Mike Kristensen
asked on
Session name into database...
Hello all. . .
I have a login system.
I want the users to be able to click a curtain "radio" and then update the database with the users "username" (sessionname).
I use foreach to get both first and last name:
But if i use $value in a "radio", it will only take the first name and put it into the database:
How can i put both first and last name into the "c10"?
I have a login system.
I want the users to be able to click a curtain "radio" and then update the database with the users "username" (sessionname).
I use foreach to get both first and last name:
foreach($_SESSION as $key => $value) {
echo 'Current session variable ' . $key . ' is: ' . $value . '<br />';
}But if i use $value in a "radio", it will only take the first name and put it into the database:
<td><input type="radio" name ="ny_c10" value = $value ></td>if(isset($_POST['ansat_kiosk_opdater'])){
$UpdateQuery = "UPDATE ansat_kiosk SET c8='$_POST[ny_c8]', c9='$_POST[ny_c9]', c10='$_POST[ny_c10]' WHERE ID='$_POST[ID]'";
mysqli_query($link, $UpdateQuery);
};How can i put both first and last name into the "c10"?
This query is almost certain to get your data base destroyed some day
UPDATE ansat_kiosk SET c12='$value' WHERE ID='$_POST[ID]'
It is axiomatic that you must use valid PHP code and you must sanitize your variables before you use them in a query. These articles will help you understand why you want to use quotes around array index names and why you want to avoid using external variables in a query.
Quotes:
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12241-Quotation-Marks-in-PHP.html
See Antipractice #18
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12293-AntiPHPatterns-and-AntiPHPractices.html
PHP Security and External Variables:
http://php.net/tut.php
http://php.net/manual/en/tutorial.forms.php
http://php.net/manual/en/language.variables.external.php
http://php.net/manual/en/security.php
UPDATE ansat_kiosk SET c12='$value' WHERE ID='$_POST[ID]'
It is axiomatic that you must use valid PHP code and you must sanitize your variables before you use them in a query. These articles will help you understand why you want to use quotes around array index names and why you want to avoid using external variables in a query.
Quotes:
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12241-Quotation-Marks-in-PHP.html
See Antipractice #18
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_12293-AntiPHPatterns-and-AntiPHPractices.html
PHP Security and External Variables:
http://php.net/tut.php
http://php.net/manual/en/tutorial.forms.php
http://php.net/manual/en/language.variables.external.php
http://php.net/manual/en/security.php
ASKER
Global and external variables is that the same?
And where I found array index names? Im just not sure what you are talking about, and so its hard to understand what you are trying to tell me :P
UPDATE ansat_kiosk SET c12='$value' WHERE ID='$_POST[ID]'
Do you want me to use double quotes around $value? That is the only thing I seem to understand from your article that im missing?
And for you I explain how I understand it :D
single quotes does not allow more than 1 word? Also called substitution?
Double quotes allows substitution. Again this would be 2 words separated?
I can store a value with more words using single quotes, but i'm not allowed to use it with single quotes? (Still this seems to work, so I might not understand).
And where I found array index names? Im just not sure what you are talking about, and so its hard to understand what you are trying to tell me :P
UPDATE ansat_kiosk SET c12='$value' WHERE ID='$_POST[ID]'
Do you want me to use double quotes around $value? That is the only thing I seem to understand from your article that im missing?
And for you I explain how I understand it :D
single quotes does not allow more than 1 word? Also called substitution?
Double quotes allows substitution. Again this would be 2 words separated?
I can store a value with more words using single quotes, but i'm not allowed to use it with single quotes? (Still this seems to work, so I might not understand).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Be sure to understand the above before using it :=)
ASKER
Starter course PHP today.... Going to be great. :)
ASKER
Instead of "radio" i just made a "update" for each "input type=text", using a "submit".
Open in new window
Open in new window
This not just Works, it will also Work better..... Funny how you often figure Things out as soon you ask someone... (sometimes :))