PHP - Validated Input In Drop Down Fields

can someone tell me why this won't work?  I just want to key in the amtpaid and have fields inserted.  I get no errors but the only field inserted is the datepaid .
<html><head>
<script>
function $_(IDS) { return document.getElementById(IDS); }
function calculate_paid() {
  var amtpaid = parseInt($_("amtpaid").value);
  var rentdue = parseInt($_("rentdue").value);
  var prevbal = parseInt($_("prevbal").value);
  var secdep = parseInt($_("secdep").value);
  var latechg = parseInt($_("latechg").value);
  var damage = parseInt($_("damage").value);
  var courtcost = parseInt($_("courtcost").value);
  var nsf = parseInt($_("nsf").value);
  var hudpay = parseInt($_("hudpay").value);
  var late = ($_("late").value);
  var paidsum = parseInt($_("paidsum").value);
  var dateNow = new Date();
  var dayNow = dateNow.getDate();
  var datePaid = (dateNow.getMonth()+1)+"/"+dateNow.getDate()+"/"+dateNow.getFullYear();
  $_('datePaid').value = datePaid;
      if(dayNow > 5) { late = "L"; prevbal = prevbal + 10; }
paidsum = paidsum + amtpaid
  var tentpay = amtpaid - hudpay;
  var totOwed = rentdue + prevbal - hudpay;
  var left = totOwed - amtpaid;
    if (amtpaid <= totOwed) { prevbal = left; }
left = amtpaid - totOwed;
  if (left <= secdep) { secdep = secdep - left; }
left = left - secdep;
  if (left <= damage) { damage = damage - left; }
left = left - damage;
  if (left <= latechg) { latechg = latechg - left; }
left = left - latechg;
  if (left <= courtcost) { courtcost = courtcost - left; }
left = left - courtcost;
  if (left <= nsf) { nsf = nsf - left; }
prevbal = left - nsf;
}
</script>
</head><body>
<?php
mysql_connect(localhost,root,"");
mysql_select_db(test) or die( "Unable to select database");
if(!empty($_POST["submit"]))
{
$apt = $_POST['apt'];
$query="SELECT * FROM testdata Where apt='$apt'";
$result=mysql_query($query);
if(mysql_num_rows($result))
{
echo "<form action='#' method='post'><b>Rent Payment :<br /><br />
<table cellspacing=0 cellpadding=0 border=1>
<tr>
  <th>Name</th>
  <th>Apt</th>
  <th>Paid</th>
  <th>Due</th>
  <th>Prev Bal</th>
   <th>Sec Dep</th>
   <th>Late Chg</th>
   <th>Dmg</th>
   <th>Court Cost</th>
   <th>NSF</th>
  <th>Tent Pay</th>
  <th>Hud Pay</th>
    <th>Date Paid</th>
  <th>Late</th>
  <th>Comments</th>
 <th>Paidsum</th>
 </tr>";
while($row = mysql_fetch_assoc($result))
{
 echo "<tr>
<td><input type='text' size=25 name='name' value='" . $row['name'] . "'></td>
<td><input type='text' size=2 name='apt' value='" . $row['apt'] . "' ></td>
<td><input type='text' size=4 id='amtpaid' name='amtpaid' value='" . $row['amtpaid'] ."' onBlur='calculate_paid(this)'></td>
<td><input type='text' size=4 id='rentdue' name='rentdue' value='" . $row['rentdue'] . "'></td>
<td><input type='text' size=4 id='prevbal' name='prevbal' value='" . $row['prevbal'] ."'></td>
<td><input type='text' size=4 id='secdep' name='secdep' value='" . $row['secdep'] ."'></td>
<td><input type='text' size=4 id='latechg' name='latechg' value='" . $row['latechg'] ."'></td>
<td><input type='text' size=4 id='damage' name='damage' value='" . $row['damage'] ."'></td>
<td><input type='text' size=4 id='courtcost' name='courtcost' value='" . $row['courtcost'] ."'></td>
<td><input type='text' size=4 id='nsf' name='nsf' value='" . $row['nsf'] ."'></td>
<td><input type='text' size=4 id='tentpay' name='tentpay' value='" . $row['tentpay'] . "'></td>
<td><input type='text' size=4 id='hudpay' name='hudpay' value='" . $row['hudpay'] ."'></td>
<td><input type='text' size=10 id='datepaid' name='datepaid' value='" . $row['datepaid'] . "'></td>
<td><input type='text' size=1 id='late' name='late' value='" . $row['late'] . "'></td>
<td><input type='text' size=25 name='comments' value='" . $row['comments'] . "'></td>
<td><input type='text' size=4 id='paidsum' name='paidsum' value='" . $row['paidsum'] . "'></td>
</tr>";
}
echo "</table>
<input type='submit' name='update' value='Make Payment' />
</form>";
}
else{echo "No listing for apartment $apt.<br />Please select another.<br />";}
}
if(!empty($_POST["update"]))
{
$sql = "UPDATE testdata SET
name = '" . mysql_real_escape_string($_POST['name']) . "',
amtpaid = '" . mysql_real_escape_string($_POST['amtpaid']) . "',
rentdue = '" . mysql_real_escape_string($_POST['rentdue']) . "',
prevbal = '" . mysql_real_escape_string($_POST['prevbal']) . "',
secdep = '" . mysql_real_escape_string($_POST['secdep']) . "',
latechg = '" . mysql_real_escape_string($_POST['latechg']) . "',
nsf = '" . mysql_real_escape_string($_POST['nsf']) . "',
damage = '" . mysql_real_escape_string($_POST['damage']) . "',
courtcost = '" . mysql_real_escape_string($_POST['costcost']) . "',
tentpay = '" . mysql_real_escape_string($_POST['tentpay']) . "',
hudpay = '" . mysql_real_escape_string($_POST['hudpay']) . "',
datepaid = '" . mysql_real_escape_string($_POST['datepaid']) . "',
late = '" . mysql_real_escape_string($_POST['late']) . "',
comments = '" . mysql_real_escape_string($_POST['comments']) . "',
paidsum = '" . mysql_real_escape_string($_POST['paidsum']) . "'
WHERE apt='".$_POST["apt"]."'";
mysql_query($sql) or die("Update query failed.");
echo "Record for apartment ".$_POST["apt"]." has been updated";
}
?><form method="post" action="#">
<br />
<input type="text" name="apt"/> <p>
<input type="submit" name="submit" value="select apartment"/>
</form>
</body></html>

