Re: Dynamic Content thoughts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Aug 23, 2012 at 9:51 PM, admin <admin@xxxxxxxxxxxxxxxxxxx> wrote:
> Hello everyone,
>
>                 In my quest to build bigger and better dynamic content, I am
> putting forth a concept to see what you all think.
>
> Many times I come across customers who want drop down menus dynamically
> built from database tables.
>
>
>
> Old way Example:
>

>
> *********************************************************
>
>
>
> I am purposing a Method for this that has some flexibility.
>
>
>
> Initialize Object:  $yourobject = new yourclass();
>
> Call method: // The call design is just so you have a better understanding
> of my concept
>
> $dropdown = $yourobject-> dropmenu('personnell','ID',array(0 =>
> 'first_name', 1 => 'last_name'), 'last_name');
>
>
>
> Function dropmenu($table,$fieldforvalue,$fieldstodisplay,$fieldorder)  //
<<snip>>
>
>
>
> Now I can call the drop downs driven by database tables dynamically and It
> saves me a TON of time.
>
> Echo '<SELECT ID=personnel>';
>
> Foreach($dropdown as $key=>$values){
>
> Echo $values;
>
> }
>
> Echo '</select>';
>
>

Hi Richard,


First of all, I don't really see the problem with the first code, as
it's not that many LOC. OTOH comparing it to the enormous amount of
lines needed for your function it seems a bit overkill. If you combine
$query = .. and mysql_query($query), to a single line (which I
prefer), then you only have 4 lines of code in your first example. ( I
only count lines that do something, not the brackets etc). Your
function has about 40.
If you still want this function, I would change a few things.
1) Do all the echo stuff inside your function, or, only return the
data and print the <option> html stuff outside of your function.
You're now mixing both which seems wrong.
2) Use SQL as input, and if you wish to make it easy for yourself,
write a seperate function that writes SQL queries for you (or just use
a lib for it, there are probably plenty).
3) Use mysqli, mysql is deprecated.
4) Use mysqli_real_escape_string to sanitize your input before using
it on the database.

Hope this helps you,

- Matijn

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux