Jump to content


Photo

Variable variables in PHP 4.2+


  • Please log in to reply
15 replies to this topic

#1 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 05:23 PM

As a noob PHP coder, I used to get by with variable variables but the security change in PHP 4.2 has made it much more difficult for noobs like me to do what we used to be able to do.

I'm trying to create a form where I can input stats for 15 players of a softball team and then post it to a db. I used variable variables in order to use a loop for both creating the form and posting to the db.

The code I'm working with is currently:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]<html>
<head><link rel="stylesheet" type="text/css" href="../styles/index.css"></head>
<body>
<table>
<tr>
<td width="740" id="maincontent">
<div><br>

<?php

//open database
$db=mysql_connect ("localhost", "user", "pw")
or die ('I cannot connect to the database because: ' .
mysql_error());
mysql_select_db("softball",$db);

if ($_POST['submit']) {

// update players' stats

$count = $_POST['count'];

for ($i = 1; $i <= $count; $i++) {
echo "id$i = ${'id'.$i}<br>";
echo "AB$i = ${'AB'.$i}<br>";
$result = mysql_query('UPDATE players SET G=G+1, AB=AB+${"AB".$i}, R=R+${"R".$i}, 1B=1B+${"1B".$i}, 2B=2B+${"2B".$i}, 3B=3B+${"3B".$i}, HR=HR+${"HR".$i}, RBI=RBI+${"RBI".$i}, SF=SF+${"SF".$i}, BB=BB+$${"BB".$i}, K=K+${"K".$i}, E=E+${"E".$i} WHERE id=${"id".$i}');
}

echo "Game results entered.";

} else {

echo "<div id='sectionheader'>Softball Update</div><br><br>";
$result = mysql_query("SELECT id, name FROM players WHERE team='Barons' AND year=2006 ORDER BY name");
$count = mysql_num_rows($result);
echo '<form method="post" action="">';
if ($myrow = mysql_fetch_array($result)) {
$i = 1;
echo "<table><tr><td colspan='13' align='center'>Barons</td></tr><tr><td>ID</td><td>Name</td><td>AB</td><td>R</td><td>1B</td><td>2B</td><td>3B</td><td>HR</td><td>RBI</td><td>SF</td><td>BB</td><td>K</td><td>E</td></tr>";
do {
$id = $myrow["id"];
$name = $myrow["name"];
echo "<tr><td><select name='id$i'><option value='$id'>$id</option></select></td>";
echo "<td><select name='name$i'><option value='$name'>$name</option></select></td>";
echo "<td><input type='text' name='AB$i' align='top' maxlength='2' size='2 '></td>";
echo "<td><input type='text' name='R$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='1B$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='2B$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='3B$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='HR$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='RBI$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='SF$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='BB$i' align='top' maxlength='2' size='2'></td>";
echo "<td><input type='text' name='K$i' align='top' maxlength='2' size='2' ></td>";
echo "<td><input type='text' name='E$i' align='top' maxlength='2' size='2'></td></tr>";
$i = $i++;
} while ($myrow = mysql_fetch_array($result));
echo "</table>";
}

echo '<input type="hidden" name="count" value="$count">';
echo '<input type="submit" name="submit" value="Submit"><br><br>';
echo '</form>';

}
?>

</div></td></tr></table>
</body>
</html>[/quote]

Your help is greatly appreciated!

#2 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 16 May 2006 - 05:38 PM

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Your help is greatly appreciated![/quote]
Your problem is?

#3 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 05:40 PM

Nothing gets posted to the db.

Form is created fine, at least on the surface.

#4 ryanlwh

ryanlwh
  • Staff Alumni
  • Advanced Member
  • 511 posts

Posted 16 May 2006 - 06:12 PM

echo "id$i = ${'id'.$i}<br>";

should be
echo "id$i = $_POST[id$i]<br>";

and so on...
Please use EDIT * 100...
Please use
or [php] * 1000...

PLEASE READ THE POSTED SOLUTIONS CAREFULLY * 1000000...

#5 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 06:23 PM

Thanks. This is what I've got now:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]if ($_POST['submit']) {

// update players' stats

$count = $_POST['count'];

for ($i = 1; $i <= $count; $i++) {
${"id".$i} = $_POST[id$i];
${"AB".$i} = $_POST[AB$i];
${"R".$i} = $_POST[R$i];
${"1B".$i} = $_POST[1B$i];
${"2B".$i} = $_POST[2B$i];
${"3B".$i} = $_POST[3B$i];
${"HR".$i} = $_POST[HR$i];
${"RBI".$i} = $_POST[RBI$i];
${"SF".$i} = $_POST[SF$i];
${"BB".$i} = $_POST[BB$i];
${"K".$i} = $_POST[K$i];
${"E".$i} = $_POST[E$i];

$result = mysql_query('UPDATE players SET G=G+1, AB=AB+${"AB".$i}, R=R+${"R".$i}, 1B=1B+${"1B".$i}, 2B=2B+${"2B".$i}, 3B=3B+${"3B".$i}, HR=HR+${"HR".$i}, RBI=RBI+${"RBI".$i}, SF=SF+${"SF".$i}, BB=BB+$${"BB".$i}, K=K+${"K".$i}, E=E+${"E".$i} WHERE id=${"id".$i}');
}[/quote]

And I'm getting [!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Parse error: syntax error, unexpected T_VARIABLE, expecting ']'[/quote] for the line in bold above...?



#6 ryanlwh

ryanlwh
  • Staff Alumni
  • Advanced Member
  • 511 posts

Posted 16 May 2006 - 06:27 PM

because that's not in a string, so you have to quote the part inside $_POST
${"id".$i} = $_POST["id$i"];

Please use EDIT * 100...
Please use
or [php] * 1000...

PLEASE READ THE POSTED SOLUTIONS CAREFULLY * 1000000...

#7 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 07:00 PM

Thanks...no errors now. However, still not posting to the db. I suspect my $count hidden variable from the form is not being passed through or something of that sort b/c when I echo it after submitting, it comes back empty.

What is wrong with the way the $count variable is being passed?

#8 ryanlwh

ryanlwh
  • Staff Alumni
  • Advanced Member
  • 511 posts

Posted 16 May 2006 - 07:08 PM

echo '<input type="hidden" name="count" value="$count">';

Single quote does not parse variables. You need to use double quotes or concatenation
echo "<input type=\"hidden\" name=\"count\" value=\"$count\">";
// OR //
echo '<input type="hidden" name="count" value="'.$count.'">';


Please use EDIT * 100...
Please use
or [php] * 1000...

PLEASE READ THE POSTED SOLUTIONS CAREFULLY * 1000000...

#9 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 16 May 2006 - 07:21 PM

Instead of generating names like that, use arrays for the names. It will make your life so much simplier.

<?php
$cols = array('AB','R','B1','B2','B3','HR','RBI','SF','BB','K','E');
if (isset($_POST['submit'])) {

// update players' stats

  $count = $_POST['count'];

  for ($i = 1; $i <= $count; $i++) {
    echo 'id[' . $i . '] = ' . $_POST['id'][$i] . "<br>";
    echo 'AB[' . $i . '] = ' . $_POST['AB'][$i] . "<br>";
    $qtmp = array();
    foreach ($_POST as $k => $dmy)
       switch($k) {
            case 'G':
                $qtmp[] = 'G = G + 1';
                break;
            case 'id':
            case 'submit':
//
//   do nothing
//
                 break;
            default: // all other fields
                 $qtmp[] = $k . '=' . $k . '+' . $_POST[$k][$i];
                 break;
    }
    $q = "UPDATE players SET " . implode(', ',$qtmp) . " where id=" . $_POST['id'][$i];
    $result = mysql_query($q) or die("Problem updating DB, query: $q<br>" . mysql_error());
  }

  echo "Game results entered.";

} else {

   echo "<div id='sectionheader'>Softball Update</div><br><br>";
   $result = mysql_query("SELECT id, name FROM players WHERE team='Barons' AND year=2006 ORDER BY name");
   $count = mysql_num_rows($result);
   echo '<form method="post" action="">';
   if ($count > 0) {
      $i = 1;
      echo "<table><tr><td colspan='13' align='center'>Barons</td></tr> 
               <tr>
               <td>ID</td>
               <td>Name</td>
               <td>AB</td>
               <td>R</td>
               <td>1B</td>
               <td>2B</td>
               <td>3B</td>
               <td>HR</td>
               <td>RBI</td>
               <td>SF</td>
               <td>BB</td>
               <td>K</td>
               <td>E</td>
               </tr>";

       while ($myrow = mysql_fetch_assoc($result)) {
           $id = $myrow["id"];
           $name = $myrow["name"];
           echo '<tr><td><input type="hidden" name="id[' . $i .]' value="' . $id .'">$id</td>';
           echo '<td><input name="name[' . $i . ']" value="' . $name . '">$name</td>';
           foreach ($cols as $col)
               echo '<td><input type='text' name="' . $col . '[' . $i .']" align="top" maxlength="2" size="2"></td>';
           echo "</tr>";
           $i++;
       }
       echo "</table>";
    }

    echo '<input type="hidden" name="count" value="' . $count . '">';
    echo '<input type="submit" name="submit" value="Submit"><br><br>';
    echo '</form>';