I have an email form that is sending to an email address. There are five fields where the person sending can input their Name, Address, City, State, and Zip. Everything is working, except I want the input from these fields to be the the headers in the PHP email.

For instance it submits and send the letter, but I want the senders Name, Address, City, State, and Zip to be posted after the "Sincerely" in the letter sent. Here is what the input boxes of the form looks like:

Code: [Select]
<p>Sincerely,<br />
<label for="from">Name:</label>
<input type="text" name="from" id="name" value="<?php echo $_POST['from'];?>"/><br />
<label for="street">Street:</label>
<input type="text" name="street" id="street" value="<?php echo $_POST['street'];?>"/><br />
<label for="city">City:</label>
<input type="text" name="city" id="city" value="<?php echo $_POST['city'];?>"/><br />
<label for="zip">Zip:</label>
<input type="text" name="zip" id="zip" value="<?php echo $_POST['zip'];?>"/><br />
<label for="email">E-mail:</label>
<input type="text" name="email" id="email" value="<?php echo $_POST['email'];?>"/></p>
<input type="submit" class="button" value="Submit" />
How do I go about posting the PHP headers in the email upon submission?

Hi all,

I'm working on this site which I'll soon ask the guys in the testing forum to have a peek at.  It's essentially an online community that was a uni project that has spiraled and grown exponetially.

I've spent many many hours in front of books and tutorals etc to put it together and as far as scripting goes, it seems to be fine.  The problem i'm having...The tut's that I read / watched were using eregi_replace to protect text fields and this is now unsuported.

I want my site to be as secure as it can be, within reason.

I've tried using preg_replace instead and have searched for the syntax but i keep getting strang results.
I'm working on the "bio" field at the moment and then when that works I can move on and a-ply the same idea to the other fields.

This si what I have and what I've changed.
if ($_POST['parse_var'] == "bio"){
   
    $bio_body = $_POST['bio_body'];
    //$bio_body = str_replace("'", "&#39;", $bio_body);  (WAS TESTING THIS BUT NO JOY)
    //$bio_body = str_replace("`", "&#39;", $bio_body);
         $bio_body = mysql_real_escape_string($bio_body);
         $bio_body = nl2br(htmlspecialchars($bio_body));

        $bio = $_POST['bio'];
   $bio = eregi_replace("'", "&#39;", $bio);           (This works but is not as secure)
   $bio = eregi_replace("`", "&#39;", $bio);
        $bio = mysql_real_escape_string($bio);
        $bio = nl2br(htmlspecialchars($_POST['bio']));

        $sqlUpdate = mysql_query("UPDATE members SET bio='$bio' WHERE id='$id'");
       and so on....}


When I change it to str_replace if I type in don't the whole word is deleted.  when I type in preg I get an error.
Can someone please give me the correct code / syntax for getting the result I want.

I just want to make sure that every single field that has a user input is protected against any malicious attacks.
Thanks.

