patternphpMinor
Dropdown form that shows data from 2 different tables
Viewed 0 times
tablesdropdowndifferentthatshowsformfromdata
Problem
I am very new to this and am using php and MySQLi to create a form which will create a record in a third table. This works fine but I can't help but think that there is a way to do it with a single query rather than a query for each table as I have now. The third table is called tblcars, and I will use this form to build records for that table by selecting data from these dropdowns.
query($sql);
$results = $conn->query($getclass);
?>
Car Makes
Car Makes
Choose Make
fetch_assoc()) {
echo "";
echo $make['carmake'];
echo "";
}
?>
Choose Class
fetch_assoc()) {
echo "";
echo $class['carclass'];
echo "";
}
?>
Solution
I don't see how you could do this in a single queries, because both queries have nothing to do with each other.
Your code does contain a bit of duplication, but otherwise it looks good to me.
You can simplify your code by introducing a function:
You really only need the first two arguments for the
I also added XSS protection, because with variable data, you can never be sure where it comes from (maybe, in the future you will allow visitors to add makes? Or now that the function is reusable, it will be reused somewhere else with user input? Who knows, and better safe than sorry; it also doesn't add that much overhead).
Misc
Your code does contain a bit of duplication, but otherwise it looks good to me.
You can simplify your code by introducing a function:
query($sql);
$form = '
Choose ' . htmlspecialchars($title, ENT_QUOTES, 'UTF-8') . '';
while($result = $results->fetch_assoc()) {
$form .= '';
$form .= htmlspecialchars($result[$columnShow], ENT_QUOTES, 'UTF-8');
$form .= '';
}
$form .= '';
return $form;
}
require_once 'includes/connection.php';
?>
Car Makes
Car Makes
You really only need the first two arguments for the
createTableSelectForm, but I added the other ones so that the method is more reusable.I also added XSS protection, because with variable data, you can never be sure where it comes from (maybe, in the future you will allow visitors to add makes? Or now that the function is reusable, it will be reused somewhere else with user input? Who knows, and better safe than sorry; it also doesn't add that much overhead).
Misc
- your naming is a bit confusing. The same thing should always have the same name, because it increases readability . But you have
$sqland$getclassfor basically the same thing. The same goes for$resultvs$results(both hold multiple results).$sqlSelectMake/$sqlSelectClassand$resultMakes/$resultClasseswould be better.
Code Snippets
<?php
createTableSelectForm($conn, $table, $columnValue, $columnShow, $title) {
$sql = ("SELECT * FROM " . $table);
$results = $conn->query($sql);
$form = '
<select name="makeID">
<option value="">Choose ' . htmlspecialchars($title, ENT_QUOTES, 'UTF-8') . '</option>';
while($result = $results->fetch_assoc()) {
$form .= '<option value="' . htmlspecialchars($result[$columnValue], ENT_QUOTES, 'UTF-8') . '">';
$form .= htmlspecialchars($result[$columnShow], ENT_QUOTES, 'UTF-8');
$form .= '</option>';
}
$form .= '</select>';
return $form;
}
require_once 'includes/connection.php';
?>
<html>
<head>
<title>Car Makes</title>
</head>
<body>
<h3>Car Makes</h3>
<form action="" method="get">
<?php echo createTableSelectForm($conn, "tblmake", "makeID", "carmake", "Make");
echo createTableSelectForm($conn, "tblclass", "classID", "carclass", "Class"); ?>
<input type="submit" value="Insert">
</form>
</body>
</html>Context
StackExchange Code Review Q#90795, answer score: 3
Revisions (0)
No revisions yet.