Parameter from query not being passed into the url - php

I have this button which takes the first parameter of a row into a table and sends it through the url to another page.
Here's the code:
<?php foreach ($result as $row) { ?>
<tr>
<td><a value="edit" href="Page1.php?Field1=<?php echo $row['Field1'];?>">Add</a></td>
<td><?php echo escape($row["Field1"]); ?></td>
<td><?php echo escape($row["Field2"]); ?></td>
<td><?php echo escape($row["Field3"]); ?></td>
<td><?php echo escape($row["Field4"]); ?></td>
</tr>
<?php } ?>
I have this code in another page, written out the same and it works perfectly, so I'm wondering what the issue here could be.
The first field I have in my table is the one I want to send through the url. It's already showing in my table so the data is existing, everything works fine.
The url ends like this: Page1.php? and it's a blank page.
If I manually put the first field of the table into the url the page shows up with the data I want.
Here's the code of the page that sends Field1:
<html>
<head>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="stylesheet" type="text/css" href="../../style.css">
<link rel="icon" type="image/png" href="../../favicon/elenco.png" sizes="32x32">
<script src="../../highlight.js"></script>
</head>
<?php
try {
require "../../../security/config.php";
require "../../../security/common.php";
$connection = new PDO($dsn, $username, $password, $options);
$sql = "SELECT [...]
FROM [...]
ORDER BY [...]";
$statement = $connection->prepare($sql);
$statement->execute();
$result = $statement->fetchAll();
} catch(PDOException $error) {
echo $sql . "<br>" . $error->getMessage();
}
?>
<body>
<?php
if ($result && $statement->rowCount() > 0) { ?>
<header class="w3-container w3-center w3-padding-12">
<h1>List</h1>
</header>
<h1><br></h1>
<a href="home.php" align='center'>Return Home.</a>
<h1><br></h1>
<table id="display-table" class="my_table" border='1' align='center'>
<thead>
<tr>
<th></th>
<th>Field 1</th>
<th>Field 2</th>
<th>Field 3</th>
<th>Field 4</th>
</tr>
</thead>
<tbody>
<?php foreach ($result as $row) { ?>
<tr>
<td>Add</td>
<td><?php echo escape($row["Field1"]); ?></td>
<td><?php echo escape($row["Field2"]); ?></td>
<td><?php echo escape($row["Field3"]); ?></td>
<td><?php echo escape($row["Field4"]); ?></td>
</tr>
<?php } ?>
</tbody>
</table>
<?php } else { ?>
<div class = "container">
<div class = "center">
<p><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br></p>
</div>
<?php } ?>
<br>
</div>
</body>
</body>
</html>
https://imgur.com/a/gDydUI5
The first column with 'Aggiungi' is the add button in the code, it sends the data of the row to the other page and fills the form with it. I can't make you see the other page as it's blank, but it's just a form that sends data through email.
Here's the code of the other page:
<html>
<head>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" type="text/css" href="../../style.css">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="icon" type="image/png" href="../../favicon/elenco.png" sizes="32x32">
</head>
<?php
try {
require "../../../security/config.php";
require "../../../security/common.php";
$connection = new PDO($dsn, $username, $password, $options);
$name = $_GET['Field1'];
$sql = "SELECT [...]
FROM [...]
WHERE [...];
$statement = $connection->prepare($sql);
$statement->bindParam(':name', $name, PDO::PARAM_STR);
$statement->execute();
$result = $statement->fetchAll();
} catch(PDOException $error) {
echo $sql . "<br>" . $error->getMessage();
}
?>
<body>
<?php
if ($result && $statement->rowCount() > 0) { ?>
<body class="w3-light-grey">
<header class="w3-container w3-center w3-padding-12">
<h1>Add</h1>
</header>
<p><br></p>
<a href="home.php" align='center'>Return Home</a>
<div class = "container8">
<div class = "center">
<form name="Form1" method="post" action="">
<?php foreach ($result as $row) { ?>
<label for="Field1">Field 1</label>
<input type="text" id="Field1" name="Field1" value="<?php echo escape($row["Field1"]); ?>">
<label for="Field2">Field 2</label>
<select id="Field2" name="Field2" >
<option value="Field11">Field11</option>
<option value="Field12">Field12</option>
<option value="Field13">Field13</option>
<option value="Field14">Field14</option>
</select>
<label for="Field3">Field 3</label>
<input type="text" name="Field3" id="Field3" value="<?php echo escape($row["Field3"]); ?>">
<label for="Field4">Field 4</label>
<input type="text" name="Field4" id="Field4">
<label for="Field5">Field 5</label>
<input type="text" name="Field5" id="Field5" value="<?php echo escape($row["Field5"]); ?>">
<label for="Field6">Field 6</label>
<input type="text" name="Field6" id="Field6" value="<?php echo escape($row["Field6"]); ?>">
<label for="Field7">Field 7</label>
<input type="date" name="Field7" id="Field7" value="<?php echo escape($row["Field7"]); ?>">
<label for="Field8">Field 8</label>
<input type="date" id="Field8" name="Field8">
<label for="Field9">Field 9</label>
<input type="text" name="Field9" id="Field9">
<br><br>
<input type="submit" name="submit" value="Submit" onclick="return OnButton1();">
<input type="submit" name="send" value="Appointment" onclick="return OnButton2();">
<br><br>
</form>
<?php } ?>
</div>
</div>
<?php } else { ?>
<div class = "container">
<div class = "center">
<p><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br></p>
</div>
<?php } ?>
<br>
</div>
</body>
</body>
</html>
<script language="Javascript">
<!--
function OnButton1()
{
document.Form1.action = "add.php"
document.Form1.submit(); // Submit the page
return true;
}
function OnButton2()
{
document.Form1.action = "contact/index.php"
document.Form1.submit(); // Submit the page
return true;
}
-->
</script>
This is the source code given by the browser:
<html>
<head>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" type="text/css" href="../../style.css">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="icon" type="image/png" href="../../favicon/elenco.png" sizes="32x32">
</head>
<body>
<div class = "container">
<div class = "center">
<p><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br></p>
</div>
<br>
</div>
</body>
</body>
</html>
<script language="Javascript">
<!--
function OnButton1()
{
document.Form1.action = "aggiungi.php"
document.Form1.submit(); // Submit the page
return true;
}
function OnButton2()
{
document.Form1.action = "contact/index.php"
document.Form1.submit(); // Submit the page
return true;
}
-->
</script>
The whole method I'm using worked using another table.


i have checked out your code, you need to check your SQL Query and SQL result
and specifically check $row["Field1"] that contain any value or not.
how you can perform the check ?
just simply echo $row["Field1"];
if the output would be blank that means it doesn't contain any value
another method is using var_dump($row["Field1"]);
it will give you some detailed information
How did i figured out ? and you can also give it a try
just set the $row["Field1"] = 1; explicitly
and the try to run your code again, if that worked this time , then there is something error with SQL side

Related

PHP: A HTML hidden input value generates an error upon querying mysql

I'm working on a webpage where I allow users to edit their car information. In the mainlining, there is an edit button (input - type text with a hidden key value) where it takes the user to this "edit car info" page. Initially, once the page is opened for the first time, this hidden value is used to query the database, retrieve original information and and set them as placeholders for the field. The user can write information in the input field then press the "submit edit" button which then updates the row in the database table. However, I get an error that the name of the hidden value is undefined. I don't understand how it can be undefined for the update query when it was working just fine for the select query. Can anyone shed a light on this? What should I do? This is a picture of the errors:
This is the mainlanding code: (hidden value is set here)
<?php
$mysqli= new mysqli("localhost", "root","","Car_registration");
if(empty($_SESSION)) // if the session not yet started
session_start();
if(isset($_SESSION['username'])) { // if user already logged in
header("location: mainlanding_user.php"); //send to homepage
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<title> Car Registration: User's Mainlanding </title>
<link href="css/style3.css" rel="stylesheet">
</head>
<body>
<header>
<h1>Account Information</h1>
<img id="img1" src= "image/car.jpg" alt ="car image">
</header>
<nav id='nav'>
<form action="logout.php">
<input type="submit" value=" Logout " id="button">
</form>
</nav>
<h2>Profile </h2>
<div class='container1'>
<?php
$username="root";
$password="";
$database="Car_registration";
$mysqli= new mysqli("localhost",$username,$password,$database);
$query= "select * from driver where username='".$_SESSION['logged_username']."'";
$result = $mysqli->query($query);
while( $row = $result->fetch_assoc() ){
echo "<div id='container'>" ;
echo "<dl> <dt>First Name</dt> <dd>".$row['Fname'];
echo "</dd> <br> <dt>Last name</dt><dd>".$row['Lname'];
echo "</dd> <br> <dt>License Number</dt><dd>".$row['license_no'];
echo "</dd> <br> <dt>Age</dt><dd>".$row['Age'];
echo "</dd> <br> <dt>Birthday</dt><dd>".$row['bdate'];
echo "</dd> <br> <dt>City</dt><dd>".$row['City'];
echo "</dd></dl>";
echo "</div>";
$license_no = $row['license_no']; //used for finding cars
}
?>
<div class="align-me">
<div class="form-wrapper" action="search_plate_no.php">
<form class="center">
<input class="input-fields" name="search" type="text" placeholder="Search a plate number">
<input class="input-fields submit" name="find" type="submit" value="Search">
</form>
</div>
</div>
<h3> Registered Cars </h3>
<div class='container2'>
<?php
$username="root";
$password="";
$database="Car_registration";
$mysqli= new mysqli("localhost",$username,$password,$database);
$query= "select * from cars where license_no='".$license_no."'";
$result = $mysqli->query($query);
echo "<table border=1>
<tr>
<th>Plate No.</th>
<th>License No.</th>
<th>Car Type</th>
<th>Fines</th>
<th>City</th>
<th>Edit</th>
<th>Delete</th>
</tr>";
while ($temp = $result->fetch_assoc()){
?>
<tr>
<td><?php echo $temp['Plate_no']; ?></td>
<td><?php echo $temp['license_no']; ?></td>
<td><?php echo $temp['Car_type']; ?></td>
<td><?php echo $temp['Fines']; ?></td>
<td><?php echo $temp['city']; ?></td>
<td>
<form action = "edit_car.php" method="post">
<input type="hidden" name="id" value="<?php echo $temp['Plate_no']; ?>">
<input type="submit" name="edit" value="Edit">
</form>
</td>
<td>
<form action = "delete_car.php" method="post">
<input type="hidden" name="id" value="<?php echo $temp['Plate_no']; ?>">
<input type="submit" name="delete" value="Delete">
</form>
</td>
</tr>
<?php
}
?>
</table>
</div>
<form action="register_car.php">
<input type="submit" value=" Register Car " id="button2">
</form>
<footer>
<h4> All rights belong to Car Registration Inc. </h4>
<img id="img3" src= "image/license.png" alt ="license plates image">
</footer>
</body>
</html>
Edit car page: (Error is generated here)
<!DOCTYPE html>
<html>
<head>
<title> Edit Car Information Page </title>
<link href="css/style2.css" rel="stylesheet">
</head>
<body>
<div class="container">
<header>
<h1>Edit Car Information </h1>
<img id="img1" src= "image/register.png" alt ="Registration image">
</header>
<?php
$username="root";
$password="";
$database="Car_registration";
$mysqli= new mysqli("localhost",$username,$password,$database);
$plate_no= $_POST["id"]; //This line causes an error
$_SESSION['plateNo'] = $plate_no;
$query= "select * from cars where Plate_no='".$plate_no."'";
$result = $mysqli->query($query);
while( $row = $result->fetch_assoc()){
$plate_no = $row['Plate_no'];
$car_type = $row['Car_type'];
}
?>
<main>
<h2> You can only edit the following information: </h2>
<form action="" method="post">
<label for="car_type_input">Car Type:</label>
<input type="text" placeholder="<?php echo $car_type?>" id="car_type_input" name="car_type_input"><br><br>
<div class="vertical-center">
<input type="submit" value=" Submit Edit " name="button1" id="button1">
</div>
</form>
<?php
$username="root";
$password="";
$database="Car_registration";
$mysqli= new mysqli("localhost",$username,$password,$database);
if( isset($_POST['button1']) ){ //If user changed field, take value. If not, keep old value.
if( !empty($_POST['car_type_input']) ){ //If there is user input
$car_type_2 = $_POST['car_type_input'];
$query= "update cars set Car_type='".$car_type_2."' WHERE Plate_no='".$_SESSION['plateNo']."'";
}
if ($mysqli->query($query))
echo "Fields updated successfuly!";
else
echo "Update Fields Failed!";
}
?>
</main>
<footer>
<h3> All rights belong to Car Registration Inc. </h3>
<img id="img3" src= "image/license.png" alt ="license plates image">
</footer>
</div>
</body>
</html>

