| Syntax for adding text prefix to a post variable? [message #170257] |
Sat, 23 October 2010 03:59  |
GarryJones
Messages: 21
Registered: September 2010
Karma: 0
|
Junior Member |
|
|
Syntax problem when adding a prefix to an item number ->
A user can mark each item as "10% paid" and/or "90% paid". Each item
has a unique number in a mysql database.
In the php form I give each checkbox a unique number. Every item has 2
checkboxes.
For instance item 289474 has two checkboxes, I prefix these with 10
and 90 so its two checkboxes are called "10289474" and "90289474". So
far so good, I can see these are correct in the html code.
Then when the user presses OK I need to update what has and has not
been checkedboxed as paid.
If checkbox 10289474 has been checked I need to update item 289474 as
10% paid.
When checkbox 90289474 has been checked I need to update item 289474
as 90% paid.
(In the table I have a column for "10% paid" and another column for
"90% paid" which I need to set to "yes" when the user checks the
respective checkbox, the std value is "no" and prefilled on item
creation)
I am adding each item number to an array to use when processing the
checkboxes. I have listed the array and it is correct.
The array is called $arr_payref
The item number is in a column called bokanmref
This is not working.. My problem is I don't know how to add the
prefixes (10 and 90) to the item number in the array before collecting
the data with the post command. This is my best(?) effort....
foreach ($arr_payref as $payboxnmn)
{
$paybox = $_POST["10$payboxnmn"];
if($paybox == "yes"){
mysql_query("UPDATE ct_bok2 SET bok_paid10='yes' WHERE
bokanmref='$payboxnmn'");
} else {
mysql_query("UPDATE ct_bok2 SET bok_paid10='no' WHERE
bokanmref='$payboxnmn'");
}
}
foreach ($arr_payref as $payboxnmn)
{
$paybox = $_POST["90$payboxnmn"];
if($paybox == "ja"){
mysql_query("UPDATE ct_bok2 SET bok_paid10='yes' WHERE
bokanmref='$payboxnmn'");
} else {
mysql_query("UPDATE ct_bok2 SET bok_paid10='no' WHERE
bokanmref='$payboxnmn'");
}
}
Any help greatly appreciated.
Garry Jones
Sweden
|
|
|
|
| Re: Syntax for adding text prefix to a post variable? [message #170258 is a reply to message #170257] |
Sat, 23 October 2010 08:46  |
Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma: 0
|
Senior Member |
|
|
GarryJones wrote:
> A user can mark each item as "10% paid" and/or "90% paid".
They could mark *one* item as *both* 10% and 90% paid? Sounds like an error
in your business logic to me.
> Each item has a unique number in a mysql database.
>
> In the php form I give each checkbox a unique number. Every item has 2
> checkboxes.
>
> For instance item 289474 has two checkboxes, I prefix these with 10
> and 90 so its two checkboxes are called "10289474" and "90289474". So
> far so good, I can see these are correct in the html code.
>
> Then when the user presses OK I need to update what has and has not
> been checkedboxed as paid.
>
> If checkbox 10289474 has been checked I need to update item 289474 as
> 10% paid.
> When checkbox 90289474 has been checked I need to update item 289474
> as 90% paid.
Wrong approach. Use
<label><input type="checkbox" name="289474[]" value="10"> 10%</label>
<label><input type="checkbox" name="289474[]" value="90"> 90%</label>
or
<label><input type="radio" name="289474" value="10"> 10%</label>
<label><input type="radio" name="289474" value="90"> 90%</label>
then retrieve the primitive string values of the array $_REQUEST['289474'],
or the primitive string value $_REQUEST['289474'], respectively.
> (In the table I have a column for "10% paid" and another column for
> "90% paid" which I need to set to "yes" when the user checks the
> respective checkbox, the std value is "no" and prefilled on item
> creation)
Would it not be easier, more flexible, and more efficient with queries
to have one field for the percentage and simply store the percentage value?
HTH
PointedEars
--
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
-- Richard Cornford, cljs, <cife6q$253$1$8300dec7(at)news(dot)demon(dot)co(dot)uk> (2004)
|
|
|
|
| Re: Syntax for adding text prefix to a post variable? [message #170262 is a reply to message #170257] |
Sat, 23 October 2010 12:40 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 10/22/2010 11:59 PM, GarryJones wrote:
> Syntax problem when adding a prefix to an item number ->
>
> A user can mark each item as "10% paid" and/or "90% paid". Each item
> has a unique number in a mysql database.
