Select List Selected via URL?

By Rusty - December 17, 2010 - edited: December 17, 2010

I put this in here, because it's something that I'm tinkering around with that's part of the Signup / Profile bits of the Membership Plugin.

I am curious if it is possible by including bits into the URL, to automatically Select an Option from a list.

I realize that the Signup and Profile pages use POST, not GET, so that's kinda out the window.

I want to take a select list (prefreably a multi-select), created in the CMS, and then by passing a URL string through/to it, auto-magically have certain options selected.

I need to figure out a way to remove the capability of the user (who is signing up) from the form, and hopefully pass the pre-selected options on to the form. This way they'll be sent to the form, and Options will be pre-selected, but they won't be able to change those options (unless they get really good at guessing the URL bits).

My first thought was perhaps to create a Multi-List section exclusively for the options that I wish pre-selected.

Then in the User Accounts section have the Options populate from the Multi-List Section editor. Then maybe try to use URL querying to select the options I want... but I'm still not sure how to keep the options selected when we POST the form.... >.< I'm confused. [crazy]

I'm trying to figure out a way to have certain options dynamically pre-selected with out resorting to statically coding the Options list and having certain ones have selected="selected" ya know? That's the whole point of it all, being able to be dynamic.
Rusty

Re: [Rusty] Select List Selected via URL?

By Chris - December 17, 2010

Hi Rusty,

It's difficult for me to come up with an example without a concrete use case, but here are my thoughts:

The simplest solution would be to pass through your query string with a hidden field, like this:

<input type="hidden" name="secret" value="<?php echo htmlspecialchars(@$_REQUEST['secret']); ?>"/>

I would use this approach and output a list field separately (with disabled="disabled".)

Of course, it's still possible to alter hidden fields, so the next step in securing things would be to only accept certain values before saving; next, you could encode (or encrypt) the value so that it would be difficult for people to guess other valid values.

Does that help? Please let me know if you have any questions.
All the best,
Chris

Re: [chris] Select List Selected via URL?

By Rusty - December 17, 2010

Yeah it helps a bit, let me explain a bit further perhaps it will help.

I want to take a list which in regular HTML would look like this:
<form id="frmPreselect" name="frmPreselect">

<select id="States" name="States">
<option value="Ohio">Ohio</option>
<option value="Washington">Washington</option>
<option value="Idaho" selected="selected">Idaho</option>
<option value="Udaho">Udaho</option>
</select>

</form>



Now I'm using the following PHP code to pull up the entire list from the CMS Builder (where I use a regular select list, with options that I manually populated)
<?php $fieldname = 'state'; ?>
<?php $idCounter = 0; ?>
<select name="<?php echo $fieldname ?>">
<?php foreach (getListOptions('accounts', $fieldname) as $value => $label): ?>
<?php $id = "$fieldname." . ++$idCounter; ?>
<option id="<?php echo $id ?>"
value="<?php echo htmlspecialchars($value) ?>" <?php checkedIf(@$_REQUEST[$fieldname], $value) ?> />
<?php echo htmlspecialchars($value) ?>
</option>
<?php endforeach?>
</select>


Now... My goal is to figure out a way to dynamically...

a) Make a particular State Selected via a URL or some method other than hard coding it (and bypassing the select list altogether)

b) I don't want the user to be able to change the options, Adminator yes, User... no.

For now I'm making multiple versions of the signup form... eliminating the PHP populated Option Select list, and then hard coding the option in the PHP Code in the header via this.

mysql_query("INSERT INTO `{$TABLE_PREFIX}accounts` SET
state = '".mysql_escape("Idaho")."',



PS.

How can I get a cool user icon/picture/avatar under my name. Didn't see the functionality for that in the "Edit Profile" section of the Forums.

PPS.
Thanks for the awesome support you, & Jason always provide. You're my nerd-core-coding heroes! (And I mean that as a good thing).[cool]
Rusty