Jump to content

select form item populated from SQL table: how to save more variables data rather than its value alone?


Dancode

Recommended Posts

Hello,

I have a SQL table structured that way:

 

Quote

    Id_value         |              id_group_value                 |             name_group_value        |             name_value

 

 

 

I build a php/sql query to create a dropdown form getting its values which work like that:

 

    <label>item</label>                                                

    <?php

                $result = $conn->query("select id_ value,id_ group _ value, name _ group_ value, name_value FROM table WHERE id_ group _ value = 0");

 

                echo "<select name='name_value' ><option value='' disabled selected>choose value</option>";

                               

                while ($row = $result->fetch_assoc()) {

                                               unset($idv, $namev);

                                                $idv = $row['id_value'];

                                                $namev = $row['name_value'];

                                               $id_gv = $row['id_group_value'];

                                                $id_v = $row[' name_group_value '];                                                                                                                                

                                                echo '<option value="'.$ idv.'">'.$namev.'</option>';

                

                                                                                                                                              }

                                                                                                                             

                echo "</select>";

 

 

 

I can easily save values from that select form item using a '$_POST[form_item]' which I do this way and means get the $idv variable:

 

 

                $sql = "INSERT INTO table (form_select_value)

                                                                                                                             

                VALUES ('$_POST[name_value]')";

 

 

 

What should I do to save another extracted value which I retrieved from the original SQL query, let’s say $namev variable, together?

Link to comment
Share on other sites

You must find it very difficult working with a database where all the tables have the name "table"

Having got the id value from the dropdown in $_POST['name_value'] you can query the table on the second page to get the associated name.

INSERT INTO table2 (form_select_value, form_select_name) SELECT id_value, name_value FROM table1 WHERE id_value = ?

If you are using a relational database you need to read up on data normalization and design your tables correctly. (group name should only be in a table which defines the groups, not in every member of that group)

Link to comment
Share on other sites

of course I did a mistake when wrote the answer, there are table1 and table2 - thanks for your attention :)

 

I apologize but did not really catch what you are telling me. In the first part of your statement:

4 hours ago, Barand said:

INSERT INTO table2 (form_select_value, form_select_name)

It is correct that form_select_value and for_select_name are the same? (this being the name of the input field)

 

 

in the second part of this statement:

SELECT id_value, name_value FROM table1 WHERE id_value = ?

1. Do you mean this is replacing the VALUES declaration?

        1a. If not, this should fill the VALUES of both data or only related to the second one?

2. What is doing the question mark at the end: should be replaced from a variable? Which?

Link to comment
Share on other sites

INSERT ... SELECT ... is a form of insert statement that lets you select data from one table and insert the results into another table. (see mysql manual)

You should use prepared statements and not place user data directly into the query string. The "?" is a placeholder to hold the parameter value EG

$id = 123;

$stmt = $pdo->prepare("SELECT x,y,z FROM mytable WHERE id = ?");
$stmt->execute( [$id] );
$row = $stmt->fetch();
echo $row['x'];

 

Link to comment
Share on other sites

I understand this replace the VALUES declaration.

It seems me my semplification is causing some extra explaination problems, the form is quiet large including much more fields than those two. How can I mix that?

From my (poor) knowledge statement are useful to prevent SQL injection, being my purpose to run those pages in local are there other functional reason I should use it?

Link to comment
Share on other sites

11 minutes ago, Dancode said:

It seems me my semplification is causing some extra explaination problems, the form is quiet large including much more fields than those two. How can I mix that?

We can only give you an answer based on the information you give us. You need to adapt the answer given to you regarding the small picture, which you gave us, to the big picture.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.