Passing values from foreach statement to another page

PHP
1

The foreach statement in the cart.php prints out the productid value and the quantity. What I want to do now is the to post these values from cart.php page to process.php, as I want to be able to include the details when writing an insert statement for the order table. This would also contain the customer id from the customer table along with the productid and quantity.

Do I post the variables $key and $value in this instance to pass them to the process.php page as requested in the form action request. I presume they’d be passed using hidden input fields but I’m unsure on this.

Any help would be great.

list.php

echo '<form action ="cart.php" method="post">';
echo'<p><table border = "1" cellspacing="1">';
echo'<tr><td>Title</td><td>CD</td><td>Quantity</td></tr>';
while($row = mysql_fetch_array($result)){
	//print out all the details from the database table row in cells in a html table row
	echo '<tr>';
	echo '<td>'. $row['title'] .'</td>';
	echo '<td>'. $row['cd'] .'</td>';
	echo '<td><input name ="'.$row['productid'].'" type="text" /></td>';
	echo '</tr>';

}
echo'</table></p>';
echo'<input name="submit" type="submit" />';
echo'</form>';

cart.php

<?php
foreach($_POST as $key => $value){
	if ($value > 0){
	echo $key.'';
	echo 'The quantity is:'.$value;
	echo '<br/>';
	}
}
?>

<form action="process.php" method="post">
<table>
<tr>
    <td>First name:</td>
    <td><input name="firstname" type="text" value="<?php if(isset($_POST) && isset($_POST['firstname'])){
		echo $row['firstname'];
	}
	?>"/></td>
    <td></td>
  </tr>
  <tr>
    <td>Last name:</td>
    <td><input name="lastname" type="text" value="<?php if(isset($_POST)&& isset($_POST['lastname'])){
		echo $_POST['lastname'];
	}
	?>" /></td>
    <td></td>
  </tr>
<tr>
    <td></td>
    <td><input name="submit" type="submit" value="submit" /></td>
    <td>&nbsp;</td>
  </tr>
</table>
</form>
2

Do I post the variables $key and $value in this instance to pass them to the process.php page as requested in the form action request. I presume they’d be passed using hidden input fields but I’m unsure on this.

I can think of at least five ways to pass information from page to page:

  1. Save to database
  2. Save to file system
  3. Save to session variable
  4. Send to hidden input field
  5. Send to cookie

Keeping things on the server is faster and more secure. Using hidden input fields or cookies probably requires less code.

Normally I would use hidden field only for data that came from the visitor since he already knows it and there is no security risk. Send passwords or other sensitive information to the browser is a big security risk.

3

#1: Never send password information to the browser. Ever.
#2: The code for reading a cookie/hidden field and reading a session variable would be identical (As you could simply replace $_COOKIE, $_POST, or $_SESSION with any of the others in the code and get the same result). The difference is WHEN you want to write the data out.

4

I have included the following in the form section of the cart.php page:

<td><input type=“hidden” name=“productid” id=“productid” value=“<?php echo $key; ?>” /></td>
<td><input type=“hidden” name=“quantity” id=“quantity” value=“<?php echo $value; ?>” /></td>

and I have the following in the process.php to post the values out, however, the values aren’t being echoed out on the process page:

echo $_POST[‘productid’];
echo $_POST[‘quantity’];

5

anyone know why this isn’t working for me (the productid and quantity aren’t being posted out in the process.php page)

thanks for any help with this.