Solved

Display MySQL value after select box onchange

Posted on 2008-10-21
4
2,763 Views
Last Modified: 2012-08-13
I have a database containing computer components. When i select a value from the 'components' select box, i want to display the highest id number in the box 'id'.
This way i can prevent double id's in the database. The values from the 'components' select box are the same as the table names which will make it easier to select them and place them in the query.
I'm new to php/mysql but i do understand the code when i see it so no noob explanations required. If it needs to be mixed with javascript that will be fine.

Any help will be much appreciated. For more details just ask and i'll tell you what i can.

Cheers, Michael
<form id="addComponents" name="addComponents" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
 
<div class="input">Component:
  <select id="components" name="components" onblur="checkInput('components');">
    <option value="none" selected="selected"> (Select component type)   </option>
    <option value="mainboards">mainboards</option>
    <option value="processors">processors</option>
    <option value="memory">memory</option>
  </select>
</div>
 
<div class="input">ID:<input id="id" type="text" name="id" maxlength="6" onblur="checkInput('id');" /></div>
 
/* SOME CODE */
 
<?php
  if(isset($_POST['submit'])) {
    $con = mysql_connect("localhost","###user###","###pass###");
    if (!$con) {
      die('Could not connect: ' . mysql_error());
    }
    mysql_select_db("components", $con);
    $sql = "INSERT INTO $_POST[components] (id, manufacturer, model, price, url, chipset, category) VALUES ('$_POST[id]','$_POST[manufacturer]','$_POST[model]','$_POST[price]','$_POST[url]','$_POST[chipset]','$_POST[categories]')";
    if (!mysql_query($sql,$con)) {
      die('Error: ' . mysql_error());
    }
    echo "<script type='text/javascript'> showMessage('success'); </script>";	
    mysql_close($con);
  }
?>

Open in new window

0
Comment
Question by:mverschoof
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
wildzero earned 500 total points
ID: 22765738
Hi there,

Couple of things... first off you are doing stright user input into the databse, this is a security risk. ALL user input should be sanatized.

The second thing, are you sure you need to enter the ID manually? MYSQL allows you to set a column to autoincrement - you usually do this to ID / primary key columns and it's taken care of it for you, no duplicates.

If you want to have a column for say, supplier id or something then create another column for this, but still keep the id column. Make sure the id column is an integer and set as primary and auto inc.

Lasty, if you really do need the id to come up when you change list box then you'll need to use AJAX to handle that for you. But I don't think it's needed.

Have a look over, and if you really need to put in the id, then we can go through it :-)

0
 
LVL 5

Author Comment

by:mverschoof
ID: 22765815
Maybe your right about the auto increment. It is easier and faster.

About the security risk. This is not a problem since i'm the only one who will use it in a secured admin section.

Thansk for your insight!
0
 
LVL 10

Expert Comment

by:wildzero
ID: 22765852
Hi there,

Thats good to know but it's good practise I find.
As long as your doing it through-out the rest of your site, because if you are doing something like, view.php?category=10
and just using $_GET['category'] with-out sanatizing someone could exploit that.

:-)
0
 
LVL 5

Author Comment

by:mverschoof
ID: 22765914
I use post values so i think it won't be an issue. And i post to the same page through PHP_SELF so nothing will be shown in the url.
The page itself will be password protected so i think i've got it covered.

Thanks again for your insights and if you have more tips i (and others reading this question) will be very interested in them.

Cheers, Michael
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to create an extensible mechanism for linked drop downs.
This post contains step-by-step instructions for setting up alerting in Percona Monitoring and Management (PMM) using Grafana.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question