Solved

Display MySQL value after select box onchange

Posted on 2008-10-21
4
2,728 Views
Last Modified: 2012-08-13
I have a database containing computer components. When i select a value from the 'components' select box, i want to display the highest id number in the box 'id'.
This way i can prevent double id's in the database. The values from the 'components' select box are the same as the table names which will make it easier to select them and place them in the query.
I'm new to php/mysql but i do understand the code when i see it so no noob explanations required. If it needs to be mixed with javascript that will be fine.

Any help will be much appreciated. For more details just ask and i'll tell you what i can.

Cheers, Michael
<form id="addComponents" name="addComponents" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 
<div class="input">Component:
  <select id="components" name="components" onblur="checkInput('components');">
    <option value="none" selected="selected"> (Select component type)   </option>
    <option value="mainboards">mainboards</option>
    <option value="processors">processors</option>
    <option value="memory">memory</option>
  </select>
</div>
 
<div class="input">ID:<input id="id" type="text" name="id" maxlength="6" onblur="checkInput('id');" /></div>
 
/* SOME CODE */
 
<?php
  if(isset($_POST['submit'])) {
    $con = mysql_connect("localhost","###user###","###pass###");
    if (!$con) {
      die('Could not connect: ' . mysql_error());
    }
    mysql_select_db("components", $con);
    $sql = "INSERT INTO $_POST[components] (id, manufacturer, model, price, url, chipset, category) VALUES ('$_POST[id]','$_POST[manufacturer]','$_POST[model]','$_POST[price]','$_POST[url]','$_POST[chipset]','$_POST[categories]')";
    if (!mysql_query($sql,$con)) {
      die('Error: ' . mysql_error());
    }
    echo "<script type='text/javascript'> showMessage('success'); </script>";	
    mysql_close($con);
  }
?>

Open in new window

0
Comment
Question by:mverschoof
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
wildzero earned 500 total points
ID: 22765738
Hi there,

Couple of things... first off you are doing stright user input into the databse, this is a security risk. ALL user input should be sanatized.

The second thing, are you sure you need to enter the ID manually? MYSQL allows you to set a column to autoincrement - you usually do this to ID / primary key columns and it's taken care of it for you, no duplicates.

If you want to have a column for say, supplier id or something then create another column for this, but still keep the id column. Make sure the id column is an integer and set as primary and auto inc.

Lasty, if you really do need the id to come up when you change list box then you'll need to use AJAX to handle that for you. But I don't think it's needed.

Have a look over, and if you really need to put in the id, then we can go through it :-)

0
 
LVL 5

Author Comment

by:mverschoof
ID: 22765815
Maybe your right about the auto increment. It is easier and faster.

About the security risk. This is not a problem since i'm the only one who will use it in a secured admin section.

Thansk for your insight!
0
 
LVL 10

Expert Comment

by:wildzero
ID: 22765852
Hi there,

Thats good to know but it's good practise I find.
As long as your doing it through-out the rest of your site, because if you are doing something like, view.php?category=10
and just using $_GET['category'] with-out sanatizing someone could exploit that.

:-)
0
 
LVL 5

Author Comment

by:mverschoof
ID: 22765914
I use post values so i think it won't be an issue. And i post to the same page through PHP_SELF so nothing will be shown in the url.
The page itself will be password protected so i think i've got it covered.

Thanks again for your insights and if you have more tips i (and others reading this question) will be very interested in them.

Cheers, Michael
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question