davidolson Posted January 21, 2015 Share Posted January 21, 2015 If i check more than one checkbox. I dont get any value from database. HTML <form method="post"> <input type="checkbox" name="receiver[]" value="cheater">CHEATER <input type="checkbox" name="receiver[]" value="un-verified">UN-VERIFIED <input type="checkbox" name="receiver[]" value="inactive">INACTIVE <input type="checkbox" name="receiver[]" value="active">ACTIVE <input type="submit" name="submit" value="ADD"> </form> PHP $errors = array(); $success = NULL; $error = NULL; $var['receiver'] = isset($_POST['receiver']) ? $_POST['receiver'] : NULL; ................. if(!empty($_POST['submit'])){ // FORM VALIDATION // } if(!empty($_POST['submit']) and empty($errors)){ $status = array_map('strval', $var['receiver']) + array(0); $statusSql = implode(',', $status); $query = 'SELECT email FROM users WHERE status IN("'.$statusSql.'")'; $select = $db->prepare($query); $select->execute(); $arrayData = array(); while($row = $select->fetch(PDO::FETCH_ASSOC)){ $arrayData[] = $row['email']; } $errors[] = implode(',', $arrayData); } require_once 'includes/antiCsrf/index.php'; $csrf = new antiCsrf(); $smarty->assign('success', $success); $smarty->assign('error', $error); $smarty->assign('errors', $errors); $smarty->assign('csrfKey', $csrf->csrfKey()); $smarty->assign('csrfToken', $csrf->csrfToken()); $smarty->assign('var', $var); ................. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted January 21, 2015 Share Posted January 21, 2015 i recommend that you echo the $query value so that you can see if it is what you expect. also, why are you putting external data values into the sql query statement, then preparing the query? you use a prepared query by putting place-holders into the sql query statement where the data values are at, then you bind the actual data to the place-holders. Quote Link to comment Share on other sites More sharing options...
CroNiX Posted January 21, 2015 Share Posted January 21, 2015 What does $status look like after you do this: $status = array_map('strval', $var['receiver']) + array(0); I'm not sure what that array(0) is supposed to do. Shouldn't those be square brackets and why are you adding that anyway? Besides that, it doesn't look like your database is normalized for your statuses. It seems those should be IDs instead of their names. Quote Link to comment Share on other sites More sharing options...
davidolson Posted January 21, 2015 Author Share Posted January 21, 2015 Tried this way and it is working $query = 'SELECT email FROM users WHERE status IN("active", "inactive", "un-verified", "cheater")'; $select = $db->query($query); Quote Link to comment Share on other sites More sharing options...
Barand Posted January 21, 2015 Share Posted January 21, 2015 Your join() isn't putting the statuses in quotes. It will give IN (active,inactive,un-verified,cheater) Quote Link to comment Share on other sites More sharing options...
davidolson Posted January 21, 2015 Author Share Posted January 21, 2015 WOKRKING QUERY $status = array_map('strval', $var['receiver']); $statusSql = implode('","', $status); $query = 'SELECT email FROM users WHERE status IN("'.$statusSql.'")'; $select = $db->query($query); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.