Help with PDFtk function

ttsprez · September 19, 2018, 6:22pm

Can you please speak to this for me… I’ve tried both ways and I’m getting:

Parse error : syntax error, unexpected ‘var’ (T_VAR), expecting end of file in /home1/thetitl1/public_html/pdforms/TX Title App.php on line 4

This is the code as it is in the file:


<?php 

    //connects to the finaldetails form on bondinstuct.html 
    var theForm = document.forms["reference"];
    // creating a variable for the "reference_code" text box
    var $refcode = reference_code.innerHTML;

Until I can get this to work out, I will eliminate it and just use an actual reference_code in the query to see how the rest of the code works…

To that note, I am using two queries due to the fact that the first query uses the $refcode to pull data from the ‘forms’ table to get the $form_id related to the $refcode. The php code is then meant to grab that $form_id. Then the second query uses the $form_id to pull the data needed from the ‘form_data’ table. I know you mentioned using a “Join” statement, is that possible, being that I need the collect the $form_id from one table and use it in a query to pull info from another table.

ttsprez · September 19, 2018, 6:40pm

@astonecipher
please do me a favor and only post that which contributes positively to the conversation. Obviously, you are reading the thread as I don’t think you just pick out this quote at random and decided to post to it.

Statements like this are a true waste of your time and intellect, but that’s just my assumption.

@ErnieAlex and I are focused on trying to get the issues of this conversation straight and of course, anything that HELPS to that end would be greatly appreciated. If you’d like to be part of that goal, I’d invite your input and would be truly grateful for it.

astonecipher · September 19, 2018, 6:59pm

And what did I say that wasn’t constructive? That function will not work in a fiddler, because it creates a file.

astonecipher · September 20, 2018, 12:04am

If I was going to say something that you find unproductive, yet is still useful anyway, it would be something like

I’m glad @ErnieAlex can help you. But, you trying to reprimanding me when I answer questions won’t get you very far.

ttsprez:

<?php 
//connects to the finaldetails form on bondinstuct.html 
var theForm = document.forms["reference"]; 
// creating a variable for the "reference_code" text box 
var $refcode = reference_code.innerHTML;

You want to know why it wont work? That appears to be JavaScript code in the php tags. That isn’t how it works. Which is why you are getting parse errors.

ttsprez · September 20, 2018, 3:46pm

As a few people have said before, we posted to this forum because the title is Beginners-Learning PHP.

Some of your “answers” on other post seem to be more critique than solutions, much like your opening statement here. To truly help, the conclusion to that statement from someone who really was interested in helping would have finished the statement with the alternatives. Those that you indicate to have knowledge of but held back for whatever reason.

The same is true for the latter statement too. Just telling me the code is Java and not put forth an example of what you mean is like a little league coach telling a player to go play second base when he’s never played the game in his life.

I’m not here to argue or waste time debating how help should be issued. So if you can help, again, I invite you to show or explain the better way…as I researched the pdftk function initially because I found it could do what I needed, if I learned how to put the code together. In that process, @ErnieAlex discussed DOMPDF with me and provided a better solution.

If you can show a better way and really want to help, I’m sure @ErnieAlex and I would be glad to hear and learn about something new. Otherwise, thanks for your critique and I’ll continue moving forward. Success with this issue is gonna happen.

ErnieAlex · September 20, 2018, 4:37pm

Okay, let’s solve this project. I think we need to solve this step by step. This is a list of the steps that I am guessing that is needed. We can go thru it one step at a time and figure out what you really need and help you with solutions.

First, to create a state form, you need data to place in the areas on the form. This data is coming from somewhere. Looking at your posts, you have that data already created somehow and somewhere. The data exists, guessing in a database. The data is linked to one user’s input. Normally, this type of data would be inputted from a user at some point and assigned a user-ID and a vehicle-ID. These would be the indexing that you would use to select the data.

Next, you have the form as we have seen it previously. I downloaded it, so I have it and know it exists.
I created an HTML version of it for you which I also kept a copy of. This HTML version needs to have fields placed into it that we can replace with live data from the database. I suggested using underscores and the actual field names as it makes it simple to replace data with.

Third, you need to pull the data for one form. This requires a database query based on your user-ID and vehicle-ID. Your queries that you posted do not really make sense. You use UTF conversion which is not needed unless your stored data is saved in an odd format. And, you are not pulling out the correct data since you are using “LIKE”. Like clauses let you pull random data out of the database similar to the data. You need to pull out the exact data needed, not data SIMILAR to the data.