>
> In the php form I give each checkbox a unique number. Every item has 2
> checkboxes.
>
> For instance item 289474 has two checkboxes, I prefix these with 10
> and 90 so its two checkboxes are called "10289474" and "90289474". So
> far so good, I can see these are correct in the html code.
>
> Then when the user presses OK I need to update what has and has not
> been checkedboxed as paid.
>
> If checkbox 10289474 has been checked I need to update item 289474 as
> 10% paid.
> When checkbox 90289474 has been checked I need to update item 289474
> as 90% paid.
>
> (In the table I have a column for "10% paid" and another column for
> "90% paid" which I need to set to "yes" when the user checks the
> respective checkbox, the std value is "no" and prefilled on item
> creation)
>
> I am adding each item number to an array to use when processing the
> checkboxes. I have listed the array and it is correct.
>
> The array is called $arr_payref
> The item number is in a column called bokanmref
>
> This is not working.. My problem is I don't know how to add the
> prefixes (10 and 90) to the item number in the array before collecting
> the data with the post command. This is my best(?) effort....
>
> foreach ($arr_payref as $payboxnmn)
> {
> $paybox = $_POST["10$payboxnmn"];
> if($paybox == "yes"){
> mysql_query("UPDATE ct_bok2 SET bok_paid10='yes' WHERE
> bokanmref='$payboxnmn'");
> } else {
> mysql_query("UPDATE ct_bok2 SET bok_paid10='no' WHERE
> bokanmref='$payboxnmn'");
> }
> }
>
> foreach ($arr_payref as $payboxnmn)
> {
> $paybox = $_POST["90$payboxnmn"];
> if($paybox == "ja"){
> mysql_query("UPDATE ct_bok2 SET bok_paid10='yes' WHERE
> bokanmref='$payboxnmn'");
> } else {
> mysql_query("UPDATE ct_bok2 SET bok_paid10='no' WHERE
> bokanmref='$payboxnmn'");
> }
> }
>
> Any help greatly appreciated.
>
> Garry Jones
> Sweden
Not very secure, and wide open to hackers. Someone could easily come in
and change the id in the form to something else, for instance. It would
be better to keep the database row id in your $_SESSION where it can't
be changed.
Then you could have your checkboxes as "10" and "90", but again having
to prefill values is a bad way to go. Rather, you should have them
both named something like payment[] (brackets are important!) with
values of "10" and "90". Then you can check to see if $_POST['payment']
is set; if it is, $_POST['payment'][0] will contain the value (10 or 90)
of the first checkbox checked; if both are checked, $_POST['payment'][1]
will contain the other value.
But also ensure you are checking the value against the valid values (10
or 90 in this case) as these could be hacked, also.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
| Re: Syntax for adding text prefix to a post variable? [message #170311 is a reply to message #170262] |
Thu, 28 October 2010 17:15 |
GarryJones
Messages: 21
Registered: September 2010
Karma: 0
|
Junior Member |
|
|
Thanks I solved it with 2 seperate arrays and treated them
differently. And an exact mathmatical percentage can not be used as
the "90%" value is sometimes increased or decreased according to a
change in product.
As for business logic. Its for administrating holidays. When people
book they pay a 10% deposit. 30 days before depature they have to pay
the 90%.
The "users" in this case are logged in on a secure server at head
office. The "users" are the only other 2 people in the world with the
login code and the only 2 with access to the bank account statements
where the money is paid into. Its merely a way of keeping tabs on who
has and has not paid.
|
|
|
|
| Re: Syntax for adding text prefix to a post variable? [message #170312 is a reply to message #170311] |
Thu, 28 October 2010 17:17 |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma: 0
|
Senior Member |
|
|
On 10/28/2010 1:15 PM, GarryJones wrote:
> Thanks I solved it with 2 seperate arrays and treated them
> differently. And an exact mathmatical percentage can not be used as
> the "90%" value is sometimes increased or decreased according to a
> change in product.
>
> As for business logic. Its for administrating holidays. When people
> book they pay a 10% deposit. 30 days before depature they have to pay
> the 90%.
>
> The "users" in this case are logged in on a secure server at head
> office. The "users" are the only other 2 people in the world with the
> login code and the only 2 with access to the bank account statements
> where the money is paid into. Its merely a way of keeping tabs on who
> has and has not paid.
Until some hacker breaks in, that is.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]