1
echo "<form method='POST' action=''><br>";
$query = mysql_query("set names 'utf8'");
$query = mysql_query("
  SELECT * FROM pages WHERE user_id = '$_SESSION[user_id]'
") or die(mysql_error());

while($pagek = mysql_fetch_array($query)) {
  $name = $pagek['page_name'];
  $pageid = $pagek['page_id'];
  echo '<input type="checkbox" name="page_ids[]" value="'.$pageid.'">'
      .$name
      ."<br>";
}

echo "<br>
      <input type='submit'
             value='Adatok frissítése'
             name ='adat'
             class='button small radius center black'
      >";
echo "</form>";

foreach($_POST['page_ids'] as $page){
  if ($page){
    mysql_query("
      UPDATE pages
      SET    page_value = '0'
      WHERE  user_id = '$_SESSION[user_id]'
    ");
    mysql_query("
      UPDATE pages
      SET    page_value = '1'
      WHERE  user_id = '$_SESSION[user_id]'
         AND page_id = '$page'
    ");
  }
}

I like, then if Which checkbox is checked this mysql update 1, and more than 0.

This code is not good, here in only a site update on getting the rest are zero, and you can always choose a site

marc_s
  • 675,133
  • 158
  • 1,253
  • 1,388
Steven Sze
  • 19
  • 2
  • 8

4 Answers4

3

First!

Please, don't use mysql_* functions in new code. They are no longer maintained and are officially deprecated. See the red box? Learn about prepared statements instead, and use PDO or MySQLi - this article will help you decide which. If you choose PDO, here is a good tutorial.

Seriously, your code contains a serious vulnerability called SQL Injection. If you don't fix it, your website can and will be compromised very easily.

Unchecked checkboxes do not get submitted at all. So basically, your server won't see anything.

To take that into account, what you should do is to set it to 0 by default, unconditionally, and then, if the checkbox was checked, set it to 1.

Yes, it does require you to possible do 2 queries in a request, but it's the only way to ensure you get the result you need.

Zoe
  • 23,712
  • 16
  • 99
  • 132
Madara's Ghost
  • 158,961
  • 49
  • 244
  • 292
  • 1
    And what about: `isset($_POST['checkbox'])` instead? Combined with prepared statements this will safely return the desired value: 1 if it's checked and 0 if it isn't. – STT LCU Jul 24 '13 at 09:00
  • @STTLCU: Sure. but if you noticed, he has *multiple* checkboxes, so setting all the fields to 0, and then setting them to one on a one-by-one basis is feasible. And in my opinion, still the best solution. – Madara's Ghost Jul 24 '13 at 09:02
  • if(isset($_POST['checkbox'])){ mysql_query("UPDATE pages SET page_value = '1' WHERE user_id = {$_SESSION['user_id']} AND page_id = '$page'"); } else{ mysql_query("UPDATE pages SET page_value = '0' WHERE user_id = {$_SESSION['user_id']} AND page_id = '$page'"); } So not working, just 1 positions update, with 0 does not address – Steven Sze Jul 24 '13 at 09:12
3

You could use isset() to see if the checkbox has been checked.

if(isset($_POST['checkbox']))
{
    $update = 1;
}
else
{
    $update = 0;
}

Then add $update to your query. Hope this helps.

Pooshonk
  • 1,216
  • 2
  • 20
  • 47
0

Try $_SESSION vars like:

UPDATE pages SET page_value = '0' WHERE user_id = {$_SESSION['user_id']}
UPDATE pages SET page_value = '1' WHERE user_id = {$_SESSION['user_id']} AND page_id = '$page'

Use mysql_real_escape_string for more security:

$pages = mysql_real_escape_string(serialize($_POST['page_ids']));

foreach($pages as $page) {
   // action
}
Bora
  • 9,846
  • 4
  • 39
  • 66
  • Sorry, it is array. Now array is serialized. Try now. You must not use mysql_real_escape_string, it is just more secure – Bora Jul 24 '13 at 09:13
  • So no good whatever I choose to only 1 to update to a 0 for some reason does not get it – Steven Sze Jul 24 '13 at 09:17
  • Did you get any error? Or pages column affected? `var_dump($_POST['page_ids']);` and `var_dump($_SESSION);` please – Bora Jul 24 '13 at 09:22
  • I get an error, I did what you asked and the session is for the POST has a value, so you can not go wrong with – Steven Sze Jul 24 '13 at 09:30
  • good location for update query, and only if the checkbox is not selected, then the page does not update 0 – Steven Sze Jul 24 '13 at 09:32
0

Solve the task in the right solution:

  echo "<form method='POST' action=''><br>";
    $query = mysql_query("set names 'utf8'");
    $query = mysql_query("SELECT * FROM pages WHERE user_id = '$_SESSION[user_id]'  ") or die(mysql_error());
    if(mysql_num_rows($query) == 0) {
            echo "<tr><td colspan=\"3\">Nincs megjeleníthető Facebook oldalad! Kérlek jelentkezz be az FB Login menüpont alatt!</td></tr>";
        } else {
            echo "<u>Kérem válassza ki melyik oldalaira szeretne képet feltölteni!</u><br><br><br>";

            while($pagek = mysql_fetch_array($query)) {
                $name = $pagek['page_name'];
                $pageid = $pagek['page_id'];
                 echo '<input type="checkbox" name="page_ids[]" value="'.$pageid.'">'.$name."<br>"; 

                                            }           

            echo "<br><input type='submit' value='Adatok frissítése' name ='adat' class='button small radius center black'>";


            echo"</form>";




            if($_POST['adat']){
            mysql_query("UPDATE pages SET page_value = '0' WHERE user_id = '$_SESSION[user_id]' ");


            foreach($_POST['page_ids'] as $page){
                $pa = $page;

                    if ($pa){
                        mysql_query("UPDATE pages SET page_value = '1' WHERE user_id = '$_SESSION[user_id]'  AND page_id = '$page'  ");
                            }

                                                }   
                            }

                        }
                        }
marc_s
  • 675,133
  • 158
  • 1,253
  • 1,388
Steven Sze
  • 19
  • 2
  • 8