Use $plate_no= $_POST['id']; instead of $plate_no= $_POST["id"];

Here why you close the while loop ??
while ($temp = $result->fetch_assoc()){
?>
and here too
<?php
}
Try this:
print"<h3> Registered Cars </h3>
<div class='container2'>";
$username="root";
$password="";
$database="Car_registration";
$mysqli= new mysqli("localhost",$username,$password,$database);
$query= "select * from cars where license_no='".$license_no."'";
$result = $mysqli->query($query);
echo "<table border=1>
<tr>
<th>Plate No.</th>
<th>License No.</th>
<th>Car Type</th>
<th>Fines</th>
<th>City</th>
<th>Edit</th>
<th>Delete</th>
</tr>";
while ($temp = $result->fetch_assoc())
{
print"
<tr>
<td><?php echo $temp['Plate_no']; ?></td>
<td><?php echo $temp['license_no']; ?></td>
<td><?php echo $temp['Car_type']; ?></td>
<td><?php echo $temp['Fines']; ?></td>
<td><?php echo $temp['city']; ?></td>
<td>
<form action = "edit_car.php" method="post">
<input type="hidden" name="id" value="<?php echo $temp['Plate_no']; ?>">
<input type="submit" name="edit" value="Edit">
</form>
</td>
<td>
<form action = "delete_car.php" method="post">
<input type="hidden" name="id" value="<?php echo $temp['Plate_no']; ?>">
<input type="submit" name="delete" value="Delete">
</form>
</td>
</tr> ";
}
print"</table>
</div>";

you are not sending id that's because error appears use this code to check if id exists first:
$plate_no='';
$car_type = '';
if(isset($_POST["id"])){
$plate_no= $_POST["id"]; //This line causes an error
$_SESSION['plateNo'] = $plate_no;
$query= "select * from cars where Plate_no='".$plate_no."'";
$result = $mysqli->query($query);
while( $row = $result->fetch_assoc()){
$plate_no = $row['Plate_no'];
$car_type = $row['Car_type'];
}
}

PHP PDO - I can't update the variables

I am trying to do a admin panel. I used PDO for database connect. In panel, i want to update site title, site url etc. But i have a problem. I am sure that i did all true.
I need your help.
This is admin panel code :
<?php
include 'config.php';
$ayarsor=$db->prepare("select * from ayar1 where ayar_id=?");
$ayarsor->execute(array(0));
$ayarcek=$ayarsor->fetch(PDO::FETCH_ASSOC);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css" />
<title></title>
</head>
<body>
<div class="ust">
<h1><center>panel</center></h1>
</div>
<div class="container">
<h2>Send something</h2>
<p> ADMİN PANELİ</p>
</div>
<div class="orta">
<table>
<form action="islem.php" method="POST">
<tr>
<td><label>Site başlığı</label></td>
<td><input type="text" name="ayar_title" /></td>
</tr>
<tr>
<td><label>Duyuru</label></td>
<td><input type="text" name="ayar_duyuru" value="<?php echo $ayarcek['ayar_duyuru']; ?>" /></td>
</tr>
<tr>
<td><label>Düşman</label></td>
<td><input type="text" name="ayar_dusman" /></td>
</tr>
<tr>
<td></td>
<td><button name="genelayarkaydet">Güncelle</button></td>
</tr>
</form>
</table>``
</div>
This is islem.php :
<?php
ob_start();
include 'config.php';
if(isset($_POST['genelayarkaydet'])) {
$ayarkaydet=$db->prepare("UPDATE ayar1 set
ayar_title=sitetitle,
ayar_duyuru=duyuru,
ayar_dusman=dusman
WHERE ayar_id=0");
$update=$ayarkaydet->execute(array(
'sitetitle' => $_POST['ayar_title'],
'duyuru' => $_POST['ayar_duyuru'],
'dusman' => $_POST['ayar_dusman']
));
if($update) {
echo "Degistirildi!!!!!!";
}
else {
echo "olmadı la";
}
}
?>

