Member Avatar for rukshilag

This is a table customization in a search form.
I need the ticked checkbox values to be passed to the pdf.php in order for the table to be customized. but the table is not filled nor is it customised.

<?php
//access incoming name, id or radio button values
$cs = $_GET['cs'];
$name=$_GET['name'];
$uni=$_GET['uni'];
$dept=$_GET['dept'];
$course=$_GET['course'];
$cd=$_GET['course_date'];
$gen=$_GET['gen'];
$sf=$_GET['selectfields'];
$title=$_GET['title'];

$con=mysql_connect("localhost", "root", "") or die ("couldnt connect");
mysql_select_db("sdc_cpds") or die ("couldnt select");

//search query

$searchquery="SELECT * FROM course_participant WHERE name LIKE '%$name%' AND gender LIKE '$gen%' AND university LIKE '%$uni%' AND facdept LIKE '%$dept%'  AND course LIKE '%$course%' AND course_date LIKE '%$cd%' AND completion LIKE '%$cs%' UNION SELECT * FROM past_participant WHERE name LIKE '%$name%' AND gender LIKE '%$gen%' AND university LIKE '%$uni%' AND facdept LIKE '%$dept%'  AND course LIKE '%$course%' AND course_date LIKE '%$cd%' AND completion LIKE '%$cs%' ORDER BY name";

$result=mysql_query($searchquery);
$num_rows=mysql_num_rows($result);

echo "<b>$num_rows</b> results found<br>"; 
//echo "<INPUT TYPE='image' SRC='http://localhost/drupal/printwebpagepdf.gif' OnClick='clickPrint()'>";
//display results(search results table)
if($num_rows >0) {

echo "<div style='width:620px; height:100%;'>";
echo "<table border='2' width='100%' id='blutable'>";
echo "<tr style='background-color:#A9D0F5'><th></th><th>Name</th><th>Address</th><th>Contact No</th><th>Email</th><th>Gender</th><th>Age</th><th>Marital Status</th><th>University</th><th>Fac/Dept</th><th>Course</th><th>Course Date</th><th>Reg. Date</th><th>Completion</th></tr>";

$i=1;

while($row = mysql_fetch_array($result)) {

$r = fmod($i,2);
if($r=="1"){
$rowclass="odd";
}
else{
$rowclass="even";
}

echo "<tr class='$rowclass'>";
//echo "<td><input type='submit' value='EDIT' onclick='editer($i)' style='width:50px; height:25px background;'/></td>";

echo "<td style='padding:1px;' valign='bottom'><INPUT TYPE='image' SRC='http://localhost/drupal/more.png' onclick='editer($i)' style='width:25px; height:25px;'/></td>";


 echo "<td nowrap><div id='cpid_$i'>";echo $row['name'];"</div></td>";
 //echo "<td><div id='cpid_$i'>";echo $row['nic'];echo "</div></td>";
 echo "<td nowrap>";echo $row['res_address'];echo "</td>";
 echo "<td>";echo $row['cont_no'];echo "</td>";
 echo "<td>";echo $row['email'];echo "</td>";
 echo "<td>";echo $row['gender'];echo "</td>";
 echo "<td>";echo $row['age'];echo "</td>";
 echo "<td>";echo $row['marital_stat'];echo "</td>";
 echo "<td nowrap>"; echo $row['university']; echo "</td>";
 echo "<td nowrap>"; echo $row['facdept']; echo "</td>";
 echo "<td nowrap><div id='course_$i'>"; echo $row['course']; echo "</div></td>";
 echo "<td nowrap><div id='coursed_$i'>"; echo $row['course_date']; echo "</div></td>";
 echo "<td nowrap>"; echo $row['reg_date']; echo "</td>";
 echo "<td>";echo $row['completion']; echo "</td>";
echo "</tr>";

