Forums

PHP

This topic is locked

List Menu multiple fields

Scott Mason

Posted 25 Apr 2006 16:58:17

has voted

Vote

25 Apr 2006 16:58:17 Scott Mason posted:

Can anybody shed some light on this minor problem.

I have a form, one of the fields has a list menu with 20 or so values.

The user can fill out the form and select one or more of the values from that list menu.

My problem is that if the user selects more than one value, only one value gets inputed into the database. How do I get more than one value from the list menu into the database.

I use phpmyadmin to access the database. Is it something to do with the "type" column in the table. At present it is set up as VARCHAR for that field.

If you need to see the site to see what I mean here's the link.

www.scottmason.co.uk/rnrf/main/members/login_database.php

Username - member
password - member

many thanks

Scott

Replies

Roddy Dairion

Replied 25 Apr 2006 17:06:29

25 Apr 2006 17:06:29 Roddy Dairion replied:

use an array, to store all the value selected from that field. Then insert into your table?
I went to your site and which is the field that u can select more than 1 value??
www.scottmason.co.uk/rnrf/main/members/submit_database.php

Scott Mason

Replied 25 Apr 2006 17:37:31

25 Apr 2006 17:37:31 Scott Mason replied:

the "Research Topic" field,

I used Dreamweaver Server behaviours for this.

Roddy Dairion

Replied 25 Apr 2006 17:51:22

25 Apr 2006 17:51:22 Roddy Dairion replied:

yeah so like i said use an array, store all the data that has been inserted in there. But something bugs me with wat u said that is u submit the data and only 1 value will be inserted. But if they select lets say 3 values from research field in your form where r they stored in your table???

Scott Mason

Replied 25 Apr 2006 17:54:29

25 Apr 2006 17:54:29 Scott Mason replied:

Currently, if a user selects more than one value from the list of "research topics", only the last value gets stored in the database table, I need it so all the values get stored in the database table separated by a comma.

cheers

Roddy Dairion

Replied 25 Apr 2006 18:17:39

25 Apr 2006 18:17:39 Roddy Dairion replied:

in which case use this
your research topic field name in your form which currently look like this
<pre id=code><font face=courier size=2 id=code><select name="topic" size="1" multiple="multiple" id="topic"></font id=code></pre id=code>
change it so it looks like this
<pre id=code><font face=courier size=2 id=code><select name="<?='topic[]'?>" size="1" multiple="multiple" id="topic">
</font id=code></pre id=code>
Then in your post section put the following
<pre id=code><font face=courier size=2 id=code>
$urvar= $_POST['topic'];
for ($i = 0; $i < count($urvar); $i++)
{
$urvar1.=($urvar1 != "" ? "; " : ""

. intval($urvar[$i]);

}
</font id=code></pre id=code>
Changes:
where it says
$urvar : change it to the variable of your choice i.e. either the one you're currently using for the post of your research topic field or something else
$urvar1 : this one will be use in the insert of your sql query.

Scott Mason

Replied 26 Apr 2006 02:15:46

26 Apr 2006 02:15:46 Scott Mason replied:

thanks Roddy,

where exactly in do i put that piece of code? here is my code at the moment

<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""

{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != ""

? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != ""

? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != ""

? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != ""

? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != ""

? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form2"

) {
$insertSQL = sprintf("INSERT INTO members (first_name, last_name, tel_number, email, newspaper, year, topic, methodology, research_objective) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['first_name'], "text"

,
GetSQLValueString($_POST['last_name'], "text"

,
GetSQLValueString($_POST['tel_number'], "text"

,
GetSQLValueString($_POST['email'], "text"

,
GetSQLValueString($_POST['newspaper'], "text"

,
GetSQLValueString($_POST['year'], "text"

,
GetSQLValueString($_POST['topic'], "text"

,
GetSQLValueString($_POST['methodology'], "text"

,
GetSQLValueString($_POST['research_objective'], "text"

);

mysql_select_db($database_myConnection, $myConnection);
$Result1 = mysql_query($insertSQL, $myConnection) or die(mysql_error());

$insertGoTo = "thank_you.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}

mysql_select_db($database_myConnection, $myConnection);
$query_submit = "SELECT * FROM members";
$submit = mysql_query($query_submit, $myConnection) or die(mysql_error());
$row_submit = mysql_fetch_assoc($submit);
$totalRows_submit = mysql_num_rows($submit);
?>

cheers

Scott

Roddy Dairion

Replied 26 Apr 2006 11:33:41

26 Apr 2006 11:33:41 Roddy Dairion replied:

Don't forget ur html form topic field shoud be like this
<select name="<?='topic[]'?>" size="1" multiple="multiple" id="topic">
<pre id=code><font face=courier size=2 id=code>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""

{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != ""

? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != ""

? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != ""

? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != ""

? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != ""

? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

$arrtopic= $_POST['topic'];
for ($i = 0; $i < count($arrtopic); $i++)
{
$topic.=($topic != "" ? "; " : ""

. intval($arrtopic[$i]);

}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form2"

,
GetSQLValueString($_POST['last_name'], "text"

,
GetSQLValueString($_POST['tel_number'], "text"

,
GetSQLValueString($_POST['email'], "text"

,
GetSQLValueString($_POST['newspaper'], "text"

,
GetSQLValueString($_POST['year'], "text"

,
GetSQLValueString($topic, "text"

,
GetSQLValueString($_POST['methodology'], "text"

,
GetSQLValueString($_POST['research_objective'], "text"

Scott Mason

Replied 26 Apr 2006 12:21:32

26 Apr 2006 12:21:32 Scott Mason replied:

Hi Roddy,

Thanks for all your help, I really appreciate it.

I copied and pasted the code that you supplied over my code.

now if i select two values in the topic list, it shows up in the database table as:

Array; 0

or if i select three:

Array; 0; 0

What would be be causing this

again thanks for your help

Roddy Dairion

Replied 26 Apr 2006 13:12:30

26 Apr 2006 13:12:30 Roddy Dairion replied:

try this
<pre id=code><font face=courier size=2 id=code>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""

{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != ""

? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != ""

? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != ""

? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != ""

? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != ""

? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

$arrtopic= $_POST['topic'];
for ($i = 0; $i < count($arrtopic); $i++)
{
$insert_topic.=($insert_topic != "" ? "; " : ""

. intval($arrtopic[$i]);

}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form2"

,
GetSQLValueString($_POST['last_name'], "text"

,
GetSQLValueString($_POST['tel_number'], "text"

,
GetSQLValueString($_POST['email'], "text"

,
GetSQLValueString($_POST['newspaper'], "text"

,
GetSQLValueString($_POST['year'], "text"

,
GetSQLValueString($insert_topic, "text"

,
GetSQLValueString($_POST['methodology'], "text"

,
GetSQLValueString($_POST['research_objective'], "text"

Scott Mason

Replied 26 Apr 2006 13:23:30

26 Apr 2006 13:23:30 Scott Mason replied:

mmm, now it just shows up in the table as:

0; 0; 0

Roddy Dairion

Replied 26 Apr 2006 14:10:35

26 Apr 2006 14:10:35 Roddy Dairion replied:

I c where the prob is.
On this line
<pre id=code><font face=courier size=2 id=code>$insert_topic.=($insert_topic != "" ? "; " : ""

. intval($arrtopic[$i]); </font id=code></pre id=code>
remove the intval cause this will take only number.
so this line shoud look like this
<pre id=code><font face=courier size=2 id=code> $insert_topic.=($insert_topic != "" ? "; " : ""

. ($arrtopic[$i]); </font id=code></pre id=code>

Scott Mason

Replied 26 Apr 2006 18:26:50

26 Apr 2006 18:26:50 Scott Mason replied:

Hey Roddy,

Great! thanks a bunch it works, all values are intputed into the table.

But now I have a new problem, when I search using the same criteria, the search results shows no results.

I am still learning about PHP but I am completely lost on this one, can you still help me out.

this is how my current code looks in the search results page

<?php
$currentPage = $_SERVER["PHP_SELF"];

$maxRows_results = 10;
$pageNum_results = 0;
if (isset($_GET['pageNum_results'])) {
$pageNum_results = $_GET['pageNum_results'];
}
$startRow_results = $pageNum_results * $maxRows_results;

$objective_results = "-1";
if (isset($_GET['research_objective'])) {
$objective_results = (get_magic_quotes_gpc()) ? $_GET['research_objective'] : addslashes($_GET['research_objective']);
}
$year1_results = "ALL";
if (isset($_GET['year'])) {
$year1_results = (get_magic_quotes_gpc()) ? $_GET['year'] : addslashes($_GET['year']);
}
$method_results = "ALL";
if (isset($_GET['methodology'])) {
$method_results = (get_magic_quotes_gpc()) ? $_GET['methodology'] : addslashes($_GET['methodology']);
}
$topic1_results = "-1";
if (isset($_GET['topic'])) {
$topic1_results = (get_magic_quotes_gpc()) ? $_GET['topic'] : addslashes($_GET['topic']);
}
$mail_results = "-1";
if (isset($_GET['email'])) {
$mail_results = (get_magic_quotes_gpc()) ? $_GET['email'] : addslashes($_GET['email']);
}
$news_results = "-1";
if (isset($_GET['newspaper'])) {
$news_results = (get_magic_quotes_gpc()) ? $_GET['newspaper'] : addslashes($_GET['newspaper']);
}
$firstname_results = "-1";
if (isset($_GET['first_name'])) {
$firstname_results = (get_magic_quotes_gpc()) ? $_GET['first_name'] : addslashes($_GET['first_name']);
}
$lastname_results = "-1";
if (isset($_GET['last_name'])) {
$lastname_results = (get_magic_quotes_gpc()) ? $_GET['last_name'] : addslashes($_GET['last_name']);
}
mysql_select_db($database_myConnection, $myConnection);
$query_results = sprintf("SELECT * FROM members WHERE first_name LIKE '%s' OR last_name LIKE '%s' OR email LIKE '%s' OR newspaper LIKE '%s' OR year = '%s' OR topic LIKE '%s' OR methodology LIKE '%s' OR research_objective LIKE '%s'", $firstname_results,$lastname_results,$mail_results,$news_results,$year1_results,$topic1_results,$method_results,$objective_results);
$query_limit_results = sprintf("%s LIMIT %d, %d", $query_results, $startRow_results, $maxRows_results);
$results = mysql_query($query_limit_results, $myConnection) or die(mysql_error());
$row_results = mysql_fetch_assoc($results);

if (isset($_GET['totalRows_results'])) {
$totalRows_results = $_GET['totalRows_results'];
} else {
$all_results = mysql_query($query_results);
$totalRows_results = mysql_num_rows($all_results);
}
$totalPages_results = ceil($totalRows_results/$maxRows_results)-1;

$queryString_results = "";
if (!empty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_results"

== false &&
stristr($param, "totalRows_results"

Roddy Dairion

Replied 26 Apr 2006 18:33:17

26 Apr 2006 18:33:17 Roddy Dairion replied:

Wat do u mean search with the same criteria? Which criteria?

Scott Mason

Replied 26 Apr 2006 20:41:01

26 Apr 2006 20:41:01 Scott Mason replied:

Ok, heres what happening now.

1. I fill out the submission form selecting 2 values in the topic field

2. The values are intputed into the database table separated by a semicolon

3. Then I search the database using the topics field but I get no results

There are currently 3 entires in the database, Test A, Test B, Test C. Please try for yourslef so you can see what I mean.

thanks again

Roddy Dairion

Replied 27 Apr 2006 13:10:26

27 Apr 2006 13:10:26 Roddy Dairion replied:

Can you send me the whole page with html codes and php. I think that i'll hve to go customer query this.

Scott Mason

Replied 27 Apr 2006 13:18:52

27 Apr 2006 13:18:52 Scott Mason replied:

no problem, here is the whole code for the results page: here goes

<?php require_once('../../Connections/myConnection.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == ""

&& true) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "login_database.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?"

) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
$currentPage = $_SERVER["PHP_SELF"];

$maxRows_results = 10;
$pageNum_results = 0;
if (isset($_GET['pageNum_results'])) {
$pageNum_results = $_GET['pageNum_results'];
}
$startRow_results = $pageNum_results * $maxRows_results;

$objective_results = "-1";
if (isset($_GET['research_objective'])) {
$objective_results = (get_magic_quotes_gpc()) ? $_GET['research_objective'] : addslashes($_GET['research_objective']);
}
$year1_results = "ALL";
if (isset($_GET['year'])) {
$year1_results = (get_magic_quotes_gpc()) ? $_GET['year'] : addslashes($_GET['year']);
}
$method_results = "ALL";
if (isset($_GET['methodology'])) {
$method_results = (get_magic_quotes_gpc()) ? $_GET['methodology'] : addslashes($_GET['methodology']);
}
$topic1_results = "ALL";
if (isset($_GET['topic'])) {
$topic1_results = (get_magic_quotes_gpc()) ? $_GET['topic'] : addslashes($_GET['topic']);
}
$mail_results = "-1";
if (isset($_GET['email'])) {
$mail_results = (get_magic_quotes_gpc()) ? $_GET['email'] : addslashes($_GET['email']);
}
$news_results = "-1";
if (isset($_GET['newspaper'])) {
$news_results = (get_magic_quotes_gpc()) ? $_GET['newspaper'] : addslashes($_GET['newspaper']);
}
$firstname_results = "-1";
if (isset($_GET['first_name'])) {
$firstname_results = (get_magic_quotes_gpc()) ? $_GET['first_name'] : addslashes($_GET['first_name']);
}
$lastname_results = "-1";
if (isset($_GET['last_name'])) {
$lastname_results = (get_magic_quotes_gpc()) ? $_GET['last_name'] : addslashes($_GET['last_name']);
}
mysql_select_db($database_myConnection, $myConnection);
$query_results = sprintf("SELECT * FROM members WHERE first_name LIKE '%s' OR last_name LIKE '%s' OR email LIKE '%s' OR newspaper LIKE '%s' OR year = '%s' OR topic LIKE '%s' OR methodology LIKE '%s' OR research_objective LIKE '%s'", $firstname_results,$lastname_results,$mail_results,$news_results,$year1_results,$topic1_results,$method_results,$objective_results);
$query_limit_results = sprintf("%s LIMIT %d, %d", $query_results, $startRow_results, $maxRows_results);
$results = mysql_query($query_limit_results, $myConnection) or die(mysql_error());
$row_results = mysql_fetch_assoc($results);

if (isset($_GET['totalRows_results'])) {
$totalRows_results = $_GET['totalRows_results'];
} else {
$all_results = mysql_query($query_results);
$totalRows_results = mysql_num_rows($all_results);
}
$totalPages_results = ceil($totalRows_results/$maxRows_results)-1;

$queryString_results = "";
if (!empty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_results"

== false &&
stristr($param, "totalRows_results"

== false) {
array_push($newParams, $param);
}
}
if (count($newParams) != 0) {
$queryString_results = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_results = sprintf("&totalRows_results=%d%s", $totalRows_results, $queryString_results);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />


<title>RNRF - Research Database</title>


<link href="../../css/print.css" rel="stylesheet" type="text/css" />

<style type="text/css">@import url(../../css/rnrf.css);</style>



<script type="text/JavaScript">
<!--
function MM_goToURL() { //v3.0
var i, args=MM_goToURL.arguments; document.MM_returnValue = false;
for (i=0; i<(args.length-1); i+=2) eval(args[i]+".location='"+args[i+1]+"'"

;
}
//-->
</script>
</head>

<body id="database">

<a name="top" id="top"></a>



<div id="outsidewrap">
<div id="insidewrap" >



<div id="header" >

<div id="logo"></div>

</div>





<div id="wrapper" class="clearfix">



<div id="maincontentwrap">



<div id="content">
<h1>RNRF - Research Database</h1>
<p> </p>
<p><strong>Members research details</strong></p>
<p> </p>
<?php if ($totalRows_results == 0) { // Show if recordset empty ?>
<p>Sorry, there were no results found</p>
<?php } // Show if recordset empty ?>
<?php do { ?>
<?php if ($totalRows_results > 0) { // Show if recordset not empty ?>
<table width="80%" border="0" cellpadding="0" cellspacing="0" class="table">
<tr>
<td><table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr bgcolor="#CCCCCC">
<td> </td>
<td width="186"> </td>
<td width="29"> </td>
<td width="43"> </td>
</tr>
<tr>
<td width="172" id="tablestext"><div align="right">Name </div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['first_name']; ?> <?php echo $row_results['last_name']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Telephone number </div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['tel_number']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Email</div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['email']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Newspaper / Product title </div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['newspaper']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Year of research </div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['year']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Research topic </div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['topic']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Research Methodology</div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['methodology']; ?></td>
</tr>
<tr>
<td id="tablestext"><div align="right">Research Objective </div></td>
<td colspan="3" id="tablestext"><?php echo $row_results['research_objective']; ?></td>
</tr>
</table></td>
</tr>
</table>
<?php } // Show if recordset not empty ?><table width="80%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td> </td>
</tr>
</table>
<?php } while ($row_results = mysql_fetch_assoc($results)); ?>
<p>
<?php if ($pageNum_results > 0) { // Show if not first page ?>
<a href="<?php printf("%s?pageNum_results=%d%s", $currentPage, max(0, $pageNum_results - 1), $queryString_results); ?>"><< Previous</a>
<?php } // Show if not first page ?> <?php if ($pageNum_results < $totalPages_results) { // Show if not last page ?>
<a href="<?php printf("%s?pageNum_results=%d%s", $currentPage, min($totalPages_results, $pageNum_results + 1), $queryString_results); ?>">Next >></a>
<?php } // Show if not last page ?></p>
<form id="form1" name="form1" method="post" action="">

