Manipulate HTML table data with multiple form field submission in PHP -

-

i've got table of data user can filter using variety of options.

i can manipulate data form submission fine form accepts both $_post variables , in cases want user use one.

mp | conservative | year elected

for example:

case #1 - user searches 'conservative` party doesn't care year elected.

case #2 - user searches '2005' year of election doesn't care political party.

case #3 - user searches 'conversative' party , in '2005'.

and here's code:

global variables

if(empty($_post['year_elec'])) {     $year = "show_all"; }  else {     $year = $_post['year_elec']; }  if(empty($_post['party'])) {     $party = "show_all"; } else {     $party = $_post['party']; }

the main table generation:

        if($year == "show_all" && $party == "show_all") {                         $query = "select * mps";                     }                     else if(!empty($year) && $party ="show_all"){                         $query = "select * mps year_elec = $year";                     }                     else if($year == "show_all" && !empty($party)) {                         $query = "select * mps party = $party";                      }                     else {                         $query = "select * mps year_elec = $year , party = $party";                     }                          $res = mysqli_query($conn, $query);                         while ($a = mysqli_fetch_assoc($res)) {                             $name = $a['name'];                             $party = $a['party'];                             $consti = $a['cont'];                             $year_elec = $a['year_elec'];                              echo "<tr>";                             echo "<td>" .$name. "</td>";                             echo "<td>" .$party. "</td>";                                                    echo "<td>" .$consti. "</td>";                             echo "<td>" .$year_elec. "</td>";                                    echo "</tr>";                                    }

the form

<form method="post" action="mps.php">             <span class="css-select-moz">                 <select name="year_elec" id="selectyear">                     <option <?php if (isset($year) && $year=="2010") echo "selected";?> name="2010" value="2010">first elected 2010</option>                     <option <?php if (isset($year) && $year=="2005") echo "selected";?> name="2005" value="2005">first elected 2005</option>                     <option <?php if (isset($year) && $year=="2001") echo "selected";?> name="2001" value="2001">first elected 2001</option>                 </select>             </span> <br />              <span class="css-select-moz">                 <select name="party" id="selectparty">                                       <?php                         $query = "select distinct party mps";                         $res = mysqli_query($conn, $query);                         while($a = mysqli_fetch_assoc($res)) {                             $party = $a['party'];                             echo "<option name='$party' value='$party'>$party</option>";                         }                     ?>                 </select>             </span>             <input class="submit" type="submit" value="load" />         </form>

i dont see problem in code, apart single = in 1st else if.

however can neaten things ternary operator assign values $year , $party. , can use not equal operator instead of not empty:

$year = $_post['year_elec']?:'show_all'; $party = $_post['party']?:'show_all';  if($year == "show_all" && $party == "show_all") {     $query = "select * mps"; } else if($year != "show_all" && $party == "show_all"){     $query = "select * mps year_elec = $year"; } else if($year == "show_all" && $party != "show_all") {     $query = "select * mps party = $party"; } else {     $query = "select * mps year_elec = $year , party = $party"; }

also note open sql injection attacks, ideally use prepared statements , whitelist of values use can select (an array of political parties, , array of dates)


Comments

Post a Comment

Popular posts from this blog

C# random value from dictionary and tuple -

-
i have following code, , need random item contains string "region_1" dictionary. public static dictionary<int, tuple<string, int, currencytype>> itemarray = new dictionary<int, tuple<string, int, currencytype>>() { { 0xb3e, new tuple<string, int, currencytype>("region_1", 1500, currencytype.fame) } }; public static int generateitemid(string shopid) { var generateditem = itemarray.elementat(new random().next(0, itemarray.count)).key; } how select this? it's not possible efficiently... first create static random @ class level... prevent non-random behaviour if run query on short period of time... (it's seeded discrete clock) static random rnd = new random(); then: var item = itemarray.values .where(t => t.item1 == shopid) .orderby(_ => rnd.next()) .firstordefault()
Read more

cgi - How do I interpret URLs without extension as files rather than missing directories in nginx? -

-
so i'm trying install zoneminder , have run under nginx, has few compiled files need run using fast-cgi. these files lack extension. if file has extension, there no issue , nginx interprets file , return 404 if can't find it. if has no extension, assume it's directory , return 404 when can't find sort of index page. here have now: # security camera domain. server { listen 888; server_name mydomain.com; root /srv/http/zm; # enable php support. include php.conf; location / { index index.html index.htm index.php; } # enable cgi support. location ~ ^/cgi-bin/(.+)$ { alias /srv/cgi-bin/zm/; fastcgi_pass unix:/run/fcgiwrap.sock; fastcgi_param script_filename $document_root/$1; include fastcgi.conf; } } the idea is, under cgi-bin directory goes through fastcgi pipe. any idea on howi can fix this? upon closer inspection, realized zoneminder has 2 cgi sc...
Read more

.htaccess - htaccess convert request to clean url and add slash at the end of the url -

-
ok , searched more 4 days , more 20 posts here in stach or in websites without kind of success first here htaccess file rewriteengine on rewriterule ^([a-za-z0-9_]+)/?$ index.php?page=$1 [nc] rewriterule ^([a-za-z0-9_]+)\/([a-za-z0-9_]+)\/?$ index.php?page=$1&action=$2 [nc] i tried many codes 1 worked me can call request , works me www.example.com/pagename => www.example.com/index.php?page=pagename here questions , please provide me information "in detail" understand code well 1- how convert request automatically www.example.com/index.php?page=pagename www.example.com/pagename 2- if tried add slash @ end shows me page without images or styling mean www.example.com/pagename => works www.example.com/pagename/ => doesn't work that's :) for first part need 301 rule this: rewritecond %{the_request} /index\.php\?page=([^\s&]+) [nc] rewriterule ^ /%1? [r=301,l] for second part use absolute path in css, js, images files r...
Read more