Page 2 of 2 First 12
  • Jump to page:
    #16
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Location
    Sydney Australia
    Posts
    207
    Rep Power
    85
    Originally Posted by jlewis01
    PHP Code:
    $inverseQty $row['exchOrder']*-1;
    echo 
    "<input type=checkbox name=pulledQty[] value=$inverseQty>"
    Your html is incorrect also. attribute values should be in quotes.
    Code:
    echo "<input type=\"checkbox\" name=\"pulledQty[]\" value=\"$inverseQty\">";
  2. #17
  3. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    262
    Rep Power
    74
    Originally Posted by BarryG
    Your html is incorrect also. attribute values should be in quotes.
    Code:
    echo "<input type=\"checkbox\" name=\"pulledQty[]\" value=\"$inverseQty\">";
    Yes, thank you. I am aware of proper html but I dont think this resolves my issue as proposed here.
  4. #18
  5. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    262
    Rep Power
    74
    Okay, I think I have it figured out. It does work as expected. Please take a look and see if you agree that the code/logic is cleaner.

    PHP Code:
        if(is_array($_POST['pulledQty']))
    {
        foreach(
    array_keys($_POST['pulledQty']) as $index)
        {
     echo 
    $submitQuery $_POST['pulledQty'][$index].",".$_POST['pulledItem'][$index];
            
    $result=mysql_query("INSERT INTO unionInv (unionInvItem,unionQty) VALUES (".mysql_escape_string($_POST['pulledItem'][$index]).",".mysql_escape_string($_POST['pulledQty'][$index]).")")or die("Insert Error: ".mysql_error());
    mysql_close;
        }

  6. #19
  7. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Location
    Hartford, WI
    Posts
    961
    Rep Power
    20
    Here's something to make it simple. Somewhat which requinix pointed out as his unfavored way. This will, however, build a little different. It would just be your item names, follow by an input box for quantity. Build your form like so:

    Hidden field named "item['id'][]" value "idval"
    Printed Liquor Name - Qty Input Box named "item['id'][]"

    Replace 'idval' with however you reference your items, such as an id number, or item name. A far as the 'id' goes, just make the hidden match the following input. I suggest use numbers 0-...

    Then, after submission, run a foreach() and if the Qty is greater than zero, run the INSERT query with provided values.

    item[id][0] holds your item's ID number, or item name
    item[id][1] holds the Qty value


    EDIT: Or run an INSERT every foreach(). I wasn't sure if you wanted unchecked values entered as well or not. Just decide this via the if/else that would be within your foreach()
    Last edited by Triple_Nothing; February 18th, 2013 at 10:06 AM.
  8. #20
  9. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jun 2009
    Location
    Hartford, WI
    Posts
    961
    Rep Power
    20
    Otherwise, if you haven't exactly gotten it yet, perhaps a bit more of a story of the goal of the site, and how you wish it to work? The post of your that includes the code that builds your form kinda leaves me a little confussed on its desired use/function. Let me see if I got this right. And, if this isn't an order form, but perhaps inventory, are INSERTs your best intent?

    ItemID //Displays item name
    id //Item's ID number?
    exchOrder //Current inv qty?
    Checkbox input //Predefined order amount?
    disQty //Random inv to add to this item?

    If, and I'm kinda guessing, this is to be kinda both an inventory item, with an order option, I would run a UPDATE on current items to keep an INV table updated, and have another INV table hold your nightly/weekly INV checks, each night/week check to 1 row. Then make your checkbox trigger an if/then to proccess the order, if needed.
  10. #21
  11. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    262
    Rep Power
    74
    Originally Posted by Triple_Nothing
    I would run a UPDATE on current items to keep an INV table updated, and have another INV table hold your nightly/weekly INV checks, each night/week check to 1 row
    You are correct and this is exactly what I have done. Your speculation about the use of the form is pretty much correct also. I do have one table update inventory and another is Inserted for a possible review if needed later.
    Everything seems to be working as expected now. I am just wanting conformation the updated code for inserting the records is good.
  12. #22
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1015
    Hi,

    calling mysql_real_escape_string is useless when you don't wrap the value in quotes. This function only prevents the user from "breaking out" of a quoted string, it does not magically make the input secure or something.

    And since you added the die(mysql_error()) back in and still have the mysql_close(), I'm not exactly sure if you're serious about the good code ...
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  14. #23
  15. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2004
    Posts
    262
    Rep Power
    74
    Originally Posted by Jacques1
    Hi,

    calling mysql_real_escape_string is useless when you don't wrap the value in quotes. This function only prevents the user from "breaking out" of a quoted string, it does not magically make the input secure or something.

    And since you added the die(mysql_error()) back in and still have the mysql_close(), I'm not exactly sure if you're serious about the good code ...
    Serious and ignorance are not the same. Thank you for helping me to understand what I do not.
Page 2 of 2 First 12
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo