otuatail Posted March 18, 2014 Share Posted March 18, 2014 <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="03c2e7e41ffc181a4e84080b4710e81e"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=03c2e7e41ffc181a4e84080b4710e81e">New</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="a39e9eea66930fe0050d56a28bafab72"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=a39e9eea66930fe0050d56a28bafab72">Desmond</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="70965feb0441ff7fc1982fc5c509136e"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=70965feb0441ff7fc1982fc5c509136e">Malawi</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="ee60398b064d0ef982e2a9d91fd9ada8"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=ee60398b064d0ef982e2a9d91fd9ada8">YBC</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="0153a1e369e543364edb1e75ceff1173"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=0153a1e369e543364edb1e75ceff1173">Recipes</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="f84d329354422000da05b9bc8fe60301"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=f84d329354422000da05b9bc8fe60301">Ark Church</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="f99d5fd996456751e77abb893110aaeb"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=f99d5fd996456751e77abb893110aaeb">YBC2</a></div> </div> Hi. This is not as simple as it sounds. I have a table with an ID table with an integer ID. For security reasons I do not want to use this value so I have a table field of MD5() values. As I do not know what the result set will show. I need to retrieve the IDs of all the check boxes in the background form (pure php code)when I submit it. This is what I have when I view source on a page with check boxes. As you can see there is no actual order numbering of the check boxes. Is this achievable by checking any check boxes names and values on the submit form? Quote Link to comment Share on other sites More sharing options...
Psycho Posted March 18, 2014 Share Posted March 18, 2014 (edited) I'm not clear on what you are asking. But, let's step back a second. What security risk do you think exists by using the primary ID of the records in the database? That's kind of the whole point of having primary IDs. If there is a security risk it is because you created one. But, as to your code, you are using the hash as the name of the fields. You should probably make the names of the fields an array and use the hash as the values. If you need the IDs of the items that are checked you will need to run a query on the values that are POSTed. So, let's say your fields are created more like this (note the field names and values): <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="items[]" value="03c2e7e41ffc181a4e84080b4710e81e"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=03c2e7e41ffc181a4e84080b4710e81e">New</a></div> </div> <div style="width:1500px;height:20px;"> <div style="width:20px;height:12px;float:left;"><input type="checkbox" name="items[]" value="a39e9eea66930fe0050d56a28bafab72"></div> <div style="width:90px;height:12px;float:left;"><a href="UserShelvesUpdate.php?ID=a39e9eea66930fe0050d56a28bafab72">Desmond</a></div> </div> Now, when the form is posted you will have a POST array value of $_POST['items'] which contains the MD5 value of all the checked items. Note, if no items are checked then that array index will not exist. You can then use that data like so: if(!isset($_POST['items'])) { //No items were checked } else { //Create a comma separated string of the hash values (enclosed in single quotes) $hashListString = "'" . implode("', '", $_POST['items']) . "'"; //Create & Run query to get IDs $query = "SELECT id FROM table_name WHERE hash IN ({$hashListString})"; $result = mysql_query($query); } Edited March 18, 2014 by Psycho Quote Link to comment Share on other sites More sharing options...
otuatail Posted March 18, 2014 Author Share Posted March 18, 2014 INSERT INTO `Shelves` VALUES (0, '03c2e7e41ffc181a4e84080b4710e81e', 'New'), (1, 'a39e9eea66930fe0050d56a28bafab72', 'Desmond'), (2, '70965feb0441ff7fc1982fc5c509136e', 'Malawi'), (3, 'ee60398b064d0ef982e2a9d91fd9ada8', 'YBC'), (4, '0153a1e369e543364edb1e75ceff1173', 'Recipes'), (5, 'f84d329354422000da05b9bc8fe60301', 'Ark Church'), (6, 'f99d5fd996456751e77abb893110aaeb', 'YBC2'); I am using the MD5() value instead of ID I didn't want to use the auto numbering of a table as a precaution. If there was a crash on a web page or a hacker got the name of a table then an ID of 1,2,3,4,5 would be a prise to him. I replace this with an md5() of data so there is no sequence. Having said that if I do an sql query SELECT * from Users where Surname = 'Smith' I could have 5 records with IDs that are not consecutive. What I wanted to do was give the checkbox's a name of the record ID like <input type="checkbox" name ="<?=rs['ID']" ... But when I submit the form to another page I will not know the names of each checkbox and that was the problem. Does this help. This is a sample table Quote Link to comment Share on other sites More sharing options...
Psycho Posted March 18, 2014 Share Posted March 18, 2014 How is the ID any more/less secure than the hash since they are both serving the same purpose? I really think you are adding complexity that serves no real purpose. But I still don't understand your problem. Are you saying that when the page is submitted you want the names of all the chefkboxes - even the ones that are not checked? If so, there better ways to accomplish this. But, you could populate a hidden field with the values, but that's a hack IMO. Instead you should save the criteria that was used to select the values for the form. So,if you were including all records where Surname='smith' then you should save that criteria in a hidden field and use it on the processing page. Quote Link to comment Share on other sites More sharing options...
Ansego Posted March 19, 2014 Share Posted March 19, 2014 (edited) So my understanding is something like this: Array input (MOCK CODE ONLY) <input type='checkbox' name='checkboxvar[]' value='<?php rs['ID'] ?>'>New<br> <input type='checkbox' name='checkboxvar[]' value='<?php rs['ID'] ?>'>Desmond<br> <input type='checkbox' name='checkboxvar[]' value='<?php rs['ID'] ?>'>Malawi<br> <input type='checkbox' name='checkboxvar[]' value='<?php rs['ID'] ?>'>YBC<br> $ckbox = $_POST['checkboxvar']; foreach ($ckbox as &$value) { echo $value; } Edited March 19, 2014 by Ansego Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.