Page 2 of 2 First 12
  • Jump to page:
    #16
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Location
    Sydney Australia
    Posts
    182
    Rep Power
    83
    Originally Posted by jlewis01
    PHP Code:
    $inverseQty $row['exchOrder']*-1;
    echo 
    "<input type=checkbox name=pulledQty[] value=$inverseQty>"
    Your html is incorrect also. attribute values should be in quotes.
    Code:
    echo "<input type=\"checkbox\" name=\"pulledQty[]\" value=\"$inverseQty\">";
  2. #17
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    246
    Rep Power
    73
    Originally Posted by BarryG
    Your html is incorrect also. attribute values should be in quotes.
    Code:
    echo "<input type=\"checkbox\" name=\"pulledQty[]\" value=\"$inverseQty\">";
    Yes, thank you. I am aware of proper html but I dont think this resolves my issue as proposed here.
  4. #18
  5. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    246
    Rep Power
    73
    Okay, I think I have it figured out. It does work as expected. Please take a look and see if you agree that the code/logic is cleaner.

    PHP Code:
        if(is_array($_POST['pulledQty']))
    {
        foreach(
    array_keys($_POST['pulledQty']) as $index)
        {
     echo 
    $submitQuery $_POST['pulledQty'][$index].",".$_POST['pulledItem'][$index];
            
    $result=mysql_query("INSERT INTO unionInv (unionInvItem,unionQty) VALUES (".mysql_escape_string($_POST['pulledItem'][$index]).",".mysql_escape_string($_POST['pulledQty'][$index]).")")or die("Insert Error: ".mysql_error());
    mysql_close;
        }

  6. #19
  7. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    676
    Rep Power
    7
    Here's something to make it simple. Somewhat which requinix pointed out as his unfavored way. This will, however, build a little different. It would just be your item names, follow by an input box for quantity. Build your form like so:

    Hidden field named "item['id'][]" value "idval"
    Printed Liquor Name - Qty Input Box named "item['id'][]"

    Replace 'idval' with however you reference your items, such as an id number, or item name. A far as the 'id' goes, just make the hidden match the following input. I suggest use numbers 0-...

    Then, after submission, run a foreach() and if the Qty is greater than zero, run the INSERT query with provided values.

    item[id][0] holds your item's ID number, or item name
    item[id][1] holds the Qty value


    EDIT: Or run an INSERT every foreach(). I wasn't sure if you wanted unchecked values entered as well or not. Just decide this via the if/else that would be within your foreach()
    Last edited by Triple_Nothing; February 18th, 2013 at 10:06 AM.
  8. #20
  9. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Posts
    676
    Rep Power
    7
    Otherwise, if you haven't exactly gotten it yet, perhaps a bit more of a story of the goal of the site, and how you wish it to work? The post of your that includes the code that builds your form kinda leaves me a little confussed on its desired use/function. Let me see if I got this right. And, if this isn't an order form, but perhaps inventory, are INSERTs your best intent?

    ItemID //Displays item name
    id //Item's ID number?
    exchOrder //Current inv qty?
    Checkbox input //Predefined order amount?
    disQty //Random inv to add to this item?

    If, and I'm kinda guessing, this is to be kinda both an inventory item, with an order option, I would run a UPDATE on current items to keep an INV table updated, and have another INV table hold your nightly/weekly INV checks, each night/week check to 1 row. Then make your checkbox trigger an if/then to proccess the order, if needed.
  10. #21
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    246
    Rep Power
    73
    Originally Posted by Triple_Nothing
    I would run a UPDATE on current items to keep an INV table updated, and have another INV table hold your nightly/weekly INV checks, each night/week check to 1 row
    You are correct and this is exactly what I have done. Your speculation about the use of the form is pretty much correct also. I do have one table update inventory and another is Inserted for a possible review if needed later.
    Everything seems to be working as expected now. I am just wanting conformation the updated code for inserting the records is good.
  12. #22
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    calling mysql_real_escape_string is useless when you don't wrap the value in quotes. This function only prevents the user from "breaking out" of a quoted string, it does not magically make the input secure or something.

    And since you added the die(mysql_error()) back in and still have the mysql_close(), I'm not exactly sure if you're serious about the good code ...
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  14. #23
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    246
    Rep Power
    73
    Originally Posted by Jacques1
    Hi,

    calling mysql_real_escape_string is useless when you don't wrap the value in quotes. This function only prevents the user from "breaking out" of a quoted string, it does not magically make the input secure or something.

    And since you added the die(mysql_error()) back in and still have the mysql_close(), I'm not exactly sure if you're serious about the good code ...
    Serious and ignorance are not the same. Thank you for helping me to understand what I do not.
Page 2 of 2 First 12
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo