On Thu, Apr 5, 2012 at 3:15 PM, Ethan Rosenberg <eth...@earthlink.net> wrote:
> I know I am missing something fundamental - but I have no idea where to
> start to look.

It's really difficult to figure out what you're asking. Your code
snippets and associated output seem all jumbled up. It would help
greatly if they were presented in order.

> Here are code snippets:
> I have truncated the allowed_fields to make it easier to debug.
>  $allowed_fields = array(  'Site' =>'POST[Site]', 'MedRec' =>> 
> '$_POST[MedRec]', 'Fname' => '$_POST[Fname]'   );
>  echo "post #1\n";
>  print_r($_POST);

Here, do you realize that you are setting each element of the array to
the exact contents of each string, i.e., there will be no variable
interpolation? If that's what you intend to do, great, but read on...

>  post #1
> Array
> (
>    [Site] => AA
>    [MedRec] => 10002
>    [Fname] =>
>    [Lname] =>
>    [Phone] =>
>    [Height] =>
>    [welcome_already_seen] => already_seen
>    [next_step] => step10
> )

Are you expecting something else here, or is the $_POST containing the
correct data?

> // $allowed_fields = array("Site", "MedRec", "Fname", "Lname", // previous 
> statement of $allowed_fields
> // "Phone", "Sex", "Height");

I'm not clear why you're showing commented out lines.

This looks like output from a statement below. It's much clearer if
you put the output below the code.

> Key Site, Value POST[Site]
> Key MedRec, Value $_POST[MedRec]
> Key Fname, Value $_POST[Fname]

> foreach ($allowed_fields as $key => $val) {
>    print "Key $key, Value $val\n";
> }

And the above output is exactly what I would expect given how you
created the $allowed_fields hash: each of the values was set as an
uninterpolated string by using single quotes instead of double quotes.
If you really wanted the values, you should not have quoted them at
all, but instead quoted the $_POST key names, like so:

$allowed_fields =
   array('Site'   => $_POST['Site'],
         'MedRec' => $_POST['MedRec'],
         'Fname'  => $_POST['Fname']);

Pay closer attention to what you are quoting and how you are quoting it.

> if(isset($_Request['Sex'])&& trim($_POST['Sex']) != '' )

$_REQUEST is always fully capitalizes, unless it's your own variable.
(If it is, I suggest using another name as it's confusing.) Also, as
you seem to know that the field is in the $_POST array, rather than
use $_REQUEST, go ahead and just use $_POST.

> {
>   if ($_REQUEST['Sex'] === "0")
>   {
>     $sex = 'Male';
>   }
>   else
>   {
>     $sex = 'Female';
>   }
> }

This is an opportune time to use a ternary operator. Replace the inner
if-else with:

$sex = ($_POST['Sex'] === "0") ? 'Male' : 'Female' ;

>  }

^ Is this an extra closing brace or is it closing something before the
snippet? (confusing)

> echo "Post#2";
> print_r($_POST);
> if(empty($allowed_fields))

What is happening after this line?

> Post#2Array
> (
>   [Site] => AA
>   [MedRec] => 10002
>   [Fname] =>
>   [Lname] =>
>   [Phone] =>
>   [Height] =>
>   [welcome_already_seen] => already_seen
>   [next_step] => step10
> )

As you have not changed $_POST in any way, this is exactly what you
should expect to see.

> {
>  echo "ouch";
> }

Is this ^^  what comes after the if(empty statement above? What is it's output?

> foreach ( $allowed_fields as $key => $val ) //This is line 198
> {
>  if ( ! empty( $_POST['val'] ) )

This will always check the value associated with the 'val' entry in
$_POST. I'm pretty sure this is not what you want.

>  {
>   print "Key $key, Value $val\n";
>   $cxn = mysqli_connect($host,$user,$password,$db);
>   $value = mysql_real_escape_string( $_POST[$fld] );
>   $query .= " AND $fld = '$_POST[value]' ";

The query will check to see if what ever $fld evaluates to (I don't
see where it is set, but maybe somewhere else) and compare it to the
*exact* string $_POST[value] -- I doubt that you are storing that in
your data base -- at this point I'm not really sure what you want

>   echo "#1 $query"; //never echos the query

^^ it never will, since the Notice and Warning below indicate the for
loop is never executed.

>  }
> }

> These are the messages I receive on execution of the script:
> Notice: Undefined variable: allowed_fields in /var/www/srchrhsptl5.php on
> line 198
> Warning: Invalid argument supplied for foreach() in /var/www/srchrhsptl5.php
> on line 198

Is this stretch of code inside a function perhaps? If so, is
$allowed_fields declared as a global inside the function? Please send
or pastebin more code so we can see it clearly. Generally when a
problem like that is reported and it's not obviously a typo or
spelling error, the problem is not necessarily at the line itself, but
above someplace in the code.

> Advice and help, please.

My general advice is to pay closer attention to what you're quoting
and how you're quoting it, and that case matters in variable names.

'$_POST[val]' is the *exact* string '$_POST[val]' -- it does not get
any content from the $_POST variable or one of it's fields. Please
*READ AGAIN* about quoting and variable interpolation: <
http://www.php.net/manual/en/language.types.string.php >

After you fix the problem that shows at line 198, do this right at the
top of your loop:

echo 'Single Quotes:                 ' . '$_POST[val]'.PHP_EOL;
echo 'Double Quotes:                 ' . "$_POST[val]".PHP_EOL;
echo 'Single Quotes around POST key: ' . $_POST['val'].PHP_EOL;
echo 'Variable $val for POST key:    ' . $_POST[$val].PHP_EOL;

and notice the difference.

Case matters: $_Request is NOT the same as $_REQUEST

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to