Hi

I have a form that is to input data from input fields to a table.
The form is as follows:

                            $query = $DB->query("SELECT country_code, country_id, IF(country_code = '".$country_code."', '', '') AS sel FROM exp_sme_countries WHERE site_id='".$this->settings['site_id']."' ORDER BY country_name ASC");
                            foreach ($query->result as $row)
                            {
                               $options .= '<label>' . 'Phrase for ' . $this->settings['countries'][$row['country_code']] . '</label>' . '<br />';
                               $options .= '<input style="width: 100%; height: 5%;" id="country_data" type="text"  name="country_id[]"  />' . '<br /><br />';
                               $options .= '<input type="hidden"  name="country_data[' . $row['country_id'] . ']" value="'.$row['country_id'].'"  />';
                            }


This outputs:
Code: [Select]
<input style="width: 100%; height: 5%;" id="country_data" type="text"  name="country_id[]"  />
<input type="hidden"  name="country_data[68]" value="68"  />

<input style="width: 100%; height: 5%;" id="country_data" type="text"  name="country_id[]"  />
<input type="hidden"  name="country_data[28]" value="28"  />

What I need to do, is get the values from the input fields and then match them with the correct hidden field value

So if in the first input field, I typed in 'Test data' and the second input, i typed 'This is great'

On the POST, I need to find the the value ('Test data') and also the value from the hidden field.

So something like:
Quote

The text you entered is: Test data with hidden value of 68
The text you entered is: This is great with hidden value of 28


I'd rather not use $_GET as this is a form that inserts data into a database.

Could someone point my in the right direction or provide an example?

Hey Guys. I have a quick question. Should i "prep" input values coming from a radio or checkbox input field? Can an SQL injection occur through those 2 input fields, or is it only text fields?

I would like to split the field specific location on a page into two fields.   

( This is how it looks now: http://qwikad.com/?view=post&cityid=269&lang=en&catid=3&subcatid=27&shortcutregion= )

I want keep the same MySQL table for that field but make it possible for visitors to enter 2 separate texts.  This is how the code looks right now:

<input name="area" type="text" size="40" class="input" maxlength="50" value="<?php echo $data['area']; ?>">

I am not strong in PHP programming at all, so I tried to copy and paste that field twice, but it only posts one entry out of the two.

Can this be done?

I built a basic form with certain fields required. When a required field isn't filled, the errors are echoed but not in the best area. I'd like for each error message to be displayed underneath their respected input fields. What do I need to look into?

<?php 
if(!empty($_POST['submit']))
{
// set variables
$name = mysql_real_escape_string($_POST['name']);
$email = mysql_real_escape_string($_POST['email']);
$email2 = mysql_real_escape_string($_POST['email2']);
$age = mysql_real_escape_string($_POST['age']);
$city = mysql_real_escape_string($_POST['city']);
$state = mysql_real_escape_string($_POST['state']);


// 1A. REQUIRED FIELDS VERIFICATION
if(!empty($name) && !empty($email) && !empty($email2) &&  !empty($city) &&  !empty($state))
{

// 1B. END REQUIRED FIELDS VERIFICATION
} else {
echo '<img src="images/icon_error.png" alt="" title="" /> Please fill out the required fields.<br />';

if (empty($name))
{
echo 'Whats your name?!<br />';
} if (empty($email))
{
echo 'No email given.<br />';
} if (empty($email2))
{
echo 'Please verify your email<br />';
} if (empty($city))
{
echo 'What city are you from?<br />';
} if (empty($state))
{
echo 'What State!<br />';
}

echo '<br /><br />';
}
// 1B. END REQUIRED FIELDS ERROR CODES

}
?>

<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">

<div class="formSec"><label for="name" class="required">Full Name:</label>
<input type="text" name="name" id="name" value="" /></div>

<div class="formSec"><label for="email" class="required">Email:</label>
<input type="text" name="email" id="email" value="" /></div>

<div class="formSec"><label for="email2" class="required">Confirm Email:</label>
<input type="text" name="email2" id="email2" value="" /></div>

<div class="formSec"><label for="age" class="required">Age:</label>
<input type="text" name="age" id="age" value="" /></div>

<div class="formSec"><label for="city" class="required">City:</label>
<input type="text" name="city" id="city" value="" /></div>

<input class="submit" type="submit" name="submit" value="Submit" />
</form>

I have a problem w/ a widely used password protect php code. I use a business directory program that allows custom input fields. I'm using this code to password protect a business listing page in my directory code. I created custom fields for the username & password so a listing can enter their own user/pass but when I test it it won't work when I'm calling/echoing the fields. When I hardcode it w/ a user/pass it works. Any ideas on how I should recode this?:
Quote

<?php
// Define your username and password
$username = "<?php echo $custom_74; ?>";
$password = "<?php echo $custom_16; ?>";
if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {
?>
<h1>Login</h1>
<form name="form" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <p><label for="txtUsername">Username:</label>
    <br /><input type="text" title="Enter your Username" name="txtUsername" /></p>
    <p><label for="txtpassword">Password:</label>
    <br /><input type="password" title="Enter your password" name="txtPassword" /></p>
    <p><input type="submit" name="Submit" value="Login" /></p>
</form>
<?php
}
else {
?>


I close the code correctly.
<?php echo $custom_74; ?> & <?php echo $custom_16; ?> are just incidently my custom field echo codes. I have over 150 custom fields working fine for user/listee options. The password protect code won't accept echos it seems as coded above.