<p>  </p>
<p>
<input name="Search again" type="submit" id="Search again" onclick="MM_goToURL('parent','search_database.php');return document.MM_returnValue" value="Search again" />
</p>
</form>
</div>



</div>





<div id="leftcol">

<div id="menu">
<ul id="navlist">
<li><a href="../../index.html" id="nav_index" title="HOME">HOME</a></li>
<li><a href="../about_rnrf.html" id="nav_about" title="ABOUT THE RNRF">ABOUT THE RNRF</a></li>
<li><a href="../rnrf_members.html" id="nav_members" title="RNRF MEMBERS">RNRF MEMBERS</a></li>
<li><a href="../membership_criteria.html" id="nav_membership" title="MEMBERSHIP CRITERA">MEMBERSHIP CRITERIA</a></li>
<li><a href="../reports_presentations.html" id="nav_reports" title="REPORTS & PRESENTATIONS">REPORTS & PRESENTATIONS</a></li>
<li><a href="../insight_conferences.html" id="nav_conferences" title="INSIGHT CONFERENCES">INSIGHT CONFERENCES</a></li>
<li><a href="login_database.php" id="nav_database" title="RESEARCH DATABASE">RESEARCH DATABASE</a></li>

<ul id="navlistdrop">
<li><a href="submit_database.php" id="" title="SUBMIT RESEARCH">SUBMIT RESEARCH</a></li>
<li><a href="search_database.php" id="" title="SEARCH DATABASE">SEARCH DATABASE</a></li>
<li><a href="logout.php" id="" title="LOGOUT">LOGOUT</a></li>
</ul>
<ul id="navlist">
<li><a href="../contact_us.html" id="nav_contact" title="CONTACT US">CONTACT US</a></li>
<li><a href="../links.html" id="nav_links" title="LINKS">LINKS</a></li>
</ul></ul>
</div>

</div>


</div>





<div id="validate">
<a href="validator.w3.org/"><img src="../../images/comply_xhtml.gif" alt="XHTL Validation" border="0" /></a>
<a href="jigsaw.w3.org/css-validator/"><img src="../../images/comply_css.gif" alt="CSS Validation" border="0" /></a>
Designed with accessibility in mind.
</div>

<div id="footer">
<p><a href="#top">BACK TO TOP</a></p>
<p><a href="../../index.html">HOME</a> &loz;
<a href="../about_rnrf.html">ABOUT THE RNRF</a> &loz;
<a href="../rnrf_members.html">RNRF MEMBERS</a> &loz;
<a href="../membership_criteria.html">MEMBERSHIP CRITERIA</a> &loz;
<a href="../reports_presentations/documents/index.php">REPORTS & PRESENTATIONS</a></p>
<p><a href="../rnrf_guidelines.html">RNRF GUIDLINES</a> &loz;
<a href="../insight_conferences.html">INSIGHT CONFERENCES</a> &loz;
<a href="login_database.php">RESEARCH DATABASE</a> &loz;
<a href="../contact_us.html">CONTACT US</a> &loz;
<a href="../links.html">LINKS</a> &loz; <a href="../../admin/login.php">ADMIN </a></p>
</div>

<div id ="copyright">© RNRF 2006</div>



</div>
</div>


</body>

</html>
<?php
mysql_free_result($results);
?>
<?php require_once('../../Connections/myConnection.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == ""

== false &&
stristr($param, "totalRows_results"

Roddy Dairion

Replied 27 Apr 2006 13:54:52

27 Apr 2006 13:54:52 Roddy Dairion replied:

Y r u using $_GET to search ur database won't it be easier for u to use $_POST instead?

