newbie! php code includes html radio code. In radio code tag more php?

[wordsarefew]

hi, is this possible?

have tried heredocs and various bits from here or there but nothing works.

Perhaps i am constructing the whole thing the wrong way up.

 

this is a simplified version of what i am trying to do.. there s more php further up. 

note that the php in the first row of the table works.

<html>
  <body>
    <?php
      if($variable == 'something'){
        echo '<table>
		        <tr>
		          <td>title:</td>
		          <td>'.$anotherVariable.'</td>
		        </tr>
		        <tr>
		          <td>title:</td>
				  <td>
				    <input type="radio" name="flag" <?php if (isset($flag) && $flag=="full") echo "checked";?> value="full"> full   
					<input type="radio" name="flag" <?php if (isset($flag) && $flag=="supported") echo "checked";?> value="supported"> supported   
					<input type="radio" name="flag" <?php if (isset($flag) && $flag=="minimal") echo "checked";?> value="minimal"> minimal   
					<input type="radio" name="flag" <?php if (isset($flag) && $flag=="none") echo "checked";?> value="none"> none   
				  </td>
				</tr>
	          </table>';
	  }
    ?>
  </body>
</html>  	

[Jacques1]

Yo Dawg ...

 

No, you cannot have PHP sections within PHP strings within PHP code. Why do you even want that? You already are in a PHP context. Just terminate the string and concatenate it with any PHP value you want:

'
	...
	<input type="radio" name="flag" ' . (isset($flag) && $flag == 'full' ? 'checked' : '') . ' value="full">
	...
'

Or, which is probably more readable, terminate the PHP section before the giant HTML part and make small PHP sections within the HTML.

[ginerjm]

Or better yet - run your php ahead of all this and set the 4 radio buttons check values ($chk_none,$chk_min,$chk_sup,$chk_full) prior.  Then in the html you can just say:

 

echo "<input type='radio' name='flag' value='full'  $chk_full> full ";
echo "<input type='radio' name='flag' value='supported'  $chk_sup> supported ";
echo "<input type='radio' name='flag' value='minimal'  $chk_min> minimal ";
echo "<input type='radio' name='flag' value='none' $chk_none > none ";
 

 

[wordsarefew]

thank you both..

tried jacques version for now.

 

problem is with first suggestion that the $flag variable does not get defined (i think)..

the radio buttons go through but i still get the "Undefined index:flag" notice.. referring to a line higher up where: $flag = $_POST['flag'];

 

as for the second suggestion, 

i ve constructed it this way cause i wanted the html formatting of the table to only appear if that php statement was true..

i am sure there is another more logical way to do it..

 

i ll keep on trying..

 

off to try ginerjm now

[Jacques1]

the radio buttons go through but i still get the "Undefined index:flag" notice.. referring to a line higher up where: $flag = $_POST['flag'];

 

That's an entirely different problem.

 

When you try to access a POST parameter which does not exist, of course you get a notice. It doesn't help to check the $flag variable somewhere later, because the problem is caused by this very line.

[wordsarefew]

but what i dont get is this: 

i used $variables like that in radio buttons higher up and they get defined..

there is a datepicker that logs the date (and gives a day)

and 3 radio buttons that divide the day in 3 sections..

 

e.g. if (monday) and (afternoon) >> a whole lot of html code, including forms etc

 

what you did passes the radio buttons but does not pass the $flag..

have a look at the initial php code for the page.. please

for example the $shift belongs to radio buttons prior to the code i enquire about but gets defined..

3 lines later and the $flag gets flagged up..

 

i dont know maybe i make no sense..

<?php
  $name = $notes = $shift = $actName = $flag = "";
  $rawDate ="select date";
  
  include 'connection.php';
  
  if(isset($_POST['submit'])){ 
	$rawDate = $_POST['datepicker'];
	$xplod = explode(' ', $rawDate);
	$stringDate = "$xplod[3]-$xplod[2]-$xplod[1]";
	$phpDate = date("Y-m-d", strtotime($stringDate));
	
	$dayDate = "$xplod[0]";  
	
        $shift = $_POST['shift'];
	
        $name = $_POST['name'];
	
	$notes = $_POST['notes'];
	
	$actName = 'activity one';
	
	$flag = $_POST['flag'];
	
	
	mysql_query("INSERT INTO form1notes (`ID`,`date`,`day`,`shift`,`name`,`notes`,`flag`)
		VALUES (NULL,'$phpDate','$dayDate','$shift','$name','$notes','$flag')");
  }
?>

[wordsarefew]

god.. i AM talking nonsense

apologies

the $flag had no place to be posted..

been looking at this for many hours i could not see past my nose..

 

thanks for your help it works

of course

[Jacques1]

Note that your code is wide open to SQL injections, allowing any visitors to mess with your database and potentially compromise your entire server.

 

The mysql_* functions you're using are also obsolete since more than 10 years and will be removed in one of the next PHP releases. How to properly access a MySQL database with PHP. 

[wordsarefew]

hey thanks .. i ll look into this..

this is my second week of trying this stuff out..

but question:

is this risky even when this is destined to run in a machine through localhost..?

[Jacques1]

Insecure code is insecure, regardless of where it runs.

 

Of course you'll not get attacked as long as you only run this on an isolated PC and never make it accessible to the outside world. But isn't the whole point of learning PHP that you eventually publish your work?

 

Security is a fundamental part of programming, so you should learn it right from the beginning.