rocky48 Posted June 17, 2013 Share Posted June 17, 2013 I did not quite know how to label this post hence the unusual title. I am trying to modify some code that I have written to save the choosen line that is output from an SQL query, using SESSION to make it available in a later script. To achieve this I have started a form with a radio button inside the while loop that outputs the query items that meet the criteria set by a form in the previous script. Before I modified this script it worked albeit without the choice coding. When I submit the choices on the previous script the query is run and it ouputs the results as a table, with an extra column which contains a radio button. I have for test purposes output the value of the variable to check that the variable is storing the value correctly. When I choose a line that the query has output and clcked on the submit button it seems to be causing the code to think it has not got an Event set and displays the error message "You have selected an invalid Event.Please try again.", on line 21 which is part of the code I wrote to make sure that an Event has been choosen, instead of proceeding on to the next script. Here is the complete script: <?php session_start(); include("cverse_connect.php"); doDB(); //check for required info from the query string //verify the Event exists $verify_Event_sql = "SELECT ID, Event_Type FROM Events WHERE ID = '".$_POST["Event_Type"]."'"; $verify_Event_res = mysqli_query($mysqli, $verify_Event_sql) or die(mysqli_error($mysqli)); echo $_POST["Event_Type"]; echo $_POST["Mood"]; if (mysqli_num_rows($verify_Event_res) < 1) { //this Event does not exist $display_block = "<p><em>You have selected an invalid Event.<br/> Please try again.</em></p>"; } else { //get the Event ID while ($Event_info = mysqli_fetch_array($verify_Event_res)) { $Event_ID = stripslashes($Event_info['ID']); $Event_Name = ($Event_info['Event_Type']); } $verify_Mood_sql = "SELECT ID, Event_Sub_Type FROM Event_Sub WHERE ID = '".$_POST["Mood"]."'"; $verify_Mood_res = mysqli_query($mysqli, $verify_Mood_sql) or die(mysqli_error($mysqli)); if (mysqli_num_rows($verify_Mood_res) < 1) { //this Event does not exist $display_block = "<p><em>You have selected an invalid Mood.<br/> Please try again.</em></p>"; } while($Mood_info = mysqli_fetch_array($verify_Mood_res)) { $Mood_ID = ($Mood_info['ID']); $Mood_Name = ($Mood_info['Event_Sub_Type']); } //gather the Events $get_Event_sql = "SELECT Verses.ID AS versesID, Verses.Verse, Verses.Sub_Type, Verses.Event, Events.ID AS eventsID, Events.Event_Type, Event_Sub.ID AS event_SubID, Event_Sub.Event_Sub_Type FROM Verses LEFT JOIN Events ON Verses.Event = Events.ID LEFT JOIN Event_Sub ON Verses.Sub_Type = Event_Sub.ID WHERE Verses.Event = '".$_POST["Event_Type"]."' And Verses.Sub_Type = '".$_POST["Mood"]."' ORDER BY Verses.ID ASC"; $get_Event_res = mysqli_query($mysqli, $get_Event_sql) or die(mysqli_error($mysqli)); //create the display string $display_block .= " <table width=\"70%\" cellpadding=\"3\" cellspacing=\"1\" border=\"1\" BGCOLOR=\"#87CEEB\" > <tr> <th>ID</th> <th>VERSE</th> <th>MOOD/SUB TYPE</th> </tr>"; while ($Verse_info = mysqli_fetch_array($get_Event_res)) { $Verse_id = $Verse_info['versesID']; $Verse_text = nl2br(stripslashes($Verse_info['Verse'])); $Mood_info = $Verse_info['Event_Sub_Type']; $VID = $Verse_id; //add to display $display_block .= " <tr> <td width=\"1%\" valign=\"top\">".$Verse_id."<br/></td> <td width=\"55%\" valign=\"top\">".$Verse_text."<br/></td> <td width=\"35%\" valign=\"top\">" .$Mood_info."<br/></td> <td width=\"35%\" valign=\"top\"> <form .method=.\"POST\" .action=\"VInput1.php\"> <input type=\"Radio\" value=\"$VID\"> $VID </td></tr>"; } $display_block.="<input type=submit value=Choose Verse>"; //free results mysqli_free_result($get_Event_res); mysqli_free_result($verify_Event_res); //close connection to MySQL mysqli_close($mysqli); //close up the table $display_block .= "</table>"; } $_session['Test']=$_POST[$VID] ?> <html> <head> <title> List of Verses</title> <meta charset="utf-8"> <meta name="Description" content="Ecologic Theme"> <meta name="author" content="CoffeeCup Software, Inc."> <meta name="Copyright" content="Copyright (c) 2011 CoffeeCup, all rights reserved."> <title>1066 Cards 4U - Home</title> <link rel="stylesheet" href="stylesheets/default.css" /> <!--[if IE]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> </head> <body> <header> <h1><a href="index.html"> ..............