$i++;
}

echo "</table>";
echo "</div>";
echo "<form action='http://localhost/drupal/pdf.php' method='POST' name='prnt'/>";
echo "<input type='hidden' name='cs' id='cs' value='$cs'/>";
echo "<input type='hidden' name='name' id='name' value='$name'/>";
echo "<input type='hidden' name='uni' id='uni' value='$uni'/>";
echo "<input type='hidden' name='dept' id='dept' value='$dept'/>";
echo "<input type='hidden' name='course' id='course' value='$course'/>";
echo "<input type='hidden' name='course_date' id='course_date' value='$course_date'/>";
echo "<input type='hidden' name='gen' id='gen' value='$gen'/>";
echo "<input type='hidden' name='selectfields' id='selectfields' value='$sf'/>";
echo "<input type='hidden' name='title' id='title' value='$title'/>";
//echo "<input type='submit' value='PRINT RESULTS' name='pr' style='float:right;' class='up'onmouseover='this.className='over''onmouseout='this.className='up'/>";
echo "</form>";
}
?>
<html>
<form action="http://localhost/drupal/pdf.php" id="cust" method="post" style="background-color:#F2F2F2; border:1px solid; border-color:#084B8A;
width:98%; padding:10px;" >
	<table>
		<tr>
			<td><strong>Title of Your Report:</strong></td>
			<td>
				<input type="text" name="title" value="" size="60" id="title" />
<!-- BLOCK # 01 -->
                <!-- all hidden fields go here -->
				<?php
                echo "<input type='hidden' name='cs' value='$cs' />";
                echo "<input type='hidden' name='name' value='$name' />";
                echo "<input type='hidden' name='uni' value='$uni' />";
                echo "<input type='hidden' name='dept' value='$dept' />";
                echo "<input type='hidden' name='course' value='$course'/>";
                echo "<input type='hidden' name='course_date' value='$course_date' />";
                echo "<input type='hidden' name='gen' value='$gen' />";
				
				?>
<!-- END OF BLOCK # 01 -->
			</td>
		</tr>
		<tr>
			<td>
				<input type="radio" name="rname" value="name" checked/> Name
			</td>
			<td></td>
		</tr>
		<tr>
			<td><strong>Tick Fields Required:</strong></td>
			<td></td>
		</tr>
		<tr>
			<td>
				<input type="checkbox" name="selectfields[address]" /> Address
			</td><td>
				<input type="checkbox" name="selectfields[contactnumber]" /> Contact Number
			</td>
		</tr>
		<tr>
			<td>
				<input type="checkbox" name="selectfields[gender]" /> Gender
			</td><td>
				<input type="checkbox" name="selectfields[age]" /> Age
			</td>
		</tr>
		<tr>
			<td>
				<input type="checkbox" name="selectfields[email]" /> E-Mail
			</td><td>
				<input type="checkbox" name="selectfields[maritalstatus]" /> Marital Status
			</td>
		</tr>
		<tr>
			<td>
				<input type="checkbox" name="selectfields[university]" /> University
			</td><td>
				<input type="checkbox" name="selectfields[facdept]" /> Faculty/Department
			</td>
		</tr>
		<tr>
			<td>
				<input type="checkbox" name="selectfields[course]" /> Course
			</td><td>
				<input type="checkbox" name="selectfields[cd]" /> Course Date
			</td>
		</tr>
		<tr>
			<td>
				<input type="checkbox" name="selectfields[rd]" /> Registration Date
			</td><td>
				<input type="checkbox" name="selectfields[completion]" /> Completion
			</td>
		</tr>
		<tr>
			<td> </td>
			<td>
				<input type="submit" value="CUSTOMIZE & PRINT" style="float:right;" class="up"onmouseover="this.className='over'"onmouseout="this.className='up'" />
			</td>
		</tr>
	</table>
</form>
</html>

<?php

//close connection
mysql_close($con);


?>

and the pdf.php code is

<?php
# Catch the posted data, validate by getting rid of > and <
$header =$_POST['header'];
# Replace > and < with a blank space
$header = str_replace('<','',$header);
$header = str_replace('>','',$header);
$body =$_POST['body'];
# Replace > and < with a blank space
$body = str_replace('<','',$body);
$body = str_replace('>','',$body);

# Include the file that does all of the work
include ('class.ezpdf.php');

# Start a new PDF file
$pdf =& new Cezpdf();

# Select the font we'll be using. There are more fonts in the zip file.
$pdf->selectFont('./fonts/Helvetica.afm');

# include the header, then move down a couple of lines, font size 25
# justification centered (centred if you're from the UK)
$pdf->ezText($header . "\n\n",5,array('justification'=>'centre'));

# include the body after moving down 7 lines to get under the pic.
# Font size 16, justification centered.
$pdf->ezText("\n" . $body,8,array('justification'=>'centre'));

//inside
$pdf->ezText('',6);
//--------------------------------------------------
// you will have to change these to your settings
$host = 'localhost';
$user = 'root';
$password = '';

$database = 'sdc_cpds';

$cs=$_POST['cs'];
$name=$_POST['name'];
$uni=$_POST['uni'];
$dept=$_POST['dept'];
$course=$_POST['course'];
$course_date=$_POST['course_date'];
$gen=$_POST['gen'];
$sf=$_POST['selectfields'];