}
?>

You will notice that I made extensive changes to your code... [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /]
Just a few comments on the changes:
  • You can't have names in PHP that start with numbers so I changed your '1B', '2B', and '3B' to 'B1', 'B2', and 'B3'
  • Using a <select> tag with one <option> didn't make any sense, I changed those to hidden fields
  • I used a foreach loop to generate the repeating input lines
  • I generate the update query via a switch statement within a foreach loop
  • This code hasn't been tested for correctness or syntax errors. [img src=\"style_emoticons/[#EMO_DIR#]/smile.gif\" style=\"vertical-align:middle\" emoid=\":smile:\" border=\"0\" alt=\"smile.gif\" /] YMMV
Ken

#10 ryanlwh

ryanlwh
  • Staff Alumni
  • Advanced Member
  • 511 posts

Posted 16 May 2006 - 07:27 PM

as a follow up to ken's post, i concur with using array notation. then you might not even need the count, because that's taken care of by the number of array elements.
Please use EDIT * 100...
Please use
or [php] * 1000...

PLEASE READ THE POSTED SOLUTIONS CAREFULLY * 1000000...

#11 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 08:33 PM

thanks, kenrbnsn. you've gotten me 95% of the way there. right now, the generated mysql query is also trying to update NAME and COUNT. If I can exclude those variables from the update query and add the "G = G+1" line into the query, then I'm golden. Unfortunately, your technically svelte query is now out of my league so I don't know how to do it myself. Please advise.

Thanks much!

#12 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 08:53 PM

I got NAME out of the update query...now trying to figure out how to get the COUNT out of the update query, and how to get the "G=G+1" into it.

Here's what I have so far:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]<?php

$cols = array('AB','R','B1','B2','B3','HR','RBI','SF','BB','K','E');
if (isset($_POST['submit'])) {

// update players' stats

$count = $_POST["count"];
$id = $_POST["id"];

for ($i = 1; $i <= $count; $i++) {
echo 'id[' . $i . '] = ' . $_POST['id'][$i] . "<br>";
echo 'AB[' . $i . '] = ' . $_POST['AB'][$i] . "<br>";
echo 'R[' . $i . '] = ' . $_POST['R'][$i] . "<br>";
echo 'B1[' . $i . '] = ' . $_POST['B1'][$i] . "<br>";
echo 'B2[' . $i . '] = ' . $_POST['B2'][$i] . "<br>";
echo 'B3[' . $i . '] = ' . $_POST['B3'][$i] . "<br>";
echo 'HR[' . $i . '] = ' . $_POST['HR'][$i] . "<br>";
echo 'RBI[' . $i . '] = ' . $_POST['RBI'][$i] . "<br>";
echo 'SF[' . $i . '] = ' . $_POST['SF'][$i] . "<br>";
echo 'BB[' . $i . '] = ' . $_POST['BB'][$i] . "<br>";
echo 'K[' . $i . '] = ' . $_POST['K'][$i] . "<br>";
echo 'E[' . $i . '] = ' . $_POST['E'][$i] . "<br>";

$qtmp = array();
foreach ($_POST as $k => $dmy)
switch($k) {
case 'G':
$qtmp[] = 'G = G + 1';
break;
case 'id':
case 'submit':
//
// do nothing
//
break;
default: // all other fields
$qtmp[] = $k . '=' . $k . '+' . $_POST[$k][$i];
break;
}
$q = "UPDATE players SET " . implode(', ',$qtmp) . " where id=" . $_POST['id'][$i];
$result = mysql_query($q) or die("Problem updating DB, query: $q<br>" . mysql_error());
}

echo "Game results entered.";

