Updating checkboxes / Checking what was checked

I have a lot of check boxes. This is an update of the check boxes, I
want something was checked, then to do an insert (which is currently
working), if something is no longer checked...delete the checkbox
join/link that is in the database.

So, the insert/checked is working, but the "unchecking" is not working.
I don't know how to compare an array of what was not checked.

Here is my code:
if (is_array($_POST['commentsid'])) {

foreach ($_POST['commentsid'] as $id) {

##########
## Finding out if it was previously checked
## if not, insert the data

##checking if this $id is already in the database
$query = mysql_query("SELECT id_ministry FROM join_comments WHERE
id_ministry = '$id'")
or die("Bad query: ".mysql_error());

## if it is not in the database, insert the id
if (mysql_num_rows($query) == "0") {
$insert =
"INSERT INTO ".
"join_comments (username, creation_stamp, id_people, id_ministry) ".
"VALUES ('$_SESSION[valid_user]', '$datetime', '$_POST[id]',
'$id')";

$mysql_insert = mysql_query($insert, $mysql_link)
or die("Bad query: ".mysql_error());

######
### i don't think this needs to be here. i think my delete needs to
be before everything
} elseif ((mysql_num_rows($query) == "1") && ($id == )) {

$deletequery = mysql_query("DELETE FROM join_comments WHERE
id_people = '$_POST[id]' AND id_ministry ='$id'")
or die("Bad query: ".mysql_error());
##
######
} else {
print "Error";
}
##
##########

}
}

I think I need to do my delete before everything. He is an "english"
version of what I think needs to be done:

do a query selected all that is in the database
compare what was checked this time against was is checked now
if something is no longer checked {
delete from database the ones that are not in the database now
}
}

I hope this makes sense.

Thank you for any help,
aaron

re: Updating checkboxes / Checking what was checked

Aaron Reimann wrote:Euhm, security? I'd use an intval($id) or something to be sure it's not a
sql-injection.
You do know you don't HAVE to concate?
$insert = "INSERT INTO
join_comments (username, creation_stamp, id_people, id_ministry)
VALUES
('$_SESSION[valid_user]', '$datetime', '$_POST[id]','$id')";

Will work just fine, and saves some useless overhead.
1. Create an array of available id's from you database (mysql_query(),
mysql_fetch_array() loop).
2. Make sure it's the same format as your $_POST array.
3. array_walk(array_name,'intval') to make sure you have all integers.
4. $to_be_deleted = array_dif($available_array,$post_array).
5. foreach($to_be_deleted) loop delete.

If I see your code now, I'd say that you might benifit from some protection
from SQL-injections. Loop up the subject on google, expacially
mysql_real_escape_string() etc.

Never, ever, trust userdata, not even when they're logged in, trusted
users.
--
Grtz,

Rik Wasmus

re: Updating checkboxes / Checking what was checked

Aaron Reimann wrote:I think you are falling over one of the AWFUL AWFUL features of HTML
forms: an unchecked check-box is simply not returned at all.

If you know about specific boxes on your form, you can take the absence
of a box-name in the arguments as 'unset' for that box. But if you are
looping through a set of boxes, unset ones simply won't be there in your
list at all.

You either need to keep a list of all the boxes you expect, so after you
have seen the arguments from all the checked ones you know the rest are
unchecked; or if it is not practical or convenient for the script to
determine what boxes should have been on the page, you can output a
hidden control with some known value for each box, and then loop through
the hidden values seeing whether the value for the corresponding check
box is present.

Colin