You need to bind the variables for the database query.
$ayarkaydet = $db->prepare("UPDATE ayar1 set ayar_title = :sitetitle,
ayar_duyuru = :duyuru,
ayar_dusman = :dusman
WHERE ayar_id = 0");
$update = $ayarkaydet->execute(array(
'sitetitle' => $_POST['ayar_title'],
'duyuru' => $_POST['ayar_duyuru'],
'dusman' => $_POST['ayar_dusman']
));

Why are the wrong values being passed when button is clicked

Ok, I am trying to get content from a SQL database to populate fields when a button is pushed. The problem is that no matter which button is pushed, it always sends the values of the last row to php. I am a php/mySQL noob. I apologize if this has been asked/answered before, I have been searching the site for hours and not come across anything that has helped me figure it out.
Index page image and Code:
<?php
require_once('database.php');
$query = 'SELECT * FROM omniarticles
ORDER BY recid';
$statement1 = $db->prepare($query);
$statement1->execute();
$article = $statement1->fetchAll();
$statement1->closeCursor();
?>
<!DOCTYPE HTML>
<html>
<head>
<title>AMS</title>
<link rel="stylesheet" type="text/css" href="basic.css">
</head>
<body>
<h3>Article List</h3>
<table>
<tr>
<th>Publication Date</th>
<th>Title</th>
<th>Action</th>
</tr>
<?php foreach ($article as $articles) : ?>
<tr>
<td><?php echo $articles['publicationDate']; ?></td>
<td><?php echo $articles['title']; ?></td>
<td><form action="view.php" method="post">
<input type="hidden" name="recid"
value="<?php echo $articles['recid'];?>">
<input type="submit" value="View">
<input type="submit" value="Edit">
</td>
</tr>
<?php endforeach; ?>
</table>
</body>
</html>
view.php code:
<?php
$recid = filter_input(INPUT_POST, 'recid');
require_once('database.php');
$q = 'SELECT * FROM omniarticles
WHERE recid = :recid';
$s = $db->prepare($q);
$s->bindValue(':recid', $recid);
$s->execute();
$title = $s->fetch();
$s->closeCursor();
?>
<!DOCTYPE HTML>
<html>
<head>
<title>AMS</title>
<link rel="stylesheet" type="text/css" href="Module5Lab.css">
</head>
<body>
<label>Article Title</label>
<input type="text" name="article_title" value="<?php echo $title['recid']; ?>"/>
<br/>
<br/>
<label>Article Summary</label>
<textarea rows="4" cols="50"></textarea>
<br/>
<label>Article Content</label>
<textarea rows="20" cols="50"><?php echo $title['content']; ?></textarea>
<br/>
<label>Publication Date</label>
<input type="text" name="publication_date"/>
<br/>
</body>
</html>
The result I am getting is always for the last record, no matter which button I push.

The problem is almost certainly with the line:
$recid = filter_input(INPUT_POST, 'recid');
I'd recommend doing var_dump($_POST) and seeing what's in the post data.

