I'm trying to develop a small "To Do List" application. The data for the app is stored in a database, and it needs to perform all CRUD operations. As it is right now, Select, Insert, and Delete work just fine. I'm stuck on updating though. The index.php page is shown below:
<?php
session_start();
require_once 'connect.php';
if (isset($_POST['DeleteTask'])) {
$sqldelete = "DELETE FROM Tasks WHERE dbTaskID = :bvTaskID";
$stmtdelete = $db->prepare($sqldelete);
$stmtdelete->bindValue(':bvTaskID', $_POST['taskID']);
$stmtdelete->execute();
echo "<div>Task successfully deleted</div>";
}
if (isset($_POST['theSubmit'])){
echo '<p>New task added</p>';
$formfield['ffTaskName'] = trim($_POST['taskName']);
$formfield['ffTaskDue'] = trim($_POST['taskDue']);
if(empty($formfield['ffTaskName'])){$errormsg .= "<p>Task field is empty.</p>";}
if(empty($formfield['ffTaskDue'])){$errormsg .= "<p>Deadline field is empty.</p>";}
if ($errormsg != "") {
echo "<div class='error'><p>Please fill out all fields before submitting.</p>";
echo $errormsg;
echo "</div>";
} else {
try {
$sqlinsert = 'INSERT INTO Tasks (dbTaskName, dbTaskDue, dbTaskDone)
VALUES (:bvTaskName, :bvTaskDue, :bvTaskDone)';
$stmtinsert = $db->prepare($sqlinsert);
$stmtinsert->bindValue(':bvTaskName', $formfield['ffTaskName']);
$stmtinsert->bindValue(':bvTaskDue', $formfield['ffTaskDue']);
$stmtinsert->bindValue(':bvTaskDone', 0);
$stmtinsert->execute();
echo "<div><p>There are no errors. Thank you.</p></div>";
} catch(PDOException $e){
echo 'ERROR!!!' .$e->getMessage();
exit();
}
}
}
$sqlselect = "SELECT * from Tasks";
$result = $db->prepare($sqlselect);
$result->execute();
?>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>To Do Application</title>
</head>
<body>
<h1><u>To-Do List</u></h1>
<table border>
<tr>
<th>Task</th>
<th>Deadline</th>
<th>Status</th>
<th>Complete</th>
<th>Edit</th>
<th>Delete</th>
</tr>
<?php
while ($row = $result->fetch()) {
if ($row['dbTaskDone'] == 0) {
$status = "Unfinished";
} else {
$status = "Finished";
}
echo '<tr><td>' . $row['dbTaskName']
. '</td><td>' . $row['dbTaskDue']
. '</td><td>' . $status;
/*if ($status == "Unfinished"){
echo '</td><td>';
echo '<form action="'. $_SERVER['PHP_SELF'] . '" method="post">';
echo '<input type="hidden" name="taskID" value"' . $row['dbTaskID'] . '">';
echo '<input type="submit" name="CompleteTask" value="Complete Task">';
echo '</form>';
}*/
echo '</td><td>';
echo '<form action="updateTask.php" method="post">';
echo '<input type="hidden" name="taskID" value="' . $row['dbTaskID'] . '">';
echo '<input type="submit" name="EditTask" id="EditTask" value="Edit Task">';
echo '</form></td><td>';
echo '<form action="'. $_SERVER['PHP_SELF'] . '" method="post">';
echo '<input type="hidden" name="taskID" value="' . $row['dbTaskID'] . '">';
echo '<input type="submit" name="DeleteTask" value="Delete Task">';
echo '</td></tr>';
}
?>
</table>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" name="toDoForm">
<fieldset><legend>New Task</legend>
<table>
<tr>
<th>Task</th>
<td><input type="text" name="taskName" id="taskName"
value="<?php echo $formfield['ffTaskName']; ?>"></td>
</tr><tr>
<th>Deadline</th>
<td><input type="text" name="taskDue" id="taskDue"
value="<?php echo $formfield['ffTaskDue']; ?>"></td>
</tr>
</table>
<input type="submit" name = "theSubmit" value="Add Task">
</fieldset>
</form>
</body>
</html>
Each record displays an "Edit" button that grabs the PK from the "Tasks" table and sends it to the updateTask.php page:
<?php
require_once 'connect.php';
$errormsg = "";
if (isset($_POST['EditTask']) ) {
$formfield['ffTaskID'] = $_POST['taskID'];
$sqlselect = "SELECT * FROM Tasks WHERE dbTaskId = :bvTaskID";
$result = $db->prepare($sqlselect);
$result->bindValue(':bvTaskID', $formfield['ffTaskID']);
$result->execute();
$row = $result->fetch();
if( isset($_POST['theEdit']) )
{
$formfield['ffTaskID'] = $_POST['taskID'];
$formfield['ffTaskName'] = trim($_POST['taskName']);
$formfield['ffTaskDue'] = trim($_POST['taskDue']);
if(empty($formfield['ffTaskName'])){$errormsg .= "<p>Task field is empty.</p>";}
if(empty($formfield['ffTaskDue'])){$errormsg .= "<p>Deadline field is empty.</p>";}
if ($errormsg != "") {
echo "<div class='error'><p>Please fill out all fields before submitting.</p>";
echo $errormsg;
echo "</div>";
} else {
try
{
$sqlUpdate = "UPDATE Tasks SET dbTaskName = :bvTaskName,
dbTaskDue = :bvTaskDue
WHERE dbTaskID = :bvTaskID";
$stmtUpdate = $db->prepare($sqlUpdate);
$stmtUpdate->bindvalue(':bvTaskName', $formfield['ffTaskName']);
$stmtUpdate->bindvalue(':bvTaskDue', $formfield['ffTaskDue']);
$stmtUpdate->bindvalue(':bvTaskID', $formfield['ffTaskID']);
$stmtUpdate->execute();
}
catch(PDOException $e)
{
echo 'ERROR!!!' .$e->getMessage();
exit();
}
}
}
}
?>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>To Do Application</title>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="editForm">
<fieldset><legend>Edit Task</legend>
<table>
<tr>
<th>Task</th>
<td><input type="text" name="taskName" id="taskName"
value="<?php echo $row['dbTaskName'];?>" ></td>
</tr><tr>
<th>Deadline</th>
<td><input type="text" name="taskDue" id="taskDue"
value="<?php echo $row['dbTaskDue']; ?>"></td>
</tr>
<tr>
<th>Submit Changes</th>
<input type="hidden" name="taskID" value="<?php echo $_formfield['ffTaskID']; ?>">
<td><input type="submit" name="theEdit" value="Submit Changes">
</table>
</fieldset>
</form>
</body>
</html>
The Name and Deadline fields populate appropriately based on the PK value passed from the last page. However, whenever I press the "Submit Changes" button, the update doesn't seem to execute. The page just refreshes and I see the table data remains unchanged in the database.
Solved the problem!
There were several issues that I discovered.
1.) In updateTask.php, I had the second if-statement nested within the first one. So it was running the update query as the page loaded, with no change to the data. So the 'theEdit' button did nothing since since it required the previous if statement's condition to run.
2.) The formfield 'ffTaskID' at the bottom of the form on updateTask.php to be passed on the 'theEdit' button press was typed incorrectly.
$_formfield
..should have been..
$formfield
At this point, the update query functions properly.
3.) The issue with the 'Edit' buttons has been fixed. Though I honestly can't say for certain how it was fixed. It may have been linked with the first part of the problem. So when that was fixed, so was this.
Either way, all seems to be functioning as it should. Thanks again to everyone who commented and helped.
Related
I am still trying out PHP and with database capability. I'm new to stack overflow as well.
I'm having a problem with updating and deleting a row in my database but for now updating is the concern and surely deletion will follow if I manage to get assisted for this.
I have database "dbSample" and it has 3 columns "id, name, address, email".
I am having problems redirecting correctly to my update classes and it shows an error every time.
Below is the said connection file:(sample/class/dbconnection.php):
<?php
/*
==============================SQL Connection=================================
*/
$connections = mysqli_connect("localhost","root","","dbSample"); //checks database connection
if(mysqli_connect_errno()){
echo '<script type="text/javascript">alert("' . "Database Status: " . mysqli_connect_error() . '")</script>';
}
?>
Below serves as my index php file(sample/dbsample.php):
<?php require 'class/dbconnection.php';?>
<html>
<head>
</head>
<body>
<div>
<?php include 'class/dbupdate.php'; ?>
</div>
</body>
</html>
Below is the said dbupdate file:(sample/class/dbupdate.php):
<?php
/*
==============================SQL Update=================================
*/
$view_query = mysqli_query($connections, "SELECT * FROM tblSample");
echo "<table border = '1'>";
echo "<tr>
<td>Name</td>
<td>Address</td>
<td>Email</td>
<td>Option</td>
</tr>";
while($row = mysqli_fetch_assoc($view_query)){ //make variables to hold the values from the table
$user_id = $row["id"];
$db_name = $row["name"];
$db_address = $row["address"];
$db_email = $row["email"];
//get the value id and pass it
echo "<tr>
<td>$db_name</td>
<td>$db_address</td>
<td>$db_email</td>
<td><a href='class/updatepass.php?id=$user_id'>Update</a></td>
</tr>";
}
echo "</table>";
?>
Below is the said updatepass file:(sample/class/updatepass.php):
<?php
require_once(__DIR__."\dbconnection.php");
$user_id = $_REQUEST["id"];
$get_record = mysqli_query($connections, "SELECT * FROM tblSample WHERE id='$user_id'");
while($row_edit = mysqli_fetch_assoc($get_record)){
$db_name = $row_edit["name"];
$db_address = $row_edit["address"];
$db_email = $row_edit["email"];
}
?>
<form method="POST" action="class/updatenow.php">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
Name: <input type="text" name="new_name" value="<?php echo $db_name; ?>">
<hr />
Address: <input type="text" name="new_address" value="<?php echo $db_address; ?>">
<hr />
Email: <input type="text" name="new_email" value="<?php echo $db_email; ?>">
<hr />
<input type="submit" value="Update">
</form>
Below is the said updatenow file:(sample/class/updatenow.php):
<?php
header('Content-Type: text/plain; charset=utf-8');
require_once(__DIR__."\class\updatepass.php");
require_once(__DIR__."\class\dbconnection.php");
$user_id = $_POST["id"];
$new_name = $_POST["new_name"];
$new_address = $_POST["new_address"];
$new_email = $_POST["new_email"];
mysqli_query($connections, "UPDATE tblSample SET name='$new_name', address='$new_address', email='$new_email' WHERE id='$user_id'");
echo '<script type="text/javascript">alert("' . "Record has been updated" . '")</script>';
header('location: dbsample.php');
?>
Thank you for the help in advance, I will deeply appreciate it.
I have an app in php where I have to filter some products by category using Ajax and I don't have any idea how.
My all php code:
<?php
session_start();
include_once("config.php");
//current URL of the Page. cart_update.php redirects back to this URL
$current_url = urlencode($url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Shopping Cart</title>
<link href="style/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<h1 align="center">Products </h1>
<!-- Products List Start -->
<?php
$results = $mysqli->query("SELECT product_code, product_name, product_desc, price FROM products ORDER BY id ASC");
if($results){
$products_item = '<ul class="products">';
//fetch results set as object and output HTML
while($obj = $results->fetch_object())
{
$products_item .= <<<EOT
<form method="post" action="cart_update.php">
<table>
<tr>
<td> Name: {$obj->product_name}</td>
<td>Category: {$obj->product_desc}</td>
<td> Price: {$currency}{$obj->price} </td>
<td>
<span>Color: </span>
<select name="product_color">
<option value="Black">Black</option>
<option value="Silver">Silver</option>
</select>
</td>
<td>
<span>Quantity: </span>
<input type="text" size="2" maxlength="2" name="product_qty" value="1" />
</td>
<td>
<div align="center"><button type="submit" class="add_to_cart">Add</button></div></td>
<input type="hidden" name="product_code" value="{$obj->product_code}" />
<input type="hidden" name="type" value="add" />
<input type="hidden" name="return_url" value="{$current_url}" />
</div></div>
</form>
</table>
EOT;
}
$products_item .= '</ul>';
echo $products_item;
}
?>
<!-- Products List End -->
<?php
if(isset($_SESSION["cart_products"]) && count($_SESSION["cart_products"])>0)
{
echo '<h3><center>Your Shopping Cart</center></h3>';
echo '<form method="post" action="cart_update.php">';
echo '<table width="30%" cellpadding="6" cellspacing="0"';
echo '<tbody>';
$total =0;
$b = 0;
foreach ($_SESSION["cart_products"] as $cart_itm)
{
$product_name = $cart_itm["product_name"];
$product_qty = $cart_itm["product_qty"];
$product_price = $cart_itm["product_price"];
$product_code = $cart_itm["product_code"];
$product_color = $cart_itm["product_color"];
$bg_color = ($b++%2==1) ? 'odd' : 'even'; //zebra stripe
echo '<tr class="'.$bg_color.'">';
echo '<td>Qty <input type="text" size="2" maxlength="2" name="product_qty['.$product_code.']" value="'.$product_qty.'" /></td>';
echo '<td>'.$product_name.'</td>';
echo '<td><input type="checkbox" name="remove_code[]" value="'.$product_code.'" /> Remove</td>';
echo '</tr>';
$subtotal = ($product_price * $product_qty);
$total = ($total + $subtotal);
}
echo '<td colspan="4">';
echo '<button type="submit">Update</button>';
echo '</td>';
echo '</tbody>';
echo '</table>';
echo '</h1>';
$current_url = urlencode($url="http://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
echo '<input type="hidden" name="return_url" value="'.$current_url.'" />';
echo '</form>';
echo '</div>';
}
?>
<div id="maindiv">
<select id="options">
<option value="v1">Category</option>
</select>
<table id="destinations" border="1">
<tr>
<th>Product</th>
<th>Category</th>
<th>Price</th>
<th>Color</th>
<th>Quantity</th>
</tr>
</table>
</div>
</body>
</html>
I really can not understand how to make this filter.Can someone gives me some ideas in order to resolve this task?
You haven't given us much to go on in terms of what this "filter" is. If I assume by "filter" you mean you wish to alter your SQL query according to some user-initiated AJAX call(s) to this script, then you'll need the following:
A POST or GET request sent via AJAX containing the database fields you wish to filter on. Note: Use some sort of alias or map instead of passing actual database column-names where the user can see it, that'd be a security flaw - also ensure you escape (clean-up) any user-input before it goes anywhere near your SQL queries :-)
A WHERE clause to insert into your SQL query, constructed dynamically from the above POST or GET data
That's pretty much it.
Very Rough example:
$sql = "SELECT product_code, product_name, product_desc, price FROM products";
// Where $_POST['filter'] comes from an AJAX POST request in the frontend
if (!empty($_POST['filter'])) {
$codeSql = ' ' . (!empty($_POST['code']) ? "product_code = '" . mysqli_escape_string($_POST['code']) . '" : '');
$nameSql = ' ' . (!empty($_POST['name']) ? "product_name = '" . mysqli_escape_string($_POST['name']) . '" : '');
$sql .= "WHERE " . $codeSql . $nameSql;
}
$sql .= " ORDER BY id ASC";
$results = $mysqli->query($sql);
I have this form and out of this form, I can get 2 values from the radio buttons with post. But, I want to able to send another value winch is in my while loop the $fieldname variable with my form. I just don't know how to do that.
This my code:
$result = mysqli_query($con,"SELECT * FROM Velden");
while($row = mysqli_fetch_array($result)) {
echo "<div>";
echo "<h1>".$row['name']."</h1>";
echo "<h3>".$row['locatie']."</h3>";
echo '<img src="images/'.$row['photo'].'" width="120px" height="120px"/>';
echo "<p>".$row['aanwezig']."</p>";
$namefield = $row['name'];
$players = mysqli_query($con, "SELECT name, user_status FROM veld_user WHERE user_status=1 AND name='$namefield'");
echo "veld: ".$row['name']."<br />";
$number = mysqli_num_rows($players);
echo "Aantal spelers aanwezig: ".$number."<br /><br />";
?>
<form action="" method="post" id="registerForm">
<table class="form imageFrom">
<tr>
<td><input checked type="radio" name="status" value="1"/> aanwezig</td> <?php if (isset($_POST['status']) && $_POST['status']=='1') echo ' STATUS="aanwezig"';?>
<td><input checked type="radio" name="status" value="0"/> afwezig</td><?php if (isset($_POST['status']) && $_POST['status']=='0') echo ' STATUS="afwezig"';?>
</tr>
<tr>
<td><input type="submit" name="submit" value="submit" class="knop"/></td>
</tr>
</table>
</form><?php
echo"</div>";
}
And this is the code were i get the post. And update my database
if(isset($_POST['submit'])){
if (isset($_POST['status']) && $_POST['status']=='1'){
$sql = "UPDATE veld_user SET user_status = 1 WHERE id=".$user->data()->id;}
elseif (isset($_POST['status']) && $_POST['status']=='0'){
$sql = "UPDATE veld_user SET user_status = 0 WHERE id= ".$user->data()->id;}
if (mysqli_query($con, $sql)) {
Session::flash('home', 'update success');
} else {
echo "Error updating record: " . mysqli_error($con);
}}
Btw thnx guys...input hidden made it work
<input type="hidden" name="fieldname" value="<?php echo $namefield?>" />
I am using editing file for updating data of mobile no, email details etc, but it is not updating , it shows the results of data so connection is working but no updating of data is there. code:
<?php
include('header.php');
$msg='';
?>
<div class="page-cont1">
<!--heading starts-->
<?php
session_start(); //starts the session
if($_SESSION['user']){ //checks if user is logged in
}
else{
header("location:index.php"); // redirects if user is not logged in
}
$user = $_SESSION['user']; //assigns user value
$id_exists = false;
?>
<body>
<h2>Home Page</h2>
<p>Hello <?php Print "$user"?>!</p> <!--Displays user's name-->
Click here to logout<br/><br/>
Return to Home page
<h2 align="center">Currently Selected</h2>
<table border="1px" width="100%">
<tr>
<th>Id</th>
<th>E-Mail</th>
<th>Mobile No</th>
<th>Details</th>
<th>Extra Information</th>
</tr>
<?php
if(!empty($_GET['id']))
{
$id = $_GET['id'];
$_SESSION['id'] = $id;
$id_exists = true;
$query = mysql_query("Select * from doctor Where id='$id'"); // SQL Query
$count = mysql_num_rows($query);
if($count > 0)
{
while($row = mysql_fetch_array($query))
{
Print "<tr>";
Print '<td align="center">'. $row['id'] . "</td>";
Print '<td align="center">'. $row['your_email'] . "</td>";
Print '<td align="center">'. $row['mobile_no'] . "</td>";
Print '<td align="center">'. $row['detail'] . "</td>";
Print '<td align="center">'. $row['info'] . "</td>";
Print "</tr>";
}
}
else
{
$id_exists = false;
}
}
?>
</table>
<br/>
<?php
if($id_exists)
{
Print '
<form action="edit.php" method="POST">
Enter new E-Mail: <input type="text" name="your_email"/><br/>
Enter new Mobile: <input type="text" name="mobile_no"/><br/>
Enter new detail: <input type="text" name="detail"/><br/>
Enter new Extra Information: <input type="text" name="info"/><br/>
<input type="submit" value="Update List"/>
</form>
';
}
else
{
Print '<h2 align="center">There is no data to be edited.</h2>';
}
?>
<?php
if($_SERVER['REQUEST_METHOD'] == "POST")
{
$field_email = mysql_real_escape_string($_POST['your_email']);
$field_phone = mysql_real_escape_string($_POST['mobile_no']);
$detail = mysql_real_escape_string($_POST['detail']);
$field_message = mysql_real_escape_string($_POST['info']);
mysql_query("UPDATE doctor SET your_email='$field_email', mobile_no='$field_phone', detail='$detail', info='$field_message' WHERE id='$id'") ;
header("location: home.php");
}
?>
<?php
include('footer.php');
$msg='';
?>
</body>
More over header file includes the connect file, and one query form is there problem lie in header file or problem in edit file.
First replace DOCTOR with doctor in update query (as Utharsh has stated).
Second:
You'll have to include the id in your form to be posted.
Print '<form action="edit.php" method="POST">
Enter new E-Mail: <input type="text" name="your_email"/><br/>
Enter new Mobile: <input type="text" name="mobile_no"/><br/>
Enter new detail: <input type="text" name="detail"/><br/>
Enter new Extra Information: <input type="text" name="info"/><br/>
<input type="hidden" name="id" value="'.$id.'">
<input type="submit" value="Update List"/>
</form>';
replace DOCTOR withdoctor in your update query.
If problem persists than try to hard code your query and execute it in phpmyadmin.
put a hidden field in your form with reference to the id as jeff stated
After receiving ans i studied my code in the ans i read about ID so i noticed that in updating there is no ID reference so i changed my code now problem solved my working code is:
<?php
include('header.php');
$msg='';
?>
<div class="page-cont1">
<!--heading starts-->
<?php
session_start(); //starts the session
if($_SESSION['user']){ //checks if user is logged in
}
else{
header("location:index.php"); // redirects if user is not logged in
}
$user = $_SESSION['user']; //assigns user value
$id_exists = false;
?>
<body>
<h2>Home Page</h2>
<p>Hello <?php Print "$user"?>!</p> <!--Displays user's name-->
Click here to logout<br/><br/>
Return to Home page
<h2 align="center">Currently Selected</h2>
<table border="1px" width="100%">
<tr>
<th>Id</th>
<th>E-Mail</th>
<th>Mobile No</th>
<th>Details</th>
<th>Extra Information</th>
</tr>
<?php
if(!empty($_GET['id']))
{
$id = $_GET['id'];
$_SESSION['id'] = $id;
$id_exists = true;
$query = mysql_query("Select * from doctor Where id='$id'"); // SQL Query
$count = mysql_num_rows($query);
if($count > 0)
{
while($row = mysql_fetch_array($query))
{
Print "<tr>";
Print '<td align="center">'. $row['id'] . "</td>";
Print '<td align="center">'. $row['your_email'] . "</td>";
Print '<td align="center">'. $row['mobile_no'] . "</td>";
Print '<td align="center">'. $row['detail'] . "</td>";
Print '<td align="center">'. $row['info'] . "</td>";
Print "</tr>";
}
}
else
{
$id_exists = false;
}
}
?>
</table>
<br/>
<?php
if($id_exists)
{
Print '
<form action="edit.php" method="POST">
Enter new E-Mail: <input type="text" name="your_email"/><br/><br/>
Enter new Mobile: <input type="text" name="mobile_no"/><br/><br/>
Enter new detail: <textarea name="detail" rows="6" id="detail" style="width:200px;"></textarea><br/><br/>
Enter new Extra Information: <textarea name="info" rows="4" id="info" style="width:200px;"></textarea><br/><br/>
<input type="hidden" name="id" value="'.$id.'">
<input type="submit" value="Update List"/>
</form>
';
}
else
{
Print '<h2 align="center">There is no data to be edited.</h2>';
}
?>
<?php
if($_SERVER['REQUEST_METHOD'] == "POST")
{
$field_email = mysql_real_escape_string($_POST['your_email']);
$field_phone = mysql_real_escape_string($_POST['mobile_no']);
$detail = mysql_real_escape_string($_POST['detail']);
$field_message = mysql_real_escape_string($_POST['info']);
$id = $_SESSION['id'];
mysql_query("UPDATE doctor SET your_email='$field_email', mobile_no='$field_phone', detail='$detail', info='$field_message' WHERE id='$id'") ;
header("location: home.php");
}
?>
<?php
include('footer.php');
$msg='';
?>
</body>
So when I hit submit on the form that is displayed, the page (if working properly) should refresh, and the ELSE statement should be displayed instead, but I have 2 problems
The else statement is not displayed until I manually refresh the page
The Pub Score is not updated until the page is manually refreshed either, I think my code placement might be what's causing it, but I tried to put my form as far down as I could, I'm out of ideas, any help would be great thanks.
<?php
require_once('header.php');
require_once('connectdb.php');
require_once('sessioncheck.php');
if (isset($_SESSION['user_id'])) {
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_DATA);
$user_name = mysqli_real_escape_string($dbc, trim($_GET['username']));
$query = "SELECT * FROM blah WHERE username = '$user_name'";
$data = mysqli_query($dbc, $query);
$row = mysqli_fetch_array($data);
if (mysqli_num_rows($data) != 0) {
if ($row['havemic'] == 1) {
$micstatus = "Yes";
} else {
$micstatus = "No";
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8" />
<title><?php echo $user_name . ' profile' ?></title>
</head>
<body>
<?php
$commenduser = $user_name;
$query = "SELECT * FROM blah where commenduser = '$commenduser'";
$data = mysqli_query($dbc, $query);
$row = mysqli_fetch_array($data);
$lowerusername = strtolower($username);
$loweruser_name = strtolower($user_name);
if (mysqli_num_rows($data) == 0) {
if (isset($_POST['submit'])) {
$commendplayer = mysqli_real_escape_string($dbc, trim($_POST['commendplayer']));
$commend = mysqli_real_escape_string($dbc, trim($_POST['commend']));
$comment = mysqli_real_escape_string($dbc, trim($_POST['comment']));
if (empty($comment)) {
echo '<p class="error">Please fillout a comment before submitting</p>';
} else {
$query = "INSERT INTO commend (commendby, commenduser, comment) VALUES ('$username', '$user_name', '$comment')";
mysqli_query($dbc, $query);
if ($commend == true) {
$query = "UPDATE blah SET points=points+1 WHERE username='$user_name'";
mysqli_query($dbc, $query);
echo '<p class="success">Your commendation has been submitted with + 1 account points.</p>';
} else {
echo '<p class="success">Your commendation has been submitted with no affect on the users account points.</p>';
}
}
}
} else {
echo '<p class="success">You have already submitted a commendation for this player.</p>';
}
?>
<div id="accsettings">
<table cellpadding="5">
<tr><td><label for="username" class="reglabel">Username: </label></td>
<td><label for="username" class="reglabel"><?php echo $row['username']; ?></label></td></tr>
<tr><td><label class="reglabel">Pub Score: </label></td><td><label class="reglabel">
/*This value 'points' should be updated to the new value after form submit */
/*As well the ELSE statement near the bottom should be displayed*/
<?php echo $row['points'] ?></label></td></tr>
<tr><td><label for="steamname" class="reglabel">Steam Name: </label></td>
<td><label for="steamname" id="acclink"><?php echo '' . $row['steamname'] . ''; ?></label>
<tr><td><label for="favchar" class="reglabel">Prefered Hero: </label></td>
<td><label for="favchar" class="reglabel"><?php echo $row['favchar']; ?></label></td></tr>
<tr><td><label for="language" class="reglabel">Spoken Language: </label></td>
<td><label for="language" class="reglabel"><?php echo $row['language']; ?></label></td></tr>
<tr><td><label for="playernote" class="reglabel">Player Note: </label></td>
<td><label for="playernote" class="reglabel"><?php echo $row['note']; ?></label></td></tr>
<tr><td><label for="micstatus" class="reglabel">Has a Mic and VO-IP?</label></td>
<td><label for="micstatus" class="reglabel"><?php echo $micstatus; ?></label></td></tr>
<tr><td colspan="2">Players Comments</td></tr>
<?php
if ($row['commendby'] != $username && $lowerusername != $loweruser_name) {
?>
<tr><td><br></td></tr>
<tr><td colspan="2"><p class="success">Player Commendations/Comments</p></td></tr>
<tr><td><br></td></tr>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] . '?username=' . $user_name; ?>">
<tr><td><label for="comment">Leave a comment</label></td>
<td><input type="text" name="comment" class="regtext" /></td></td>
<tr><td colspan="2"><label for="commend" class="right">Commend Player?</label><input type="checkbox" class="right" name="commend" value="yes" /></td></tr>
<tr><td colspan="2"><input id ="submit" type="submit" class="button1" name="submit" value="Submit" /></td></tr>
</form>
<?php
} else {
/*This is what should be being displayed after the form is submitted. But it is not.*/
$query = "SELECT * FROM blah where commenduser = '$commenduser'";
$data = mysqli_query($dbc, $query);
while($row = mysqli_fetch_array($data)) {
echo '<tr><td><br></td></tr>';
echo '<tr><td><br></td></tr>';
echo '<tr><td><label class="reglabel" for="commendedbyy">Comment From: ' . $row['commendby'] . '</label></td>';
echo '<td><label class="reglabel">' . $row['comment'];
echo '<input type="hidden" name="submit" />';
echo '</form>';
}
}
?>
</table>
<?php
} else {
echo '<p class="error">' . $user_name . ' is not a registered account.</p>';
}
}
else {
echo '<p class="error">You must Log In to view this profile.</p>';
}
?>
</div>
</body>
</html>
<?php
require_once('footer.php');
?>
The $row is first grabbed from the database and then the database is updated.
You can do one of three things, the last being the simplest:
You can refactor the code to change the order
Reload the data using another query after the update
Once you update the points then update the array (i.e. do $row['points'] = $row['points'] + 1;)