Thanks, Gene

On all my forms, after I send an empty string to one field, it will stop accepting values when I resubmit.  My code passes through the W3C validator

Any ideas??

Hello All:

Trying to work with PHP on a contact form with a jQuery Validation to make certain that the visitors fill out the required information. I'll try to show everything that I have, and then the error I am getting when the visitor hits "submit."

I don't know PHP all that well, and trying to learn my way through it. I used a couple of tutorials to add the features I needed and did my own styling on the live site.  Here is the PHP that is currently in the header of my markup:


<?php
//If the form is submitted
if(isset($_POST['submit'])) {

//Check to make sure that the First name field is not empty
if(trim($_POST['firstname']) == '') {
$hasError = true;
} else {
$firstname = trim($_POST['firstname']);
}
    
    //Check to make sure that the Last name field is not empty
if(trim($_POST['lastname']) == '') {
$hasError = true;
} else {
$lastname = trim($_POST['lastname']);
}
    
    //Check to make sure that the Street Address 01 field is not empty
if(trim($_POST['street01']) == '') {
$hasError = true;
} else {
$street01 = trim($_POST['street01']);
}
    
    //If Street02 is filled out, give it a value
    
    $street02  = $_POST['street02'];
    
    //Check to make sure that the City field is not empty
if(trim($_POST['city']) == '') {
$hasError = true;
} else {
$city = trim($_POST['city']);
}
    
    //Check to make sure that the State field is not empty
if(trim($_POST['state']) == '') {
$hasError = true;
} else {
$state = trim($_POST['state']);
}
    
    //Check to make sure that the Zip field is not empty
if(trim($_POST['zip']) == '') {
$hasError = true;
} else {
$zip = trim($_POST['zip']);
}
    
    //If Email is filled out, give it a value 
    
    $email  = $_POST['email'];
    
    //If Telephone is filled out, give it a value 
    
    $telephone  = $_POST['telephone'];
    
    //Default Subject Value 
    
    $subject  = "VMC Inquiry";
    
    //Check checkboxes 
    foreach($_POST['check']  as  $value)  {

$check_msg = "Checked: $value\n";

} 

    //If Message is filled out, give it a value 
    
    $comment  = $_POST['comment'];


//If there is no error, send the email
if(!isset($hasError)) {
$emailTo = 'xxxx.xxxx@gmail.com'; //Put your own email address here
$body = "Name: $firstname $lastname \n\nStreet Address: $street01 \n\nStreet Address*: $street02 \n\nCity: $city \n\nState: $state \n\nZip: $zip \n\nEmail*: $email \n\nTelephone*: $telephone \n\nCheck Box: $check_msg \n\nMessage:\n $comment";
$headers = 'From: XXXXX <'.$emailTo.'>' . "\r\n" . 'Reply-To: ' . $email;

mail($emailTo, $subject, $body, $headers);
$emailSent = true;
}
}
?>

So basically I am using classes to say whether or not something is required, which ties into the jQuery validation. If it isn't required, whatever the visitor types into the box is put into something like "$telephone" which is then printed in the e-mail.

The markup for the forms in the body is the following:

Code: [Select]
<p class="contact-text-right">For more information, or to have a list of our properties mailed to you, please fill out the form below.</p>
    <div id="contact-wrapper">
            <?php if(isset($hasError)) { //If errors are found ?>
        <p class="error">Please check if you've filled all the fields with valid information. Thank you.</p>
            <?php } ?>
            <?php if(isset($emailSent) && $emailSent == true) { //If email is sent ?>
            <p class="accept"><strong><?php echo $firstname;?>,Your Email Successfully Sent!</strong></p> <?php } ?>
    <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" id="contactform">
        <div id="names">
            <label for="firstname"><strong>First Name:</strong></label>
            <input type="text" name="firstname" id="firstname" value="" class="required" />
            <label for="lastname"><strong>Last Name:</strong></label>
            <input type="text" name="lastname" id="lastname" value="" class="required" />
        </div>
        <div id="address01">
            <label for="street01"><strong>Street Address:</strong></label>
            <input type="text" name="street01" id="street01" value="" class="required" />
        </div>
        <div id="address02">
            <label for="street02"><strong>Street Address*:</strong></label>
            <input type="text" name="street02" id="street02" value="" />
        </div>
        <div id="city">
            <label for="city"><strong>City:</strong></label>
            <input type="text" name="city" id="city" value="" class="required city" />
            <label for="state"><strong>State:</strong></label>
            <input type="text" name="state" id="state" value="" class="required state" />
            <label for="zip"><strong>Zip Code:</strong></label>
            <input type="text" name="zip" id="zip" value="" class="required zip" />
        </div>
        <div id="email">
            <label for="email"><strong>E-mail*:</strong></label>
            <input type="text" name="email" id="email" value="" class="email"/>
            <label for="telephone"><strong>Telephone*:</strong></label>
            <input type="text" name="telephone" id="telephone" value="" class="telephone" />
            <p class="bottom">*Optional fields.</p>
        </div>
        <div class="checkbox">
            <p><input  type="checkbox"  name="check[]"  value="properties">XXX</p> 
            <p><input  type="checkbox"  name="check[]"  value="contact-regarding">XXXX</p>
            <p class="indent">(Please list properties or ask specific questions in the space below.)</p>       
        </div>
        <div id="comment">
            <label for="comment"></label>
            <textarea name="comment" id="comment" ></textarea>
        </div>
        <div id="button">
        <input type="submit" value="Send Message" name="submit" />
        </div>
    </form>

