By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
454,719 Members | 1,466 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 454,719 IT Pros & Developers. It's quick & easy.

???passing a query from a form???

P: n/a
Joe
I have wrote a script to query my mysql database based up a name that
is selected from an HTML list menu, the form action calls to my php
script from my html doc, I have tested connectivity to the databse and
have added a manual sql query to my php script to be sure it is
functioning properly, the problem is I'm not sure how to get the
script to see what option the html form is sending, I thought I could
use:

$query = "SELECT * FROM table WHERE email =
'{$_GET['selecteduser']}@mydomain.com'";

but that doesn't seem to be working properly. Maybe the HTML document
is sending it correctly? Here is my form:

<form action="report_results.php" method="post">
<select name="selecteduser">
<option value="selecteduser">Select One:</option>
<option value="us***@mydomain.com">user1</option>
<option value="us***@mydomain.com">user2</option>
</select>
<input type="submit" name="submit" value="Go!">
</form>

This form calls to the php script which then takes the input from the
HTML form and processes it into the $_GET query and sends it to the
while loop in the script, I'm not sure why this is not working? Here
is my php code:

PHP:
--------------------------------------------------------------------------------
<?php
$db = mysql_connect("localhost", "sqluser", "sqlpasswd") or
die("Could not connect to Mysql");
if (!$db == False)
{
mysql_select_db("mydb");
$query = "SELECT * FROM table WHERE email =
'{$_GET['selecteduser']}@mydomain.com'";

$result = mysql_query($sql,$db);
while ($row = mysql_fetch_row($result))
{
print "<tr>";
foreach ($row as $field)
{
print "<td>$field</td>";
}
print "</tr>";
}
mysql_close($cn);
}
else
{
print "Problem Connecting to the Database<br>";
}
?>
--------------------------------------------------------------------------------

Does anyone have any suggestions??

Thanks
Jul 17 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
On 28 Mar 2004 17:11:54 -0800, t3***@hotmail.com (Joe) wrote:
I have wrote a script to query my mysql database based up a name that
is selected from an HTML list menu, the form action calls to my php
script from my html doc, I have tested connectivity to the databse and
have added a manual sql query to my php script to be sure it is
functioning properly, the problem is I'm not sure how to get the
script to see what option the html form is sending, I thought I could
use:

$query = "SELECT * FROM table WHERE email =
'{$_GET['selecteduser']}@mydomain.com'";

but that doesn't seem to be working properly. Maybe the HTML document
is sending it correctly? Here is my form:

<form action="report_results.php" method="post">
<select name="selecteduser">
<option value="selecteduser">Select One:</option>
<option value="us***@mydomain.com">user1</option>
<option value="us***@mydomain.com">user2</option>
</select>
<input type="submit" name="submit" value="Go!">
</form>

This form calls to the php script which then takes the input from the
HTML form and processes it into the $_GET query and sends it to the
while loop in the script, I'm not sure why this is not working? Here
is my php code:

PHP:
--------------------------------------------------------------------------------
<?php
$db = mysql_connect("localhost", "sqluser", "sqlpasswd") or
die("Could not connect to Mysql");
if (!$db == False)
{
mysql_select_db("mydb");
$query = "SELECT * FROM table WHERE email =
'{$_GET['selecteduser']}@mydomain.com'";

$result = mysql_query($sql,$db);
while ($row = mysql_fetch_row($result))
{
print "<tr>";
foreach ($row as $field)
{
print "<td>$field</td>";
}
print "</tr>";
}
mysql_close($cn);
}
else
{
print "Problem Connecting to the Database<br>";
}
?>
--------------------------------------------------------------------------------

Does anyone have any suggestions??

Thanks


Try
$_POST['selecteduser']
instead of
$_GET['selecteduser']

in the PHP script.

Either that or use method="get" in your HTML page.

That oughta do it :]
Jul 17 '05 #2

P: n/a
t3***@hotmail.com (Joe) wrote in
news:69**************************@posting.google.c om:
$query = "SELECT * FROM table WHERE email =
'{$_GET['selecteduser']}@mydomain.com'";
You're trying to retrieve the value from $_GET, which assumes your form was
using the GET method...
but that doesn't seem to be working properly. Maybe the HTML document
is sending it correctly? Here is my form:

<form action="report_results.php" method="post">
but your form is using the POST method, so the value will be in $_POST.

But wait, there's more...
<select name="selecteduser">
<option value="selecteduser">Select One:</option>
<option value="us***@mydomain.com">user1</option>
<option value="us***@mydomain.com">user2</option>


The value in $_POST will end in "@mydomain.com" so when you fix the first
problem, you'll find you're asking your database for a value ending in
"@my**********@mydomain.com" and it will tell you it doesn't have it.
Append it in one place, not two.

Oh, and I'd really run that value through mysql_escape_string() before
letting it near a SELECT statement.
Jul 17 '05 #3

P: n/a
Joe
I changed the method to post in my html document, so that it matches
in both documents.I also the line <option value="selecteduser">Select
One:</option>
to <option value="NULL">Select One:</option> since there is no option
to pass there.

Now when you say:
The value in $_POST will end in "@mydomain.com" so when you fix the
first
problem, you'll find you're asking your database for a value ending in
"@my**********@mydomain.com" and it will tell you it doesn't have it.
Append it in one place, not two.

Do you mean only put the $_POST in my $sql query and no where else?

Eric Bohlman <eb******@earthlink.net> wrote in message news:<Xn*******************************@130.133.1. 4>...
t3***@hotmail.com (Joe) wrote in
news:69**************************@posting.google.c om:
$query = "SELECT * FROM table WHERE email =
'{$_GET['selecteduser']}@mydomain.com'";


You're trying to retrieve the value from $_GET, which assumes your form was
using the GET method...

but that doesn't seem to be working properly. Maybe the HTML document
is sending it correctly? Here is my form:

<form action="report_results.php" method="post">


but your form is using the POST method, so the value will be in $_POST.

But wait, there's more...
<select name="selecteduser">
<option value="selecteduser">Select One:</option>
<option value="us***@mydomain.com">user1</option>
<option value="us***@mydomain.com">user2</option>


The value in $_POST will end in "@mydomain.com" so when you fix the first
problem, you'll find you're asking your database for a value ending in
"@my**********@mydomain.com" and it will tell you it doesn't have it.
Append it in one place, not two.

Oh, and I'd really run that value through mysql_escape_string() before
letting it near a SELECT statement.

Jul 17 '05 #4

P: n/a
Perhaps you overlook this line:
$result = mysql_query($sql,$db);

I think it should be
$result = mysql_query($query,$db);

Jul 17 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.