checkbox value inserted in mysql

I'm struggling now for a few days to get the value of a checkbox in my code.
Basically I have an admin-page where the customer can select and deselect images that will put online.
You can select and deselect images that will be shown on the homepage, and separate on the gallery-page. Both checked is also possible.
I have another checkbox that can be selected to remove the image from the list(image_deleted).
There is still a database entry and the images are still on file-system but later on I'll create a cleanup-job.
Here is my code:
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
ob_start();
require('../../lib/dbconnection.php');
require("../../lib/checklogin.php");
require("includes/upload.inc.php");
$query = 'SELECT * FROM gallery where image_deleted != 1 order by id desc';
$result=$conn->query($query);
$count=$result->num_rows;
?>
<!DOCTYPE html>
<html>
<head>
<title>Classic Nails - CMS</title>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="description" content="ClassicNails">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="../css/screen.css">
<link rel="stylesheet" href="../css/libs/magnific-popup.css">
<script src="../js/libs/min/jquery-min.js" type="text/javascript"></script>
<script src="../js/min/custom-min.js" type="text/javascript"></script>
<script src="js/jquery.magnific-popup.js"></script>
<script>
$(document).ready(function() {
$('.image-link').magnificPopup({
type:'image',
gallery:{
enabled:true
}
});
});
</script>
</head>
<body>
<?php include('includes/header.inc.php'); ?>
<?php include('includes/nav.inc.php'); ?>
<div class="wrapper">
<article class="content">
<h1>Foto gallery</h1>
<?php
if (isset($uploadResult)) {
echo "<p><strong>$uploadResult</strong></p>";
}
?>
<form action="" method="post" enctype="multipart/form-data" name="uploadImage" id="uploadImage">
<p>
<label for="image">Upload image:</label>
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo MAX_FILE_SIZE; ?>" />
<input type="file" name="images" id="imagesd" />
</p>
<p>
<input type="submit" name="upload" id="upload" value="Upload" />
</p>
</form>
<div id="maincontent">
<h2>Foto informatie</h2>
<form name="FotoInformatie" id="fotoInformatie" method="post" action="">
<table>
<tr>
<td align="center"><strong>Foto<strong></td>
<td align="center"><strong>Titel</strong></td>
<td align="center"><strong>Beschrijving</strong></td>
<td align="center"><strong>Homepage</strong></td>
</tr>
<?php
while ($rows=$result->fetch_assoc()) {
?>
<tr>
<td class="hide" align="center"><?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?></td>
<td><img src="../img/thumbs/<?php echo $rows['filename']; ?>"></td>
<td align="center"><input name="title[]" type="text" id="title" value="<?php echo $rows['title']; ?>"></td>
<td align="center"><input name="caption[]" type="text" id="caption" value="<?php echo $rows['caption']; ?>"></td>
<td><input type="checkbox" name="checkboxHome[]" id="checkBoxHome" value="<?php echo ($rows['home'] == 1) ? 'checked="checked"' : ''; ?>"/></td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center">
<input type="submit" name="submit" value="Submit">
</tr>
</table>
</form>
</div>
</article> <!-- end of content -->
</div> <!-- end of container -->
<?php include('includes/footer.inc.php'); ?>
</body>
</html>
<?php
if(isset($_POST['submit'])) {
$title = $_POST['title'];
$caption = $_POST['caption'];
if ($_POST['checkboxHome'] == "") {
$checkboxHome[] = '0';
} else {
$checkboxHome[] = '1';
}
for($i=0;$i<$count;$i++){
$result1=mysqli_query($conn, "UPDATE gallery SET title='$title[$i]', caption='$caption[$i]', home='$checkboxHome[$i]' WHERE id='$id[$i]'");
header("location:/admin/foto-admin.php");
}
}
?>
The checkbox only works on the first row in my DB. When I select another record, only the first record in my db will be updated.
Another issue is that my checkbox won't be checked so I don't know based on my screen when a image is online or not. in the database I see a 1 of a 0.
I know that sql-injection is possible and I have to prepare the statements, but that is the next step when I get this checkbox-issue working.
Hope someone can help me with my code. It's giving me a headache.

