[resolved] Advice on PHP - MySQL code

spiritssight · January 4, 2008, 4:18am

Hello all,

I am wondering is there a better way of doing this code? what this code is doing is pulling data from a db and putting the information into the form for editing, the from will process in a different from as there is three buttons to choice from, one to accept the data, two to table for the time (to skip) three to reject (put the info into a blacklist without any changes)

only I and a couple of people will have access to the form, so right now I not worried about injection stuff, once I got things all the way I want then I will add that stuff.

Now there has to be a better way of coding this page. Thanks ahead of time!

Sincerely,
Christopher

<?php

include '/home/dev/www/includes/db_config_cr-dev.php';
include '/home/dev/www/includes/db_conn-select.php';

$query = "
	SELECT *
	FROM irs_eoml_rawdata
	WHERE
		EIN LIKE '050503820'
	";

$result = mysql_query($query) OR die("Was unable to get the results!" . mysql_error());
$rows = mysql_numrows($result) OR die("Was unable to get number of rows" . mysql_error());

$i=0;
while ($i < $rows) {

$ein = mysql_result($result,$i,"EIN");
$pno = mysql_result($result,$i,"PNO");
$icn = mysql_result($result,$i,"ICN");
$sa = mysql_result($result,$i,"Street_Address");
$city = mysql_result($result,$i,"City");
$state = mysql_result($result,$i,"STATE");
$pc = mysql_result($result,$i,"Postal_Code");
$gen = mysql_result($result,$i,"GEN");
$subsection = mysql_result($result,$i,"Subsection_Code");
$affiliation = mysql_result($result,$i,"Affiliation_Code");
$classification = mysql_result($result,$i,"Classification_Code");
$rd = mysql_result ($result, $i, "Ruling_Date");
$dc = mysql_result ($result, $i, "Deductibility_Code");
$fc = mysql_result ($result, $i, "Foundation_Code");
$ac = mysql_result ($result, $i, "Activity_Code");
$oc = mysql_result ($result, $i, "Organization_Code");
$ulc = mysql_result ($result, $i, "UL_Code");
$afed = mysql_result ($result, $i, "AFED");
$tp = mysql_result ($result, $i, "Tax_Period");
$asset_c = mysql_result ($result, $i, "Asset_Code");
$income_c = mysql_result ($result, $i, "Income_Code");
$frc = mysql_result ($result, $i, "FR_Code");
$b = mysql_result ($result, $i, "Blanks");
$ap = mysql_result ($result, $i, "Accounting_Period");
$asset_a = mysql_result ($result, $i, "Asset_Amount");
$income_a = mysql_result ($result, $i, "Income_Amount");
$ian_ns = mysql_result ($result, $i, "IIANCNS_1");
$f990_ra = mysql_result ($result, $i, "F_990_RA");
$ran_ns = mysql_result ($result, $i, "IIANCNS_2");
$ntee = mysql_result ($result, $i, "NTEE_Code");
$sn = mysql_result ($result, $i, "SN_SNL");

