I have a HTML table that gets populated with values retrieved from the connected database table 'Attendance' on page load with the session UserID of who's logged in.
To adjust this table, I'm using a collection of filters created with<form>
and inputs as such:
For Workspace No. it takes all the Workspace number's in the file and lists them as options in the dropdown so they are pre-populated values. The attendance checkboxes correlate to a checkbox with a value of 1 for Present and 0 for Late
So far I have only the filters for ID search and the Workspace No. written out but I'm unsure if this is the way to go as the SQL query will still have theWHERE ... WorkID = ?
even if there has been no selection made for Workspace No. rather than being omitted from the query?
$('.apply').click(function () {
if ($('#idSearch')[0].checkValidity()){ #checks if the form is valid
$('#idSearch').submit();
}
if ($('#chosenWork') != ""){
$('#WorkIDSearch').submit(); #submits the form to POST the Workspace No.
}
});
...
include("config.php");
if (isset($_POST['reqID'])){ #checks if the ID search input field (reqID) has been submitted
$userid = $_POST['reqID'];
} else{
$userid = $_SESSION['sess_user_id'];
}
if (isset($_POST['chosenWork'])){ #checks if the dropdown for Workspace Number (chosenWork) has been selected
$chosenwork = $_POST['chosenWork'];
}
if (isset($_POST['chosenWork']) && isset($_POST['reqID'])){ #checks if both are selected
$chosenwork = $_POST['chosenWork'];
$userid = $_POST['reqID'];
}
$stmt = $conn->prepare("SELECT Number, ID, Date, Log_Time, WorkID, Att_Type FROM Attendance WHERE ID = ? AND WorkID = ?";
$stmt->bindParam("ii", $userid, $chosenwork);
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
My desired output is that any of these filters can be applied independently or combined to adjust the WHERE clause of the SQL query.
You can try it this way:
$query = "SELECT Number, ID, Date, Log_Time, WorkID, Att_Type FROM Attendance";
$chosenwork = null;
if (isset($_POST['reqID'])){ #checks if the ID search input field (reqID) has been submitted
$userid = $_POST['reqID'];
$query .= " WHERE ID = ?";
} else{
$userid = $_SESSION['sess_user_id'];
$query .= " WHERE ID = ?";
}
if (isset($_POST['chosenWork'])){ #checks if the dropdown for Workspace Number (chosenWork) has been selected
$chosenwork = $_POST['chosenWork'];
$query .= " WorkID = ?";
}
if (isset($_POST['chosenWork']) && isset($_POST['reqID'])){ #checks if both are selected
$chosenwork = $_POST['chosenWork'];
$userid = $_POST['reqID'];
$query = "SELECT Number, ID, Date, Log_Time, WorkID, Att_Type FROM Attendance WHERE ID = ? AND WorkID = ?";
}
$query .= ";";
$stmt = $conn->prepare($query);
(isset($userid)) ?? $stmt->bind_param("i", $userid);
(isset($chosenwork)) ?? $stmt->bind_param("i", $chosenwork);
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
It is hard to help debug without more info, but several things I noticed:
Looking at the error, it says the problem is either syntax but it could be the result of an old version. Have you checked your sql version? Prepared statements were introduced in v4.1.
You haven't shown your html or js validation, but since you are telling sql to expect integers, are you absolutely sure your variables are integers? To be sure, add a 0 to $userid and $chosenwork (e.g.$userid = $userid + 0;
) before binding them
For security, validating posted form data should be done on the server not client -- it is trivial to circumvent client-side js validation
The null coalescing operators in Serghei Leonardo's answer will only work if you are using php7 or higher. Also, I am not familiar with his usage of it so I may be wrong, but it looks to me it will return $userid and $chosenwork if they are set and only bind ifisset($userid)
orisset($chosenwork)
are null (i.e. if $userid or $chosenwork are null), which would be backwards from what you want. See another explanation here. This might not work, but try changing it to:
(!isset($userid) ?? $stmt->bind_param("i", $userid));
(!isset($chosenwork) ?? $stmt->bind_param("i", $chosenwork));
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Find the answer in similar questions on our website.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/
JavaScript is a multi-paradigm language that supports event-driven, functional, and mandatory (including object-oriented and prototype-based) programming types. Originally JavaScript was only used on the client side. JavaScript is now still used as a server-side programming language. To summarize, we can say that JavaScript is the language of the Internet.
https://www.javascript.com/
HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet.
Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone.
https://www.w3.org/html/
Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.