Echo within an echo

So I’m trying to find out the most effective way to write my website project and am failing pretty miserably with one part. I would like to somehow echo a variable within my echo statement. This is what I have right now:

  <header>
  <?php
  require_once 'header.php';
  $sql = "SELECT * FROM campsites";
  $result = mysqli_query($conn, $sql);
	$row = mysqli_fetch_assoc($result);
  $siteid = $row['site_id'];
  $length = $row['length'];
  $width = $row['width'];
  $fire= $row['fire'];
  $water = $row['water'];
  $shelter = $row['shelter'];
   ?>
</header>
   <?php
  if (isset($_SESSION["u_uid"])) {
  echo'
  <!--Modal1-->
  <form action ="includes/reserve.inc.php" method="POST">
  <div id="openModal1" class="modalDialog">
  <div>
      <a href="#close" title="Close" class="close">X</a>
      <h2>Reserve this Campsite!</h2>
      <fieldset>
      <li><label for="name">Username: </label><input type="text" name="username" id="name"  placeholder="Logged In!" disabled></li>
      <li><label for="fire">Fire Pit: </label> ---- this is where I want the $fire variable to be ---- </li>
      <li><label for="fire">Overhead Shelter: </label> ---- this is where I want the $shelter variable to be ---- </li>
      <li><label for="fire">Sewage Hookup: </label> ---- this is where I want the $water variable to be ---- </li>
      <li><label for="start">Start Date: </label><input id="startdate1" /></li>
      <li><label for="end">End Date: </label><input id="enddate1" /></li>
      <li><button type="submit" class="button_2" name="submit">Reserve</button></li>
  </div>
  </form>
  </div>

My fire/water/shelter variables are all boolean. What I would like to put inside my < li > for each variable is something along the lines of : echo “if ($fire = 1) {echo “Yes”;} else {echo “No”;}” but I have no idea how to do this effectively. Does anybody here have any ideas?

You could use a ternary…

echo $fire ? "Yes" : "No";

or it may need isolation,

echo ($fire ?  "Yes" : "No");

or write the if outside of quotes…

if ($fire) { echo "Yes"; } else { echo "No"; }
3 Likes

I tried all of these and unfortunately, all it did was echo the ternary. I really do appreciate the thought though!

1 Like
$fire = true;
echo $fire ? "Yes\n" : "No\n";
$fire = false;
echo $fire ? "Yes\n" : "No\n";

$fire = true;
if ($fire) { echo "Yes\n"; } else { echo "No\n"; }
$fire = false;
if ($fire) { echo "Yes\n"; } else { echo "No\n"; }
Yes
No
Yes
No

Couple things: There is no closing quote on the first echo, and no endtag for the php. Also no endtag for the fieldset. Do the controls really need to be wrapped in LI?

Not sure about your labels. You are trying to pair up three different labels with the same input control, meaning it will likely be only the last one that actually pairs up.

Any particular reason that the submit button cannot just be an input control, type=“submit”?

What about something along these lines?

<?php
  if (isset($_SESSION["u_uid"])) {
 ?>
<form ...>

</form>
<?php } ?>

Then you can just insert the PHP variables where you want them, but wrapped in ? tags.

As for an echo in an echo, I’m not sure it can even be done. The command takes a value or expression, not another command.

2 Likes

So I just wanted to say that I really appreciate your help and I’m sorry that I only have the barest hint of what I’m talking about. I’ve literally never touched front-end languages before this semester, so I’m struggling with how to code this appropriately.

My idea is to force the user to log in before reserving a campsite. I felt that giving the user a second place to signup would create some redundancy issues and I wanted to nip those in the bud (no idea if I’m right or not). My other thought was to create a pop-up window that opens when the user clicks the “reserve” button in the modal, but I’m really not sure how to do that effectively. I’m going to show the code for one modal and the rest of the webpage below.

Also, I wanted to say that I did not effectively relate my response to your previous help. The code definitely did work outside the echo, but not within it. I gave you a vague response about it not working because I was so focused on my problem.

  <body>
 <header>
  <?php
  require_once 'header.php';
  $sql = "SELECT * FROM campsites";
  $result = mysqli_query($conn, $sql);
 	$row = mysqli_fetch_assoc($result);
  $siteid = $row['site_id'];
  $length = $row['length'];
  $width = $row['width'];
  $fire= $row['fire'];
  $water = $row['water'];
  $shelter = $row['shelter'];
    ?>
</header>
<body>
<div class="container">
<h2>At Whispering Winds Park, we take pride in the diverse landscapes offered for our visitors to experience.</h2>
   <h2>Please click an image below to determine if your prefered campsite is available.</h2>
   <?php
 if (isset($_SESSION["u_uid"])) {
 echo'';} else {
   echo'<h2 style="color:red; font-weight: bold;">Must be Logged In to Reserve a Campsite!</h2>';}
  ?>
 <!-- Trigger/Open The Modal attached to each image-->
  <!--Modal1-->
  <a href="#openModal1">
    <img src='./images/campsite1.jpg' style="width:300px;height:300px;border:0;">
  </a>
  <!--Reserving sites while logged in
		Logged out is further below-->
    <?php
  if (isset($_SESSION["u_uid"])) {
  echo'
  <!--Modal1-->
  <form action ="includes/reserve.inc.php" method="POST">
  <div id="openModal1" class="modalDialog">
  <div>
      <a href="#close" title="Close" class="close">X</a>
      <h2>Reserve this Campsite!</h2>
      <fieldset>
      <li><label for="name">Username: </label><input type="text" name="username" id="name" required autofocus placeholder="Logged In!" disabled></li>
      <li><label for="fire">Fire Pit: </label><p> </p></li>
      <li><label for="fire">Overhead Shelter: </label><p> </p></li>
      <li><label for="fire">Sewage: </label><p></p></li>
      <li><label for="start">Start Date: </label><input id="startdate1" /></li>
      <li><label for="end">End Date: </label><input id="enddate1" /></li>
      <li><button type="submit" class="button_2" name="submit">Reserve</button></li>
  </div>
  </form>
  </div>
  ';}
// SEPARATING LOGGED IN VS LOGGED OUT
// BELOW THIS IS DATA THAT DISPLAYS WHEN LOGGED OUT
 else {
  echo '
  <!--Modal1-->
  <form action ="" method="GET">
  <div id="openModal1" class="modalDialog">
  <div>
      <a href="#close" title="Close" class="close">X</a>
      <h2>Reserve this Campsite!</h2>
      <fieldset>
      <li><a href="signup.php"><button type="submit" class="button_camp">SIGN UP</button></a></li>
  </div>
  </form></a>
  </div>
';}
?>
</div>

Still going through your last reply, but I do have one question. Is it necessary for users to log in? Could they not just give a name to reserve an available campsite and the system would mark that site as taken?

On a more technical note, if as you describe are “new to frontend” then it would be fair to assume that the backend is even more foreign. PHP does not run on the frontend (the client side) but on the server side, in response to a request made of the server.

  1. URL is followed that may contain a query string (that’s what ISSET is about.
  2. The requested resource contains PHP code which the server knows to parse owing to the extension, .php.
  3. The response document is plain text HTML containing the results of PHP run within the document.

I think you get this, so don’t mind that I’m being pedantic. Just want to square away our base understanding.

Web forms require a handler on the server to parse the POST data and distribute it to the database(s) as apply. When a form is sumbitted, a response document is generated on the server that requests the new table row from the database and inserts it into a template file which becomes the response sent to the client.

The trouble with web forms is that it exposes our server to injected code that may try to take over the server. This is a very seriuos concern, and one that should not be in the hands of a newbie. In this area you need expert advice and assistance to protect yourself from hackers.

The form handler will need to strip POST data of code, the most typical way being to convert everything to plain text so none of it is executable, and remove obvious code patterns from the data. Not something for us amateurs to be dealing with, certainly. I make it sound more complicated that it probably is, but with good reason. Simple or not, we aren’t up to the task (you and I).

I could keep harping but it won’t make the point any more clear. Something else (more practical) jumps out of your code…

reserve.php should be in a less private folder…

example.com/sites/reserve.php

That PHP document will contain a require_once directive that loads a template or some other script from includes which folder should be private and denied access to from the web.

<?php require_once "/includes/reserve.inc"; ?>
2 Likes

It’s necessary to have the login system, yes. One of the requirements of the project was to have this feature to be supported for users

Everything that you’ve said there makes perfect sense. I just thought about php as a front end language because I’ve been learning it alongside html and css, while assuming that sql was my backend language.

You’re right that I should be doing a bit more with my security, but I’m taking it for granted that this website will never venture outside of a localhost and making security decisions around that.

The document that you’ve highlighted is where I’d like to move my php variables after I’ve figured out my final layout. The page that I’ve provided code to is reserve.php and then will reference my reserve.inc.php to make sure that the reservation can be filled by date. So really everything in my header outside of
require_once ‘header.php’;
will be on that other page.

Does this make sense to do? Or am I misunderstanding what you’re meaning?

If you are in a sandbox, then now is the perfect time to investigate and iron out string encoding of GET/POST data. As well, how to strip code. It is fundamental, and should not be ignored at this time.

I get that you may be facing a deadline, so yes, write on the assumption that all the ducks are in a row as your POST data is concerned. You can actually fine tune the form to limit data to arbitrary values and validate on the client side typical concerns such as phone numbers and email addressess.

For now, assuming your database is also in the sandbox, it won’t hurt to just deal with practical concerns. Just don’t sideline the concerns mentioned above, and when you have time, get into the more technical concerns, especially before you ever mount a live site with this functionality.

Still reading your earlier reply so bear with me. I hope you are pushing forward and making ground. Perhaps it may turn out I’m no help at all, but so be it.

1 Like

In your test code, exclude all the SQL and write an array or associative array filled with dummy data. Use that to perfect your code. When all is working as expected with test data generated in the document, transfer the data to the database and expect exactly the same results.

We can simulate a database with CSV data in an external file.

"column 1", "column 2", "column 3"
"data 1", "data 2", "data 3"
"data 1", "data 2", "data 3"
"data 1", "data 2", "data 3"
"data 1", "data 2", "data 3"

It doesn’t exist any more but I once had a site that was 100% based on CSV and TXT files along with templates and library scripts. No SQL database needed. In ten years running it never got hacked.

2 Likes

Oh my gosh, that’s a great idea. I got so focused on trying to include more sql that I didn’t even think about using an array.

Again, you’re 100% correct on best practices. I feel like this project forced me to run before I could crawl, so I ended up bypassing some of the stepping stones and jumping straight into things with very few reference points. I hope to have the time to go back later and do a slightly more systematic learning of the basics here after the project has been completed.

Thanks again for all your time and diligence! You’ve been quite helpful!

2 Likes

It’s going to have to happen before this project is completed, to some degree. As it stands I can only imagine the code above to respond with a white screen. PHP has zero tolerance for errors and simply returns a 500 response code.

<?php
  if (isset($_SESSION["u_uid"])) {
 ?>

<form ...>

</form>

<?php 
 } else {
 ?>

<form ...>

</form>

<?php
 }
 ?>

Notice how the HTML is NOT wrapped by PHP, but only enclosed in conditional blocks? Only the fragment that is branched will render in the generated response.

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.