I have been looking for the last 3 days on forms and other site for a solution to the issue of when a check box is NOT clicked, it will not pass a value when submitted. There are many solutions using javascript to check if the box was selected or not, before it is posted, but I was unsure of how to get this to work exactly. There were also many solutions using the hidden text field with the same name as the check box, but as others in those posts pointed out and what I have found, both values were getting posted so that in my case it didn't work.
Here is what I came up with and I am wondering if there are huge problems with it. It works, but is the solution going to be inefficient somehow.
I also had a problem with getting the $_POST[] array sanitized and perhaps someone might know why the sanitized value wouldn't work in the in_array().
So this is how I did it.
First when I created my form I made it dynamically and I assigned the existing values from the database for the checkboxes.
include('connect.php');
$sql = "SELECT * FROM scholarships WHERE schools='both' OR schools='Rankin'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<tr>"."<td>".$row['sch_name']."</td>"."<td>".$row['category']."</td>"."<td>".$row['date']."</td>"."<td>".$row['activate']."</td>"."<td>";
?>
<li><input type="checkbox" name="keywords[]" value="<? echo $row['id']; ?>" title="option1"
<?
// this puts a check in the box if it is in the database
if($row['activate']=="Yes")
{
echo "checked"."="."\"Checked\"";
}
else
{
// allows for not check value
}
?>
/></li><br />
<?
echo "</td>"."</tr>";
}
} else {
echo "0 results";
}
$conn->close();
Next I posted this to a processing page where I created two loops one to read the existing values in the database, and another to compare that to the $_POST['keywords'] array. Again I know I have to sanitize this.
Here is the code for the process page.
// sanitize the restults from the form
$_POST = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING);
// conect to the database
include('connect.php');
// check to see what values were actually check
foreach($_POST['keywords'] as $keyword)
{
echo $keyword."<br>";
}
echo "<hr>";
// get the list of values from database table to compare
$sql = "SELECT * FROM scholarships WHERE schools='both' OR schools='Rankin'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$key=$row['id'];
if (in_array($key, $_POST['keywords'], TRUE))
{
echo $row['id']." "."Match found<br>";
$id = $row['id'];
// update records if a match is found to value Yes
$sql2 = "UPDATE scholarships SET activate='Yes' WHERE id=$id";
if (mysqli_query($conn, $sql2)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
}
else
{
echo $row['id']." "."Match not found<br>";
$id = $row['id'];
$sql2 = "UPDATE scholarships SET activate='0' WHERE id=$id";
if (mysqli_query($conn, $sql2)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
}
}
} else {
echo "0 results";
}
echo "<hr>";
mysqli_close($conn);
I have included a math and do not match so you can check if the code is working properly which it seems to do. My big questions would be:
A. Is this a decent way to do this, or is this really a server intensive process.
and
B. How can I get the $_POST array sanitized and used in the in_array() search part you can see I tried to use the sanitized string, but that would't work so for now I used the $_POST which I know is not a good idea.
Sorry this is really long but if it is a valid way to do it I wanted others to have a good explanation of how to get this to work. If not I will delete it.
Thanks.
Aucun commentaire:
Enregistrer un commentaire