Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 262
  • Last Modified:

Values from radio buttons not posting properly to mySQL database

All of this appears to be formatted correctly, yet when I hit submit the change is not taking place on the back end, i.e., specifically approved is not getting set to 1 or 2, it's just staying the default of 0. Any ideas as to what may have gone amiss? Due to urgency (deadline) high points :)

Much thanks.

<?php require_once('mysecretlocation/conn_snoopy.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE orders SET approved=%s WHERE orderNumber=%s",
                       GetSQLValueString($_POST['approved'], "int"),
                       GetSQLValueString($_POST['orderNumber'], "int"));

  mysql_select_db($database_conn_snoopy, $conn_snoopy);
  $Result1 = mysql_query($updateSQL, $conn_snoopy) or die(mysql_error());

  $updateGoTo = "approvedemail.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

$lastid = $HTTP_GET_VARS[lastid];

mysql_select_db($database_conn_snoopy, $conn_snoopy);
$query_branchName = "SELECT branchName FROM branches RIGHT JOIN orders ON branches.branchNumber = orders.branchNumber WHERE orders.orderNumber='$lastid'";
$branchName = mysql_query($query_branchName, $conn_snoopy) or die(mysql_error());
$row_branchName = mysql_fetch_assoc($branchName);
$totalRows_branchName = mysql_num_rows($branchName);

mysql_select_db($database_conn_snoopy, $conn_snoopy);
$query_orderDetail = "SELECT * FROM orders WHERE orders.orderNumber='$lastid'";
$orderDetail = mysql_query($query_orderDetail, $conn_snoopy) or die(mysql_error());
$row_orderDetail = mysql_fetch_assoc($orderDetail);
$totalRows_orderDetail = mysql_num_rows($orderDetail);

$colname_branchName = "-1";
if (isset($_SESSION['branchNumber'])) {
  $colname_branchName = (get_magic_quotes_gpc()) ? $_SESSION['branchNumber'] : addslashes($_SESSION['branchNumber']);
}

// Set the date variable to be used through the rest of the order process

$today = date("F j, Y, g:i a");

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Order Review Page</title>
      <STYLE>
            <!--
            BODY,DIV,TABLE,THEAD,TBODY,TFOOT,TR,TH,TD,P {
      font-family:Arial, Helvetica, sans-serif;
      font-size: small;
}
.style7 {font-family: Arial, Helvetica, sans-serif; font-size: medium; }
             -->
      </STYLE>
</head>

<body>
<p><img src="images/Banklogo.gif" alt="First Financial Credit Union" width="172" height="58" /></p>
<p><span class="style7">Please either approve or disapprove the following order. Please note that if you disapprove the order, it will be immediately deleted from the system. Deleted orders cannot be recovered.  </span></p>

<?php include '/myserver.com/orderdisplay.inc'; ?>

<br /><br />


</form>
<form id="form1" name="form1" method="POST" action="approvedemail.php?lastid=<?php echo $row_orderDetail['orderNumber']; ?>">
  <p>
    <label>
    <input name="approved" type="radio" value="1" checked="checked" />
Approved</label>
    <br />
    <label>
    <input type="radio" name="approved" value="2" />
Not Approved</label>
    <input name="orderNumber" type="hidden" id="orderNumber" value="<?php echo $row_orderDetail['orderNumber']; ?>" />
  </p>
  <p>
    <input name="approved" type="submit" id="approved" value="Submit" />
    <input type="reset" name="Submit2" value="Reset" />
  </p>
  <input type="hidden" name="MM_update" value="form1">
</form>
</body></html>





0
jyarrow
Asked:
jyarrow
  • 5
  • 5
1 Solution
 
dr_dedoCommented:
in the begining of your script, echo $_POST['approved'], and see what value does it hold. u r usin GetSQLValueString($_POST['approved']), it might be destroying your values! better print $_POST['approved'] before and after being processed by that function!
0
 
jyarrowAuthor Commented:
Since this is in the header and on processing it spits me to another page, how can I check this (i.e., stay on the same page)?
0
 
dr_dedoCommented:
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
echo 'approved='. $_POST['approved'];
echo 'modified approved=GetSQLValueString($_POST['approved']);
$updateSQL = sprintf("UPDATE orders SET approved=%s WHERE orderNumber=%s",
                       GetSQLValueString($_POST['approved'], "int"),
                       GetSQLValueString($_POST['orderNumber'], "int"));


0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
jyarrowAuthor Commented:
echo 'modified approved=GetSQLValueString($_POST['approved']);

This line spits back an error (unexpected ";")

Commenting it out, when I get the page reloading, it has approved= at the top with nothing after it.

So am I correct in thinking that it's not accepting the post?
0
 
dr_dedoCommented:
no, it is a typo

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
echo 'approved='. $_POST['approved'];
echo 'modified approved='. GetSQLValueString($_POST['approved'], "int");
$updateSQL = sprintf("UPDATE orders SET approved=%s WHERE orderNumber=%s",
                       GetSQLValueString($_POST['approved'], "int"),
                       GetSQLValueString($_POST['orderNumber'], "int"));
0
 
jyarrowAuthor Commented:
approved= is blank
modified approved=NULL

Any idea what's up?
0
 
dr_dedoCommented:
in your form, you have radio buttons and teh submit button with the same name, change the name of either of them and lets see what will come up
change radio button to rButon for e.g. and change the related code, and do our test again (printing the value of the $_POST

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
echo 'approved='. $_POST['rButon'];
echo 'modified approved='. GetSQLValueString($_POST['rButon'], "int");
$updateSQL = sprintf("UPDATE orders SET approved=%s WHERE orderNumber=%s",
                       GetSQLValueString($_POST['rButon'], "int"),
                       GetSQLValueString($_POST['orderNumber'], "int"));
0
 
jyarrowAuthor Commented:
Ok. Out of desperation, I went into mySQL and used the web utility to generate the PHP, then cut the resulting PHP back into the form. Here's how it looks:

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "formApproval")) {
  $updateSQL = sprintf("UPDATE `orders` SET `approved` = %s WHERE `orderNumber` = $lastid",
                       GetSQLValueString($_POST['btnApproval'], "int"),
                       GetSQLValueString($_POST['orderNumber'], "int"));

  mysql_select_db($database_conn_snoopy, $conn_snoopy);
  $Result1 = mysql_query($updateSQL, $conn_snoopy) or die(mysql_error());
}

oh, and as a side benefit, it actually works.

Now the only thing that isn't working here is kicking me over to the approvals page where the email is sent indicating order approval.

Code on the bottom is like this, it seems it should be forwarding but it's not.

<form action="approvedemail.php?lastid=$lastid" method="POST" name="formApproval" id="formApproval">
  <p>
    <label>
    <select name="btnApproval" size="1">
      <option value="1" selected="selected">Approved</option>
      <option value="2">Disapproved</option>
    </select>
    </label>
    <input name="orderNumber" type="hidden" id="orderNumber" value="$lastid" />
  </p>
  <p>
    <input name="submit" type="submit" id="submit" value="Submit" />
    <input name="reset" type="reset" id="reset" value="Reset" />
  </p>
  <input type="hidden" name="MM_update" value="formApproval">
</form>
0
 
dr_dedoCommented:
i see u dropped radio buttons and used list instead. glad it works for u anyway

this form will be submited to approvedemail.php, what page do u want it to be directed to !!!

would u plz clear what u mean with file names ??
0
 
jyarrowAuthor Commented:
got it fixed. thanks for all the help.

On this page it was an approval of an order. Once the order is approved, an approval email has to be sent (which is what approvedemail does).

I got that working too.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now