Check these
Attribute name="id[]" for id field is not given. And it should get inside
if(isset($_POST['submit'])) {
$id = $_POST['id'];
}
Incorrect spelling in getting Post value
change
$checkboxHome = $_POST['checkboxHome'];
$checkboxFotoboek= $_POST['checkboxFotoboek'];
$checkboxDelete = $_POST['image_deleted'];
to
$checkboxHome = $_POST['checkBoxHome'];
$checkboxFotoboek= $_POST['checkBoxFotoboek'];
$checkboxDelete = $_POST['checkboxDelete'];

You are trying to get wrong value.
Your check-box name is checkBoxHome and you are trying to get $_POST['checkboxHome'] instead of $_POST['checkBoxHome'] .
Try $_POST['checkBoxHome'] and print it as print_r('checkBoxHome')
Same mistake in checkBoxFotoboek check-box.

try this
if(isset($_POST['submit'])) {
$title = $_POST['title'];
$caption = $_POST['caption'];
$checkboxHome = $_POST['checkBoxHome'];
$checkboxFotoboek= $_POST['checkBoxFotoboek'];
$checkboxDelete = $_POST['checkboxDelete'];
for($i=0;$i<$count;$i++){
$result1=mysqli_query($conn, "UPDATE gallery SET title='$title[$i]', caption='$caption[$i]', home='$checkboxHome[$i]', fotoboek='$checkboxFotoboek[$i]', image_deleted='$checkboxDelete[$i]' WHERE id='$id[$i]'");
header("location:/admin/foto-admin.php");
}
}
?>

