Jump to content

Storing dynamically generated felds values into database

michelle1404

By michelle1404
in PHP Coding Help

 Share

Recommended Posts

michelle1404 Member

michelle1404

Posted
Posted

Hi,

I am generating set of data input elements using json and jquery, But i am not able to add the counter to it, so that i can submit them into database.

Here is my code

echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8') . '" >';
    echo '<div>';
    echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
    echo '<br />'; ?>


<p> 
                    <input type="button" value="Add Attributes" onClick="addRow('dataTable')" /> 
                    <input type="button" value="Remove Attributes" onClick="deleteRow('dataTable')"  /> 
                    <p>(All acions apply only to entries with check marked check boxes only.)</p>
                </p>
 <table id="dataTable" class="selection">
                  <tbody>
                    <tr>
                      <p>
                        <td><input type="checkbox" required="required" name="chk[]" checked="checked" /></td>

                         <td>
                            <label for="Color">Select Color</label>
                            <select id="Color" name="Color[]" required="required">
                                <?php $sql = "SELECT * FROM itemcolor";
                                $result = DB_query($sql,$db);
                                while($myrow = DB_fetch_array($result))
                                { ?>
                                <option value="<?php echo $myrow['color_id']; ?>"><?php echo $myrow['color']; ?></option>
                                <?php } ?>
                            </select>
                         </td>
                          <td>
                            <label for="Size">Select Size</label>
                            <select id="Size" name="Size[]" required="required">
                                <?php $sql = "SELECT * FROM itemsizes";
                                $result = DB_query($sql,$db);

                                while($myrow = DB_fetch_array($result))
                                { ?>
                                <option value="<?php echo $myrow['size_id']; ?>"><?php echo $myrow['size']; ?></option>
                                <?php } ?>
                            </select>
                         </td>


                        <td>
                            <label>Cost Price</label>
                            <input type="text" required="required" name="Cost[]">
                         </td>
                         <td>
                            <label for="Sale">Selling Price</label>
                            <input type="text" required="required"  name="Selling_price[]">
                         </td>
                         <input type="hidden" name="stockid" value="<?php echo $stockID; ?>" />
                          <td>
                            <label for="Stock">Opening Stock</label>
                            <input type="text" required="required"  name="Opening_stock[]">
                         </td>


                            </p>
                    </tr>
                    </tbody>
                </table>
                <div class="clear"></div>


<?php
    echo '<br /><div class="centre"><input type="submit" name="submit" value="' . _('Accept') . '" /><input type="submit" name="Cancel" value="' . _('Cancel') . '" /></div>';

    echo '</div>
          </form>';

After submitting

if(isset($_POST['submit']))
{
$stk = $_POST['stockid'];
foreach ($_POST['chk'] as $k) { 

$color = $_POST['Color'][$k];
$size = $_POST['Size'][$k];
$cost = $_POST['Cost'][$k];
$selling_price = $_POST['Selling_price'][$k];
$opening_stock = $_POST['Opening_stock'][$k];

$sql1 = "INSERT INTO itemarticles (stk_code, color, size, cost, selling_price, opening_stock) VALUES ('".$stk."', ".$color.", ".$size.", ".$cost.", ".$selling_price.", ".$opening_stock.")";   
$result = DB_query($sql1,$db);       
          if($result)
          {
          header("location:StockAttributes.php?Success=1");
          }
}          
 }

But to put like ,

foreach ($_POST['chk'] as $k)  

<input type="text" required="required"  name="Opening_stock[$counter]">

In script,

function addRow(tableID) {
    var table = document.getElementById(tableID);
    var rowCount = table.rows.length;
    if(rowCount < 30){                          // limit the user from creating fields more than your limits
        var row = table.insertRow(rowCount);
        var colCount = table.rows[0].cells.length;
        for(var i=0; i<colCount; i++) {
            var newcell = row.insertCell(i);
            newcell.innerHTML = table.rows[0].cells[i].innerHTML;
        }
    }else{
         alert("Maximum Attributes per Item is 30.");

    }
}

function deleteRow(tableID) {
    var table = document.getElementById(tableID);
    var rowCount = table.rows.length;
    for(var i=0; i<rowCount; i++) {
        var row = table.rows[i];
        var chkbox = row.cells[0].childNodes[0];
        if(null != chkbox && true == chkbox.checked) {
            if(rowCount <= 1) {                         // limit the user from removing all the fields
                alert("Cannot Remove all the Attributes.");
                break;
            }
            table.deleteRow(i);
            rowCount--;
            i--;
        }
    }
}

Can someone please guide me in doing this please

ginerjm Prolific Member

ginerjm

Posted
Posted (edited)

What is the purpose of the counter? Is it simply to post to the db table?? Does it have anything to do with the input screen, or the order in which the input elements are to be handled?

 

If itis to simply put one into the db, then set the counter in the posting loop and increment it before each inset query.

Edited by ginerjm
  • Like 1
mac_gyver Prolific Member

mac_gyver

Posted
Posted

since the purpose of this form is to INSERT new data, there's no point in having the check-box as part of the form data. if what  you are trying to do is to have one form that works for inserting new data and updating or deleting existing data, you would use a completely different set of array names for the new/dynamically added fields (what you have now) and for the fields for existing data. the fields for existing data would use the id from the database row as the form field array index value. you would process these separately, inserting new data and either updating or deleting existing data.

 

also, you have made the check-box 'required', so, you cannot submit the form, using current browsers, unless all of the boxes are checked. your javascript logic is the reverse of this. you must check the ones to remove and un-check the ones to keep, but then the form won't submit unless you check all the remaining boxes.

 

if what you are trying to do is allow for a row(s) of the dynamically added form fields to be removed, there are two straight-forward ways -

 

1) only use the check-boxes to control what the 'Remove Attributes' button operates on. don't pre-check the check-boxes and don't make them 'required'. you would check any boxes you want to remove, then click the 'Remove Attributes' button.

 

2) add a 'Remove' button at the end of each dynamically added row, that just removes that row from the DOM.

  • Like 1
michelle1404 Member

michelle1404

Posted
  • Author
Posted

@ginerjm:

 

Thank you, It got resolved!

 

I did like this

if(isset($_POST['submit']))
{
$stk = $_POST['stockid'];

$N = COUNT($_POST['chk']) ;
for($i=0; $i<$N; $i++)
{
$color = $_POST['Color'][$i];
$size = $_POST['Size'][$i];
$cost = $_POST['Cost'][$i];
$selling_price = $_POST['Selling_price'][$i];
$opening_stock = $_POST['Opening_stock'][$i];

$sql1 = "INSERT INTO itemarticles (stk_code, color, size, cost, selling_price, opening_stock) VALUES ('".$stk."', ".$color.", ".$size.", ".$cost.", ".$selling_price.", ".$opening_stock.")"; 	
$result = DB_query($sql1,$db);
benanamen Prolific Member

benanamen

Posted
Posted

You still have problems. You are wide open to an SQL Injection Attack. You NEVER EVER insert user supplied data directly to the database. You need to use prepared statements.

 

Also, depending on the name of a button to be submitted will completely fail in certain circumstances. You need to use 

 

if ($_SERVER['REQUEST_METHOD'] == 'POST')

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.