All seems well until I hit submit on the live site. I think get this error returned to me:

Warning: Invalid argument supplied for foreach() in ......./html/development/contact.php on line 64

The e-mail goes through, with all the information, no problems! I just can't get this error message to go away.
Line 64 of contact.php is where the checkbox coding is:


    //Check checkboxes 
    foreach($_POST['check']  as  $value)  {

$check_msg = "Checked: $value\n";

} 


I know I've submitted a lot of code here, and tried to narrow you down to the exact spot I think the problem is, but hopefully some of you PHP gurus can pick out the flaw in a heartbeat.

I really appreciate all the help.

B

Hi I have an update page with multipule drop down menus,  I am looking for a way to allow only the drop down menus that have been altered to be sent to the database.  One way was to add the following code, where the $type_id equals 0 then add nothing to the database.

Code: [Select]
if ($type_id == 0) 
{
$type_id = "";
}

However I am getting a syntex error with this,  if I enter a value into the $type_id it selects that fine.  eg.

Code: [Select]
if ($type_id == 0) 
{
$type_id = "2";
}

What is the right way to send nothing to the database?

Fuller code of the page is here

<?php require_once("includes/sessions.php"); ?>
<?php require_once("includes/connections.php"); ?>
<?php require_once("includes/functions.php"); ?>
<?php confirm_logged_in();?>
<?php usersid(); ?>
<?php find_selected_event();
     find_selected_region();
     ?>
<?php $selected_event = getevent_byid ($url_eventid);
     $orgdescrip = orgdescription($url_eventid);
     $leveldescrip = leveldescription($url_eventid);
     $typedescrip = typedescription($url_eventid);
     $champdescrip = champdescription($url_eventid);
     $disdescrip = disdescription($url_eventid);
     $venuedescrip = venuedescription($url_eventid);
     $statusdescrip = statusdescription($url_eventid);
?>
<?php if (!isset($new_event)) {$new_event = false;} ?>
<?php
   // make sure the subject id sent is an integer
   if (intval($_GET['url_eventid']) == 0) {
      redirect_to('controlpanel.php');
   }

   include_once("includes/form_functions.inc.php");

   // START FORM PROCESSING
   // only execute the form processing if the form has been submitted
   if (isset($_POST['submit'])) {
      // initialize an array to hold our errors
      $errors = array();
   
      // perform validations on the form data
      
      $required_fields = array('title');
      $errors = array_merge($errors, check_required_fields($required_fields, $_POST));
      
      $required_numberfields = array();
      $errors = array_merge($errors, check_number_fields($required_numberfields, $_POST));
      
      $fields_with_lengths = array();
      $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths, $_POST));
      
      // clean up the form data before putting it in the database
      
      
      $url_eventid = mysql_prep($_GET['url_eventid']);
      $user_id = mysql_prep($_POST['user_id']);
      $title = trim(mysql_prep($_POST['title']));
      $event_details = mysql_prep($_POST['event_details']);
      $type_id = mysql_prep($_POST['type_id']);
      $champ_id = mysql_prep($_POST['champ_id']);      
      $dis_id = mysql_prep($_POST['dis_id']);
      $org_id = mysql_prep($_POST['org_id']);
      $venue_id = mysql_prep($_POST['ven_id']);
      $level_id = mysql_prep($_POST['level_id']);
      $status_id = mysql_prep($_POST['status_id']);
      
      if ($type_id == 0) 
      {
      $type_id = "";
      }
      // Database submission only proceeds if there were NO errors.
      if (empty($errors)) {
         
