PHP/dropdown Box/MySQL

Cory · December 9, 2012, 8:39pm

i am trying to take option from a dropbox and once option is selected it updates my Database with the Selected Option… not sure where to go from here… it all loads properly with no errors just not sure how to run the query

[php]

<?php $con = mysql_connect("HOST","NAME","PASS"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("DBNAME", $con); $result = mysql_query("SELECT * FROM TBLNAME"); echo ""; while($row = mysql_fetch_array($result)) { echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; //BELOW IS MY DROPBOX //Unsure of how to correctly run a new MYSQL query //with the selected option from dropbox //to update table with NEW selected option echo ""; echo ""; } echo "

User ID	Username	First Name	Last Name	Email	User Level	Change User Level
" . $row['IDS'] . "	" . $row['usersname'] . "	" . $row['firstname'] . "	" . $row['lastname'] . "	" . $row['useremail'] . "	" . $row['users_level'] . "	"; echo " ".$row['users_level']." User Co-Admin Admin"; echo ""; echo "

"; mysql_close($con); ?>

[/php]

im not sure where to begin with this any help would be appreciated!

mdahlke · December 9, 2012, 11:06pm

you need to put that into a form and you can either have a submit button or use the onchange event handler

ie…
[php]

// Your dropbox

[/php]

Cory · December 9, 2012, 11:55pm

Thanks mdahlke for the help!

Cory · December 10, 2012, 12:34am

how can i make sure its the correct user for the change?

i can make a simple query to change the users_level from user to admin but how do i make it so its the correct user that i am clicking the submit button?

using the above method with the form and submit button … what would the code on the “form action=‘ThePathToTheScriptForTheQuery.php’” look like to pull the information from the “list_user.php” page in my first post?

how would i know it is changing user ID=“2” to admin and not user ID=“22” to admin…?

mdahlke · December 10, 2012, 3:34am

To update a specific user you will need to pass the user id within in the form (I did it here with a textbox but you can also use the hidden input if you don’t want/need it seen)
To confirm that you are updating the correct user I would leave the input as visible where is shows the user id and then echo out after the update to make sure it was id=‘2’ and not ‘22’ or whatever.

the form action=’’ is where you keep the script that will handle the query. You’ll notice here that it is left blank because it is on the same page ( right at the top with the if(isset($_POST[‘updateUser’])) )

[php]<?php
// This begins the update user query
if(isset($_POST[‘updateUser’])){
$id = $_POST[‘user_id’]; // passed through from the form
$userLevel = $_POST[‘users_level’]; // passed through from the form

    // Your mysql query to update the user level....change what is necessary to make it work
$update = mysql_query("UPDATE tblName SET users_level='$userLevel' WHERE user_id='$id'");

    // if the query was successful...
if($update){
	echo "
		Successfully updated user: $id to level: $userLevel
	";
}
    // query was not successful
else {
	echo "Error: ".mysql_error();
}

} // End the user level update query

// This is the start of your code
$con = mysql_connect(“HOST”,“NAME”,“PASS”);
if (!$con)
{
die('Could not connect: ’ . mysql_error());
}

mysql_select_db(“DBNAME”, $con);

$result = mysql_query(“SELECT * FROM TBLNAME”);

echo "

";

while($row = mysql_fetch_array($result))
{

echo “

”;
echo “”;
echo “”;
echo “”;
echo “”;
echo “”;
echo “”;

//BELOW IS MY DROPBOX
//Unsure of how to correctly run a new MYSQL query
//with the selected option from dropbox
//to update table with NEW selected option

echo “

”;
echo “”;
}
echo “

User ID

Username

First Name

Last Name

Email

User Level

Change User Level

” . $row[‘IDS’] . “

” . $row[‘usersname’] . “

” . $row[‘firstname’] . “

” . $row[‘lastname’] . “

” . $row[‘useremail’] . “

” . $row[‘users_level’] . “

”;

// I edited here
// action=’’ means script is located in this same file
// added a text input field to pass the user id…to hide this change the attribute type=‘text’ to type=‘hidden’
echo "

<input type=‘text’ size=‘3’ name=‘user_id’ value=’".$row[‘IDS’]."’/>
// user levels
“.$row[‘users_level’].”
User
Co-Admin
Admin

";

echo “

”;

mysql_close($con);
?>[/php]

Please take the time to thoroughly go through this and try to understand what is going on in it.
If you do have questions please ask and also let us know of any error messages.

richei · December 10, 2012, 6:00am

You need to do any permissions checks before the person even enters the page. Assuming you have that information stored in a database table somewhere, when the person logs in, save the permission level in a cookie or session, then when you enter the page, check the session. Then build the menu according to their level. That way, you don’t have to worry about the person doing something they aren’t supposed to.

Cory · December 10, 2012, 3:11pm

Thanks mdahlke for that I will go through that now … as i was going through it i had to arrange the above code that you have added… to just below the database info so it would connect when i have tried with the way you have it, it gave an error saying no database was found? or something like that (been about an hour since i seen it…) also after that I just added a few lines to it just the result success to produce the users name and username rather then just the ID to clarify more … and i have ended up hiding the input textbox in the table just to make it look neater …

after a little alteration the code worked great THANKS MDAHLKE

also thanks to richei but I have it all running through a “users.php” file which checks for a cookie and then based on the cookie/users_level the output is either an “admin”, “co-admin”, “user” or revert back to login page…
all code is in this users.php file… not linking to any other outside page
the code above is all just a piece in the users.php that i have been trying to get working
here is the base code for my “users.php” its all working good…is this what you meant richei?
[php]

<?php // Connects to your Database mysql_connect("HOST", "USER", "PASS") or die(mysql_error()); mysql_select_db("DBNAME") or die(mysql_error()); //checks cookies to make sure they are logged in if(isset($_COOKIE['ID_MY_SITE'])) { $username = $_COOKIE['ID_MY_SITE']; $pass = $_COOKIE['KEY_MY_SITe']; $check = mysql_query("SELECT * FROM TBLNAME WHERE usersname = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { //if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']) { header("Location: login.php"); } //otherwise they are shown the admin area else { $select = "SELECT * FROM TBLNAME WHERE usersname = '$username' LIMIT 0, 1"; $query = mysql_query($select) or die(mysql_error()); $result = mysql_fetch_assoc($query); $resulta =$result['firstname']; $resultb =$result['lastname']; $resultc =$result['users_level']; $ucstringa = ucwords($resulta); $ucstringb = ucwords($resultb); echo "Welcome, ".$ucstringa." ".$ucstringb." (".$resultc.") Logout"; if ($result['users_level'] == 'Admin') { //######### ADMIN STUFF #########\\ echo "Admin"; echo ""; echo ""; echo ""; } //######### CO-ADMIN Content #########\\ elseif ($result['users_level'] == 'Co-Admin') { echo "Co-Admin"; echo ""; echo ""; echo ""; } else { //####### USER Content #######\\ echo "USERCONTENT"; echo ""; echo ""; echo ""; } } } } else //if the cookie does not exist, they are taken to the login screen { header("Location: login.php"); } ?>

[/php]

I have been testing the code on its own page to make sure it works before merging the code to the users.php file… so then if it gave errors i would have an easier time trying to fix them …

Thanks for all the help!