Roddy Dairion

Replied 27 Apr 2006 14:03:02

27 Apr 2006 14:03:02 Roddy Dairion replied:

Can you change your current query to this please:
<pre id=code><font face=courier size=2 id=code>
$query_results = sprintf("SELECT * FROM members WHERE first_name LIKE '%s' OR last_name LIKE '%s' OR email LIKE '%s' OR newspaper LIKE '%s' OR year = '%s' OR topic LIKE '%$topic1_results%' OR methodology LIKE '%s' OR research_objective LIKE '%s'", $firstname_results,$lastname_results,$mail_results,$news_results,$year1_results,$method_results,$objective_results);
</font id=code></pre id=code>

Scott Mason

Replied 27 Apr 2006 14:27:42

27 Apr 2006 14:27:42 Scott Mason replied:

I changed the query to as you suggested, when i performed a search i got the following error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 0, 10' at line 1

Do i need to change all $_GET to $_POST

Roddy Dairion

Replied 27 Apr 2006 14:48:01

27 Apr 2006 14:48:01 Roddy Dairion replied:

Try this one
<pre id=code><font face=courier size=2 id=code>$query_results = sprintf("SELECT * FROM members WHERE first_name LIKE '%s' OR last_name LIKE '%s' OR email LIKE '%s' OR newspaper LIKE '%s' OR year = '%s' OR topic LIKE '%s%' OR methodology LIKE '%s' OR research_objective LIKE '%s'", $firstname_results,$lastname_results,$mail_results,$news_results,$year1_results,$topic1_results,$method_results,$objective_results); </font id=code></pre id=code>

Scott Mason

Replied 27 Apr 2006 15:01:23

27 Apr 2006 15:01:23 Scott Mason replied:

no, same error message

Scott Mason

Replied 27 Apr 2006 15:02:40

27 Apr 2006 15:02:40 Scott Mason replied:

bye the way, thanks for all your efforts <img src=../images/dmxzone/forum/icon_smile.gif border=0 align=middle>

Roddy Dairion

Replied 27 Apr 2006 15:04:07

27 Apr 2006 15:04:07 Roddy Dairion replied:

if this doesn't work den i'll hve to custom code it completely.
<pre id=code><font face=courier size=2 id=code>
$query_results = sprintf("SELECT * FROM members WHERE first_name LIKE '%s' OR last_name LIKE '%s' OR email LIKE '%s' OR newspaper LIKE '%s' OR year = '%s' OR topic LIKE '%%s%' OR methodology LIKE '%s' OR research_objective LIKE '%s'", $firstname_results,$lastname_results,$mail_results,$news_results,$year1_results,$topic1_results,$method_results,$objective_results);
</font id=code></pre id=code>

Scott Mason

Replied 27 Apr 2006 15:15:07

27 Apr 2006 15:15:07 Scott Mason replied:

no, i get his error this time

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'select-' OR research_objective LIKE '-1' LIMIT 0, 10' at line 1

Roddy Dairion

Replied 27 Apr 2006 15:28:20

27 Apr 2006 15:28:20 Roddy Dairion replied:

Lets cheat try out.
Replace matching codes with this:
<pre id=code><font face=courier size=2 id=code>
$topic1_results = "ALL";
if (isset($_GET['topic'])) {
$topic1_results = (get_magic_quotes_gpc()) ? ."%".$_GET['topic']."%". : ."%".addslashes($_GET['topic'])."%";
}
</font id=code></pre id=code>

◄ Previous12 Next ►

Reply to this topic

Latest Extensions

App Connect Summernote File Upload Upload different files in Summernote Editor
App Connect Summernote Simple, yet powerful and modern WYSIWYG Editor
Bootstrap 4 Dynamic Table Generator 2 Automatically generate dynamic data tables
Bootstrap 4 Dynamic Form Generator 2 Auto generate perfect Bootstrap 4 dynamic forms in seconds
App Connect Bootstrap 4 Dynamic Paging Generator Auto generate awesome dynamic Bootstrap 4 paging in seconds
App Connect Event Calendar The most powerful full-sized event calendar for Dreamweaver
DMXzone App Connect Next generation client side framework for data-driven web sites and apps
DMXzone Database Custom Query Create advanced, complex custom SQL queries with ease

Latest Videos

Using App Connect Autocomplete Learn how to add autocomplete functionality on your page, using the App Connect Autocomplete
Creating Custom SQL Queries Learn how to create custom SQL Queries with DMXzone Database Custom Query
Restricting Access to Your Pages Learn how to restrict access to your pages, using DMXzone Security Provider 2
Adding Log Out Functionality with DMXzone Security Provider 2 Learn how to add log out functionality to your page with DMXzone Security Provider 2
Creating a Log In Page with DMXzone Security Provider 2 Learn how to create a log in page with DMXzone Security Provider 2
Setting Up Site Security Settings Learn how to setup your site security, using DMXzone Security Provider 2
Generating an Update Record Form Learn how to create an update record form, using the Bootstrap 4 Dynamic Form Generator 2
Generating an Insert Record Form Learn how to create an insert record form, using the Bootstrap 4 Dynamic Form Generator 2