</a></h1></br></br></br></br> <div><img src="images/1066Green.jpg" width="600" height="80" alt="" title="" border="0" /></div> </header> <section id="mainContent" class="clear"> <nav> <h3>Main Menu</h3> <ul> <li><a href="index.html">Home</a></li> <li><a href="Links.html">Links</a></li> <li><a href="Techniques.html">Techniques</a></li> <li><a href="Alt_inputform.html">Verse's</a></li> <li><a href="contact.html">Contact Us</a></li> <li><a href="News.html">News</a></li> <li><a href="Gallery.html">Gallery</a></li> </ul> </nav> <section id="mainRight2"> <h1>Verses</h1> <?php echo $display_block; ?> </section> <footer> <p>© 2011 Ecologic, Inc. All rights reserved. <a href="http://coffeecup.com">HTML Editor Theme</a> by CoffeeCup Software.</br> © 2012 Content:1066 Cards 4U. All rights reserved. </p> <ul> <li><a href="index.html">Home</a></li> <li><a href="Links.html">Links</a></li> <li><a href="Techniques.html">Techniques</a></li> <li><a href="Alt_inputform.html">Verse's</a></li> <li><a href="contact.html">Contact Us</a></li> <li><a href="News.html">News</a></li> <li><a href="Gallery.html">Gallery</a></li> </ul> </footer> </body> </html> Can anybody see why it is doing this? Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/ Share on other sites More sharing options...
Solution mac_gyver Posted June 17, 2013 Solution Share Posted June 17, 2013 best i can tell, your form doesn't have a field with the name="Event_Type" and you also have some extra dots . among the method and action attributes in the <form > tag. Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/#findComment-1436417 Share on other sites More sharing options...
rocky48 Posted June 17, 2013 Author Share Posted June 17, 2013 Hi But Event_Type is only required to satisfy the SQL query, it is nothing to do with the form which is dealing with the OUTPUT from the query. I am not too sure about the periods as somebody in a previous post suggested them. I will remove them! Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/#findComment-1436418 Share on other sites More sharing options...
ginerjm Posted June 17, 2013 Share Posted June 17, 2013 Your script runs very straight-forward right thru a query to verify that your selected event type exists. Well, you don't have any <input> tag in your html with that name, so this query will not return any rows. Hence your message when you check the row count. As for you prev statement that Event_type has nothing to do with the form, if so, why do you refer to it as part of the $_POST array?? It's always a good idea to validate all incoming data before proceeding on with the work at hand. In this case you are not. Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/#findComment-1436421 Share on other sites More sharing options...
rocky48 Posted June 19, 2013 Author Share Posted June 19, 2013 I am afraid it does not work like that! The POSTed Event_Type and Mood_Type are POSTed on the previous script and are part of the SQL query, which runs first. This then outputs the result as a table. I don't understand why you are saying 'you don't have any <input> tag in your html with that name'? Any way that is history now as the problem was the periods in front of method and action. I have another problem now! When I choose one of the lines in the table and submit using POST then create a SESSION called Test, which saves the result of the POST into the SESSION and proceed to the next script nothing is printed on the screen. Here is the small script I am using to test the output: <? session_start(); echo $_SESSION[Test]; echo $_POST[$VID]; ?> Any ideas why I am not getting the data stored in SESSION? Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/#findComment-1436801 Share on other sites More sharing options...
ginerjm Posted June 19, 2013 Share Posted June 19, 2013 Try putting quotes around your indices. You should also learn to use single quotes so you don't have to keep escaping double quotes in double-quoted strings. Less typing, less errors perhaps. Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/#findComment-1436823 Share on other sites More sharing options...
kicken Posted June 19, 2013 Share Posted June 19, 2013 Any ideas why I am not getting the data stored in SESSION? $_session['Test']=$_POST[$VID] Variables are case sensitive. $_session is not the same as $_SESSION (which is the proper name) Quote Link to comment https://forums.phpfreaks.com/topic/279264-no-escape/#findComment-1436862 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.