Solved

Passing multiple values in URL

Posted on 2010-09-07
10
418 Views
Last Modified: 2013-12-13
Hi,

I have list of Artists on my table database.

Artist table has `id_usr`, `Intrument_ID`, 'name_usr'

I want to list artist passing the Instruments ID to the query, but I need to pass these ids in the URL

for example, I want to list all Guitar players and violin players, I need to do something like:

list.php?Instrument_ID=3,5

that would return all artist where Instrument_ID in ($url)

How to do this?

0
Comment
Question by:Fernanditos
10 Comments
 
LVL 4

Expert Comment

by:rstjean
ID: 33618000
You need to make sure that you name the fieldname as an array.  

<input type=checkbox name="Instrument_ID[]" value="1" />
<input type=checkbox name="Instrument_ID[]" value="2" />
<input type=checkbox name="Instrument_ID[]" value="3" />

if(isset($Instrument_ID))
{
$Instruments= join(",", $Instrument_ID);
}
0
 
LVL 4

Expert Comment

by:mpickreign
ID: 33618013
I would recommend storing the data in an array, then call the serialize command on the variable, then pass the serialized variable in the URL.

http://php.net/manual/en/function.serialize.php
0
 
LVL 4

Expert Comment

by:rstjean
ID: 33618031
You need to make sure that you name the fieldname as an array.  

in your form,
<input type=checkbox name="Instrument_ID[]" value="1" />
<input type=checkbox name="Instrument_ID[]" value="2" />
<input type=checkbox name="Instrument_ID[]" value="3" />


on the next step to get the id's
if(isset($_POST['Instrument_ID']))
{
$Instruments= join(",", $_POST['Instrument_ID']);
}

Sorry forgot the $_POST in my first entry.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Fernanditos
ID: 33618042
Sorry, I dont understand, I am talking about passing the ids via URL. How to do it ?
0
 
LVL 6

Expert Comment

by:nasirbest
ID: 33618223
try following example it is important that your are using , commas to separate instruments ids otherwise IN keyword will not work in WHERE clause of query
<html>
  <head>
    <title>Test</title>
  </head>
  <body>
    <table>
<?php

// do mysql connection with mysql_connect() and mysql_select_db

$instruments = $_GET['Instrument_ID'];

$query = "SELECT * FROM artists WHERE Instrument_ID IN ($instruments)";
$result = mysql_query($query);

while ($row = mysql_fetch_assoc($result)) { 
  echo "<tr>\n";
  echo "<td>".$row['id_usr']."</td>\n";
  echo "<td>".$row['id_name_usr']."</td>\n";
  echo "<td>".$row['Instrument_ID']."</td>\n";
  // and so on for other fields
  echo "</tr>\n";
}
?>
    </table>
  </body
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:jrm213jrm213
ID: 33618773
Hi Fernanditos,

What rstjohn is telling you is correct if you need a page where a user can select a number of instruments to search for and when they click submit the page that opens would read that list and display the data from your database.

I don't know what your current experience is with html forms so this is more of a complete example. In the form on your page, set the 'action' equal to the name of the page that will do your search and display the results. Set the 'method' to "get" so that when the form is submitted the values will be passed in the URL (see attached code snippet).

In your search results page, use the code provided above by nasirbest.
//in your search page
<form action="yoursearchresultspage.php" method="get">
  <input type="checkbox" name="Instrument_ID[]" value="1"/>&nbsp;<label>Cello</label><br/>
  <input type="checkbox" name="Instrument_ID[]" value="2"/>&nbsp;<label>Guitar</label><br/>
  <input type="checkbox" name="Instrument_ID[]" value="3"/>&nbsp;<label>Piano</label><br/>
  <input type="checkbox" name="Instrument_ID[]" value="4"/>&nbsp;<label>Violin</label><br/>
  <input type="submit" value="Search"/>
</form>

Open in new window

0
 
LVL 4

Accepted Solution

by:
chrisbloom7 earned 500 total points
ID: 33632715
jrm213jrm213's form example is correct, and nasirbest has the right idea but his solution leaves you open to SQL injection attacks. Never ever ever trust user data. Always always always escape or validate the data before using it in a SQL query. Combining the two but escaping the input gives you the following:

<?php
$instruments = isset($_GET['Instrument_ID']) //Check to see if the Instrument_ID parameter exists in the query string
  ? (array) $_GET['Instrument_ID']           //If so, convert it to an array if it isn't already
  : array();                                 //Otherwise return an empty array

//If there are instruments, look them up
$result = false;
if (sizeof($instruments)) {
  // Convert all the values to integers
  $instruments = array_map('intval', $instruments);
  
  //Now it's safe to use the instruments array in your SQL
  $query = "SELECT * FROM artists WHERE Instrument_ID IN (" . join(',', $instruments) . ")";
  $result = $instruments; //mysql_query($query);
  
  //...
}
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	<title>Form array test</title>
</head>
<body>
  <?php if ($result) { ?>
  <pre><?php print_r($result); ?>
  <?php } ?>
	<form action="form_test.php" method="get">
    <input type="checkbox" name="Instrument_ID[]" value="1"/>&nbsp;<label>Cello</label><br/>
    <input type="checkbox" name="Instrument_ID[]" value="2"/>&nbsp;<label>Guitar</label><br/>
    <input type="checkbox" name="Instrument_ID[]" value="3"/>&nbsp;<label>Piano</label><br/>
    <input type="checkbox" name="Instrument_ID[]" value="4"/>&nbsp;<label>Violin</label><br/>
    <input type="submit" value="Search"/>
  </form>
</body>
</html>

Open in new window

0
 
LVL 4

Expert Comment

by:chrisbloom7
ID: 33632724
Dang, sorry - I had commented out the actual query action while I was testing. Just alter line 14 to look like this:

$result = mysql_query($query);

Open in new window

0
 
LVL 4

Expert Comment

by:chrisbloom7
ID: 33632730
And I forgot to close the <pre> tag on line 26. Haste makes waste...
0
 
LVL 2

Expert Comment

by:oliff
ID: 33744252
I've only briefly read the top post.

But I would have the URL contain the instrument ID, then use a query to select all users who play that instrument.

This, rather than trying to build a string on submit, without some sort of forward to the URL after the original query i've just mentioned! O_o

Bit of sensible logic in my mind!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question