...

View Full Version : Problem in mysql statement and if condition



newphpcoder
12-18-2010, 02:34 AM
Good day!

I have code to check if the cloth type is NW or W for the operation name Operation3, Operation4, and Operation5.

NW = AAA, BBB, CCC
W = all cloth that was not belong to NW

Here is the code I want to ask for you if correct and if I have missing code, because Iím not good in if condition and mysql statement.



<?php
include 'config.php';

$cloth_type = $_POST['clt_type'];
$input_qty = $_POST['input_qty'];
$output_qty = $_POST['output_qty'];

if ($_POST["clt_no"]){

$query = "SELECT t.operation_name FROM clt_traceability t, clt_transact c WHERE c.cloth_type = '" . $cloth_type . "' AND t.operation_name = 'Operation3, Operation4, Operation5 ' AND t.clt_no = c.clt_no";
$result = mysql_query($query);

if($cloth_type = 'AAA, BBB ,CCC') {
$input_qty = $input_qty * 14.15;
$output_qty = $output_qty * 14.15;
}
else{
$input_qty = $input_qty * 15.85;
$output_qty = $output_qty * 15.85;
}
}

?>




And I attached the code where I want to put the code for checking the cloth type and for the automatic multiply the input qty and output qty depend on the cloth type because the user input numbers by frame so I need to multiply it to become dozen which I put in the test code above.
Thank you.

durangod
12-18-2010, 09:09 AM
i dont see any problems with this, not familiar with your table name formats but seems ok if they are correct, the only thing i can see is make sure you escape your posts when you load them into a var, this will prevent injection

create a function you can call and in that function use mysql_real_escape_string then just call the function whenever you use $_GET or $_POST to load a var... just make sure you dont escape the same var multiple times during the same process or it could get ugly..

newphpcoder
12-20-2010, 01:46 AM
I mix my test code and my full code:



<?php



define('CLOTH_TYPE_SPECIAL_VALUE', 'AAA, BBB, CCC');
define('INPUT_MULTIPLE', 14.15);
define('OUTPUT_MULTIPLE', 15.85);

include 'config.php';

$rexist = 0;
if($_POST["clt_no"])
{
$query = "INSERT INTO clt_transact (cloth_type) VALUES ('" . $_POST["cloth_type"] . "')";
$result = mysql_query($query);
$clt_transact_id = mysql_insert_id();

$opname = $_POST["opname"];
$inqty = $_POST["inqty"];
$outqty = $_POST["outqty"];
$varqty = $_POST["varqty"];


$totalarr = count($opname) - 1;
for($ctr=0; $ctr < $totalarr; $ctr++)
{
$inqty[$ctr] = (float) $inqty[$ctr];
$varqty[$ctr] = (float) $varqty[$ctr];
$outqty[$ctr] = (float) $outqty[$ctr];

$query = "INSERT INTO clt_traceability (operation_name, input_qty, output_qty, variance_qty, clt_transact_id) VALUES ('" . $opname[$ctr] . "', '" . $inqty[$ctr] . "','" . $outqty[$ctr] . "', '" . $varqty[$ctr] . "', '" . $clt_transact_id . "')";
$result = mysql_query($query);
}
}

if (isset($_POST['cloth_type']) && !empty($_POST['cloth_type'])) {
$clothType = $_POST['cloth_type'];
} else {
$clothType = null;
}

if (null !== $clothType) {
if (isset($_POST['input_qty']) && !empty($_POST['input_qty'])) {
$inputQty = $_POST['input_qty'];

if (CLOTH_TYPE_SPECIAL_VALUE == $clothType) {
$inputQty *= INPUT_MULTIPLE;
}
} else {
$inputQty = null;
}

if (isset($_POST['output_qty']) && !empty($_POST['output_qty'])) {
$outputQty = $_POST['output_qty'];

if (CLOTH_TYPE_SPECIAL_VALUE == $clothType) {
$outputQty *= OUTPUT_MULTIPLE;
}
} else {
$outputQty = null;
}

$sql = "SELECT t.operation_name
FROM clt_traceability AS t, clt_transact AS c
WHERE c.cloth_type = '" . $cloth_type . "'
AND t.operation_name IN('Operation3', 'Operation4', 'Operation5')
AND t.clt_no = c.clt_no";

$resultSet = mysql_query($sql);
}

$rexist = 1;
?>



<html>
<head>
<style type="text/css">
.myclass {
font-size: 10pt; font-family:Arial, Helvetica, sans-serif;
}
</style>