how to update a sql database that has a dropdown list in php

I have a html form for user to submit their inquiry. after submitting the form, the data will go to php file and then it will connect to the database. I can do that.
the problem is, for admin view, it will have a dropdown list (approved/not approved) for admin to validate the data. how to update the database? I managed to do the dropdown, but when I clicked the save button, the database didn't update anything.
this is form.html which the user see, (nothing wrong here)
<!DOCTYPE html>
<head>
<meta charset="utf-8">
<title>data</title>
<link rel="stylesheet" media="screen" href="styles.css" >
</head>
<body bgcolor="#13b4ff">
<div id="header" style="background-color: #4169E1;"><hr>
<form class="form" action="submit.php" method="post" name="form" >
<ul>
<li>
<label for="name">Nama Pemohon:</label>
<input type="text" name="name" required />
</li>
<li>
<label for="jawatan">Jawatan:</label>
<input type="text" name="jawatan" />
</li>
<li>
<label for="unit">Unit/Jabatan/Bahagian:</label>
<input type="text" name="unit" required />
</li>
<li>
<label for="kementerian">Kementerian/Institusi/Agensi:</label>
<input type="text" name="kementerian" required />
</li>
<li>
<label for="telefon">No. Telefon:</label>
<input type="number" name="telefon" placeholder="eg: 012-345-6789" required />
</li>
<li>
<label for="faks">No. Faks:</label>
<input type="number" name="faks" placeholder="eg: 03-12345678" />
</li>
<li>
<label for="email">E-mail:</label>
<input type="email" name="email" placeholder="name#something.com" required />
<span class="form_hint">proper format<script type="text/javascript">
/* <![CDATA[ */
(function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();
/* ]]> */
</script></span>
</li>
<li>
<label for="data">Data/Laporan Yang Dipohon:</label>
<input type="text" name="data" required/>
</li>
<li>
<label for="tujuan">Tujuan:</label>
<input type="text" name="tujuan" required/>
</li>
<li>
<button class="submit" type="submit">Submit</button>
</li>
</ul>
</form>
</body>
</html>
the submit.php that connects to the database, (nothing wrong here too)
<?php
//debug mode
error_reporting(E_ALL);
ini_set('display_errors', '1');
//to show some error is smthng went wrong
$errors = array();
function connect(){
$connection = mysql_connect("localhost", "root", "" );
$db = mysql_select_db('permohonan_data', $connection);
if (!$connection || !$db){
return false;
}
else{
return true;
}
}
//will run if user did submit the form
if (!empty($_POST)){
//connect sql server:
if (!connect()){
$errors[] = "Can't establish link to MySql server";
}
$name = $_POST['name'];
$jawatan = $_POST['jawatan'];
$unit = $_POST['unit'];
$kementerian = $_POST['kementerian'];
$telefon = $_POST['telefon'];
$faks = $_POST['faks'];
$email = $_POST['email'];
$data = $_POST['data'];
$tujuan = $_POST['tujuan'];
//no error til here
if (empty($error)){
//prevent SQL injection
$name = mysql_real_escape_string($name);
$jawatan = mysql_real_escape_string($jawatan);
$unit = mysql_real_escape_string($unit);
$kementerian = mysql_real_escape_string($kementerian);
$telefon = mysql_real_escape_string($telefon);
$faks = mysql_real_escape_string($faks);
