I have an HTML form with checkboxes. Based on the checkboxes that are selected I'm trying to contentate a query string so the select checkboxes are inserted in an IN clause in my SQL statement. I'm recieving an error that is telling me something is wrong with my sql statement. Below is my HTML code for my form:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="checkbox" value="RX-87447" name="box[]"/>
<label>RX-87447</label><br/>
<input type="checkbox" value="LD-52033" name="box[]"/>
<label>LD-52033</label><br/>
<input type="checkbox" value="HY-50242" name="box[]"/>
<label>HY-50242</label><br/>
<input type="checkbox" value="SD-45809" name="box[]"/>
<label>SD-45809</label><br/>
<input type="checkbox" value="DR-20233" name="box[]"/>
<label>DR-20233</label><br/>
<input type="checkbox" value="AS-28148" name="box[]"/>
<label>AS-28148</label><br/>
<input type="checkbox" value="ZT-77733" name="box[]"/>
<label>ZT-77733</label><br/><br/>
<input name="submit" type="submit" value="Submit" />
</form>
The following PHP Code loops through the array and gives me the desired results:
$PI = 3;
$county1 = 1100;
if(isset($_POST['submit']))
{
$box=$_POST['box'];
$_SESSION['box_array'] = $box;
$box1 = $_SESSION['box_array'];
while(list($key, $value) = each($box1))
{
echo "'" . $value . "'";
for($j = 0; ($j < 1) && ($i < count($box1) - 1); $j++)
{
echo ", ";
}
$i = $i + 1 ;
}
Output of above code after selecting some checkboxes. In an attempt to troubleshoot my problem I wanted to make sure that my loop ran OK:
'RX-87447', 'LD-52033', 'HY-50242', 'SD-45809', 'DR-20233'
My goal is to place the above into a query string. The below is my attempt to do so and something is wrong with my SQL statement. I'm assuming the error is coming from concatenating:
$msg5 = '';
$PI = 3;
$county1 = 1100;
if(isset($_POST['submit']))
{
$box=$_POST['box'];
$_SESSION['box_array'] = $box;
$box1 = $_SESSION['box_array'];
db_connect();
$query3 = "SELECT lc.id, cs.ProgramType, lc.FKcountyID, tblc.fkStateCounty, lc.FKloginID, lf.usernameFirm, fi.firm_name, u.FKloginID, u.CredentialCodeFirm, u.CredentialNumber, u.CredentialName, cs.credentialTitle, cs.FKstateID
FROM login_county lc, loginfirm lf, firm_info fi, upload u, credential_state cs, tblcounty tblc
WHERE lf.PKloginFirmID = lc.FKloginID
AND fi.fk_firm_id = lc.FKloginID
AND u.FKloginID = lc.FKloginID
AND u.CredentialCodeFirm = cs.credentialTitle
AND tblc.pkCountyId = lc.FKcountyID
AND (cs.FKstateID = 52 OR tblc.fkStateCounty = 52 OR (tblc.fkStateCounty = cs.FKstateID))
AND cs.credentialTitle IN ('{$box1}')AND lc.FKcountyID IN (";
$i = 0;
while(list($key, $value) = each($box1))
{
$query3 .= "'" . $value . "'";
for($j = 0; ($j < 1) && ($i < count($box1) - 1); $j++)
{
$query3 .= ", ";
}
$i = $i + 1 ;
}
$query3 .= ")AND lc.FKcountyID IN ('{$county1}', 3127)";
$query3 .= "AND cs.ProgramType = '{$PI}'";
$result = mysql_query($query) or die("Something is Wrong with your SQL statement");
while ($row = mysql_fetch_array($result))
{
$FirmName = $row['firm_name'];
$msg5 .= $FirmName . '<br/>';
}
}
PLEASE HELP!