How to display information from database using value selected in listbox

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • ieda
    New Member
    • Mar 2010
    • 4
    #1

    How to display information from database using value selected in listbox

    I want to display information when value in listbox selected.

    Below is my code:-

    This code to get value option in listbox
    Code:
    <?
$query = "select courseTitle from training where startDate > NOW() ";
$result = mysql_query($query);
print "<SELECT name=item>";
while ($line = mysql_fetch_array($result))
{
foreach ($line as $value)
{
print "<OPTION value='$value'";
}
print ">$value</OPTION>";
}

mysql_close($link);
print "</SELECT>";	
?>
    This code to display information from database when select value in listbox
    Code:
    <?
if (isset($_GET['item']))
{

$query=mysql_query ("SELECT training_id from training where courseTitle='$item' "); 
		 

while( $row = mysql_fetch_array($query) {
			
   			$training_id=$row['training_id'];
  
echo $row['training_id'];

}
}

?>
    Anyone can solve my problem? Thanks.
    Last edited by Atli; Apr 12 '10, 08:46 AM. Reason: Added [code] tags.
    Tags: value listbox
    • Atli
      Recognized Expert Expert
      • Nov 2006
      • 5062
      #2
      Hey.

      The $item variable you use in your query has not been defined. You need to fetch the variable from the $_GET array before you can use it. (In most cases, anyways.)

        Comment

        • ieda
          New Member
          • Mar 2010
          • 4
          #3
          Originally posted by Atli
          Hey.

          The $item variable you use in your query has not been defined. You need to fetch the variable from the $_GET array before you can use it. (In most cases, anyways.)
          can u give me an example how to use $_GET array for my coding so that i can implement in my code above..really appreciate!

            Comment

            • Atli
              Recognized Expert Expert
              • Nov 2006
              • 5062
              #4
              You fetch an array element into a variable like so:
              [code=php]$variable = $array['element'];[/code]
              The $_GET array works just like a normal array.

              See the manual for more details:
              - PHP: $_GET - Manual
              - PHP: Arrays - Manual

                Comment

                • ieda
                  New Member
                  • Mar 2010
                  • 4
                  #5
                  Originally posted by Atli
                  You fetch an array element into a variable like so:
                  [code=php]$variable = $array['element'];[/code]
                  The $_GET array works just like a normal array.

                  See the manual for more details:
                  - PHP: $_GET - Manual
                  - PHP: Arrays - Manual
                  Thanks atli..i will try implement it.

                    Comment

                    • NettSIte
                      New Member
                      • Jun 2009
                      • 7
                      #6
                      Code:
                      $query=mysql_query ("SELECT training_id from training where courseTitle='{$_GET['item']}' ");
                      Should do the trick.
                      Last edited by Atli; Apr 14 '10, 12:29 AM. Reason: Added [code] tags.

                        Comment

                        • Atli
                          Recognized Expert Expert
                          • Nov 2006
                          • 5062
                          #7
                          Originally posted by NettSIte
                          Code:
                          $query=mysql_query ("SELECT training_id from training where courseTitle='{$_GET['item']}' ");
                          Should do the trick.
                          You should never put $_GET or$_POST variables directly into a query. Not unless you want your database to be hacked.

                          Imagine if the value of $_GET['item'] were:
                          [code=text]' OR 1='1[/code]
                          Or, even worse:
                          [code=text]'; DROP TABLE training;--[/code]

                          You should always run your variables through mysql_real_esca pe_string before putting them into a query.

                          See SQL Inection for more details on why this is necessary.

                            Comment

                            • NettSIte
                              New Member
                              • Jun 2009
                              • 7
                              #8
                              Originally posted by Atli
                              You should never put $_GET or$_POST variables directly into a query. Not unless you want your database to be hacked.

                              Imagine if the value of $_GET['item'] were:
                              [code=text]' OR 1='1[/code]
                              Or, even worse:
                              [code=text]'; DROP TABLE training;--[/code]

                              You should always run your variables through mysql_real_esca pe_string before putting them into a query.

                              See SQL Inection for more details on why this is necessary.
                              You should always run your variables through mysql_real_esca pe_string before putting them into a query.

                              True.

                                Comment

                                Previous template Next
                                Working...