<script type="text/javascript">
document.onkeypress = function(e){
e = e || event; e.returnValue = true;
var t = e.target || e.srcElement, re = /^(inqty|outqty)(\d+)$/, f = arguments.callee, m, i;
function next(){
if(!f.els && (m = t.form) === document.forms.clttype){
var ipts = m.getElementsByTagName('input'), els = []; i = ipts.length - 1;
for (i; i > -1; --i){
if(ipts[i].type && ipts[i].type.toLowerCase() === 'text'){
els.push(ipts[i]);
}
}
f.els = els;
}
if(f.els){
i = f.els.length - 1;
for (i; i > -1; --i){
if(f.els[i] === t && (m = f.els[i - 1])){
m.focus();
}
}
}
}
if((m = re.exec(t.id)) && e.keyCode === 13){
e.returnValue = false;
t.form.elements['varqty' + m[2]].value = t.form.elements['inqty' + m[2]].value - t.form.elements['outqty' + m[2]].value;
} else if (t.type && e.keyCode === 13 && t.type.toLowerCase() !== 'submit') {
e.returnValue = false;
}
if(!e.returnValue){
next();
if(e.preventDefault){e.preventDefault();}
}
return e.returnValue;
}
</script>
</head>
<body>
<form action='frame.php' method="post" name="clttype">



<?php
$rexist = 1;

echo "<table>";
echo "<tr><td>Cloth Type</td><td><input type='text' name='cloth_type' id='cloth_type' /></td></tr>";
echo "</table>";
echo "<p>&nbsp;</p>";

$query = "SELECT * FROM clt_trace_operations ORDER BY operation_name";
$last_operation_name = "";
$result = mysql_query($query);
if($result)
{
$rexist = 1;
echo "<table>";
echo "<tr><th class='myclass'>OPERATIONS</th><th class='myclass'>INPUT <br/> QTY</th><th class='myclass'>OUTPUT <br/> QTY</th><th class='myclass'>VARIANCE Qty</th></tr>";
$totalrows = mysql_num_rows($result);
$trows = $totalrows - 1;
for($ctr = 0; $ctr < $trows; $ctr++)
{
$row = mysql_fetch_array($result);
$tctr = $ctr + 1;
echo "\n\t<tr>";
echo "\n\t\t<td>";
if ($last_operation_name != $row["operation_name"]) echo $row["operation_name"];
$last_operation_name = $row["operation_name"];
echo "<input type='hidden' width='400' name='opname[]' value='" . $row["operation_name"] . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='inqty[]' id='inqty" . $ctr . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='outqty[]' id='outqty" . $ctr . "' ></td>";
echo "\n\t\t<td><input size='6' type='text' name='varqty[]' id='varqty" . $ctr . "' /></td>";
echo "\n\t</tr>";
}
if($totalrows > 1);
{
$row = mysql_fetch_array($result);
echo "\n\t<tr>";
echo "\n\t\t<td>";
if ($last_operation_name != $row["operation_name"]) echo $row["operation_name"];
$last_operation_name = $row["operation_name"];
echo "<input type='hidden' width='400' name='opname[]' value='" . $row["operation_name"] . "' /></td>";
echo "<input type='hidden' name='opname[]' value='" . $row["operation_name"] . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='inqty[]' id='inqty" . $ctr . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='outqty[]' id='outqty" . $ctr . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='varqty[]' value='' id='varqty" . $ctr . "' /></td>";
echo "\n\t</tr>";
}
echo "</table>";
}
echo "<p><input type='submit' value=' Save ' id='saveform' /></p>";
echo "<input type='hidden' name='clt_typeno' value='" . $_POST["clt_typeno"] . "' />";
?>
</form>
</body>
</html>


and when i run this code and I type AAA as a cloth type and I input 20 in input qty it did not multiply automatically in 14.15, the 20 was not changed.

Thank you

newphpcoder
12-20-2010, 06:41 AM
I also try this code:


<?php
include 'config.php';
$rexist = 0;
if($_POST["clt_no"])
{
$query = sprintf("INSERT INTO clt_transact(cloth_type)VALUES ('%s')",
mysql_real_escape_string($_POST["cloth_type"])
);
$result = mysql_query($query);
$clt_transact_id = mysql_insert_id();

$opname = $_POST["opname"];
$inqty = $_POST["inqty"];
$outqty = $_POST["outqty"];
$varqty = $_POST["varqty"];


$totalarr = count($opname) - 1;
for($ctr=0; $ctr < $totalarr; $ctr++)
{
$inqty[$ctr] = (float) $inqty[$ctr];
$varqty[$ctr] = (float) $varqty[$ctr];
$outqty[$ctr] = (float) $outqty[$ctr];

$query = "INSERT INTO clt_traceability (operation_name, input_qty, output_qty, variance_qty, clt_transact_id) VALUES ('" . $opname[$ctr] . "', '" . $inqty[$ctr] . "','" . $outqty[$ctr] . "', '" . $varqty[$ctr] . "', '" . $clt_transact_id . "')";
$result = mysql_query($query);
}
}