Fourth, you would need a routine to replace all the fields in the form with the live data. This is simple and I gave it to you in an earlier post.

Lastly, you need to convert the results to a PDF to save, view and print. I gave you this code earlier, too. The library that I suggested works great and I use in on several sites to create PDF’s for users to view or save.

Now, these are most of the steps that I think you need to use to solve this project. Let’s start at the first one. How are you getting your data for this system? Is it already stored in a database? What indexes (fields) are locked to the one form you need to create? How do you tell that the form you want to create is linked to one vehicle owner. We need to know the data layout first. Then, we can help you create the correct query to get the correct data out. Then, we can continue with the other steps one at a time.

Hope this all makes sense.

ttsprez · September 21, 2018, 6:47am

Hey @ErnieAlex,
Saw you message earlier this evening, but had to wait till after my thursday night karaoke gig to read and understand everything fully. I took your advice as far as testing by already putting things together in steps… But it’s like 2am now and I’ve got a funneral to attend in the morning so it may not be till tomorrow afternoon when I can get everything put together for you to take a look at.

Really quickly, as you mentioned customers input data and that form submission is given a “reference_code”, the “reference code” is associated with a “forms” table that has an “id” column which refers to the “form id” found in a “forms_data” table. when I query this “forms_data” table for the “form_id” it returns columns with the “name” and “data”. In the “names” column is the data that corresponds to the html form field names and the “data” column contains the data that need to replace those form fields. I have a TX Title App.php file that is connecting successfully and I have been tinkering with the query code to pull what I need. But thus far that is all its been. There are other aspects that I’ll need to give you, But like I said it’s late.

For now, just know that I appreciate everything thus far and I will work with your suggestions to get this thing put together…Thanks bro.

ErnieAlex · September 21, 2018, 12:19pm

Sorry for your loss. Hope all goes well with the funeral. I am quite busy today and tonight, too. So, might not answer alot today to questions.

So, looks like you have got step #1 done. One or two comments on this process. In your code, once you have selected everything that you just mentioned, you should display that one page’s data and match them up with the database to make sure it is 100% accurate. Before you move on to step #2. Also, you never use form inputs to verify which data you are using. If I got into your system, I could put in any name and pull out their data not mine. Unless the form field is entered by an ADMIN or just you. Need to think about security on how the name and that person’s data is accessed and pulled out. Normally, you would have an ID column for each person in the owner’s table. Just something to keep in mind.

Now, if all that is accurate, you are good for step #2. I had sent you a copy of the form in HTML format. I inserted some sample fields for you to see how they look. I think I did about five fields. When you do that, it quite often messes up the display of the file in a browser. Keep a copy without all of them in place, a blank form. And you live copy with ALL of the fields filled in with the underscores and field names in place. They should match your database table field names with the underscores around them. Once that is done, you can send it to me thru a PM or post it online somewhere and I will review it quickly to see how it came out.

Once those are done which I think you are close to doing, we can move on to step #3. Let me know. I think you are very close to completion. But, I am a bit busy today and tonight, so not sure…

ttsprez · September 21, 2018, 5:20pm

Thanks for the condolences… Let’s do this, let me get everthing together in a complete concise response to you over the weekend and just look to work on it the begining of next… I have a need to want to finish, but not on a rush to get it done. So enjoy your weekend, take care of you and yours. I’ll work on my end to get everything together in a complete concise way and post on Sunday evening for your review. Till then, drink one for me if you get a chance and have a great weekend.

ttsprez · September 23, 2018, 5:58pm

Hey @ErnieAlex,
Hope you’ve had a great weekend, for me, it has been a productive
yet relaxing one. I worked on trying to put together a concise picture
of the project scope. Hearing you really wanting to helping get this
done was awsome and I’ve been anxious to post this all weekend, as
I went straight to putting it together shortly after reading your
message on Friday. So here goes…

Customers provide data to on a form on the "finaldetails.html"page.
On submit, the follow up page gives sample of data submitted and a
“reference_code” for that submission. The customer and I also receive
an email with the same info.

The data is stored in a MySQL database labled “thetitl1_livesite754”.
In order to see the actual info the customers submitted I must query
the database in the following manner:

SELECT * FROM thetitl1_livesite754.forms WHERE
(CONVERT(reference_code USING utf8) LIKE ‘QKEX49MKDE’)

This query is generated by PHPAdmin for the search I perfomed when
requesting info on QKEX49MKDE reference code. Here is a snippet of what is returned:

In the snippet you will see at the top where phpadmin has created the
query statement. In the results you will see where the search has returned
a row with associated data and a data column named “id”. This “id”
is what makes the data unique to the reference code. the “user id” is
associated with account profile info and “page id” is associated with
the type of page the form was submitted to.

I have learned that when doing a search for the particuar data submitted
that I must perform a search for “form_id” using the “id” data from this
"forms"table and that search returns the following query:

SELECT * FROM thetitl1_livesite754.form_data WHERE
(CONVERT(form_id USING utf8) LIKE ‘29’)

This again is generated by phpadmin as a result of that search and this
is a snippet of the result:
http://www.clipular.com/posts/5659806485184512?k=WFiHF19sX03pA-RBqXgjWP-po44

In both instances phpadmin allows me to have it create phpcode of each
query statement and they are as follows:

reference code - $sql = “SELECT * FROM thetitl1_livesite754.forms WHERE (CONVERT(reference_code USING utf8) LIKE ‘QKEX49MKDE’)”;

form_id - $sql = “SELECT * FROM thetitl1_livesite754.form_data WHERE (CONVERT(form_id USING utf8) LIKE ‘29’)”;

This is what I’m using to perform my queries in the php code. Also, in order to
generate these results I had to use an existing record in each statement thus
reference code of QKEX49MKDE and form id of 29 was used.

In the php processing of each document I will need to have the customer
input their “reference_code” to a html name=“reference_code” form field.
On submit, the php code needs to gather the “reference_code” by way of
method=post from the html text box and convert it to a variable by way
of $refcode = $POST[] that can then be used in the reference code query.
When the query is processed it should generate the results of the forms
table, where I will then need to fetch the “id” to create the $form_id
variable that can then be inserted into the “form_id” query to produce the
result of the “forms_data” table.

All of this should then allow me to use a WHILE fucntion to fetch the data for
“name” and “data” columns to use in replacing there form field tags in the
html template.

I do have the other code you have provided to perform the DOMPDF part
but as you say would like to get the hurtles of this part taken care of before
moving forward. This needs to be right before we can move froward anyway.

With all of this said, here is little more insight on the overall process. Once
data has been submitted, reference code issued, emails received. The customer
will need to process payment in order to get access to the instruct page.
This page will provide them with processing, finalization instructions and
link buttons for creating each pdf document with their info. Here is the
actual instruction page I’m working with now:

https://losttitleconnection.net/bondinstruct.

I will provide temp username and password for both the site and mysql
access in a private message.

So here is where it gets a little complicated. I use a web platform called
Livesite. The bondinstruct.html page has been created using that platform,
however, I have learned that if I put the php files into there Livesite
folder and call them they will not function as Livesite uses ZendGuard.

In order to resolve the issue I created a pdforms.losttitleconnection.net
subdomain that contains all the php, htlm and background file for each
document. The links from the bondinstruct page calls on php files
outside the platform to create the pdf for each link button. I am using
the Texas Title Application buttom at the bottom of the bondinstruct.html
to call on the TX Title App.php file for testing as it is the most complicated
document in this whole process. So far it has been working when clicked
to generate a successful connection to the connnection config file labled
dogs.php that exists in the same subdomain folder. But since adding code
to create queries and fetch for variables, I’m getting error messages.
The code as it stands looks sound, but I’m sure needs better more and
more experienced eyes. Here is the code in the TX Title App.php:


<?php

//create a connection to MySQL
require 'dogs.php';

?>

<html>
<body>

</form>
<form action="TX Title App.php" method="post">
<fieldset><legend>Final Details Reference Code</legend> <label for="reference_code">Enter Reference Code Here:</label> <input id="reference_code" name="reference_code" type="text" /></fieldset><br>
<input type="submit">
</form>

<?
// shows reference code to page
echo $_POST["reference_code"];

//query for reference_code from 'forms' table
$refcode = $POST["reference_code"];
$form_id = 'id';
$query1 = mysql_query("SELECT * FROM `thetitl1_livesite754`.`forms` WHERE 'reference_code' ='". mysql_real_escape_string( $refcode ) ."'");
$retval1 = mysql_fetch_object($query)->$form_id;

$name = 'name';
$data = 'data';
$query2 = mysql_query("SELECT * FROM 'thetitl1_livesite754'.'form_data' WHERE 'form_id' ='". mysql_real_escape_string( $form_id ) ."'");
$retval = mysql_fetch_object($query)->$name,$data;


while($row = mysqli_fetch_assoc($name)){
  echo "{$row['data']}";


?>

</body>
</html>

With this code in the TX Title App.php file it is currenlty returning this error:
Parse error: syntax error, unexpected end of file in /home1/thetitl1/public_html/pdforms/TX Title App.php on line 39

My other concerns are hackers of the mysql code and database or the information
it contains as it will contain names and address and state id numbers for
each user which I would hate to see abused.

I hope I have addressed all your questions and look forward to your response.

ErnieAlex · September 24, 2018, 5:23pm

Well, yikes! Maybe too much info… Let’s see. First, okay we understand how you get the data which is part#1.
Next, you retrieve the data using this query:

BUT, why do you convert inputs to the WHERE clause. I do not understand that at all. AND, NEVER use LIKE to attempt to pull out data. LIKE will take the similar fields. It is used to acquire data that is similar. NOT EXACT! So, once you start getting a lot of data, this query could pull out the incorrect data! This will cause you a problem in the future. As the ADMIN of the site, you would have some page that would show you the list of reference_code’s that you need to deal with. A list of pending requests or whatever. In that list, you would have a button that would create the forms and PDF’s or whatever. This list would be all of the reference_code’s and inside the button, it would have the id of the record. You normally would use the id since it is a 100% accurate index for the one and only one record. Or, you can use the reference_code itself as long as it is 100% unique. Normally, if you use that as your index, you would make sure that when the new record is created that there are no other reference_code’s with the same value. Either way, id or reference_code, you must query only for that one row of data and never ever using LIKE. Something loosely like:
SELECT * FROM thetitl1_livesite754.forms WHERE reference_code = ‘QKEX49MKDE’
No converting needed and no LIKE’s. As you said, in the phpMyAdmin, it pulls out the unique “id” field, but, that is no way correct! If you have several slightly different values for the reference_code, you might get the correct one, but, might not.

Same comments for the searching for form’s. Drop the convert and do NOT use LIKE. You can NOT use phpMyAdmin for generating your search queries! You need to create them yourself and make them fit your data exactly. There is no “tool” that creates a 100% accurate query. Well, in my humble opinion anyways. Here are some comments on how a search query would be used for data like this.

First, normally, if it is a user based system, you would have all of the user’s or client’s personal data stored in
your users table. This would include personal info such as phone numbers, dob, addresses, etc. Then, in a vehicle table you would have all the data for any one of them. All the data that is ever needed on a form. The vehicle table would include a field indicating the user_id of the owner. Then, when a user/owner/client requests a form, they would have to select which vehicle they want that form for. At this point, you would have a user_id pointing to the owner, a vehicle_id pointing to the vehicle and a form_id that points to the form they requested for that vehicle. With those items, you have all you need to put the form together. You would have pointers directly to all the parts. Again, NEVER using LIKE! It will fail for sure at some point.

Now, since you gave more info, I see why the convert was inside your query. You did not create it. There are hundreds of variations of phpMyAdmin’s and other control panels. They are for important usage, but, are not a final solution. So, perhaps you need some training on queries.

Now, another issue in your design logic… If you run the entire process based on the user entering the reference code, how do you know 100% that it is their info? I mean, I could enter your reference code and get a copy of your forms not mine. The way you pull this info is questionable. Logic-wise…

You pull the data from a posted webpage using $refcode = $POST[] … You should use a filter on this to protect your code and database from hackers. At the least use the "filter_input(INPUT_POST, “field”) function. And, use “prepared statements” to protect the database from hackers.

Looking at the site, it is clean, simple and appears to have everything you need. Note that the Home page shows people in line. Legally, you need to have permission from each of them. I suggest in writing! Otherwise, you might get sued for use of their images without permission! Have to think of all these things when creating a website!

Skip the temp username and password! Just use their email address as identification. Let them enter their email address and password to log in. If they change their email address, they can still log in with the old one and change it in their user-profile page. Cuts out a lot of work that way!

Livesite is a “shared” server system. You get a share of a server. Each app such as Zend Guard is installed on your server. Depending on how it is set up, you should be able to include your own codes. There should not be a need to have a second server set up just for called PHP scripts!