$query ="SELECT * FROM course_participant WHERE name LIKE '%$name%' AND gender LIKE '$gen%' AND university LIKE '%$uni%' AND facdept LIKE '%$dept%'  AND course LIKE '%$course%' AND course_date LIKE '%$cd%' AND completion LIKE '%$cs%' UNION SELECT * FROM past_participant WHERE name LIKE '%$name%' AND gender LIKE '%$gen%' AND university LIKE '%$uni%' AND facdept LIKE '%$dept%'  AND course LIKE '%$course%' AND course_date LIKE '%$cd%' AND completion LIKE '%$cs%' ORDER BY name";

echo $course;
//--------------------------------------------------
/*
$data = array(  array('Name'=>1,'Address'=>'gandalf','Contact Number'=>'wizard','Email'=>'wizard','Gender'=>'wizard','Age'=>'wizard','Marital Status'=>'wizard','University'=>'wizard','Fac/Dept'=>'wizard','Course'=>'wizard','Course Date'=>'wizard','Reg Date'=>'wizard') );
*/
//$pdf->ezTable($data);
// open the connection to the db server
$link = mysql_connect($host,$user,$password);
// change to the right database
mysql_select_db($database);
// initialize the array
$data = array();
// do the SQL query
$result = mysql_query($query);
// step through the result set, populating the array, note that this could also have been written:
// while($data[] =  mysql_fetch_assoc($result)) {}
while($data[] =  mysql_fetch_array($result, MYSQL_ASSOC)) {

/*while($data = mysql_fetch_assoc($result)) {*/
	
	if($_POST['rname'] == 'name') {
		$n="name";
		//echo $data['name'];
	}
	
	if($_POST['selectfields']['address'] == 'on') {
		$add="res_address";
		//echo $data['res_address'];
	}
	
	if($_POST['selectfields']['contactnumber'] == 'on') {
		$cn="cont_no";
		//echo $data['cont_no'];
	}
	if($_POST['selectfields']['age'] == 'on') {
		$a="age";
		//echo $data['age'];
	}
	if($_POST['selectfields']['gender'] == 'on') {
		//echo $data['gender'];
		$g="gender";
	}
	if($_POST['selectfields']['maritalstatus'] == 'on') {
		//echo $data['marital_stat'];
		$ms="marital_stat";
	}
	if($_POST['selectfields']['university'] == 'on') {
		//echo $data['university'];
		$u="univeristy";
	}
	if($_POST['selectfields']['facdept'] == 'on') {
		//echo $data['facdept'];
		$fd="facdept";
	}
	if($_POST['selectfields']['cd'] == 'on') {
		//echo $data['course_date'];
		$date="course_date";
	}
	if($_POST['selectfields']['rd'] == 'on') {
		//echo $data['reg_date'];
		$reg="reg_date";
	}
	if($_POST['selectfields']['email'] == 'on') {
		//echo $data['email'];
		$e="email";
	}
	if($_POST['selectfields']['completion'] == 'on') {
		//echo $data['completion'];
		$comp="completion";
	}
	if($_POST['selectfields']['course'] == 'on') {
		//echo $data['course'];
		$crs="course";
	}
	
$cols=array('$n'=>"Name",'$add'=>"Residential Address",'$cn'=>"Contact Number",'$a'=>"Age",'$g'=>"Gender",'$ms'=>"Marital Status",'$u'=>"University",'$fd'=>"Faculty/Department",'$date'=>"Course Date",'$reg'=>"Reg. Date",'$e'=>"E-Mail",'$comp'=>"Completion",'$crs'=>"Course");
}



$pdf->ezTable($data, $cols);
//$pdf->ezTable($data);

// do the output, this is my standard testing output code, adding ?d=1
// to the url puts the pdf code to the screen in raw form, good for checking
// for parse errors before you actually try to generate the pdf file.
if (isset($d) && $d){
  $pdfcode = $pdf->output(1);
  $pdfcode = str_replace("\n","\n<br>",htmlspecialchars($pdfcode));
  echo '<html><body>';
  echo trim($pdfcode);
  echo '</body></html>';
} else {
  $pdf->stream();
}



#create the pdf and stream it to the page
$pdf->output();
$pdf->ezStream();
?>

Someone please help cuz i need this to work. Just an empty table with all the fields is displayed!

  • 2 Contributors
  • 1 Reply
  • 167 Views
  • 12 Hours Discussion Span
  • Latest Post Latest Post by Zagga
Member Avatar for Zagga

Ok, you have quite a few errors in here but I'll have a go at the first 4.
From one of the comment lines, I take it this is not your own script.

1) Sanitize all GET and POST variables before you use them in SQL statements.

2) Sanitize all GET and POST variables before you use them in SQL statements.

3) Are the variables at the start of the first page ($cs, $name, $uni etc) being sent along in the URL to allow you to $_GET them?

4) Sanitize all GET and POST variables before you use them in SQL statements.

Hope this helps
Zagga

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.