This piece of code selects from the left table and will list the content in the right hand table. This is a working code but I would like to see how a professional would protect and make it faster.
Any suggestion (with some code) would be appreciated. Thanks a lot
PS: There is also a little glitch with it: after deleting it lose the selected item on the right list.
<?php include("db_con1.php");?>
<html>
<head>
</head>
<body>
<form method="post" action="test.php">
<div id="left">
<?php
$queryl = $pdo->prepare('SELECT id, name FROM test1 ORDER BY name ASC');
$queryl->execute();
?>
<ul>
<?php foreach ($queryl as $i => $rowl) { ?>
<li>
<?php if ($i)?>
<input name="checkbox_del[]" id="test_<?php echo $i ?>" type="checkbox" value="<? echo $rowl['id']; ?>"/>
<label for="test_<?php echo $i ?>">
<a href="test1.php?gid=<?php echo $rowl['id']; ?>"><?php echo $rowl['name']; ?></a>
</label>
</li>
<?php } ?>
</ul>
</div>
<div id="right">
<?php
if(isset($_GET['gid'])) {
$gid=$_GET['gid'];
$queryr = $pdo->prepare('SELECT test3.name FROM test1, test2, test3 WHERE test1.id=test2.groupid AND test3.id=test2.peopleid AND test1.id='.$gid.' ORDER BY test3.name ASC');
$queryr->execute();
}
?>
<ul>
<?php foreach ($queryr as $i => $rowr) { ?>
<li>
<?php if ($i)?>
<input name="checkbox_del[]" id="test_<?php echo $i ?>" type="checkbox" value="<? echo $rowr['id']; ?>"/>
<label for="test_<?php echo $i ?>"><?php echo $rowr['name']; ?></label>
</li>
<?php } ?>
</ul>
</div>
<input type="submit" name="del" value="Delete the selected items">
</form>
<?php
if (isset($_POST['del'])) {
echo "Don't delete:)";
for ($c = 0; $c < count($_POST['checkbox1_del']); $c++){
$checkbox1_del = $_POST['checkbox1_del'][$c];
$sql = 'UPDATE test1 SET status=0, log="'.date("Y-m-d").'"WHERE id='.$checkbox1_del;
echo $sql;
$query = $pdo->prepare($sql);
$query->execute();
}
for ($c = 0; $c < count($_POST['checkbox2_del']); $c++){
$checkbox2_del = $_POST['checkbox2_del'][$c];
$sql = 'UPDATE test2 SET status=0, log="'.date("Y-m-d").'"WHERE id='.$checkbox2_del;
echo $sql;
$query = $pdo->prepare($sql);
$query->execute();
}
if($query){
echo "<meta http-equiv=\"refresh\" content=\"0;URL=test1.php\">";
}
}
?>
</body>
</html>
Revision 1: now I have had some feedback so I just would like to ask which is better, would this be better?
<?php
if(is_numeric($_GET['gid'])) {
$queryr = $pdo->prepare('SELECT test3.name FROM test1, test2, test3 WHERE test1.id=test2.groupid AND test3.id=test2.peopleid AND test1.id=:id ORDER BY test3.name ASC');
if( $queryr->execute(array(':id' => $_GET['id'])) ) {
$result = $queryr->fetch();
}
}
?>
or this?
<?php
if(is_numeric($_GET['gid'])) {
$gid = $_GET['gid'];
$queryr = $pdo->prepare('SELECT test3.name FROM test1, test2, test3 WHERE test1.id = test2.groupid AND test3.id = test2.peopleid AND test1.id = :gid ORDER BY test3.name ASC');
$queryr->bindParam(':gid', $gid, PDO::PARAM_INT);
$queryr->execute();
?>
instead of this? (please be polite if I did something wrong as I am a beginner:)
<?php
if(isset($_GET['gid'])) {
$gid=$_GET['gid'];
$queryr = $pdo->prepare('SELECT test3.name FROM test1, test2, test3 WHERE test1.id=test2.groupid AND test3.id=test2.peopleid AND test1.id='.$gid.' ORDER BY test3.name ASC');
$queryr->execute();
}
?>