A: 

That is because in php you get what is in the "value" attribute of the dropdown's options. You need to do something like this:

Replace

echo "<option value=$row[style]>$row[style] $row[color]</option><br />";

with

echo "<option value=\"$row[style] $row[color]\">$row[style] $row[color]</option><br />";
cambraca  2010-10-25 04:19:41
Thank you cambrac, it still gives me first word. My $row['style'] itself is more than one word. So even if I only use $row['style'] in the value attribute, it should still be more than one word. But it's giving me just the first word, please help again ...
Ottoman  2010-10-25 04:37:21
Did you make sure you enclosed it in quotation marks? That's why I put the 2 \". Also, it would be best if you ran it through htmlspecialchars too so if there are quotation marks inside the string, it will not break the html.
cambraca  2010-10-25 04:39:05
I used echo "<option value=\"" . htmlentities($row['style']) . "\">" . strval($row['style']) . "</option>" . "<br />"; and it's working now. But I would like to take the advises of you guys and modify my db to put proper use of primary id :) As I type these comments, i think I've come to understand what Steve and Phil meant by primary key id as the value for the value attribute. Marvo! Thank you so much! And thanks to Phil for pointing out that a fix here is a temporary fix, the long term solution lies in the primary key id :) Thank you guys so much!
Ottoman  2010-10-25 05:33:14
A: 

The problem is your lack of quotes in the option "echo" statement.

Try something like this

while($row = mysql_fetch_array($result))
{
    printf('<option value="%s">%s %s</option>',
           htmlspecialchars($row['style']),
           htmlspecialchars($row['style']),
           htmlspecialchars($row['color']));
}

Note also, the <br> element does not belong in the <select>

Edit: Added htmlspecialchars to properly escape any HTML entities that might exist in retrieved strings

Phil Brown  2010-10-25 04:21:30
Thank you Phil, it still gives me first word. My $row['style'] itself is more than one word. So even if I only use $row['style'] in the value attribute, it's still more than one words. But it's giving me just the first word, please help again ...
Ottoman  2010-10-25 04:37:57
Paste in the rendered HTML for the list of `<option>` elements. Also, see Steve's answer regarding primary keys as these would be much easier to use for item lookups.
Phil Brown  2010-10-25 04:49:01
+3  A: 

This still applies from my previous post:

//====== Begin previous post

Hopefully, your MYSQL database has a primary key? If it does, set the value of each <option> to the primary key of the item.

For example:

SQL

id  desc
1   "dressmaker thing with mannequin"
2   "dressmaker thing no mannequin"

Form PHP

echo "<option value='".$query['id']."'>".$query['desc']."</option>";

When the form is submitted, re-query the database for the desired description. You'll be doing this re-query anyway to retrieve prices and such, yes?

The reason this is happening is that spaces are discouraged in HTML attributes. You shouldn't have an attribute like value='this attribute is spaced'.

//====== End previous post

Basically, change this line:

while($row = mysql_fetch_array($result))
{
echo "<option value=$row[style]>$row[style] $row[color]</option><br />";    
}

to

while($row = mysql_fetch_array($result))
{
echo "<option value='".$row['id']."'>$row['style'] $row['color']</option><br />";    
}

and add this in process_form.php to get the description:

$desc = mysql_query("SELECT style FROM products WHERE id='".$_POST['item']."';");

You can also use this to get all other related info from the DB right when you need it.

// Another edit

@Cambraca - right on - I forgot to sanitize the quote.

@Ottoman - Your solution is a temporary fix. I strongly recommend applying an id/primary key system if it's not in place. An ounce of prevention is worth a pound of cure.

Steve  2010-10-25 04:35:00
Good answer, it's only missing mysql_real_escape_string so it avoids sql injection. So something like: $desc = mysql_query("SELECT style FROM products WHERE id='".mysql_real_escape_string($_POST['item'])."';");
cambraca  2010-10-25 04:49:10
A: 

If it gives you only the first word, then you forgot to enclose the option value="with quotes". Otherwise show us the constructed HTML source.

mario  2010-10-25 04:41:02

related questions

Autosizing Textarea
Regular expression for parsing links from a webpage?
What are good tools for creating compiled HTML help files (.chm)?
Looking for WYSIWYG HTML editor
Any reason not to start using the HTML 5 doctype?
HTML comments break down
HTML Comments Markup
Setting a div's height in HTML with CSS
Wrapping lists into columns
Is a "Confirm Email" input good practice when user changes email address?
<XMP> Tag
HTML version choice
Options for HTML scraping?
How do you disable browser Autocomplete on web form field / input tag?
How do I make a checkbox toggle from clicking on the text label as well?
Html CSS Editor
Wordpress theme development offline tools
How do I give my web sites an icon for iPhone?
In HTML, how to word-break on a dash?
Detecting font in JavaScript
How do you test layout design across multiple browsers/OSs?
How do I print an HTML document from a web service?
Multiple submit buttons on a HTML form
How can I determine a web user's time zone?
Why doesn't the percentage width child in absolutely positioned parent work in IE7?