0

I have a dynamic form that populates a questionnaire rating scale from information saved in my database. Each rating consists of a "selection" and a "definition". A scale can consists of any number or ratings. Here is an example of a 5 rating scale:

Strongly Agree = I strongly agree with this statement.
Agree = I agree with this statement.
Neither Agree nor Disagree = I neither agree nor disagree with this statement.
Disagree = I disagree with this statement.
Strongly Disagree = I strongly disagree with this statement.

Once the form is populated, the user can edit any of the selections or definitions. My form populates just fine, but I cannot figure out how to correctly populate the POST data into an array if the user submits a change or use that array to edit the information in my database.

Here is my PHP:

if(isset($_POST['submit'])){
    $fields = "";
    $values = "";

    foreach($_POST as $key => $value) {
        $fields = mysql_real_escape_string($key);
        $values = mysql_real_escape_string($value);
        $entry .= "[". $fields . "=" . $values . "]";

        //Here is the start of the query that I'm building
        //$query = mysql_query("UPDATE `pd_selections` SET `pd_selection` = '  ', `pd_definition` = '  ' WHERE `pd_selection_id` = '$pd_selection_id' ") or die(mysql_error());

    }
}

If I echo the "entry" variable, this is what I receive:

[selection_for_1=Strongly Agree][definition_for_1=I strongly agree with this statement.][selection_for_2=Agree][definition_for_2=I agree with this statement.]

How do I pull the selection and the definition out of the array for each rating?

How is that used to update the database?

Am I even on the right track...LOL!?

Thank you very much for any help you can provide.

4

1 回答 1

0

For security purpose you should keep a list of keys you would accept to prevent the user from modifying it, this will keep people from adding non valid data to your form as well as keeping out fields you may not want.

Create an array for selection another for definition, and use it to store the key/value while checking for valid fields:

$accept = array('selection_for_1', 'definition_for_1',
                'selection_for_2', 'definition_for_2');
$selection = array();
$definition = array();
foreach ($_POST as $key => $value)
{
    // if not valid go to next field/value
    if(!in_array($key, $accept))
        continue;

    // if start with selection save to $selection array
    // otherwise to definition array
    if (strpos($key, 'selection') !== false)
    {
        $selection[] = mysql_real_escape_string($value);
    }
    else
    {
        $definition[] = mysql_real_escape_string($value);
    }
}

// count one of the array to select the paired fields 
// and insert or update into database
$total = count($definition);
for ($i=0; $i < $total; $i++)
{
    // Update query for the paired selection and definition
    $query = mysql_query("UPDATE pd_selections 
                             SET pd_selection = '{$selection[$i]}', 
                                 pd_definition = '{$definition[$i]}'
                           WHERE pd_selection_id = '{$pd_selection_id}'")
    or echo("Could not insert or update selection '{$selection[$i]}', definition '{$definition[$i]}', failed with error:", mysql_error());
}

Live DEMO.

于 2013-08-10T16:41:34.560 回答