Livesite is really Bluehost. I went to Livesite’s help page and that sent me to Blue host’s site and their chat page to ask about this was here: Livesite-Bluehost chat I was talking to them. You give them a name and the site name and they will help you. But, they asked if it was a WP site. I was not sure. Did you build the site using Livesite’s WP creation tool? That would be a “Word Press” site creator tool. If it is, you can add pages, but, you need to get into the WP’s ADMIN’s pages and add them in there. Also, if it is a WP site, you need to learn how to use WP. Not sure about that. But…

Cross posting from domain to domain can be tricky. Both have security on them, both would need to allow accesses from the other to pass things back and forth. Quite often, if you own both sites, you could leave a PHP script open on one to allow it to pull data from it’s database, but, not from the main live one. Doesn’t work that way. You can use your phpMyAdim on the main site to make the database into a remote database allowing external users to access it. Then on the second site, you can access that database with the correct login and password, but, that can open it up for possible hackers to attempt to get into it.

The error:

Parse error: syntax error, unexpected end of file in /home1/thetitl1/public_html/pdforms/TX Title App.php on line 39

Means that you most likely did not close a brace/bracket. { } In the code you posted above, you show a WHILE clause at the bottom, but, you never close it. Guessing that is the problem.

So, questions… Is it a WP site? Do you have 100% full access to the files on the site? Can you FTP to it and review all of the files? If you can FTP to it, you must have made several backups of the site on your system at various times. And, if so, you should be able to edit the files and add in your code. If you are using a front-end site creation tool, you might have to use that to edit the site. You shouldn’t need to use a secondary domain. In your control panel, you can get to phpMyAdim pages as you mentioned them above. Can you also get to a file manager where you upload and download files? If so, you should be able to move around Zend Gaurd using that. Am a little confused on why you can’t get full control of the site.

Well, that’s a lot more for you to review. Hope you get something out of it all…

ErnieAlex · September 24, 2018, 5:59pm

I got onto the Livesite website and found it to be mostly a shared server system. It is basically a sales site system or a web-commerce creator site. They seem to control all of your site’s creation. The SOURCE code of your site is READ-ONLY. Therefore, it is not a real site, but, Livesite’s version. They use “canned” code which you can alter by using options in their control panel. You can NOT really edit code on it. Therefore, I would suggest moving your site to another server. You will never have real control over the site on their servers.

You can look at the source code for their pages READ-ONLY and might be able to save all the pages that way, but, I am not sure if that includes the PHP code inside it or not.

Now, this brings us to another question. Do you own the site yourself or are others involved? Is your secondary site on a normal server somewhere or another shared one?

ttsprez · September 25, 2018, 3:41am

Sorry if I overwhelmed you… This was one of those instances where I figured more was better…

Let me first start with the Livesite Platform as I’ve come to call it. I understand, I am using a canned version of their paid site which has been downloaded and installed to my losttitle server folder. Thus I have a copy of my site instance on my server that I can access both by file manger via bluehost cpanel and via ftp…I’ve used them this way for a little over 3 years and have not had any issues with how it works or my ability to edit the pages. With my admin, I have access to page creation and most of the behind the scenes html and css code via their built in site editor tools. The only thing I don’t have access to is the nuts and bolts php flles as when I try to open them even in a seperate file manage, that’s when I get the “Sorry protected by ZenGuard” message. Which for me isn’t a big deal.

As for site ownership…I own the site solely, no other partners. And I appreciate the heads up about the home page image. I already made the change to fix that.

As for my server, I host with BlueHost on a shared sever account with unlimited domain hosting capabilities. That is why, I was able to create the pdform subdomain. I don’t think there is an issue with MySQL as the php files in the pdform subdomain have thus far produces successful connections when requesting connections in initial testing calling for connections using my config file dogs.php. So I assume if I have a successful connections, I can process queries too.

I am going to make the suggested changes to the queries using the specific request as opposed to LIKE as you suggested and see how that works. The CONVERT part is something that the mysql admin had generated when clicking the “generate php code” so I just used it that way. I understand that in your code simply using “SELECT * FROM thetitl1_livesite754.forms WHERE reference_code = ‘QKEX49MKDE’” is the optimal way to create the query.

As to your point about what to use as an index to request info. It is a bit complicated due to the fact that the data I need to fill the html temp forms is not directly associated to the reference_code or it’s forms table. the only thing that ties the two together is the form_id which is issued when the reference code is created and the data is submitted to the forms data table. This is the reasoning behind using a text box to request reference code from the customer as it is part of the email they receive on successful submission. Using that to create a variable and inputing that variable into my query, produces the forms table data. From the results produce I then need to fetch the “id” from that table and create another variable. Then input that to the second query that produces the forms data table results. From this table I can then fetch the “name” and “data” columns to use to fill my html template. I hope this make sense… I wish there was a way to take the reference code and uniquie form id, name and data into a table that would allow me to make one simple request, but I am not familiar enough with mysql to do that. I know there is a way, cause all these columns exist, its just learning how to take the data in those columns and turn them in to columns themselves that relate to the reference code.

As to the $refcode=$POST[], this is code I found to prevent what you speak to as security and hacking issues, will this do?


<?php

//create a connection to MySQL
require 'dogs.php';

?>

<html>
<body>

</form>
<form action="TX Title App.php" method="post">
<fieldset><legend>Final Details Reference Code</legend> <label for="reference_code">Enter Reference Code Here:</label> <input id="reference_code" name="reference_code" type="text" /></fieldset><br>
<input type="submit">
</form>

<?
// shows reference code to page
echo $_POST["reference_code"];

//query for reference_code from 'forms' table
$refcode = $POST["reference_code"];

$query1 = mysql_query("SELECT * FROM `thetitl1_livesite754`.`forms` WHERE 'reference_code' ='". mysql_real_escape_string( $refcode ) ."';");

if (!$query1) {
    echo 'Could not run query: ' . mysql_error();
    exit;
}

$row = mysql_fetch_row($query1); //Retriev first row, with multiple rows use mysql_fetch_assoc
$form_id = $row['0']; //Retriev "id" field
$form_id = trim($form_id); 
echo $form_id;


$query2 = mysql_query("SELECT * FROM 'thetitl1_livesite754'.'form_data' WHERE 'form_id' ='". mysql_real_escape_string( $form_id ) ."';");
if (!$query2) {
    echo 'Could not run query: ' . mysql_error();
    exit;
}

$row = mysql_fetch_assoc($query2); //Retriev first row, with multiple rows use mysql_fetch_assoc
$name = 'name';
$data = 'data';

$retval = mysql_fetch_object($query)->$name,$data;


while($row = mysqli_fetch_row($form_id)){
  echo "{$row[$data,$name]}";

}
?>

</body>
</html>

Let me know what you think…this is as far as I’ll go for now so as not to overwhelm you again. I’ll wait for your response and thanks for all the insight.

ttsprez · September 25, 2018, 5:11am

Tinkering with it and I think the reference code html form needs to be on it own page. After the customer inputs the refcode and hits submit, it should then request the php file that preforms the queries and doc creations…does that sound like its right to you…

As I said in testing it now, I click the link its requesting the php file, giving me a connections successful, the text box for submitting the refcode, but it also goes into processing the other php on the page without the refcode being inputed…

Gonna leave it alone now and call it a night.

ErnieAlex · September 25, 2018, 12:32pm

To bring it all in at one time, you can use “JOIN” functions. Basically, this does multiple queries inside one. You assign a table name to a letter, like a b c, and then you can cross-access each of them as needed inside your query. All of the data can be loaded with just one more complicated query. I will look at your queries later today and see what I can come up with for you. (It is 8 AM here, but, I have a busy day today…)

As far as the $_POST security, you do not need to use the mysql_real_escape_string as long as you filter the input from the forms first. Once filtered, they are safe to use. Therefore this section:

// shows reference code to page
echo $_POST["reference_code"];

//query for reference_code from 'forms' table
$refcode = $POST["reference_code"];

Would become this:

//query for reference_code from 'forms' table
$refcode = filter_input(INPUT_POST, "reference_code");

// shows reference code to page
echo $retcode;

NOTE:  $POST is NOT the same as $_POST.   One is a variable and one is the posted form data.  If you are loading other data into a variable called $POST, I think you need to change that name.  That could cause program errors if you mistype it and it is not a good practice to name a variable POST.  Can be confusing.
Once you use the filter_input function, the data from the user is safe to use.  There are many many different filters that you can use.  The INPUT_POST is the most common to filter for general fields coming in from forms. There are tons of filters and options such as validating email addresses, etc.  But, in most cases just the INPUT_POST and default options are enough.  