} else {

echo "<div id='sectionheader'>Softball Update</div><br><br>";
$result = mysql_query("SELECT id, name FROM players WHERE team='Barons' AND year=2006 ORDER BY name");
$count = mysql_num_rows($result);
echo '<form method="post" action="">';
if ($count > 0) {
$i = 1;
echo "<table><tr><td colspan='13' align='center'>Barons</td></tr>
<tr>
<td>ID</td>
<td>Name</td>
<td>AB</td>
<td>R</td>
<td>1B</td>
<td>2B</td>
<td>3B</td>
<td>HR</td>
<td>RBI</td>
<td>SF</td>
<td>BB</td>
<td>K</td>
<td>E</td>
</tr>";

while ($myrow = mysql_fetch_assoc($result)) {
$id = $myrow["id"];
$name = $myrow["name"];
echo '<input type="hidden" name="id[' . $i . ']" value="' . $id . '">';
echo "<tr><td>$id</td>";
echo "<td>$name</td>";
foreach ($cols as $col)
echo '<td><input type="text" name="' . $col . '[' . $i .']" align="top" maxlength="2" size="2"></td>';
echo "</tr>";
$i++;
}
echo "</table>";
}


echo '<input type="hidden" name="count" value="' . $count . '">';
echo '<input type="submit" name="submit" value="Submit"><br><br>';
echo '</form>';

}
?>[/quote]

#13 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 16 May 2006 - 09:27 PM

In the switch statement, where I have
<?php
     case 'id':
     case 'submit':
?>
add
<?php
case 'name':
case 'count':
?>

Ken

#14 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 16 May 2006 - 10:08 PM

Before I did that, I was getting this error:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]id[1] = 2
AB[1] = 3
R[1] = 3
B1[1] = 3
B2[1] = 0
B3[1] = 0
HR[1] = 0
RBI[1] = 3
SF[1] = 0
BB[1] = 0
K[1] = 0
E[1] = 3
Problem updating DB, query: UPDATE players SET G=G+1, AB=AB+3, R=R+3, B1=B1+3, B2=B2+0, B3=B3+0, HR=HR+0, RBI=RBI+3, SF=SF+0, BB=BB+0, K=K+0, E=E+3, count=count+ where id=2
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'where id=2' at line 1[/quote]

When I added the lines you suggested, I got this error:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]id[1] = 2
AB[1] = 6
R[1] = 6
B1[1] = 6
B2[1] = 0
B3[1] = 0
HR[1] = 0
RBI[1] = 6
SF[1] = 0
BB[1] = 0
K[1] = 0
E[1] = 6
id[2] = 1
AB[2] =
R[2] =
B1[2] =
B2[2] =
B3[2] =
HR[2] =
RBI[2] =
SF[2] =
BB[2] =
K[2] =
E[2] =
Problem updating DB, query: UPDATE players SET G=G+1, AB=AB+, R=R+, B1=B1+, B2=B2+, B3=B3+, HR=HR+, RBI=RBI+, SF=SF+, BB=BB+, K=K+, E=E+ where id=1
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' R=R+, B1=B1+, B2=B2+, B3=B3+, HR=HR+, RBI=RBI+, SF=SF+, BB=BB+, K=K+, E=E+ wher' at line 1[/quote]

I seem to be losing all the variable data in the update query now. As a wild guess, I tried adding a BREAK; after each line but that didn't work.

The code now looks like this:
[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]$qtmp = array();
foreach ($_POST as $k => $dmy)
switch($k) {
// case 'G':
// $qtmp[] = 'G = G + 1';
// break;
case 'id':
case 'submit':
case 'count':

//
// do nothing
//
break;
default: // all other fields
$qtmp[] = $k . '=' . $k . '+' . $_POST[$k][$i];
break;
}
$q = "UPDATE players SET G=G+1, " . implode(', ',$qtmp) . " where id=" . $_POST['id'][$i];[/quote]

How do I fix this?

#15 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 17 May 2006 - 01:01 AM

Change:
<?php
 default: // all other fields
$qtmp[] = $k . '=' . $k . '+' . $_POST[$k][$i];
?>
to
<?php
 default: // all other fields
if ($_POST[$k][$i] != '') $qtmp[] = $k . '=' . $k . '+' . $_POST[$k][$i];
?>
and
<?php
 $q = "UPDATE players SET G=G+1, " . implode(', ',$qtmp) . " where id=" . $_POST['id'][$i];
?>
to
<?php
if (!empty($qtmp)) {
      $q = "UPDATE players SET G=G+1, " . implode(', ',$qtmp) . " where id=" . $_POST['id'][$i];
       $result = mysql_query($q) or die("Problem updating DB, query: $q<br>" . mysql_error());
}
?>

Ken

#16 colickyboy

colickyboy
  • Members
  • PipPip
  • Member
  • 26 posts

Posted 17 May 2006 - 02:33 PM

Works like a charm!

Many, many thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users