Hi, I'm pretty new to php and I’m having some problems trying to create a form that will submit a page order then update that order in my db (trying to create a simple cms for my website). My order_page.php shows the current page order by taking the current information from my db then listing it in asc order by page_order, with a changeable text field for the user to edit. The problem is when I set the form up I set the name field as page_name (which is updated from the db) and value as the user updated/db order. But when I submit (post) the page to page_order_update.php how do I collect the information from the form and update the db? Because the field id would be the page name and not just a simple page $_GET[page_name];. I hope this makes sense, I have tried to do this a few different ways but just end up confusing things. Thank you in advance for any help. Code/// order_page.php <?php $page = $_GET[page]; include('../db/dbconnect.php'); $page_name = mysql_query("SELECT * FROM pages ORDER BY page_order ASC") or die(mysql_error()); ?> </p> <form id="pageorder" name="pageorder" method="get" action="update-page-order-db.php"> <? while($info = mysql_fetch_array( $page_name )) { print "<p>".$info[page_name]; print "<input name='$info[page_name]' size='1' value='$info[page_order]'></p>"; } ?> <label> <input type="submit" name="save" id="save" value="save" /> </label> </form>
As far as I understand I can suggest such a solution: Sample list: <form> ... <ul> <li>page name 1 order <input type="text" name="order[1]"></li> <li>page name 2 order <input type="text" name="order[2]"></li> ... <li>page name 10 order <input type="text" name="order[10]"></li> </ul> ... <form> HTML: When you submit such a form you get an array in php : foreach ($_POST['order'] as $page_id => $order) { $q = "UPDATE pages SET page_order = '".$order."' WHERE page_id='".$page_id."'"; } PHP: As you are experienced enough to write you CMS, I think you got the idea, which is to properly name input fields.
I also suggest you filter the quotes out of each variable. That code would be vulnerable to SQL Injection which is a serious threat to any website.
It is also usefull to check is_array($_POST['order']), check if $page_id and $order are umbers and million other checks I show the idea, implementations is up to topic starter.