         $sql = "UPDATE events SET \n"
               . "title = '{$title}',\n"
               . "event_details = '{$event_details}',\n"
                . "type_id = {$type_id},\n"
               . "champ_id = {$champ_id},\n"
               . "dis_id = {$dis_id},\n"
               . "org_id = {$org_id},\n"
               . "ven_id = {$venue_id},\n"
               . "user_id = {$url_userid},\n"
               . "level_id = {$level_id},\n"
               . "status_id = {$status_id}\n"
               . "WHERE event_id = {$url_eventid} \n"
               . "LIMIT 1";


      if ($result = mysql_query($sql, $connection)) {
            // as is, $message will still be discarded on the redirect
            $message = "The event was successfully updated.";
            // get the last id inserted over the current db connection
            $new_event_id = mysql_insert_id();
            redirect_to("newevent.php");
         } else {
            $message = "I am sorry but the event could not be updated.";
            $message .= "<br />" . mysql_error();
         }
      } else {
         if (count($errors) == 1) {
            $message = "There was 1 error in the form.";
         } else {
            $message = "There were " . count($errors) . " errors in the form.";
         }
      }
      // END FORM PROCESSING
   }
   
?>

<?php   /*THIS CODE WITH RETURN IN THE BROWSER THE URLS THAT ARE BEING
      PULLED DOWN*/

if(empty($_GET))
    echo "No GET variables";
else
    print_r($_GET);

?>
<?php include("includes/header.inc.php"); ?>
<title>Horse Events</title>
<?php include_once("includes/meta.inc.php");?>
<?php include_once("includes/cssfavgoogle.inc.php");?>
<link href="css/adminpanel.css" rel="stylesheet" type="text/css" />
<style>
input[type="number"] {
   width:40px;
}
</style>
</head>
<body>
<div id="wrapper">
<div id="header">
<img src="images/horseevents_wheretogo.png" align="right" />
<?php require_once ("includes/adminmenu.inc.php"); ?>
   
</div>
   
    <div id="adminleft">
      <h2>YOUR UPCOMING EVENTS
      <?php echo "<a href=\"newevent.php?url_userid={$url_userid}\"><img src=\"images/pink/add_event.png\" align=\"right\" width=\"131\" height=\"19\" /></a>" ?></h2>       
    <table id="datetable" width="300" border="0" >
    <?php   
        $event_users_set = get_upcomingeventsforuser ($url_userid);
        while ($eventid = mysql_fetch_array ($event_users_set)){
        echo"<tr class=\'date\'>";
        echo"<td>" . $eventid["stdate"] ."</td>";   
        echo"<td><a href=\"editevent.php?url_userid={$url_userid}&url_eventid=". urlencode ($eventid['event_id']) . "\">". $eventid ['title'] . "</td>";
        echo"</tr></a>";
        }
   ?>
   </table>
    <br />
          <h2>YOUR PAST EVENTS</h2>       
    <table id="datetable" width="300" border="0" >
    <?php   
        $event_users_set = get_pasteventsforuser ($url_userid);
        while ($eventid = mysql_fetch_array ($event_users_set)){
        echo"<tr class=\'date\'>";
        echo"<td>" . $eventid["stdate"] ."</td>";   
        echo"<td><a href=\"editevent.php?url_userid={$url_userid}&url_eventid=". urlencode ($eventid['event_id']) . "\">". $eventid ['title'] . "</td>";
        echo"</tr></a>";
        }
   ?>
   </table>
    </div>
    <div id="admincontent">
    <span class="h1pln">Edit Your Event</span><a class="delete" href="deleteevent.php?url_eventid=<?php echo $url_eventid; ?>" onClick="return confirm('Are you sure you want to delete?')">Delete</a><br />
    <span class="h3pln">Please make sure you complete all the compulary fields<span class="compuls">*</span>.<br />
 The more accurately you enter your event the more people will be able to then find it.  <br />
<br />
If there are any selections we do not currently have available please click here and I will add them to your drop down menus.</span>
       <?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
      <?php if (!empty($errors)) { display_errors($errors); } ?>
<form id="newevent" action="editevent.php?url_eventid=<?php  echo urlencode ($selected_event ['event_id']); ?>" method="post">
      <table id="neweventdisplay" cellpadding="5" width="400" border="0">
   <tr>
  <td><input type="text" name="event_id"  value="<?php echo $url_eventid; ?>" /></td>
  <td><input type="text" name="user_id"  value="<?php echo $url_userid;  ?>" /></td>
  </tr>
  <tr>
    <td class="heading">Event Title</td>
    <td><input id="titleinput" name="title" type="text" value="<?php echo $selected_event ['title']; ?>" /><span class="compuls">*</span><span class="smalltext">Enter up to 36 characters</span></td>
  </tr>
  <tr>
  <td class="heading">Current Status</td>
  <td><?php echo   $statusdescrip ['status_description']; ?>
  <select name="status_id" >
    <?php
      $status_set = findstatus();
      $statuslist = mysql_fetch_assoc ($status_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $statuslist ['status_id']; ?>" ><?php echo $statuslist ['status_description']; ?></option>
   <?php
   } while ($statuslist = mysql_fetch_assoc ($status_set));
   ?></select>
    <span class="compuls">*</span></td>
  </tr>
      <tr>
    <td class="heading">Organiser</td>
    <td><?php echo  $orgdescrip ['org_name']; ?>
    <select name="org_id">
    <?php
      $organisers_set = findorganisers();
      $orglist = mysql_fetch_assoc ($organisers_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $orglist ['org_id']; ?>" ><?php echo $orglist ['org_name']; ?></option>
   <?php
   } while ($orglist = mysql_fetch_assoc ($organisers_set));
   ?></select></td>
  </tr>
    <tr>
    <td class="heading">Start Date</td>
    <td id="dateinput"><?php echo $selected_event ['stdate']; ?></td>
  </tr>
    <tr>
    <td class="heading">Type Of Event</td>
    <td><?php echo  $typedescrip ['type_description']; ?>
    <select name="type_id">
    <?php
      $type_set = findtype();
      $typelist = mysql_fetch_assoc ($type_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $typelist ['type_id']; ?>" ><?php echo $typelist ['type_description'], $typelist ['type_id']; ?></option>
   <?php
   } while ($typelist = mysql_fetch_assoc ($type_set));
   ?></select><span class="compuls">*</span></td>
  </tr>
  <tr>
    <td class="heading">Venue</td>
    <td><?php echo  $venuedescrip ['ven_name']; ?><select name="ven_id">
    <?php
      $venues_set = findvenues();
      $venuelist = mysql_fetch_assoc ($venues_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $venuelist ['ven_id']; ?>" ><?php echo $venuelist ['ven_name'], $venuelist ['ven_id']; ?></option>
   <?php
   } while ($venuelist = mysql_fetch_assoc ($venues_set));
   ?></select></td>
  </tr>

  <tr>
    <td class="heading">Discipline</td>
    <td><?php echo  $disdescrip ['dis_description']; ?><select name="dis_id">
    <?php
       $discipline_set = finddisciplines();
      $dislist = mysql_fetch_assoc ($discipline_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $dislist ['dis_id']; ?>" ><?php echo $dislist ['dis_description'], $dislist ['dis_id']; ?></option>
   <?php
   } while ($dislist = mysql_fetch_assoc ($discipline_set));
   ?></select><span class="compuls">*</span></td>
  </tr>
  <tr>
    <td class="heading">Level</td>
    <td><?php echo  $leveldescrip ['level_description']; ?> <select name="level_id">
    <?php
       $level_set = findlevels();
      $levellist = mysql_fetch_assoc ($level_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $levellist ['level_id']; ?>" ><?php echo $levellist ['level_description'], $levellist ['level_id']; ?></option>
   <?php
   } while ($levellist = mysql_fetch_assoc ($level_set));
   ?></select></td>
  </tr>
    <tr>
    <td class="heading">Is This A Championship</td>
    <td><?php echo  $champdescrip ['champ_description']; ?><select name="champ_id">
    <?php
      $championship_set = findchampionships();
      $champlist = mysql_fetch_assoc ($championship_set);
   ?>
   <?php
   do {
   ?>   <option value="<?php echo $champlist ['champ_id']; ?>" ><?php echo $champlist ['champ_description'], $champlist ['champ_id']; ?></option>
   <?php
   } while ($champlist = mysql_fetch_assoc ($championship_set));
   ?></select></td>
  </tr>
  <tr>
    <td class="heading">Event Details</td>
    <td><textarea name="event_details" cols="45" rows="15" ><?php echo $selected_event ['event_details']; ?>  </textarea></td>
  </tr>
  <tr>
    <td class="heading">Upload Schedule</td>
    <td></td>
  </tr>

  <tr>
  <td></td>
  <td><input type="submit" name="submit" id="convert" value="Update Your Event"></td>
  </tr>
</table>
<a  class="delete" href="controlpanel.php">Cancel</a>
</form>
    </div>
    <div id="adminright">
    </div>
<br clear="all" />
<?php require("includes/lowerlistings.inc.php"); ?>
<?php require("includes/footer.inc.php"); ?>
</div><!--End of Wrapper-->
</body>
</html>

I am brand new to php and I don't know where I am going wrong with this.
I would like to have drop down menu which is populated from mySQL and which would allow user to select one option.
The selection would be used on the following page once the form is submitted.
Right now I have the following script and it populates the dropdown menu but it does not return value when selection is made.

<form action="databaseinputcheck2.php" method="post">
<?php
mysql_connect("localhost", "xxxxxxxxxxxx", "xxxxxxxxxxxxxx") or die(mysql_error());
echo "Connected to MySQL<br />";
?>
<p>Lotteries:
<?php
mysql_select_db("wpawlowski") or die(mysql_error());
// Get all the data from the "LotteryNames" table
$lotterynameresult = mysql_query("SELECT id, Name FROM LotteryNames") 
or die(mysql_error());  
?>
<select name="LotteryName" size="1">
<option selected value="">Select One</option>
<option value="">----------</option>
<?php
// keeps getting the next row until there are no more to get
while($currentlottery = mysql_fetch_array( $lotterynameresult )) {
$lid=$currentlottery['id'];
$lname=$currentlottery['Name'];
// Print out the contents of each row into drop down menu
echo "<option value='$lid'>$lname</option>\n";
//$options.="<OPTION VALUE=\"$lid\">".$lname; //Selection input line

} 
?>
<input type="submit" value="GO" />
</form>

I looked on the internet and it is my understanding that if I comment out the line starting withc "echo" and uncomment the one below the drop down menu should still be populated and the selection would be stored in the $options variable which in turn  could be transfered to databaseinputcheck2.php with
$_POST to be used there, but when I do uncomment that line and comment the echo line out my drop down menu is not populated, what am I doing wrong?

First, Happy X-Mas to all!


I want to do a form for entering dog-show results. On first site of form the user is able to enter how many dogs for each class (there are youth and open class for example) he want to insert. So on second site there will be formfields for every dog in every class, created with php. User should be able to take dogname from jquery autocomplete - this works for multiple fields. But i need the according id to the dogname - and actual only one id is given - the first one is changing by choosing from autocomplete in next fields...

Data came from a json array like

0: {dogidindatabase: "9892", value: "Excalibur Khali des Gardiens de la Cour ",…}
dogidindatabase: "9892"
label: "<img src='../main/img/female.png' height='20'>Excalibur Khali des Gardiens de la Cour   "
value: "Excalibur Khali des Gardiens de la Cour   "
1: {dogidindatabase: "15942", value: "Excalibur from Bandit's World Kalli",…}
dogidindatabase: "15942"
label: "<img src='../main/img/male.png' height='20'>Excalibur from Bandit's World   Kalli"
value: "Excalibur from Bandit's World   Kalli"

all i need is inside ...


the script in form is

<script type='text/javascript'>
		//<![CDATA[
		$(function() {
		
				$(".dog").autocomplete({
				source: "xxx.php",
				minLength: 3,
				select: function(event, ui) {
					$('#dogidindatabase').val(ui.item.dogidindatabase);
					}
			});
			
			$["ui"]["autocomplete"].prototype["_renderItem"] = function( ul, item) {
				return $( "<li></li>" ) 
  				.data( "item.autocomplete", item )
  				.append( $( "<a></a>" ).html( item.label ) )
  				.appendTo( ul );
			};
	
		});
		//]]>
</script>

and the form looked like

<input type='text' name='dog' class='dog' value='".strip_tags(${'dogname' .($countbabymale+1)})."' size='35' data-required='true' /><br>
	
<input class='readonly' readonly='readonly' type='text' id='dogidindatabase' name='dogidindatabase' size='5'  />

I changed in script and form id='dogidindatabase' to class, but it doesn´t work.   Testsite is under http://www.wolfdog-d...how.php?lang=de (only german at first) - Insert a number (higher than 1) under baby 3-6 (first box, the others are not working for testing); submit to get to page 2; you see all post-variables (for testing). Try to insert a dogname in first input-field (choose "exc") and insert first one - the id is under dogname. In second dogname inputfield you can choose second dog - the id for the first one changes to id of seond one ....   How can i get both for every dog?

As a complete newbie to php and webdesigning i have a following problem.I would like to retrieve the data from database and display it in a drop down menu.Then i should allow the user to select the values from drop down list along with other details,in other words i have to embed the drop down output as the form input for the user and store the form data in another table.I am running a xampp server and i am using php 5.4 version.Please help.My code is as follows.In this case project_name is displayed as the drop down output.but how do i use the same drop down output as a input in the form.
 
 
 
<html>
<head></head>
<body>
<?php
error_reporting(E_ALL ^ E_DEPRECATED);
include 'connect.php' ;
$tbl_name="projects";


$sql="SELECT project_name FROM $tbl_name ";

$result=mysql_query($sql);


if($result === FALSE) {
    die(mysql_error());
}
?>


<form name="resources" action="hourssubmit.php"  method="post" >

<?php
echo "<select name='project_name'>";
while ($row = mysql_fetch_array($result)) {
    
    echo "<option value='" . $row['project_name'] ."'>" . $row['project_name'] ."</option>";
}
echo "</select>";
?>

</form>
</body>
</html>