$query = "SELECT t.operation_name FROM clt_traceability t, clt_transact c WHERE c.cloth_type = '" . $cloth_type . "' AND t.operation_name IN ('Operation3, Operation4, Operation5 ') AND t.clt_no = c.clt_no";
$result = mysql_query($query);

if($cloth_type == 'AAA' or $cloth_type == 'BBB' or $cloth_type == 'CCC') {
$input_qty = $input_qty * 14.15;
$output_qty = $output_qty * 14.15;
}
else{
$input_qty = $input_qty * 15.85;
$output_qty = $output_qty * 15.85;
}
$rexist = 0;
?>



<html>
<head>
<style type="text/css">
.myclass {
font-size: 10pt; font-family:Arial, Helvetica, sans-serif;
}
</style>

<script type="text/javascript">
document.onkeypress = function(e){
e = e || event; e.returnValue = true;
var t = e.target || e.srcElement, re = /^(inqty|outqty)(\d+)$/, f = arguments.callee, m, i;
function next(){
if(!f.els && (m = t.form) === document.forms.clttype){
var ipts = m.getElementsByTagName('input'), els = []; i = ipts.length - 1;
for (i; i > -1; --i){
if(ipts[i].type && ipts[i].type.toLowerCase() === 'text'){
els.push(ipts[i]);
}
}
f.els = els;
}
if(f.els){
i = f.els.length - 1;
for (i; i > -1; --i){
if(f.els[i] === t && (m = f.els[i - 1])){
m.focus();
}
}
}
}
if((m = re.exec(t.id)) && e.keyCode === 13){
e.returnValue = false;
t.form.elements['varqty' + m[2]].value = t.form.elements['inqty' + m[2]].value - t.form.elements['outqty' + m[2]].value;
} else if (t.type && e.keyCode === 13 && t.type.toLowerCase() !== 'submit') {
e.returnValue = false;
}
if(!e.returnValue){
next();
if(e.preventDefault){e.preventDefault();}
}
return e.returnValue;
}
</script>
</head>
<body>



<form action='frame.php' method="post" name="clttype">

<?php
$rexist = 1;

echo "<table>";
echo "<tr><td>Cloth Type</td><td><input type='text' name='cloth_type' id='cloth_type' /></td></tr>";
echo "</table>";
echo "<p>&nbsp;</p>";

$query = "SELECT * FROM clt_trace_operations ORDER BY operation_name";
$last_operation_name = "";
$result = mysql_query($query);
if($result)
{
$rexist = 1;
echo "<table>";
echo "<tr><th class='myclass'>OPERATIONS</th><th class='myclass'>INPUT <br/> QTY</th><th class='myclass'>OUTPUT <br/> QTY</th><th class='myclass'>VARIANCE Qty</th></tr>";
$totalrows = mysql_num_rows($result);
$trows = $totalrows - 1;
for($ctr = 0; $ctr < $trows; $ctr++)
{
$row = mysql_fetch_array($result);
$tctr = $ctr + 1;
echo "\n\t<tr>";
echo "\n\t\t<td>";
if ($last_operation_name != $row["operation_name"]) echo $row["operation_name"];
$last_operation_name = $row["operation_name"];
echo "<input type='hidden' width='400' name='opname[]' value='" . $row["operation_name"] . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='inqty[]' id='inqty" . $ctr . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='outqty[]' id='outqty" . $ctr . "' ></td>";
echo "\n\t\t<td><input size='6' type='text' name='varqty[]' id='varqty" . $ctr . "' /></td>";
echo "\n\t</tr>";
}
if($totalrows > 1);
{
$row = mysql_fetch_array($result);
echo "\n\t<tr>";
echo "\n\t\t<td>";
if ($last_operation_name != $row["operation_name"]) echo $row["operation_name"];
$last_operation_name = $row["operation_name"];
echo "<input type='hidden' width='400' name='opname[]' value='" . $row["operation_name"] . "' /></td>";
echo "<input type='hidden' name='opname[]' value='" . $row["operation_name"] . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='inqty[]' id='inqty" . $ctr . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='outqty[]' id='outqty" . $ctr . "' /></td>";
echo "\n\t\t<td><input size='6' type='text' name='varqty[]' value='' id='varqty" . $ctr . "' /></td>";
echo "\n\t</tr>";
}
echo "</table>";
}
echo "<p><input type='submit' value=' Save ' id='saveform' /></p>";
echo "<input type='hidden' name='clt_typeno' value='" . $_POST["clt_typeno"] . "' />";
?>
</form>
</body>
</html>


When I run this code I input BBB in cloth type and I insert numbers in input qty and it did not automatically multiply in 14.15 but no errors encountered. The reason why I need to automatically multiply it because the user input numbers where is the unit of measure is Frame I need to convert it to Dozen so I will multiply to 14.15 if NW and 15.85 if W.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum