separate string from input selected value

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP



separate string from input selected value



I have two separate string value from the selected dropdown value.
Like


<label>Book ID</label><span class="required">*</span>
<select class="js-example-basic-single form-control" name="sel_Book">
@foreach ($books as $data)
<option value=" $data->BookID - $data->BookUnitPrice "> $data->BookName --- $data->BookUnitPrice </option>
@endforeach
</select>



So in the controller, the value is retrieved as BookID-BookUnitPrice eg Eng11-500" from sel_Bookdropdown. So I have to separate this value and set
Book = Eng11andUnitPrice = 500`. How can I do it?


BookID-BookUnitPrice


Eng11-500


sel_Bookdropdown. So I have to separate this value and set


and



code block


$booksout -> Distributor = $request->input('sel_Distributor');
$booksout -> Book = $request->input('sel_Book');
return response()->json($request);
$booksout -> UnitPrice =
$booksout -> Quantity = $request->input('DistQuantity');





So if I post Eng11-0 I can get a book for free?
– apokryfos
Aug 8 at 8:39


Eng11-0





@apokryfos No how can I prevent it
– nischalinn
Aug 8 at 8:40





As an answer has already pointed out, the price is in your database so you can look it up based on the ID only so you don't really need to post the price.
– apokryfos
Aug 8 at 8:43




4 Answers
4



This is why you use ID's.



format your selects like:


<option value=" $data->BookID ">
$data->BookName --- $data->BookUnitPrice
</option>



Then in your controller when you fetch them:



The below code assumes the booksout model has all string/numeric fields:


$book_id = $request->input('sel_Book');
$book = Book::find($book_id);
if($book)
$booksout->Distributor = $book->Distributor->Name;
$booksout->book = $book->BookName ;
$booksout->UnitPrice = $book->BookUnitPrice
$booksout->Quantity = $request->input('DistQuantity');



This way you can work with the complete book object, without having to worry that a user faked the data that's sent to your server. If you would depend on the price from the post/get request, I could buy your books for 0 by spoofing the price.



Never trust user data. Always try to gather as much as input as possible from your own trusted sources of data, where users can only supply product id and quantity.



Another note, consider working in camelCase instead of StudlyCase. so instead of $book->BookUnitPrice use $book->bookUnitPrice StudlyCase is usually interpreted for classnames by most programmers.


$book->BookUnitPrice


$book->bookUnitPrice





thanks for the reply. How can I set the value now for BookUnitPrice?
– nischalinn
Aug 8 at 8:46


BookUnitPrice





@nischalinn I added some example code, without knowing your exact model layout this is my best guess.
– Tschallacka
Aug 8 at 9:29





@Tshallacka Thanks for the reply and your valuable suggestions. Thank You!!!
– nischalinn
Aug 8 at 9:31



simply send it as json payload


<option value="
json_encode([
'book'=>$data->BookID,
'unitPrice' => $data->BookUnitPrice
]">
$data->BookName --- $data->BookUnitPrice </option>



so when you get it in the backend you do json_decode($request->input('sel_Book')) which will output :


json_decode($request->input('sel_Book'))


[
book=> someid,
unitPrice => someprice
]



There are two ways to achieve this:



If you are using ajax for posting the data to server, in that case use 2 data-attribute and pass different value in it and you can easily get these values by using .attr() or data().


data-attribute


.attr()


data()



If you are using form submit, in that case separate the value by using a unique separator like : or ^ and on the server side split the value and get the two individual components.


:


^



Better way is to use assign Book id to value.But if you are not able to use that you can use explode function to split values you received in the controller.


$array = explode("-",$request->input('sel_Book'));
$book_id = $array[0];
$price = $array[1];






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

Popular posts from this blog

Firebase Auth - with Email and Password - Check user already registered

Dynamically update html content plain JS

Creating a leaderboard in HTML/JS