PHP question

[duffyweb]

I am writing a script for a website's back end that basically works like comment approval on myspace.

Here's the problem code I'm using:

$results = mysql_query("SELECT id FROM comments WHERE status = 'Queued'");
while ($row = mysql_fetch_row($results))
{
$status = stripslashes($_POST['$row[0]']);
print "$status";
}

What it's supposed to do is the user submits their choice of approved or disapproved on all of the queued comments on page 1. Page 1 goes into the mysql database and makes the "name" of each pulldown menu the id number in the database. Once they submit and go to page 2 (where the above code is), the script should pull the id number of all comments with the queued status from the database and make them a $_POST variable to pull the information from the aformentioned submission. However, it doesn't take for some reason. If I just typed:

print "$row[0]";

... it works fine.

So I'm kind of stumped as to why I can't get that little bastard to work in the $_POST variable.

HELP please!

 

[Rage9]

Why are you using $_POST? That has nothing to do with SQL, that to transfer data between pages.

Your $row variable is an array, with each column of your database being an entry of the array.

For example each loop will be $row[id], $row[name], $row[value]. The names correspond the to the names of the columns of your table.

$results = mysql_query("SELECT id FROM comments WHERE status = 'Queued'");
while ($row = mysql_fetch_row($results))
{
echo $row[id];
}

 

[duffyweb]

Let me try and explain better.

Since the fields in the previous page are generated by the number of "Queued" comments in the database, the name for each field is set as a unique id that's in the database.

For example, when the a comment was submitted, it was given the 6 digit code "wyxvxx". So when the first backend page shows that comment and generates a pulldown field to approve or deny the comment, it puts this in the page:

<select name="wyxvxx">
<option selected>Queued
<option>Approve
<option>Delete
</select>

So when I type this:

$results = mysql_query("SELECT id FROM comments WHERE status = 'Queued'");
while ($row = mysql_fetch_row($results))
{
$status = stripslashes($_POST['$row[0]']);
print "$status";
}

...I'm trying to accomplish this:

$status = stripslashes($_POST['wyxvxx']);

for each pulldown menu that's generated. In other words $status will either be "Approved", "Delete" or "Queued".

The "print" command is there for simplicity. In reality, I want to be able to update the "status" field in the mysql table with one of those options.

Does that make more sense? Maybe there's some sort of catch-all way to accomplish this that I don't know about?

 

[Rage9]

In reality your whole thought process on this is just fucked. I don't know what else to tell you.

$status = stripslashes($_POST['wyxvxx']);

Ok, where are you posting the variable from?

 

[duffyweb]

There are 2 files.

approve.php
approve1.php

approve.php:

<div align="center">
<h1>Comments Management</h1>
<form action="approve1.php" method="post">
<table border=1 cellpadding=8>
<tr>
<td><b>Date</b></td>
<td><b>Name</b></td>
<td><b>Location</b></td>
<td><b>Comment</b></td>
<td><b>Status</b></td>
</tr>
<?php
$usr = "LOGIN"; 
$pwd = "PASS"; 
$db = "DB";
$host = "HOST"; 

    $cid = mysql_connect($host,$usr,$pwd); 
mysql_select_db("$db", $cid);
 
$results = mysql_query("SELECT name, location, date, comment, status, id FROM comments WHERE status = 'Queued'");
 
while ($row = mysql_fetch_row($results))
{
print "<tr>";
print "<td>$row[2]</td>";
print "<td>$row[0]</td>";
print "<td>$row[1]</td>";
print "<td>$row[3]</td>";
print "<td><select name=\"$row[5]\"><option selected>Queued<option>Approve<option>Delete</select></td>";
print "</tr>";
}
mysql_close($cid);
?>
</table>
<br><br>
<input type="submit" value="Make Changes"></form>
</div>

That works fine.

Now, I want to be able to pull:

<select name=\"$row[5]\"><option selected>Queued<option>Approve<option>Delete</select>

that into approve1.php.

Get it?

Is there some better way to accomplish the same thing? If my thinking is fucked, please enlighten me.

 

[Rage9]

So what your trying to do is get the value of the box right?

But what it looks like is your trying to pass a ton of different dynamic variables into the POST. And you basically are trying to figure out the variables names when you pull them from the $_POST variable, right?

 

[Rage9]

I'm going to run with my assumption being correct. I would make a separate hidden value input on the html and plug every ID value into it.

<div align="center">
<h1>Comments Management</h1>
<form action="approve1.php" method="post">
<table border=1 cellpadding=8>
<tr>
<td><b>Date</b></td>
<td><b>Name</b></td>
<td><b>Location</b></td>
<td><b>Comment</b></td>
<td><b>Status</b></td>
</tr>
<?php
$usr = "LOGIN"; 
$pwd = "PASS"; 
$db = "DB";
$host = "HOST"; 

    $cid = mysql_connect($host,$usr,$pwd); 
mysql_select_db("$db", $cid);
 
$results = mysql_query("SELECT name, location, date, comment, status, id FROM comments WHERE status = 'Queued'");
 
while ($row = mysql_fetch_row($results))
{
print "<tr>";
print "<td>$row[2]</td>";
print "<td>$row[0]</td>";
print "<td>$row[1]</td>";
print "<td>$row[3]</td>";
print "<td><select name=\"$row[5]\"><option selected>Queued<option>Approve<option>Delete</select></td>";
print "</tr>";
$ids .= $row[id] . "%z%";
}
mysql_close($cid);
?>
</table>
<br><br>
<input type="hidden" name="ids" value="<?php echo $ids; ?>">
<input type="submit" value="Make Changes"></form>
</div>

Then just explode all the values and test them in $_POST for a value:

<?php

$ids = explode("%z%, $_POST[ids]);
foreach ($ids as $val){

    if($_POST[$val]){
        
        //this variable has a value process it
    
    }
}

?>

None of that was checked for proper syntax but should be right.

 

[duffyweb]

Yes, you were correct.

I'll try that later when I get home and let you know how it goes.

Thanks.

 

[duffyweb]

Thanks for that man.. it totally worked. I've only used the explode function once before which is why I didn't even think about it.