echo '
<form name="irs_eoml" method="post" action="process.php">
<label for="ein">Employer Identification Number:</label>
<input type="text" value="'. $ein .'" id="ein" name="ein" /><br />
<label for="pno">Primary Name Organization:</label>
<input type="text" value="'. $pno .'" id="pno" name="pno" /><br />
<label for="icn">In Care of:</label>
<input type="text" value="'. $icn .'" id="icn" name="icn" /><br />
<label for="sa">Street Address:</label>
<input type="text" value="'. $sa .'" id="sa" name="sa" /><br />
<label for="city">City:</label>
<input type="text" value="'. $city .'" id="city" name="city" /><br />
<label for="state">State:</label>
<input type="text" value="'. $state .'" id="state" name="state" /><br />
<label for="pc">Postal Code:</label>
<input type="text" value="'. $pc .'" id="pc" name="pc" /><br />
<label for="gen">Group Exception Number:</label>
<input type="text" value="'. $gen .'" id="gen" name="gen" /><br />
<label for="subsection">Subsection Code:</label>
<input type="text" value="'. $subsection .'" id="subsection" name="subsection" /><br />
<label for="affiliation">Affiliation Code:</label>
<input type="text" value="'. $affiliation .'" id="affiliation" name="affiliation" /><br />
<label for="classification">Classification Codes:</label>
<input type="text" value="'. $classification .'" id="classification" name="classification" /><br />
<label for="rd">Ruling Date:</label>
<input type="text" value="'. $rd .'" id="rd" name="rd" /><br />
<label for="dc">Deductibility Code:</label>
<input type="text" value="'. $dc .'" id="dc" name="dc" /><br />
<label for="fc">Foundation Code:</label>
<input type="text" value="'. $fc .'" id="fc" name="fc" /><br />
<label for="ac">Activity Code:</label>
<input type="text" value="'. $ac .'" id="ac" name="ac" /><br />
<label for="oc">Organization Code:</label>
<input type="text" value="'. $oc .'" id="oc" name="oc" /><br />
<label for="ulc">Universal Location Code:</label>
<input type="text" value="'. $ulc .'" id="ulc" name="ulc" /><br />
<label for="afed">Advance Ruling Expiration Date:</label>
<input type="text" value="'. $afed .'" id="afed" name="afed" /><br />
<label for="tp">Tax Period:</label>
<input type="text" value="'. $tp .'" id="tp" name="tp" /><br />
<label for="asset_c">Asset Code:</label>
<input type="text" value="'. $asset_c .'" id="asset_c" name="asset_c" /><br />
<label for="income_c">Income Code:</label>
<input type="text" value="'. $income_c .'" id="income_c" name="income_c" /><br />
<label for="frc">Filing Requirement Code:</label>
<input type="text" value="'. $frc .'" id="frc" name="frc" /><br />
<label for="b">Blank Field:</label>
<input type="text" value="'. $b .'" id="b" name="b" /><br />
<label for="ap">Accounting Period:</label>
<input type="text" value="'. $ap .'" id="ap" name="ap" /><br />
<label for="asset_a">Asset Amount:</label>
<input type="text" value="'. $asset_a .'" id="asset_a" name="asset_a" /><br />
<label for="income_a">Income Amount:</label>
<input type="text" value="'. $income_a .'" id="income_a" name="income_a" /><br />
<label for="ian_ns">If Income Amount Neg: (put -)</label>
<input type="text" value="'. $ian_ns .'" id="ian_ns" name="ian_ns" /><br />
<label for="f990_ra">Form 990 Revenue Amount:</label>
<input type="text" value="'. $f990_ra .'" id="f990_ra" name="f990_ra" /><br />
<label for="ran_ns">If Revenue Amount Neg: (put -)</label>
<input type="text" value="'. $ran_ns .'" id="ran_ns" name="ran_ns" /><br />
<label for="ntee">National Taxonomy of Exempt Entities (NTEE) Code:</label>
<input type="text" value="'. $ntee .'" id="ntee" name="ntee" /><br />
<label for="sn">Sort Name Line (Secondary Name Line), if present:</label>
<input type="text" value="'. $sn .'" id="sn" name="sn" /><br />

<input type="submit" value="accept" name="Accept">
<input type="submit" value="table" name="Table">
<input type="submit" value="reject" name="Reject">
</form>
';

$i++;
}

mysql_close($conn);

?>

Zyppora · January 10, 2008, 2:24pm

I always use mysql_fetch_assoc() instead of mysql_query():

$ein = mysql_result($result,$i,“EIN”);
$pno = mysql_result($result,$i,“PNO”);
…

will become:

$my_array = mysql_fetch_assoc($result);

This will return the array as such:
$my_array {
“EIN” => “[your value]”,
“PNO” => “[your value]”,
…
}

But it’s really a matter of preference I guess.

spiritssight · January 10, 2008, 2:38pm

are you saying?

use

				$query_s = "SELECT fin FROM allow WHERE fin = '$fin'";
				$result_s = mysql_fetch_assoc($query_s) OR die("Sorry, unable to select record: " . mysql_error());

instead of:

				$query_s = "SELECT fin FROM allow WHERE fin = '$fin'";
				$result_s = mysql_query($query_s) OR die("Sorry, unable to select record: " . mysql_error());
				$record = mysql_fetch_assoc($result_s);

Sincerely,
Christopher

Zyppora · January 10, 2008, 3:01pm

I’m saying the second part of the code you typed up. mysql_query() should ALWAYS be in there to make sure you actually execute the query against the database.