WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Dropdown list & MySQL Query (10 posts)

  1. _OMEGA_
    Member
    Posted 4 years ago #

    Hi I'm trying to create a form with a dropdown list where I can select a custom field of search.
    It's embedded in a plugin that I'm developing, I have some values in my database and I want to display the results using a custom field (using a PHP form) from the objects in the database, so I wrote....
    This is the PHP form:

    <form method="get" id="plants" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    			    Kind of plants:<br />
    				<select name="id_plants">
    				<option value=""></option>
    				<option value="tree">Trees</option>
    				<option value="shrub">Shrubs</option>
    				<option value="bush">Bushes</option></select>
                    <br />
                    <input type="submit" value="View">
        			</form>

    And this is the query:
    $myplants = $wpdb->get_results("SELECT * FROM plants_table WHERE id_plants = '".$_GET['id_plants']."'");
    Unfortunatelly when I press "View" it returns to the homepage.
    The PHP Form and the database query are in the same file and in the same function.
    Any hints?

  2. _OMEGA_
    Member
    Posted 4 years ago #

    up

  3. kurosquare
    Member
    Posted 4 years ago #

    $myplants = $wpdb->get_results("SELECT * FROM plants_table WHERE id_plants = '".$_GET['id_plants']."'");

    This code may be used for SQL Injection attacks...

  4. _OMEGA_
    Member
    Posted 4 years ago #

    So if I was wrong how can I create the PHP form and the SQL query?
    I'm stuck there from 1 week and I'm going crazy :(

  5. kurosquare
    Member
    Posted 4 years ago #

    Be cool.

    Try this plugin for you. It adds a html-form to each content for test.

    <?php
    /*
    Plugin Name: Plants
    Plugin URI: http://www.example.com/
    Description: get a name of plants
    Author: ?
    Version: 0.00
    Author URI: http://www.example.com/
    */
    
    add_filter('the_content','show_list_plants');
    add_filter('the_content','get_plants');
    
    function get_plants($content){
    	if(isset($_GET['id_plants'])){
    		$id_plants = mysql_real_escape_string($_GET['id_plants']);
    		$myplants = $wpdb->get_results("SELECT * FROM plants_table WHERE id_plants = '".$id_plants."'");
    		/* $myplants = $id_plants; //for debug */
    		$content .= $myplants;
    	}
    	return $content;
    }
    
    function show_list_plants($content){
    	$html .= '<form method="get" id="plants" action="'.get_bloginfo('url').'">';
    	$html .= <<<EOS
    	<p>Kind of plants:<br />
    	<select name="id_plants">
    		<option value=""></option>
    		<option value="tree">Trees</option>
    		<option value="shrub">Shrubs</option>
    		<option value="bush">Bushes</option>
    	</select>
    	<br />
    	<input type="submit" value="View"></p>
    </form>
    EOS;
    	return $content.$html;
    }
    ?>
  6. _OMEGA_
    Member
    Posted 4 years ago #

    Cool thank you, I'll try!

  7. _OMEGA_
    Member
    Posted 4 years ago #

    Thank you for the code but unfortunatelly I'm going crazy to modify and apply it to my case.

    Maybe I'm wrong but the code you gave me put the PHP form in every page.

    I've created a dedicated page for the plugin and I don't understand why if I select for example "Bushes" from the list and the address link is modified like the following:
    http://mylink/mydedicatedpage/?id_plants=Bushes

    instead of having the same page with the result I have the homepage.

  8. _OMEGA_
    Member
    Posted 4 years ago #

    This is my entire function that has to be:

    <?
    
    		  function display()
              {
    
    			  global $wpdb;
    			  $wpdbtest = new wpdb('DB_USERNAME', 'DB_PASSWORD', 'DB_NAME', 'localhost');
    			  $wpdbtest->show_errors();			
    
    ?>
    				<form method="get">
    			    Kind of plants:<br />
    				<select name="id_plants">
                        <option value=""></option>
                        <option value="tree">Trees</option>
                        <option value="shrub">Shrubs</option>
                        <option value="bush">Bushes</option></select>
                    <br />
                    <input type="submit" value="View">
        			</form>
    
    <?php
    
    			  	$myplants = $wpdbtest->get_results("SELECT *
    															FROM plants_table
    															WHERE id_plants = '".$_GET['id_plants']."'");
    
    					foreach ($myplants as $myplant) {
    					  echo $myplant->id_category, '<br />';
    					  echo $myplant->id_name, '<br />';
    // escape from PHP ... ?>
    
    						<img src="../plants/wp-content/plugins/plants_plugin/plants_images/uploads/<? echo $myplant->id_image; ?>" width="250px" height="356px"">
                            <br /><br />
    
    <? // starting up PHP again...
    			  		}
              }
    
    ?>

    when I press the "View" button it sends me to the homepage with this address (for example if I choose Bishes):

    http://mylink/mydedicatedpage/?id_plants=Bushes

    So it doesn't work, need help!! :'(

  9. _OMEGA_
    Member
    Posted 4 years ago #

    Any help?
    Please it's driving me crazy!!

  10. _OMEGA_
    Member
    Posted 4 years ago #

    Hello??

    Please I need help, I can fix this problem!
    I don't think that anyone can answer to this question....

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.