One issue that is of importance is that you are using MySQL not MySQLi for all your database functions.  MySQL is  deprecated and is actually removed in the latest versions of PHP.  You should consider upgrading to the MySQLi version.  ("i" is for Improved!)  Or even better start learning about PDO which is 10 times more secure and safer.  Moving up to the improved version of MySQL is easy.  Most commands consist of just adding in the connection pointer.  Moving up to PDO is tricky as it is more "object-orientated" and needs a bit of learning time.  But, you should consider one or the other so your site does not stop working later on.

I will look at your queries later today and see what I can come up with to make it just one query...

ErnieAlex · September 25, 2018, 5:51pm

To double up the queries to save time, you can do something like this:

$query = "SELECT * FROM thetitl1_livesite754.form_data WHERE form_id IN 
    (SELECT form_id FROM thetitl1_livesite754.forms WHERE reference_code ='" . $refcode . "')";

Notes: The second SELECT whichs gets executed first pulls just the form_id from the ref-code. Then, the data from the from is pulled out from the form_data table. As you see, it looks for the form_id which is pulled out of the second SELECT. This is passed as a result to the first SELECT. It only pulls out the ones that exist in the second SELECT. This look tricky, but, it is easy. If you need more data from the second query, we would have to change this to work in a different manner.

Hope you understand this. Saves a lot of code this way! Test it in your phpMyAdmin and run the query with some ref-code stuck in there…

ttsprez · September 26, 2018, 2:33pm

had to adjust it a bit as the ‘form_id’ pulling from the ‘forms’ table needed to ‘id’ instead. doing this gave me the following snippet of the data set when using it in phpadmin:

This results set contains the ‘data’ and ‘name’ columns. These colums hold the html template field names in the ‘name’ column and the field values in the ‘data’ column

This is the php code I put together to perfom this query:


<?php

    //create a connection to MySQL
    require 'dogs.php';

    //query for reference_code from 'forms' table
    $refcode = filter_input(INPUT_POST, ["reference_code"]);
   
    // database name
    $dbname = "thetitl1_livesite754";
   
    $con = mysqli_connect($servername,$username,$password,$dbname);

    function forms_data() {
    // Create connection
    $db = new mysqli($con);

    // Check for errors
    if($db->connect_errno){
    echo $db->connect_error;
    }

    // Execute query
    $result = $db->mysqli_real_query("SELECT * FROM thetitl1_livesite754.form_data WHERE id IN 
        (SELECT form_id FROM thetitl1_livesite754.forms WHERE reference_code ='" . $refcode . "'));

    // Always check for errors
       if($db->connect_errno){
       echo $db->connect_error;
       }

      return $result == true;
    }

?>

For testing purposes, please go to losttitleconnection.net/bondinstruct. I’m using the “Texas Title Application” link button at the very bottom of the page. Input the ref code ‘QKEX49MKDE’ and you will see that it is giving me a " Parse error : syntax error, unexpected end of file in /home1/thetitl1/public_html/pdforms/TX Title App.php on line 35" message. Can’t seem to figure why though and info from stack overflow is not much help. If i understand, this means the code is missing a bracket or semi colin, or something to that effect some where. I will not try to mess with anymore till I get your input.

I am using real_query as I understand that I can then utilize mysqli_use_result to Initiate a result set retrieval for the ‘data’ and ‘name’ columns. Does that sound right. I have some code for that too, but lets make this work first.

Thanks again @ErnieAlex

ErnieAlex · September 26, 2018, 2:44pm

This is missing the ending quote just before the end of the query… _query();.
= ‘" . $refcode . "’)");

ErnieAlex · September 26, 2018, 2:53pm

PS: How do you edit your code? Do you edit it locally on your computer and then upload it to the site using a FTP program? Or do you edit it live on the site thru the control panel?

If you do it locally on your computer, you might want to use NetBeans. It is a free program editor which is great for PHP. It will flag errors like these and they just “JUMP” out to you as they are marked in red. Easy to find issues like that.

Link for it: NetBeans You only need the one in the PHP column.

ttsprez · September 26, 2018, 2:58pm

thanks, I’ve been editing straigh in the file on the server through my host cpanel using the file manager and the code editor it provided. This will definitely help the situation and is what I had been looking for, just didn’t know which I could trust. Got watch what you download these days.

I’ll get Netbeans and run it through, thansk agian