A simple code that inserts a list of teams in select box. I would like to set SELECTED team with a id , that is in HREF
http://localhost/teams.php?id=7&years=2011&cups=8
<?php
$query = "select distinct t.team_id,t.team from teams t,years y,cups c where t.team_id=c.team_id and y.year_id=$_GET[years] and c.cup_id=$_GET[cups] ORDER BY t.team ASC";
$res = mysql_query($query);
$option = '';
while($row = mysql_fetch_assoc($res))
{
$option .= '<option value = "'.$row['team_id'].'">'.$row['team'].'</option>';
}
?>
<form>
<select id="tteam" name="team">
<?php echo $option; ?>
</select>
</form>
The problem is that I set team_id=$_GET[id], it shows only one team. I want the team=7 to be selected, but others still be showing in select box
1st of all, NEVER EVER insert raw data into an SQL query. You are asking for SQL injections. Secondly, you're missing quotes around your $_GET variables, for example, in your SQL query, you currently access id by using $_GET[id]
. This won't work, encapsulate id
in quotes, like $_GET['id']
. Thirdly, ESCAPE your data!!
mysql_*
functions are now deprecated. You shouldn't be using them in new code. Instead, look into PDO or MySQLi functionality. Also look into prepared queries.
This should be your code:
<?php
$years = mysql_real_escape_string($_GET['years']);
$cups = mysql_real_escape_string($_GET['cups']);
$query = "SELECT distinct t.team_id, vt.team
FROM teams t,years y,cups c
WHERE t.team_id = c.team_id
AND y.year_id = '{$years}'
AND c.cup_id = '{$cups}'
ORDER BY t.team ASC";
$res = mysql_query($query);
$option = '';
while($row = mysql_fetch_assoc($res))
{
// The line below specifies whether the option should be selected.
$selected = $row['team_id']==$_GET['id'] ? 'selected="selected"' : '';
$option .= '<option ' . $selected . ' value= "' . $row['team_id'] . '">' . $row['team'] . '</option>';
}
?>
<form>
<select id="tteam" name="team">
<?php echo $option; ?>
</select>
</form>
Please be aware that you're vulnerable to SQL injections. See: How can I prevent SQL injection in PHP?
With that said, you need to use a conditional statement that compares $row["team_id"]
with $_GET["ID"]
.
while($row = mysql_fetch_assoc($res))
{
if($row["team_id"] == $_GET["ID"])
$option .= '<option value = "'.$row['team_id'].'" selected="selected">'.$row['team'].'</option>';
else
$option .= '<option value = "'.$row['team_id'].'">'.$row['team'].'</option>';
}
while($row = mysql_fetch_assoc($res))
{
$option .= '<option value = "'.$row['team_id'].'" '.($row['team'] == 7 ? 'selected="selected"': '').'>'.$row['team'].'</option>';
}
Compare your id from $_GET with $row['team_id'].
while($row = mysql_fetch_assoc($res))
{
if($row['team_id'] == $_GET["id"])
$option .= '<option value = "'.$row['team_id'].'" selected="selected">'.$row['team'].'</option>';
else
$option .= '<option value = "'.$row['team_id'].'">'.$row['team'].'</option>';
}
I'll just focus on the loop part:
while($row = mysql_fetch_assoc($res))
{
$selected = (isset($_GET['team_id']) && $row['team_id'] == $_GET['team_id']) ? 'selected' : '';
$option .= '<option value = "'.$row['team_id'].'" selected="'. $selected .'">'.$row['team'].'</option>';
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.