Jump to content

How to bring existing value into dropdown


Go to solution Solved by cyberRobot,

Recommended Posts

I have a dropdown where the options are pulled from a database into an array for display. This works fine, what I am trying to understand is how to incorporate showing the selection a user has made previously that was written to a table. I understand how to do this without an array (by checking if it is set and then pushing selected to display it) but this I am struggling with. I have a value pulled from a select statement, if that is set I want to mark the right value in the dropdown as selected. This below is not displaying that, it just shows the first option in the drop down. What am I missing?

 
$statid is set from a select statement earlier in the script, printing it displays the value no problem
 
 
result_stat_query = $DB_con->prepare('SELECT statid, stat_name FROM stats ORDER BY statid');
$result_stat_query->setFetchMode(PDO::FETCH_ASSOC);
$result_stat_query->execute();
 
$row_stat = $result_stat_query->fetchAll();
 
 echo "<select name='stat_id' onchange='filterContent(this);'>";
 
foreach ($row_stat as $r) {
  
 
if (isset($statid)){
    echo "<p>statid=$statid</p>";
   echo '<option value='.$statid.'>'.$r['stat_name'].'</option>';
}
else{
    // first run
    echo '<option value="'.$r['statid'].'">'.$r['stat_name'].'</option>';
 
 }
}
echo "</select>";
 
Thanks,
 
G
  • Solution

You could try something like the following:

 

echo "<select name='stat_id' onchange='filterContent(this);'>";
foreach ($row_stat as $r) {
    echo '<option value="'.$r['statid'].'"';
    if (isset($statid) && $statid==$r['statid']){ echo ' selected="selcted"'; }
    echo '>'.$r['stat_name'].'</option>';
}
echo "</select>";

The code is still far from perfect.

  • While it's great that you're using prepared statements to prevent SQL injections, you haven't done anything about JavaScript injection (aka cross-site scripting). You need to apply HTML-escaping as well.
  • No need for prepared statements when you neither have parameters nor execute the query multiple times; just use PDO::query() in those cases
  • Don't fetch all rows when you just want to iterate over the result set; a PDOStatement itself can be used in a foreach loop.
  • Set a default fetch mode so that you don't have to specify PDO::FETCH_ASSOC over and over again.
  • Don't clutter your code with HTML fragments and inline JavaScript. Keep the different languages separate.
<?php

const APP_HTML_ENCODING = 'UTF-8';   // enter your character encoding here

function html_escape($raw_input, $encoding = APP_HTML_ENCODING)
{
    return htmlspecialchars($raw_input, ENT_QUOTES | ENT_SUBSTITUTE, $encoding);
}
<?php

// application logic goes here

$statsStmt = $DB_con->query('SELECT statid, stat_name FROM stats ORDER BY statid');

// end of application logic

?>
<!-- now the HTML part -->

<select name="stat_id">
    <?php foreach ($statsStmt as $stat): ?>
        <option value="<?= html_escape($stat['statid']) ?>" <?php if ($statid == $stat['statid']): ?>selected<?php endif; ?>><?= html_escape($stat['stat_name']) ?></option>
    <?php endforeach; ?>
</select>
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.