A database for my data

From: ANT_THOMAS 3 Aug 2010 19:02
To: Peter (BOUGHTONP) 116 of 158
What Drew said, it works great.

Next question

I'm wanting to use some input boxes to enter the month and/or year to generate the URLs.

The one for just year works fine
HTML code:
<input type="text" id="year" value="Enter Year"/>
<button type="button" onclick="location.href='./date.php?year='+document.getElementById('year').value;">Go To</button></div>


But I want it to grab two variables for the year and month one
HTML code:
<input type="text" id="month" value="Enter Month"/>
<input type="text" id="year1" value="Enter Year"/>
<button type="button" onclick="location.href='./date.php?month='+document.getElementById('month').value'&year='+document.getElementById('year1').value;">Go To</button

Unsurprisingly this messy thing doesn't work.
From: ANT_THOMAS 3 Aug 2010 19:07
To: Matt 117 of 158

What's this mysql_escape_string chap and what does it do for me?

 

(As I'm sure you're aware you code works perfectly well also :D )

From: Peter (BOUGHTONP) 3 Aug 2010 19:14
To: Drew (X3N0PH0N) 118 of 158
And yet still flawed. :(

I did think it should be doing isset instead of != "", but decided to trust you instead of looking it up.

And in either case I should have mentioned escaping. :'(

Bah.
From: Peter (BOUGHTONP) 3 Aug 2010 19:18
To: ANT_THOMAS 119 of 158
Hmmm, unless I'm being crazy, can you just do this:

html code:
<form action="./date.php" method="get">
	<input type="text" id="year" name="year" value="Enter Year" />
	<button type="submit">Go To</button>
</form>
 
<form action="./date.php" method="get">
	<input type="text" id="month" name="month" value="Enter Month/>
	<input type="text" id="year1" name="year" value="Enter Year" />
	<button type="submit">Go To</button>
</form>


?

(you may also need to restyle the form tags to remove margins/etc this way, but it's a better way than doing onclick=location.href stuff)
EDITED: 3 Aug 2010 19:20 by BOUGHTONP
From: ANT_THOMAS 3 Aug 2010 19:22
To: Peter (BOUGHTONP) 120 of 158
Indeed you can, much much nicer. Thanks!
From: Matt 3 Aug 2010 19:23
To: ANT_THOMAS 121 of 158
It escapes data for use in a MySQL query. Without it you open yourself up to SQL inject attacks. This explains some of the possibilities quite well: http://unixwiz.net/techtips/sql-injection.html

Your form, just use:

HTML code:
<form method="get" action="date.php">
  <input name="month" type="text" value="Enter month" />
  <input name="year" type="text" value="Enter year" />
  <button type="submit">Go To</button>
</form>
EDITED: 3 Aug 2010 19:24 by MATT
From: Drew (X3N0PH0N) 3 Aug 2010 19:26
To: Peter (BOUGHTONP) 122 of 158
isseting would be pointless because it's ... been set already.
From: Peter (BOUGHTONP) 3 Aug 2010 19:26
To: ANT_THOMAS 123 of 158
Woohoo. :)

Worth pointing out the id attributes are only necessary if you're also referencing these fields elsewhere (in html/js/css) - if not, just drop them, since the form submit and php stuff uses the name attribute.
From: ANT_THOMAS 3 Aug 2010 19:27
To: Matt 124 of 158

I see, yeah I guess I should be using escapes then.

 

Fantastic stuff, I can now be a sad bastard and track my weight via a pretty(ish) graph (using PHPGraphLib).

From: Drew (X3N0PH0N) 3 Aug 2010 19:28
To: Peter (BOUGHTONP) 125 of 158
isseting would be pointless because it's ... been set already.
From: Peter (BOUGHTONP) 3 Aug 2010 19:32
To: Drew (X3N0PH0N) 126 of 158
Hmm, so does $this = $_GET['that'] return empty string if that's not defined?

... computer says yes. Bah.
EDITED: 3 Aug 2010 19:37 by BOUGHTONP
From: Drew (X3N0PH0N) 3 Aug 2010 19:48
To: Peter (BOUGHTONP) 127 of 158
Aye. It's a pain in the arse.
From: Matt 3 Aug 2010 20:04
To: Peter (BOUGHTONP) 128 of 158
It should be NULL, not an empty string. If you var_dump the variable it'll show you what it contains.

If you turn on PHP strict error checking you'll get an undefined index error if you don't test with isset / array_key_exists. I prefer to code with strict errors switched on, it's safer and makes me feel smarter
From: Peter (BOUGHTONP) 3 Aug 2010 21:01
To: Matt 129 of 158
Ah, fair enough then. And yeah, it is null when var_dumped.
From: ANT_THOMAS 6 Jun 2012 18:51
To: ALL130 of 158
I need some more database coding help.

