Checkbox Loop in PHP #2

Question

nsandberg 0 Newbie Poster

10 Years Ago

A few years ago I posted this: http://www.daniweb.com/web-development/php/threads/300959/checkbox-loop-in-php

Looking for some help. I got the help that I needed and finished my project days after I got help. After using the PHP script for two+ years just last week an error started popping up. I never had a single issue until just last week. No coding changes have taken place during that time.

Let me explain what this program does if you cannot tell by the code. The script lists all students in the database for a teacher to type in the details of an assignment and then select the students that need to complete the assignment. The script goes through and finds the students who have been checked and adds them to another table in the MySQL database. We have 294 students thus 294 rows in the MySQL table "student". All students who are in rows 1-250 work fine and there is no issue. Once I go to add a student that is in rows 251-294 I get the error below and they are not added to the other table.

I am at a complete loss as to why this started happening. The only thing that came to mind is that my server updated their MySQL/PHP version and it cause a function that I am using to become deprecated but I do not know. I am not a PHP expert.

**
Error: Warning: Invalid argument supplied for foreach() in /home/nathansa/public_html/tillamookjrhigh.com/missinglist/modules/add_assignment.php on line 131**

Code:

<?php

/*
add_assignment.php - A component of AssignmentTracker

Copyright (©) 2009 Nathan Sandberg - <>


    AssignmentTracker is free software: you can eedistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    AssignmentTracker is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with AssignmentTracker.  If not, see <http://www.gnu.org/licenses/>.

For more information contact:
Nathan Sandberg <>
3
T
(
*/

//Design Notes

//Global Variables
global $_MISSING;
global $_USER;

//Includes
include("../functions/common.php");
include("../include/global.php");




//Database Connection
mysql_connect($_MISSING['db_host'], $_MISSING['db_username'], $_MISSING['db_password']) or die(mysql_error());
@mysql_select_db($_MISSING['db_database']) or die(mysql_error());

if (!$user_id) include("login.php");


print("<title>" . $_MISSING['organization'] . " - " . $_MISSING['html_title'] . " / Add Assignment" . "</title>");
print("<link rel=\"stylesheet\" href=\"../css/style.css\" title=\"style.css\" type=\"text/css\">");


$sql="SELECT * FROM student ORDER BY lastName";
$result=mysql_query($sql);


$count=mysql_num_rows($result);

?>


<form action="<?=$_SERVER['PHP_SELF']?>" method="post">

<p>Enter New Assignment</p>
<p><b>Subject/Teacher:</b> <input name="subject" type="text" id="subject"value="" size="50"></p>
<p><b>Description:</b> <input name="description" type="text" id="description" value="" size="100"></p>


<input type="submit" name="Submit" value="Submit" /> <input type="reset" value="Cancel" onclick="window.location.href = '../index.php';" />
<div class="table">
<!-- New Code using <table> for the table. -->
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td><form name="form1" method="post" action="">
<table width="750" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">

<tr>
<td align="center" bgcolor="#FFFFFF"></td>
<td align="center" bgcolor="#FFFFFF"><strong>Last Name</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>First Name</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>AP</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>2nd</strong></td>
</tr>

<?PHP

$i = 0; 


while($students=mysql_fetch_array($result)){



?>

<tr>
<td align="center" bgcolor="#FFFFFF"><input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $i++; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $students['lastName'];?><input name="lastName[]" type="hidden" id="lastName[]" value="<? echo $students['lastName']; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $students['firstName']; ?><input name="firstName[]" type="hidden" id="firstName[]" value="<? echo $students['firstName']; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $students['AP']; ?><input name="AP[]" type="hidden" id="AP[]" value="<? echo $students['AP']; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $students['second_teacher']; ?><input name="second_teacher[]" type="hidden" id="second_teacher[]" value="<? echo $students['second_teacher']; ?>"></td>

</tr>

<?PHP
}
?>

</table>
</table>
</div>

<?php
// Get values from form 
$lastName=$_POST['lastName'];
$firstName=$_POST['firstName'];
$AP = $_POST['AP'];
$second_teacher = $_POST['second_teacher'];
$description = $_POST['description'];
$subject = $_POST['subject'];
$ID = $checkbox[$i];
$str_date = $_POST['date("m j y")'];


$checkbox=$_POST['checkbox'];


// Check if button name "Submit" is active, do this 
if($_POST['Submit']){

foreach($checkbox as $i){


    $sql2 = "INSERT INTO assignments SET date = CURDATE(), firstName = '$firstName[$i]', lastName = '$lastName[$i]', AP = '$AP[$i]', second_teacher = '$second_teacher[$i]', description = '$description', subject = '$subject'";

//  $sql3 = "INSERT INTO tracking SET date = CURDATE(), firstName = '$firstName[$i]', lastName = '$lastName[$i]'";

    $result2=mysql_query($sql2) or die(mysql_error());
//  $result3=mysql_query($sql3) or die(mysql_error());

}

if($result2){
echo("<p>New Assignments Added</p>");
echo "<meta http-equiv=\"refresh\" content=\"3;URL=../index.php\">";
}
mysql_close();

}


?>

php

Edited 10 Years Ago by nsandberg

2 Contributors
3 Replies
285 Views
1 Day Discussion Span
Latest Post 10 Years Ago Latest Post by diafol

diafol

10 Years Ago

You're aware that you're open to SQL injection as you aren't sanitizing your post data before using in the sql?

ANyway, I can only assume that there is an issue with the foreach() as there's only one checkbox checked, so it is not an array

Try...

$checkbox= (array) $_POST['checkbox'];

The code do with some updating as mysql_* functions are being deprecated. Not sure why you need to globalize the variables either.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

nsandberg 0 Newbie Poster · Answer 1 · 2013-12-24T17:13:13+00:00

That solution did not work completely. I no longer get the error but when "Submit" goes to post the data to the new table it does not post students who are at the end of the list.

The troubling thing for me is that it use to work all until one day it just stopped.

Like I said I am not an expert. I know enough PHP/SQL just to be dangerous.

diafol · Answer 2 · 2013-12-24T23:25:03+00:00

foreach($checkbox as $i){
    $sql2 = "INSERT INTO assignments SET date = CURDATE(), firstName = '$firstName[$i]', lastName = '$lastName[$i]', AP = '$AP[$i]', second_teacher = '$second_teacher[$i]', description = '$description', subject = '$subject'";
    $result2=mysql_query($sql2) or die(mysql_error());
}

Placing array items directly into a string shouldn't work - so I can't see how this used to work for you...

foreach($checkbox as $i){
    $sql2 = "INSERT INTO assignments SET date = CURDATE(), firstName = '{$firstName[$i]}', lastName = '{$lastName[$i]}', AP = '{$AP[$i]}', second_teacher = '{$second_teacher[$i]}', description = '$description', subject = '$subject'";
    $result2=mysql_query($sql2) or die(mysql_error());
}

So you need to 'brace' them ({...}). Also the $i is strange. AFAICS, $i will just give you 'on'. So all those array items in your sql won't exist.

I'm really at a loss as to how this ever worked!