  • Author
Posted

holy cow! I'm not seeing it.

 

I can tell you're alluding to something obviously easy. I tabbed everything, and eliminated the div tags because they're irrelevant to this version and were confusing me. I double checked brackets and they appear to be all closed. I'm not seeing anything in the logic that's wrong. I'm just not seeing it.

 

Maybe, give me another hint?

 

Christian F. Member

Christian F.

Posted
Posted

If you look at this part here:

if (!isset ($_POST['chosen'])) {
$var = "4";
} elseif (isset ($_POST['chosen'])) {
array_push ($_SESSION['options_picked'], $var);

You can see that you're trying to push the variable onto the $_SESSION array, without having it defined first. So if none of the predefined categories are selected, $var will be undefined and cast to an empty string when used in the query.

I assumed this was because you mistakenly believed it being set above, due to the lack of indenting.

 

PS: I also recommend moving the HTML header, doctype and all that out of the $output variable. It doesn't need to be there, after all. ;)

 

PPS: You need to validate input, and escape the output in your SQL queries.

turpentyne Advanced Member

turpentyne

Posted
  • Author
Posted

oh no.... :-[

 

That left me more in the dark.. I've made a correction to that session variable, because it wasn't even setting from the variable I wanted. My fault, I was trying to  work through this last night to come up with a new solution

 

and still have the problem.

 

Here's what I have now in that section of the code. Everything seems fine but the $Var is still not setting the second time.

 

I'm so sorry I'm not getting this stuff.

 

Also, I know I need to take care of security. I'm just trying to get the basic goal finished before I tackle that.

 



if(!isset($_SESSION['options_picked'])){
$_SESSION['options_picked'] = array();
} 

if (!isset($_POST['chosen'])) {

$var = "4";

} 

elseif(isset($_POST['chosen'])) {

$choicetest = $_POST['chosen'];
	echo "and ".$choicetest;

array_push($_SESSION['options_picked'],$choicetest);
// supposed to be this and not $var.

 	if((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Buttstocks')){ 
 	$var = "1";
 	} 
 	elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Accessory_rail_mounts')){
 	$var = "11";
 	}
 	elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Caliber')){
 	$var = "2";
 	}
 	elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Barrel_length')){
 	$var = "10";
 	}
 	elseif((isset($_POST['what_category'])) && ($_POST['what_category'] == 'Suppressors')){
 	$var = "9";
	 	}


echo "cat= ".$_POST['what_category'];
echo "var= ".$var;


}

 

 

 

 

Christian F. Member

Christian F.

Posted
Posted

As far as I can see $var is still not being set, unless one of the IF-tests checks out true. Which means that it's highly likely that they don't.

I'd run a var_dump () on the contents of the $_POST array, and see what it contains. Also, run a test of invalid categories, before running the loop. That way you control what should be done, and not the database driver. ;)

 

PS: I'd use the value from the database as the value for the categories, and not base it upon the name. Or, if that's not viable, use an array of key->value bindings and check against it for validation.

Example of the latter:

$categories = array ('Suppressors' => 9, 'Buttstocks' => 1);
if (!isset ($categories[$_POST['category'])) {
    // Invalid category selected, show warning and return.
}

$var = $categories[$_POST['category']];

turpentyne Advanced Member

turpentyne

Posted
  • Author
Posted

good lord...

 

I'll look into your suggestions as I improve the script.

 

But it's solved on the stupidest thing. I was missing a couple of capital letters in the script. nothing more. gah!!

 

solved for now. on to figuring out nested arrays. yippee.

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.