Check Boxes in a Mysql Loop, transforming into $_POST Data

[parodyband]

I am creating a Child Security Application called Shield Child Security. I ran into a roadblock, and I had to ask myself, "How will they take attendance?" So I want to take a mass status change. If you look at the picture you will see what I mean.

 

 

<body>
<div align="center">
<div style="width:460px; background-color:#000000; padding:11px;" align="left" class="shadow">
Children:


<div style="background-color:#3399FF; padding:11px;" align="left" class="shadow">
<form action="" method="POST">
<table>
<?php


$query = mysql_query("SELECT * FROM Children WHERE classroom='$class'") or die("ERROR");
$numrows = mysql_num_rows($query);
if ($numrows!=0){
while ($row = mysql_fetch_assoc($query)){
$cid = $row['id'];
$fname = $row['firstname'];
$lname= $row['lastname'];
$status = $row['status'];
$classroom = $row['classroom'];
echo '<tr style="background-color:gray;"><td><input type="checkbox"></td><td align="center" width="150" name="'.$cid.'">[<a href="child.php?id='.$cid.'">'.$fname.' '.$lname.'</a>]</td>';
if ($classroom != 'none'){
if ($status == 1) {
echo '<td align="center" width="200"><font color="red">Not Present</font>';
} else if ($status == 2){ echo '<td align="center" width="200"><font color="lightgreen">Present</font>';}
} else {
echo '<td align="center" vertical-align="middle"><br><form action="changeclass.php" method="POST"><select>Balls</select><input type="submit" value="+""></form></td>';
}

echo '</td><td align="center"><a href="delete.php?id='.$cid.'&type=child">[ - ]</a></td></tr>';

}
} else {echo "No Students";}


?>
<tr>


</tr>
</table>
<table>
<td>
<input type = "submit" value="Switch Status">
</td>
</table
</div>
<br>
<a href="classroom.php">Go Back</a>
</div>
</div>

 

I'm sure its vulnerable to SQL Injection, but remember this is just a rough draft. A draft to get my ideas out in code.

 

Peace! And Thank You!

[Jessica]

Is there a question? If not, I can move this to critiques.

[parodyband]

Oh Sorry! Yeah how do I have check boxes in a while loop and have it change a mysql data based on what is checked?

[Jessica]

Well you already have the checkboxes right? So at the top of your page you need to check if your submit button has been pushed. But first you have to give it a name. In fact all of your form elements need names. The checkboxes should be something like name="children[$cid]". Then you can use run a MySQL UPDATE using IN() and php's implode.

[parodyband]

Say I have my action set to 'changestatus.php' what would the script look like ish? Ive never used php implode and im not that good with Arrays.

 

im using

<?php include 'connect.php';
?>

[Jessica]

Well if you want to write an application, it's time to learn. Arrays are very useful and basic part of programming. If you've never used a function look it up and learn how. 

 

Showing us one include statement is useless.

 

 

This forum is for help with code you write. We don't write it for you, you don't learn that way. 

[parodyband]

Ok, I understand, but that wasn't what I was trying to ask...

 

I know how to use arrays in other programming languages, but using it with mysql is a little confusing.

 

So I have

<?php
include 'connect.php';
$id = $_POST['?'];
//I don't know what you mean by php implode.
$status = ??

foreach(id[]??){


$query = mysql_query("SELECT * FROM Children WHERE id='$id[?]''") or die("ERROR");
$numrows = mysql_num_rows($query);
if ($numrows!=0){

while ($row = mysql_fetch_assoc($query)){
$current = $row['id'];
}
}


if ($current == 2){
mysql_query("UPDATE Children SET status=1 WHERE id = '$status[$id]'");
} else if ($current == 1){
mysql_query("UPDATE Children SET status=2 WHERE id = '$status[$id]'");
}
}
?>

 

Am I close to achieving this?

BTW Not all of my code showed up on the previous post

Edited January 17, 2013 by parodyband

[parodyband]

I am in no way a "noob" when it comes to other languages.

[Jessica]

Did you try looking up implode in the manual yet? That was quick

 

By using IN in your query you can run only 1 query. You don't need to run an update for each child separately. 

Edited January 17, 2013 by Jessica

[parodyband]

I looked up implode, but how would I use it? It just allows you to put data in between data in the array?

[Jessica]

And did you look up using IN in a MYSQL query?

[parodyband]

I can't find anything on queries with IN

[parodyband]

<?php
include 'connect.php';
$id = array($_POST['child']);
$status = implode(', ', array_keys($id));

$query = mysql_query("SELECT * FROM Children WHERE id= 'How do I grab this id?' ") or die(MySql Error);
$numrows = mysql_num_rows($query);
if ($numrows!=0){

while ($row = mysql_fetch_assoc($query)){
 $current = $row['status'];
}
}


if ($current == 2){
mysql_query("UPDATE Children SET status=1 WHERE id IN $status");
} else if ($current == 1){
mysql_query("UPDATE Children SET status=2 WHERE id IN $status");
}


?>

 

Is this used in the right context?

Edited January 17, 2013 by parodyband

[Jessica]

Google isn't broken for me. I google mysql in and get great tutorials.

 

If you want to actually write an entire application you need to learn the skills to learn.

[Jessica]

But your code does look better. Don't use backticks or quotes on integers.

[Jessica]

And use ONE query. Not three.

[parodyband]

This is the last thing i need done before the ENTIRE application is finished. Just the dumb little check boxes. That's it.

[Barand]

WHERE id IN (1,2,3)

 

in a query is equivalent to, and a lot easier than

 

WHERE (id = 1) OR (id = 2) OR (id = 3)

 

 

Having said that, here is a simple example of using it in conjunction with checkboxes in a form (note that "join" and "implode" are identical)

 

<?php

if (isset($_POST['id'])) {
$idlist = join (',', $_POST['id']);

$sql = "SELECT * FROM children WHERE id IN ($idlist)";
echo $sql;
}
?>

<form method="post">
<input type="checkbox" name="id[]" value="1"> Child 1 <br>
<input type="checkbox" name="id[]" value="2"> Child 2 <br>
<input type="checkbox" name="id[]" value="3"> Child 3 <br>
<input type="checkbox" name="id[]" value="4"> Child 4 <br>
<input type="checkbox" name="id[]" value="5"> Child 5 <br>
<input type="submit" name="btnsubmit" value="Submit">
</form>

Edited January 17, 2013 by Barand

[DavidAM]

The only thing I would add to Barand's post, is the need to validate/escape the "id" values before shoving them into the query. Since they should all be integers, you can add array_map in there:

 

$idlist = join(',', array_map('intval', $_POST['id']));

 

which will force any bogus values to zero.