I'm trying to make a PHP web application display the data from specific Countries from a dropdown but I can't figure it out how to use the WHERE [Column] = [Value1, Value2, Value3] on a PHP dropdown.
I'm using the "Adventure Works 2014 Full Database Backup" for test purpose.
<html>
</body>
<!-- form for tower selection -->
<form action="test20.php" method="POST">
Please select the tower you are about to work on. </br></br>
<select name="TowerSelect"><option> Choose </option>
<?php
$serverName = 'SERVERNAME';
$uid = 'USERNAME';
$pwd = 'PASSWORD';
$databaseName = 'AdWorks';
$connectionInfo = array( 'UID'=>$uid,
'PWD'=>$pwd,
'Database'=>$databaseName);
$conn = sqlsrv_connect($serverName,$connectionInfo);
if($conn){
echo '';
}else{
echo 'Connection failure<br />';
die(print_r(sqlsrv_errors(),TRUE));
}
$sql = "SELECT BusinessEntityID, FirstName FROM dbo.vKelvin WHERE CountryRegionName = 'United States'";
$result = sqlsrv_query($conn,$sql) or die("Couldn't execut query");
while ($data=sqlsrv_fetch_array($result, SQLSRV_FETCH_ASSOC)){
echo "<option value=";
echo $data['BusinessEntityID'];
echo ">";
echo $data['BusinessEntityID'];
echo "</option>";
}
?>
<input type="submit" value="Select Tower">
</select></br></br>
</form>
</body></html>
<?php
if(empty($_POST['TowerSelect'])){
$_SESSION['tower'] = '';
} else {
$_SESSION['tower'] = $_POST['TowerSelect'];
echo "<tr>";
echo $_SESSION['tower'];
echo " selected. </p>";
echo('<td>'.$row['BusinessEntityID'].'</td><td>'.$row['FirstName'].'</td></tr>');
}
I believe I have this fixed. There were a number of problems with the code. You were referencing a $row but there was no SQL query that would have resulted in a $row, you were trying to post data after the closing HTML tag, you were trying to create rows for a table without declaring the table, and a few other things. Some of this was probably a result of quickly creating the test case. No problem. Try this...
<?php
$serverName = 'SERVERNAME';
$uid = 'USERNAME';
$pwd = 'PASSWORD';
$databaseName = 'AdWorks';
$connectionInfo = array( 'UID'=>$uid,'PWD'=>$pwd,'Database'=>$databaseName);
$conn = sqlsrv_connect($serverName,$connectionInfo);
if($conn){echo '';}else{echo 'Connection failure<br />';die(print_r(sqlsrv_errors(),TRUE));}
?><html><body>
<!-- form for tower selection -->
<form action="test20.php" method="POST">
Please select the tower you are about to work on. </br></br>
<select name="TowerSelect"><option> Choose </option>
<?php
$sql = "SELECT BusinessEntityID, FirstName FROM dbo.vKelvin WHERE CountryRegionName = 'United States'";
$result = sqlsrv_query($conn,$sql) or die("Couldn't execut query");
while ($data=sqlsrv_fetch_array($result, SQLSRV_FETCH_ASSOC)){
echo '<option value="'.$data['BusinessEntityID'].'">';
echo $data['BusinessEntityID'];
echo "</option>";
}
?><input type="submit" value="Select Tower">
</select></br></br>
</form>
<table cols="3" cellpadding="0" cellspacing="0" border="0">
<?php
if(empty($_POST['TowerSelect'])){
$_SESSION['tower'] = '';
} else {
$sql = "SELECT BusinessEntityID, FirstName FROM dbo.vKelvin WHERE BusinessEntityID = '".$_POST['TowerSelect']."'";
$result = sqlsrv_query($conn,$sql) or die("Couldn't execut query");
while ($row=sqlsrv_fetch_array($result, SQLSRV_FETCH_ASSOC)){
$_SESSION['tower'] = $_POST['TowerSelect'];
echo '<tr><td>'.$_SESSION['tower'].' selected.</td>';
echo '<td>'.$row['BusinessEntityID'].'</td>';
echo '<td>'.$row['FirstName'].'</td></tr>';
}
}
?></table></body></html>
Note: Though not important to answer your question, it is a best practice to use PDO and bound paramters when making database calls to protect yourself against SQL injection and other nasties. I recommend you look into it to protect your database. Cheers!