...

View Full Version : record infos related to a specific checkbox



jeskel
10-21-2003, 10:52 PM
Hi, 'hope everyone had a good start this week...

I have a recodset that displays multiple lines using MoveNext inside a form. For each of these lines, there is a checkbox and other infos are related to that checkbox. What I want to do is: I want to record for each checkbox checked the value of the checkbox but also the related infos to that checkbox. I can only record the values of the checkbox field now, so I miss the other fields I'd like to get... here is my code:



<tr>
<td>
<INPUT type="Checkbox" name="contact_id" value="<%=rs("id")%>" />
</td>
<td>
<%=rs("user")%>
<INPUT type="hidden" name="contact_name" value="<%=rs("user")%>" />
</td>
<td>
<%=rs("sexe")%>
<INPUT type="hidden" name="contact_sexe" value="<%=rs("sexe")%>" />
</td>
<td>
<%=rs("age")%>
<INPUT type="hidden" name="contact_age" value="<%=rs("age")%>" />
</td>
</tr>


I record it like that (the "id" value is the ID of the user checking the checkboxes, the same for each check made):



liste_contact = split(request.form("contact_id" ), "," )
...
for x = lbound(liste_contact) to ubound(liste_contact)
MyConn.execute "INSERT INTO contacts (contact, id) VALUES ('" & liste_contact(x) & "', " & id & " )"
next


so well... I can't figure out how to get recorded the contact_name, contact_sexe and contact_age....

If someone can help... that would be great. Thanx a lot:thumbsup:

raf
10-21-2003, 11:18 PM
the idea is to dynmically build the names of the formfields, so that they get the ID as part of the name. The output then looks like


<tr>
<td>
<INPUT type="Checkbox" name="c_idxx" value="xx" />
</td>
<td>
bla
<INPUT type="hidden" name="namexx" value="bla" />
</td>
<td>
m
<INPUT type="hidden" name="sexexx" value="m" />
/td>
<td>
20
<INPUT type="hidden" name="agesxx" value="20" />
</td>
</tr>

Where xx is the id.
You can get that like this


<INPUT type="Checkbox" name="c_id<%=rs("id")%>" value="<%=rs("id")%>" />
...
<INPUT type="hidden" name="name<%=rs("id")%>" value="<%=rs("user")%>" />
...


then you check if the checkbox ws checked. And grap the other data

Like this


dim box, id, name, sexe,age
for each box in request.form
if left(box,4) = "c_id" then
id = mid(box,5)
name = request.form("name" & id)
sexe = request.form("sexe" & id)
age = request.form("ages" & id)
...
end if
next

<edit> Only checked boxes will be in the formscollection. But you can make it more secureby giving each checkbox the same value and check on the value --> the id is already stored as part of the name.

Like

<INPUT type="Checkbox" name="c_id<%=rs("id")%>" value="99999" />

and then
...
if left(box,4) = "c_id" and request.form(box) = "99999" then
...
</edit>

jeskel
10-23-2003, 01:17 PM
WOAH! That perfectly works. It just opens so many doors to me... thanx a lot raf... now my code looks like this:



dim box, contact_id, contact_name, contact_sexe, contact_age
for each box in request.form
if left(box,10) = "contact_id" then
contact_id = mid(box,11)
contact_sexe = request.form("contact_sexe" & contact_id)
contact_name = request.form("contact_name" & contact_id)
contact_age = request.form("contact_age" & contact_id)

MyConn.execute "INSERT INTO contacts (id, contact_id, contact_sexe, contact_name, contact_age) VALUES (" & infosmembre_id & ", " & contact_id & ", " & contact_sexe & ", '" & contact_name & "', " & contact_age & ")"


end if
next


would you (or anyone else) have a particular recommendation about the the db recording? Is that way of doing things good enough? Or could it be better and if yes, why? thanx a lot.



MyConn.execute ".......

raf
10-23-2003, 01:59 PM
I don't think it is better, but i'm used to storing the sql-statement in a variable, and then use that variable as a parameter in the execute method. (it just easier to debug and if the sql statement is dynamically build, it becomes easier to first just compose it as a stringvalue and keep it stored in a variable).
I also always add a variable as parameter to the execute method (numinserted is the below code). This variable gets the number of affected records after the statement was executes (with delete, insert or update commands)
You can then use this variable to run some checks and display some info to the client.
Like


dim sql, count, numinserted, contacts, countOK, err
count=0
' the declarations must be placed before the "for each"-loop !

sql="insert ...."
numinserted = 0
MyConn.execute sql, numinserted

if numinserted = 1 then
if len(contacts) > 0 then
contacts = contacts & ", "
end if
contacts = contacts & Cstr(contact_id)
countOK=countOK + 1
else
if len(err) > 0 then
err = err & ", "
end if
err = err & Cstr(contact_id)
end if
count=count + 1


' then after the loop
if countOK = count then
response.write("All details were recorded succesfully")
else
if len(err) > 0 then
response.write("The following contacts were not inserted : " & err & ". Please notify the webmaster")
end if
if len(contacts) > 0
response.write("The following contacts were inserted correctly: " & err)
end if
end if


Something you should realy take care of is replace single quotes by 2 single quotes inside stringvalues of your sql-statement (see the sticky on top of this forum.)
If you have a formvalue which contains a ', then your sql-syntax will be incorrect.
so


... VALUES (" & infosmembre_id & ", " & contact_id & ", " & contact_sexe & ", '" & contact_name & "', " & contact_age & ")"

should be


... VALUES (" & infosmembre_id & ", " & contact_id & ", " & contact_sexe & ", '" & replace(contact_name,"'","''") & "', " & contact_age & ")"

jeskel
10-24-2003, 10:04 AM
thanx a lot raf, very cool advices...



Something you should realy take care of is replace single quotes by 2 single quotes inside stringvalues of your sql-statement (see the sticky on top of this forum.)
If you have a formvalue which contains a ', then your sql-syntax will be incorrect.

well I usually do it, but since I don't allow ' in my user name, I felt kinda safe... But I'll do it anyway from now on.

instead of a "99999" value, I decided to build that value dymically based on the userID and it's unique visitorID... I have those values as sessions variables and recorded in my db. Si I put the session values in my form, then compare them with the data in the db, and if both matches, I do the record. It's not that usefull for recording infos, but when it comes to deleting, I just wanna make sure that the user is deleting things regarding only him, it's kind of a small lgincheck without bothering the user... Is that useless you think?

Anyways, thanx a lot raf... :thumbsup: :thumbsup: :thumbsup:



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum