Why I can't insert into 1 field to my database table?
I loop the data of my other table to display each data and put the result to href tag so it clickable and concatenate with it's id so it will put the id result after the link like this:
<a href="scheduling.php?CID=<?php echo $rows['docID']; ?>">
Here is how I loop my data using php on page1:
<?php
$sel = "SELECT * FROM doctors ORDER BY docID";
$result = $conn->query($sel);
if($result->num_rows>0)
{
while($rows = $result->fetch_array())
{
?>
<a href="scheduling.php?CID=<?php echo $rows['docID']; ?>">
<div class="doc_item" style="width:310px; border:4px solid #009973;display:inline-block; margin-top:40px; margin-right:20px;">
<img src="images/ft-img.png" style="width: 300px;">
<div class="item-lvl" style="width: 100%; background:#009973; color:#fff; height:70px; padding-top:10px;">
<h4 style="font-size:20px; font-weight:bold;">Dr. <?php echo $rows['docFname']; ?></h4>
<span><?php echo $rows['docType']; ?></span>
</div>
<div style="width: 100%; background:#00664d;padding-top:15px; padding-bottom:20px;">
<h3 style="color:#fff;">Make a Schedule!</h3>
</div>
</div>
</a>
<?php
}
}
?>
Then I want to add the value of CID to my database table using this code on page 2:
<?php
if (isset($_POST['btn-submit'])) {
$cusID = $customerID;
$docID = $_GET['CID'];
$checkupType = $_POST['checkupType'];
$schedTime = $_POST['schedTime'];
$contact = $_POST['contact'];
$ins = "INSERT INTO schedule
(customerID, docID, checkupType, schedTime, contact)
VALUE ('$cusID','$docID','$checkupType','$schedTime','$contact')";
if($conn->query($ins)===TRUE) {
header('location:success_sched.php');
}else{
echo "SQL Query: " . $ins . "->Error: " . $conn->error;
}
}
Now, this code insert data to my database table except $docID which is the value is $_GET['CID'];
docID column is intiger.
please correct my code, this is my school project.
Form code on page 2:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<div class="sign-u">
<div class="sign-up1">
<h4>Form of Checkup* :</h4>
</div>
<div class="sign-up2">
<label>
<input type="radio" value="Virtual" name="checkupType" required>
Virtual Checkup
</label>
<label>
<input type="radio" value="Facetoface" name="checkupType" required>
Face to Face Checkup
</label>
</div>
<div class="clearfix"> </div>
</div>
<p style="color:gray;">*Take note that virtual checkup will require a you stable internet for better communication.</p>
<div class="sign-u">
<div class="sign-up1">
<h4>Date and Time* :</h4>
</div>
<div class="sign-up2">
<input type="date" name="schedTime" id="date" required>
</div>
<div class="clearfix"> </div>
</div>
<p style="color:gray;">*Please provide Skype id as a contact information if <span style="color:#ff5c33">Virtual Checkup</span> is your choice.</p>
<div class="sign-u">
<div class="sign-up1">
<h4>Contact Information :</h4>
</div>
<div class="sign-up2">
<input type="text" name="contact">
</div>
<div class="clearfix"> </div>
</div>
<div class="sub_home" style="text-align: right;">
<input style="background: #339966;" type="submit" name="btn-submit" value="Submit">
<div class="clearfix"> </div>
</div>
</form>
Please understand that when you submit a form, that is a new request to the server. It has a new URL. Your page 2 form submits to $_SERVER['PHP_SELF']; - which is the current URL but without the querystring variables. Therefore your GET parameter is not passed in the form submit. (If you use the "View Source" feature of your browser to examine the "action" attribute of the form after it's rendered, you'll see exactly what URL it makes the request to when submitting. You can also see the same thing by looking at your browser's Network tool, or your webserver's access logs.)
There are a couple of ways around that, but I'd suggest adding the value as a hidden field in the form, and populating it with the value of the GET parameter during the previous request.
e.g.
<input type="hidden" value="<?php echo $_GET["CID]; ?>" name="CID">
and then in the PHP, retrieve it via $_POST like all the other variables:
$docID = $_POST['CID'];
Finally, please ensure you update your code to use prepared statements and parameters, as recommended in the comments, so that you are protected against both SQL injection attacks and unexpected syntax errors. You can get more info and examples here
Related
here is my code
if(isset($_GET['id']) && $_GET['id']!=''){
$id= get_safe_value($con, $_GET['id']);
$res=mysqli_query($con, "select * from `categories` where id='$id'");
$row=mysqli_fetch_assoc($res);
$categories=$row['categories'];
}
if(isset($_POST['submit'])){
$categories= get_safe_value($con, $_POST['categories']);
if(isset($_GET['id']) && $_GET['id']!=''){
mysqli_query($con, "UPDATE `categories` SET `categories`='$categories' WHERE `categories`.`id`=$id");
}else{
mysqli_query($con,"INSERT INTO `categories` ( `categories`,`status` ) VALUES ('$categories', '1')");
}
echo "<script>window.location.href='categories.php'</script>";
die();
}
to edit my categories, i sent id to the url like this
echo "<a href='manage-categories.php?id=".$row['id']."'>Edit </a>";
but after form submission, that second if block unable to catch the id. Any solution?
this is my form
<form method="POST" action="manage-categories.php">
<div class="card">
<div class="card-header">
<h4 class="card-title">Insert Categories</h4>
</div>
<div class="card-block">
<div class="card-body">
<h5 class="mt-2">Category Name</h5>
<fieldset class="form-group">
<input type="text" class="form-control" id="placeholderInput" value="<?php echo $categories; ?>" name="categories" placeholder="Enter category name">
</fieldset>
<div class="form-group">
<input class="btn btn-primary btn-min-width mr-1 mb-1" name="submit" type="submit" value="Insert">
</div>
<div class="field_error">
<?php
echo "<p>";
echo $msg;
echo "</p>";
?></div>
</div>
</div>
</div>
</div>
This form is used for both updation and insert
GET and POST values don't persist between requests. When you submit a form, you're making a new request to a new URL.
To ensure the value is sent to the server again when submitting the form, you can either:
put the querystring (GET) parameter into the URL you send to when submitting the form e.g. by injecting it into the form's "action" attribute.
Or
create a hidden field in your form which contains the relevant ID, and then make your PHP code search for $_POST["id"] instead of the GET version.
The action in the form most likley does not have the Query String defined.
<form method="post" action="manage-categories.php?id=<?php echo $row['id']; ?>">
...
Make sure you truely post with the query string.
I got a website in testing, how it works is
Step 1) Form to key in Details in page1.php
Step 2) with the POST function, the keyed in form values appears in next page2.php in read only form format. Sort of like a summary of the information they keyed in. at the bottom they are to click "confirm" and an email is supposed to be sent with the full details of that page2.php.
My problem:
I can get it to sent email from page1.php, in the form page and send email upon clicking submit. but that is not what i want, i want it to send email after they confirm their details from page2.php. there is where i get the error.
my page2.php file has this as the code below. the form-to-email.php is the action to send email which works when its sent directly from a form but not from this page2.php read only page to confirm the details.
What am i doing wrong?
<form action="form-to-email.php" method="post" class="box readonly">
<h3>Vehicle Details</h3>
<div class="f-row">
<div class="one-fourth">Type</div>
<div class="three-fourth">Transport Service</div>
</div>
<div class="f-row">
<div class="one-fourth">Vehicle</div>
<div class="three-fourth">14 Foot Lorry</div>
</div>
<h3>Customer Details</h3>
<div class="f-row">
<div class="one-fourth">Name</div>
<div class="three-fourth"><?php $name = $_POST["name"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth">Phone</div>
<div class="three-fourth"><?php $name = $_POST["number"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth" label for='email'>Email</div>
<div class="three-fourth"><?php $name = $_POST["email"]; echo $name; ?></div>
</div>
<h3>Job Details</h3>
<div class="f-row">
<div class="one-fourth">Date</div>
<div class="three-fourth"><?php $name = $_POST["date"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth">Time</div>
<div class="three-fourth"><?php $name = $_POST["time"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth">Pick Up</div>
<div class="three-fourth"><?php $name = $_POST["pick"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth">Drop Off</div>
<div class="three-fourth"><?php $name = $_POST["drop"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth">Items</div>
<div class="three-fourth"><?php $name = $_POST["items"]; echo $name; ?></div>
</div>
<div class="f-row">
<div class="one-fourth">Remarks</div>
<div class="three-fourth"><?php $name = $_POST["remarks"]; echo $name; ?></div>
</div>
<h3 align="center">TOTAL: $80 SGD</h3><input type="submit" class="btn medium color" value="Confirm (Cash Payment)"></form>
help.
The main problem is that you don't have any inputs in <form> on page2.php. So what you submit is empty.
There are at least 2 ways to solve it:
1 - Store your values in php session:
Add the following lines at top of your page2.php script:
<?php
session_start();
$_SESSION['post_values'] = $_POST;
...
?>
And the following lines at top of your form-to-email.php:
<?php
session_start();
$_POST = $_SESSION['post_values'];
$_SESSION['post_values'] = array(); // this will clear the values, so they wouldn't get resubmitted on page refresh. You could probably use `unset($_SESSION['post_values'])` but that sometimes doesn't work, so it's safer to redefine it as empty array.
...
?>
Storing values in php session will allow you to pass those values to other scripts in same domain. Please note that every time you want to use $_SESSION object, you got to start session first with session_start(). This has to be done before outputting anything.
2 - Add hidden inputs to your code like this (for every field):
<div class="f-row">
<div class="one-fourth">Name</div>
<div class="three-fourth"><input type="hidden" name="name" value="<?php json_encode($_POST["name"]);?>/><?php echo $_POST["name"];?></div>
</div>
<div class="f-row">
<div class="one-fourth">Phone</div>
<div class="three-fourth"><input type="hidden" name="number" value="<?php json_encode($_POST["number"]);?>/><?php echo $_POST["number"];?></div>
</div>
... etc.
That will create invisible inputs so the values could be send again. Please note that I am using json_encode() function so it wouldn't break the HTML syntax if value would contain for example ".
- FIXED -
When i submit form, the row i want to edit in table is forcing 0 instead of setting 0 or 1 (when i switch). It means that table (row) is somehow getting value 0.
This is my form:
<form class="form-horizontal" action="<?php echo BASE_URL?>process.php?task=edit_notify" method="post">
<div class="form-group">
<div class="material-switch pull-left">
<p><span class="control-label" style="color: rgba(75, 75, 75, 0.6); cursor: default;"><?php echo ADMIN_NOTIFY; ?></span></p>
<input id="allow_reg_msg" name="allow_reg_msg" type="checkbox" value="1" <?php if($row['allow_reg_msg'] == 1) echo "checked='checked'"; ?> />
<label for="allow_reg_msg" class="label-primary"></label>
</div>
</div></br>
<div class="form-group">
<button type="submit" class="btn_"><i class="fa fa-pencil"></i> <?php echo EDIT; ?></button>
</div>
</form>
When i submit, it should send value to process.php page, here is the "process.php?task=edit_notify":
if(isset($_GET['task']) && $_GET['task'] == "edit_notify"){
if(!$user->isLoggedIn()) Redirect::to('index');
if(!$user->hasPermission('admin')) Redirect::to('index');
$allow_reg_msg = $_POST['allow_reg_msg'];
$sql = "UPDATE `settings` SET
`allow_reg_msg` = :allow_reg_msg
WHERE `id` = 1";
$query = $handler->prepare($sql);
$query->execute(array(
":allow_reg_msg" => $allow_reg_msg
));
Session::flash('edit_site_success', SUCCESS_UPDATE);
Redirect::to('admin/index.php?page=edit_site');
}
And here are few images from my database:
image 1,
image 2
I found solution! It was in my define('BASE_URL', 'https://monkstudio.biz/');
Because i have in .htaccess my website link with "www", here in script it was not set, now i put define('BASE_URL', 'https://www.monkstudio.biz/'); and it's working fine!
I'm so proud i found this by myself.
I am trying to update records in 'pantry-info' table. Code goes to the if loop instead of else
The code is mentioned below, what am I doing wrong?
DB connection is:
require 'config/connectDB.php';
session_start();
$id = $_GET['id'];
$sql = 'SELECT * FROM temp WHERE'. " pan_id = '$id'";
$result = mysqli_query($conn,$sql);
Trying to read DB table values in form as follows:
<?php
if(mysqli_num_rows($result1) == 0)
{
echo '<h2>This record already exists. Do you want to delete it?</h2>';
} else { ?>
<h4>Edit the record here:</h4>
<br>
<form name="pantryinfo" id="pantryForm" method = "post" action="update.php" data-toggle="validator" role="form">
<?php while ($row = mysqli_fetch_array($result1,MYSQLI_ASSOC)) { ?>
<div class="control-group form-group">
<div class="controls">
<input type="hidden" class="form-control" id="panid" name="panid" value="<?php echo $row['pan_id'];?>">
<p class="help-block"></p>
</div>
</div>
<div class="control-group form-group">
<div class="controls">
<label>Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo $row['pname'];?>" required>
<p class="help-block"></p>
</div>
</div>
</form>
<?php
}
}
?>
Similar code works fine on a different page retrieving values from another DB table. Please help. Thanks in advance.
I resolved the issue. In the SQL query I used $result as a variable and in the if-else code I was using result1.
Thank you Fred for pointing it out.
I am trying to get my jquery form to allow for multiple submissions, but it will not load after a selection.
I have a grid (let's say 2x2). I click on a cell and fill in my name from a jquery form. I click submit and my name will appear in the cell via php. However, when I go to click on another cell the pop-up window does not appear.
I have added a simplified version of my code to jsfiddle (https://jsfiddle.net/7j7wxrpu/).
You can see from there my form is a pop-up window after you click on a cell:
<table border=1>
<tr><td colspan="11"><center><h2>Away Team</h2></center></td></tr>
<tr><th class='header-cols'></th><th class='header-cols'><h1>0</h1></th><th class='header-cols'><h1>1</h1></th></tr><tr><th class='header-rows'><h1>0</h1></th><td class='grid-cells'>
<a href='#myPopup' data-rel='popup'>
<div id='cell' onclick='setCoords(0,0);'>
<div class='grid-num'>1</div>
<div class='grid-name'>justin9</div>
</div>
</a>
</td><td class='grid-cells'>
<a href='#myPopup' data-rel='popup'>
<div id='cell' onclick='setCoords(1,0);'>
<div class='grid-num'>2</div>
<div class='grid-name'>justin10</div>
</div>
</a>
</td></tr><tr><th class='header-rows'><h1>1</h1></th><td class='grid-cells'>
<a href='#myPopup' data-rel='popup'>
<div id='cell' onclick='setCoords(0,1);'>
<div class='grid-num'>3</div>
<div class='grid-name'></div>
</div>
</a>
</td><td class='grid-cells'>
<a href='#myPopup' data-rel='popup'>
<div id='cell' onclick='setCoords(1,1);'>
<div class='grid-num'>4</div>
<div class='grid-name'></div>
</div>
</a>
</td></tr></table>
<div data-role="popup" id="myPopup" class="ui-content" style="min-width:250px;">
<form method="post" action="">
<div>
<h3>Pick This Square:</h3>
<label for="name" class="ui-hidden-accessible">Name:</label>
<input type="text" name="name" id="name" placeholder="Name">
<label for="email" class="ui-hidden-accessible">Email:</label>
<input type="text" name="email" id="email" placeholder="Email">
<input type="submit" data-inline="true" value="Submit">
<!--<input type='hidden' name='row' value=''>
<input type='hidden' name='col' value=''>-->
<div id='row-div'></div>
<div id='col-div'></div>
</div>
</form>
</div>
And here is the php it calls from the file:
<?php
include_once 'connectmysql.php';
if(!isset($_POST['name']) || !isset($_POST['email'])){
//fail because one is blank
echo "Failed the POSt data: Name: " . $_POST['name'] . " | Email: " . $_POST['email'];
}
else{
$name = $_POST['name'];
$email = $_POST['email'];
$row = $_POST['row'];
$col = $_POST['col'];
$tstamp = date("Y-m-d_H:i:s");
//Write to the sql db
$conn = ConnectMySQL();
$sql = "INSERT INTO picks (name,email,paid,row,col,tstamp) VALUES('$name','$email',0,$row,$col,'$tstamp')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
?>
Besides the lack of security in my php is there anything I am missing? How come the pop-up box will only pop-up once until I refresh the page. I also notice when I refresh the page it tries to "Resend" the post data to the server. It looks like I have to clean the post data after a submit, is that a thing?
To do that without reloading the page you should use AJAX call to a PHP script that will insert the new data in the database and then query the database again and send the new values to your JavaScript and then with JavaScript to change the values of the cells.
Also, change names of the IDs - should have unique names: cell1, cell2.