Solved

Passing multiple values in URL

Posted on 2010-09-07
10
421 Views
Last Modified: 2013-12-13
Hi,

I have list of Artists on my table database.

Artist table has `id_usr`, `Intrument_ID`, 'name_usr'

I want to list artist passing the Instruments ID to the query, but I need to pass these ids in the URL

for example, I want to list all Guitar players and violin players, I need to do something like:

list.php?Instrument_ID=3,5

that would return all artist where Instrument_ID in ($url)

How to do this?

0
Comment
Question by:Fernanditos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 4

Expert Comment

by:rstjean
ID: 33618000
You need to make sure that you name the fieldname as an array.  

<input type=checkbox name="Instrument_ID[]" value="1" />
<input type=checkbox name="Instrument_ID[]" value="2" />
<input type=checkbox name="Instrument_ID[]" value="3" />

if(isset($Instrument_ID))
{
$Instruments= join(",", $Instrument_ID);
}
0
 
LVL 4

Expert Comment

by:mpickreign
ID: 33618013
I would recommend storing the data in an array, then call the serialize command on the variable, then pass the serialized variable in the URL.

http://php.net/manual/en/function.serialize.php
0
 
LVL 4

Expert Comment

by:rstjean
ID: 33618031
You need to make sure that you name the fieldname as an array.  

in your form,
<input type=checkbox name="Instrument_ID[]" value="1" />
<input type=checkbox name="Instrument_ID[]" value="2" />
<input type=checkbox name="Instrument_ID[]" value="3" />


on the next step to get the id's
if(isset($_POST['Instrument_ID']))
{
$Instruments= join(",", $_POST['Instrument_ID']);
}

Sorry forgot the $_POST in my first entry.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:Fernanditos
ID: 33618042
Sorry, I dont understand, I am talking about passing the ids via URL. How to do it ?
0
 
LVL 6

Expert Comment

by:nasirbest
ID: 33618223
try following example it is important that your are using , commas to separate instruments ids otherwise IN keyword will not work in WHERE clause of query
<html>
  <head>
    <title>Test</title>
  </head>
  <body>
    <table>
<?php

// do mysql connection with mysql_connect() and mysql_select_db

$instruments = $_GET['Instrument_ID'];

$query = "SELECT * FROM artists WHERE Instrument_ID IN ($instruments)";
$result = mysql_query($query);

while ($row = mysql_fetch_assoc($result)) { 
  echo "<tr>\n";
  echo "<td>".$row['id_usr']."</td>\n";
  echo "<td>".$row['id_name_usr']."</td>\n";
  echo "<td>".$row['Instrument_ID']."</td>\n";
  // and so on for other fields
  echo "</tr>\n";
}
?>
    </table>
  </body
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:jrm213jrm213
ID: 33618773
Hi Fernanditos,

What rstjohn is telling you is correct if you need a page where a user can select a number of instruments to search for and when they click submit the page that opens would read that list and display the data from your database.

I don't know what your current experience is with html forms so this is more of a complete example. In the form on your page, set the 'action' equal to the name of the page that will do your search and display the results. Set the 'method' to "get" so that when the form is submitted the values will be passed in the URL (see attached code snippet).

In your search results page, use the code provided above by nasirbest.
//in your search page
<form action="yoursearchresultspage.php" method="get">
  <input type="checkbox" name="Instrument_ID[]" value="1"/>&nbsp;<label>Cello</label><br/>
  <input type="checkbox" name="Instrument_ID[]" value="2"/>&nbsp;<label>Guitar</label><br/>
  <input type="checkbox" name="Instrument_ID[]" value="3"/>&nbsp;<label>Piano</label><br/>
  <input type="checkbox" name="Instrument_ID[]" value="4"/>&nbsp;<label>Violin</label><br/>
  <input type="submit" value="Search"/>
</form>

Open in new window

0
 
LVL 4

Accepted Solution

by:
chrisbloom7 earned 500 total points
ID: 33632715
jrm213jrm213's form example is correct, and nasirbest has the right idea but his solution leaves you open to SQL injection attacks. Never ever ever trust user data. Always always always escape or validate the data before using it in a SQL query. Combining the two but escaping the input gives you the following:

<?php
$instruments = isset($_GET['Instrument_ID']) //Check to see if the Instrument_ID parameter exists in the query string
  ? (array) $_GET['Instrument_ID']           //If so, convert it to an array if it isn't already
  : array();                                 //Otherwise return an empty array

//If there are instruments, look them up
$result = false;
if (sizeof($instruments)) {
  // Convert all the values to integers
  $instruments = array_map('intval', $instruments);
  
  //Now it's safe to use the instruments array in your SQL
  $query = "SELECT * FROM artists WHERE Instrument_ID IN (" . join(',', $instruments) . ")";
  $result = $instruments; //mysql_query($query);
  
  //...
}
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	<title>Form array test</title>
</head>
<body>
  <?php if ($result) { ?>
  <pre><?php print_r($result); ?>
  <?php } ?>
	<form action="form_test.php" method="get">
    <input type="checkbox" name="Instrument_ID[]" value="1"/>&nbsp;<label>Cello</label><br/>
    <input type="checkbox" name="Instrument_ID[]" value="2"/>&nbsp;<label>Guitar</label><br/>
    <input type="checkbox" name="Instrument_ID[]" value="3"/>&nbsp;<label>Piano</label><br/>
    <input type="checkbox" name="Instrument_ID[]" value="4"/>&nbsp;<label>Violin</label><br/>
    <input type="submit" value="Search"/>
  </form>
</body>
</html>

Open in new window

0
 
LVL 4

Expert Comment

by:chrisbloom7
ID: 33632724
Dang, sorry - I had commented out the actual query action while I was testing. Just alter line 14 to look like this:

$result = mysql_query($query);

Open in new window

0
 
LVL 4

Expert Comment

by:chrisbloom7
ID: 33632730
And I forgot to close the <pre> tag on line 26. Haste makes waste...
0
 
LVL 2

Expert Comment

by:oliff
ID: 33744252
I've only briefly read the top post.

But I would have the URL contain the instrument ID, then use a query to select all users who play that instrument.

This, rather than trying to build a string on submit, without some sort of forward to the URL after the original query i've just mentioned! O_o

Bit of sensible logic in my mind!
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question