$email = mysql_real_escape_string($email);
$data = mysql_real_escape_string($data);
$tujuan = mysql_real_escape_string($tujuan);
}
//try insert value
$query = "INSERT INTO pemohon
(name,jawatan,unit,kementerian,telefon,faks,email,data,tujuan)
VALUES ('$name', '$jawatan', '$unit', '$kementerian', '$telefon', '$faks', '$email', '$data', '$tujuan')";
//try
if (!mysql_query($query)){
//
//die(mysql_error());
$errors[] = "Can't insert the values";
}
else {
//on success
header("Location:thankyou.php");
exit();
}
}
?>
this is the admin.php for the admin used only. (here's the problem)
<?php
session_start();
if(!empty($_SESSION['pswd']))
{
header("location:form.html");
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="stylenav.css" />
<link rel="stylesheet" type="text/css" href="stylestable.css" />
</head>
<body bgcolor="#13b4ff">
<div id="wrapper">
<div id="nav">
<ul>
<li>HOME</li><br>
<li>NEW USER</li><br>
<li>Pengesah</li><br>
<li>Penyedia</li><br>
<li>UPDATE</li><br>
<li>LOGOUT</li>
</ul>
</div>
</td>
<td>
<table id='display'>
<col span="1" class="wide1">
<col span="1" class="wide3">
<col span="1" class="wide3">
<col span="1" class="wide4">
<col span="1" class="wide4">
<col span="1" class="wide2">
<col span="1" class="wide3">
<col span="1" class="wide3">
<col span="1" class="wide5">
<tr>
<th>ID</th>
<th>NAMA PEMOHON</th>
<th>UNIT/JABATAN/ <br>BAHAGIAN</th>
<th>NO.TELEFON</th>
<th>NO.FAKS</th>
<th>E-MAIL</th>
<th>DATA/LAPORAN YANG DIPOHON</th>
<th>TUJUAN</th>
<th>TINDAKAN</th>
</tr>
<tbody>
<?php
$connect = mysql_connect("localhost","root","");
if (!$connect){
die(mysql_error());
}
mysql_select_db("permohonan_data");
$option = '';
$results = mysql_query("SELECT * FROM pemohon ORDER BY id DESC");
$option .='<select>';
$count=mysql_num_rows($results);
{
$tindakan = mysql_real_escape_string(stripslashes($_POST['tindakan']));
$_query = "UPDATE permohonan_data SET pemohon = '$tindakan' WHERE id = $id";
if($result_query = mysql_query($_query))
{
$status_query= "Success";
}
else
{
$status_query= "Failed";
}
}
while ($row = mysql_fetch_array($results)){
?>
<tr>
<td><?php echo "<a href='full_details.php?id=".$row['id']."'>".$row['id']."</a>" ?></td>
<td><?php echo $row['name']?></td>
<td><?php echo $row['unit']?></td>
<td><?php echo $row['telefon']?></td>
<td><?php echo $row['faks']?></td>
<td><?php echo $row['email']?></td>
<td><?php echo $row['data']?></td>
<td><?php echo $row['tujuan']?></td>
<td><select>
<option <?php if( $row['tindakan'] == '-'){ echo "selected";}?> >-</option>
<option <?php if( $row['tindakan'] == 'app'){ echo "selected";}?> >APPROVED</option>
<option <?php if( $row['tindakan'] == 'notapp'){ echo "selected";}?> >NOT APPROVED</option>
</select></td>
</tr>
<?php
}
$option .='</select>';
?>
</tbody>
</table>
<input type='submit' value='Save'>
</div>
</body>
</html>
save button didn't work.

OK, Fred, I'll bite. ;) Your save button doesn't work, because it isn't named:
<input type='submit' value='Save'>
due to your conditional statement if(isset($_POST['submit'])) change it to this
<input type='submit' name='submit' value='Save'>
and it should theoretically work, IF the rest of your code checks out.

Categories