I have a row with a list of comma separated image filenames.

eg
code:
image1.jpg,image2.jpg,image3.jpg,image4.jpg


I generally PHP echo out the contents of a row using a nice and simple
PHP code:
{$row[images]}


That would obviously just chuck out the text with the commas, useless. I want each imagen.jpg wrapped in some HTML without the commas.
eg
HTML code:
<img src="image1.jpg" /><img src="image2.jpg" /><img src="image3.jpg" /><img src="image4.jpg" />


HOW?!
From: Drew (X3N0PH0N) 6 Jun 2012 18:58
To: ANT_THOMAS 131 of 158
php code:
$blah = split(",", $row[images]);
foreach ($blah as $beep) {
echo "<img src=\"" . $beep . "\" />";
}


Probably a neater way which PB or Matt will come along and embarrass me with.
From: ANT_THOMAS 6 Jun 2012 19:29
To: Drew (X3N0PH0N) 132 of 158

And how do I pop that within a current big echo?

 

I'm trying (honest :$ )

From: ANT_THOMAS 6 Jun 2012 19:41
To: Drew (X3N0PH0N) 133 of 158
To help more, I'd like the images somewhere within this lot....

PHP code:
$car = $_GET['car'];

$query  = "SELECT * FROM cars WHERE carcode = '$car' ";
$result = mysql_query($query);

while($row = mysql_fetch_array($result, MYSQL_ASSOC))

echo "
<table>
    <tr>
    <th rowspan='5'><a href='#'><img src='./photos/{$row[thumb]}' /></a>
    <br />
    <td colspan='2' width='300px'><a href='car.php?car={$row[carcode]}'>{$row[title]}</a></td>
    </tr>
    <tr>
    <td width='250px'>{$row[year]}<br />
                      {$row[mileage]}<br />
                      {$row[engine]}<br />
                      {$row[fuel]}<br />
                      {$row[gearbox]}<br />     </td>
    <td width='250px'>{$row[colour]}<br />
                      {$row[mot]}<br />
                      {$row[tax]}<br /></td>
    </tr>
    <tr>
    <td colspan='2'>{$row[extra]}</td>
    </tr>
    <tr>
    <td colspan='2' align='right' valign='bottom'><b>&pound;{$row[price]}</b></td>
    </tr>
    <tr>
    <td colspan='2'>FULL WIDTH</td>
    </tr>
</table>

         ";
From: ANT_THOMAS 6 Jun 2012 19:49
To: ALL134 of 158

I think I'm doing this totally wrong, because I actually want to do some stuff with the output from the other rows depending on what it is rather than just showing their content.

 

Back to the drawing board possibly.

From: Drew (X3N0PH0N) 6 Jun 2012 19:50
To: ANT_THOMAS 135 of 158
Indicate where in that you'd want the images. But essentially you'd do...

code:
$blah = split(",", $row[images]);
foreach ($blah as $beep) {
$stringading .= "<img src=\"" . $beep . "\" />";
}


And then just add $stringading in where you want the images echoed. So like...

code:
$car = $_GET['car'];

$query  = "SELECT * FROM cars WHERE carcode = '$car' ";
$result = mysql_query($query);

while($row = mysql_fetch_array($result, MYSQL_ASSOC))

echo "
<table>
    <tr>
    <th rowspan='5'><a href='#'><img src='./photos/{$row[thumb]}' /></a>
    <br />
    <td colspan='2' width='300px'><a href='car.php?car={$row[carcode]}'>{$row[title]}</a></td>
    </tr>
    <tr>
    <td width='250px'>{$row[year]}<br />
                      {$row[mileage]}<br />
                      {$row[engine]}<br />
                      {$row[fuel]}<br />
                      {$row[gearbox]}<br />     </td>
    <td width='250px'>{$row[colour]}<br />
                      {$row[mot]}<br />
                      {$row[tax]}<br /></td>" . $stringading . "

</tr>
    <tr>
    <td colspan='2'>{$row[extra]}</td>
    </tr>
    <tr>
    <td colspan='2' align='right' valign='bottom'><b>&pound;{$row[price]}</b></td>
    </tr>
    <tr>
    <td colspan='2'>FULL WIDTH</td>
    </tr>
</table>

         ";


(which is a nonsensical place to dump them but you get the idea)

If you want more code around them, like table cells or whatever you'd do it in the foreach loop like:

code:
$blah = split(",", $row[images]);
$stringading = "tr";
foreach ($blah as $beep) {
$stringading .= "<td><img src=\"" . $beep . "\" /></td>";
}
$stringading .= "</tr>";