Solved

Display MySQL value after select box onchange

Posted on 2008-10-21
4
2,694 Views
Last Modified: 2012-08-13
I have a database containing computer components. When i select a value from the 'components' select box, i want to display the highest id number in the box 'id'.
This way i can prevent double id's in the database. The values from the 'components' select box are the same as the table names which will make it easier to select them and place them in the query.
I'm new to php/mysql but i do understand the code when i see it so no noob explanations required. If it needs to be mixed with javascript that will be fine.

Any help will be much appreciated. For more details just ask and i'll tell you what i can.

Cheers, Michael
<form id="addComponents" name="addComponents" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 

<div class="input">Component:

  <select id="components" name="components" onblur="checkInput('components');">

    <option value="none" selected="selected"> (Select component type)   </option>

    <option value="mainboards">mainboards</option>

    <option value="processors">processors</option>

    <option value="memory">memory</option>

  </select>

</div>
 

<div class="input">ID:<input id="id" type="text" name="id" maxlength="6" onblur="checkInput('id');" /></div>
 

/* SOME CODE */
 

<?php

  if(isset($_POST['submit'])) {

    $con = mysql_connect("localhost","###user###","###pass###");

    if (!$con) {

      die('Could not connect: ' . mysql_error());

    }

    mysql_select_db("components", $con);

    $sql = "INSERT INTO $_POST[components] (id, manufacturer, model, price, url, chipset, category) VALUES ('$_POST[id]','$_POST[manufacturer]','$_POST[model]','$_POST[price]','$_POST[url]','$_POST[chipset]','$_POST[categories]')";

    if (!mysql_query($sql,$con)) {

      die('Error: ' . mysql_error());

    }

    echo "<script type='text/javascript'> showMessage('success'); </script>";	

    mysql_close($con);

  }

?>

Open in new window

0
Comment
Question by:mverschoof
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
wildzero earned 500 total points
ID: 22765738
Hi there,

Couple of things... first off you are doing stright user input into the databse, this is a security risk. ALL user input should be sanatized.

The second thing, are you sure you need to enter the ID manually? MYSQL allows you to set a column to autoincrement - you usually do this to ID / primary key columns and it's taken care of it for you, no duplicates.

If you want to have a column for say, supplier id or something then create another column for this, but still keep the id column. Make sure the id column is an integer and set as primary and auto inc.

Lasty, if you really do need the id to come up when you change list box then you'll need to use AJAX to handle that for you. But I don't think it's needed.

Have a look over, and if you really need to put in the id, then we can go through it :-)

0
 
LVL 5

Author Comment

by:mverschoof
ID: 22765815
Maybe your right about the auto increment. It is easier and faster.

About the security risk. This is not a problem since i'm the only one who will use it in a secured admin section.

Thansk for your insight!
0
 
LVL 10

Expert Comment

by:wildzero
ID: 22765852
Hi there,

Thats good to know but it's good practise I find.
As long as your doing it through-out the rest of your site, because if you are doing something like, view.php?category=10
and just using $_GET['category'] with-out sanatizing someone could exploit that.

:-)
0
 
LVL 5

Author Comment

by:mverschoof
ID: 22765914
I use post values so i think it won't be an issue. And i post to the same page through PHP_SELF so nothing will be shown in the url.
The page itself will be password protected so i think i've got it covered.

Thanks again for your insights and if you have more tips i (and others reading this question) will be very interested in them.

Cheers, Michael
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now