Problem passing variables in php form.

Question

I have the following php form.

I am trying to make it so that when the form is loaded, the values will be assigned the appropriate check- variable. This variable will contain either "checked or "". If it contains checked, the way it is displayed with the html should cause the relevant checkbox to be checked.

As it is, the variables do not seem to be being passed. When I echo out $deleted or $notice from within the submitinfo branch, they are blank. Furthermore, nothing is being inserted into the database, and I am not getting any database error. How can I check this?

<?php
if (isset($_GET["cmd"]))
  $cmd = $_GET["cmd"]; else
if (isset($_POST["cmd"]))
  $cmd = $_POST["cmd"]; else
die("Invalid URL");
if (isset($_GET["pk"])) {
    $pk = $_GET["pk"];
}
if (isset($_POST["deleted"])) {
    $deleted = $_POST["deleted"];
}
if (isset($_POST["notice"])) {
    $notice = $_POST["notice"];
}
$con = mysqli_connect("localhost","user","password", "db");
if (!$con) {
    echo "Can't connect to MySQL Server. Errorcode: %s\n". mysqli_connect_error();
    exit;
}
$con->set_charset("utf8");
$getformdata = $con->query("select * from STATUS where ARTICLE_NO = '$pk'");
$checkDeleted = "";
$checkNotice = "";
while ($row = mysqli_fetch_assoc($getformdata)) {
    $checkDeleted = $row['deleted'];
    $checkNotice = $row['notice'];
}
if($cmd=="submitinfo") {
    $statusQuery = "INSERT INTO STATUS VALUES (?, ?)";
    if ($statusInfo = $con->prepare($statusQuery)) {
     $statusInfo->bind_param("ss", $deleted, $notice);
     $statusInfo->execute();
     $statusInfo->close();
     echo "true";
    } else {
     echo "false";
    }
    print_r($con->error);
}
if($cmd=="EditStatusData") {
    echo "<form name=\"statusForm\" action=\"test.php\" method=\"post\" enctype=\"multipart/form-data\">
<h1>Editing information for auction: ".$pk."</h1>
Löschung Ebay:
<input type=\"checkbox\" name=\"deleted\" value=\"checked\" ".$checkDeleted." />
<br />
Abmahnung:
<input type=\"checkbox\" name=\"notice\"  value=\"checked\" ".$checkNotice."  />
<br />
<input type=\"hidden\" name=\"cmd\" value=\"submitinfo\" />
<input name=\"Submit\" type=\"submit\" value=\"submit\" />
</form>";
} else {
    print_r($con->error);
}

Answer 1

About checking the errors check the web server logs or make sure php is displaying errors in your php.ini.

Are you POSTing to the web page? $deleted and $notice will only be set on POST requests.

Answer 2

IIRC, if the value of the input type "checkbox" is an empty string, it will not be checked. If it is anything else it will be checked. As it looks there, the value will always be "checked".

Answer 3

I'm not sure I follow your code...

Your HTML has:

value="checked"

Which means that if the user checks the box and uploads the form, it will give that field a value of "checked" (as opposed to a value of, say, "Male").

Since you only have those as the values, then there would never be anything inserted into the table as "unchecked", also, your input field has the unchecked and checked DB output just sitting there without any attribute assigned to it... Is that intentional? Is that build into the DB value, otherwise you have something to the effect of:

 <input type="checkbox" name="notice" value="checked" "Foo" />

Which would not really do much of anything, at least nothing helpful.

Lastly, in your result fetch, if I'm reading it right, you have:

$checkedValue = $row['checked'];

This means that if you have multiple results, you are only assigning the last row that value, so if you did have, for whatever reason, a blank row at the bottom, this would give you blank variables and no error. Did you mean to assign that to an array, perhaps? Or at least do a check on the result count, like mysql_num_rows(), so that you can confirm that it is only the first row (or only one row, even). You could even add a failsafe and have it end the while loop after one iteration, just in case.

Oh, one last thing, your code will be much cleaner and easier to write and read if you use Heredoc syntax aka EOD. With this, you won't have to comment out all of your double quotes and you can still user variables inline.

Answer 4

Easy answer for the form submission side is include a hidden input before each checkbox with the same name and a value of "unchecked". The checkbox will overwrite the value of the hidden input only if checked.

<input type="hidden" name="notice" value="unchecked" />
<input type="checkbox" name="notice" value="checked" />

That way you always have a value for $_POST['notice'].

For the validation error mentioned above and setting the checked status of the checkbox. According to the w3c standards for xhtml the attribute "checked" needs to have a value, in this case also "checked.

<?php

while ($row = mysqli_fetch_assoc($getformdata)) {
    $checkDeleted = ($row['deleted'] == 'checked') 
        ? 'checked="' . $row['deleted'] . '"' 
        : '';
    $checkNotice = ($row['notice'] == 'checked') 
        ? 'checked="' . $row['notice'] . '"' 
        : '';
}
?>

Now your attribute "checked" will conform to the standard