This is my whole code....
I am facing the problem while replacing the %20 with - in url. I have tried many codes but failed. please help me out. I am attaching my full code. I am getting problem in
/">Visit
where i am displaying both id as well as firm name. I just want to show both id as well as firm name and they are separated by /
<?php
error_reporting("0");
$rowperpage =10 ;
#$select_city=$_GET['city'];
if(isset($_REQUEST['search'])){
$allcount_query = "SELECT count(*) as allcount FROM inventory_details";
$allcount_result = mysqli_query($conn, $allcount_query);
$allcount_fetch = mysqli_fetch_array($allcount_result);
$allcount = $allcount_fetch['allcount'];
$sql="SELECT * FROM inventory_details";
$search_item = mysqli_real_escape_string($conn, $_REQUEST['search_box']);
$sql .= " WHERE (firm_name LIKE '%$search_item%'";
$sql .= " OR catagory_name LIKE'%$search_item%'";
$sql .= " OR mobile_no LIKE'%$search_item%'";
$sql .= " OR product_key LIKE'%$search_item%')";
$sql .= " AND city='$select_city' AND status='0' ";
$sql .="ORDER BY today_date DESC limit 0,$rowperpage";
// $sql .= " ORDER BY catagory_name LIMIT 0,5";
// echo $sql;
if($_GET['search_box']==""){
$msg=include"error_msg.php";
}
else{
$fquery=mysqli_query($conn, $sql);
$totalrec=mysqli_num_rows($fquery);
if ($totalrec=='0'){
$msg=include"error_msg.php";
}
}
}
// if($selct_city=$_GET['city']){
// SELECT * FROM inventory_details WHERE city LIKE '%DELHI%' && catagory_name LIKE '%belts%'
// SELECT * FROM inventory_details WHERE firm_name='keyboard' OR catagory_name='keyboard' OR mobile_no='keyboard' OR city='keyboard' OR product_key='keyboard' && city="delhi"
// echo $sql . $fquery;
// SELECT * FROM inventory_details WHERE city='delhi' AND catagory_name like '%foot%' OR firm_name LIKE'%foot%' OR product_key like '%foot%' OR mobile_no like '%foot%'
// SELECT * FROM inventory_details WHERE city='Delhi' AND firm_name LIKE '%foot%' OR catagory_name LIKE'%foot%' OR mobile_no LIKE'%foot%' OR product_key LIKE'%foot%'
// // }
?>
<?php
?>
<!-- Brand and toggle get grouped for better mobile display -->
<!-- <div class="container">
<form class="navbar-form" role="search">
<div class="input-group col-md-12 col-xs-12 ">
<div class=" col-md-offset-7 col-md-5">
<select class="form-control select country" name="city" required="">please select city
<?php ;?>
</select>
<select class="form-control input-lg" placeholder="Search By Firm name,Category name,Mobile no....." name="search_box">
<option>select city</option>
<option>Delhi</option>
<option>Mumbai</option>
<option>Channai</option>
<option>Kolkata</option>
</select>
</div>
<div class="input-group-btn ">
</div>
<div class=" col-md-12">
<input type="text" class="form-control" placeholder="Just Type Anything..." name="search_box">
</div>
<div class="input-group-btn ">
<button class="btn btn-info" type="submit" name="search"><span class=""></span>search</button>
</div>
</div>
</form>
</div> -->
<?php
while($row=mysqli_fetch_assoc(#$fquery)){ //handle rows.
$id=$row['id'];
$catagory_name=$row['catagory_name'];
$firm_name=$row['firm_name'];
// $user_pass=md5($_POST ['user_pass']);
$city=$row ['city'];
$product_key=$row ['product_key'];
$firm_email=$row ['firm_email'];
$mobile_no=$row ['mobile_no'];
$phone_no=$row ['phone_no'];
$address=$row ['address'];
$Fax_no=$row ['Fax_no'];
$Website=$row ['Website'];
$product_key=$row['product_key'];
$sotime=$row ['sotime'];
$sctime=$row ['sctime'];
$Contact_person=$row ['Contact_person'];
$Contact_person_mobile=$row ['Contact_person_mobile'];
$colorname=$row ['colorname'];
$textcolor=$row ['textcolor'];
$compLogo=$row ['compLogo'];
////////////////////////////////////////
$banner=$row ['banner'];
if(empty($banner))
{
$banner="default.jpg";
}
?>
<div class="container post" id="post_<?php echo $id; ?>">
<div class="col-md-12 inv_data" style="background:<?php echo $colorname; ?>; color:<?php echo $textcolor; ?>;">
<div class="col-md-3">
<!-- <?php ?>
<img src="image/banner/<?php echo $banner; ?>" class="img_style"> -->
<?php
$imageArr = explode(',',$compLogo);
foreach ($imageArr as $k=>$val) { if($val!=""){
?>
<img class="mySlides" src="image/logo/<?php echo $val; ?>">
<?php
}}
?>
<img class="mySlides" src="image/logo/defualt.jpg">
</div>
<div class="col-md-7">
<h3><strong><?php echo strtoupper($firm_name); ?></strong></h3>
<strong></strong> <?php echo $product_key; ?><br>
<strong> <span class="glyphicon glyphicon-home"></span> </strong> <?php echo $address; ?><br>
<!-- <strong>Category : -</strong> <?php echo $catagory_name." , " . $product_key;?><br> -->
<!-- <strong>Phone no : -</strong> <?php echo $phone_no; ?>
<strong>Mobile no : -</strong> <?php echo $mobile_no; ?>
<br>
<strong> Whatsapp no : -</strong> <?php echo $Contact_person_mobile ; ?>
<strong> Contact Person : -</strong> <?php echo $Contact_person ; ?>
<br>
<strong>Email : -</strong> <?php echo $firm_email;?>
<strong>Timing : -</strong> <?php echo $sotime. " to ".$sctime?><br>
<strong>Website : -</strong> <?php echo $Website;?><br> -->
</div>
<div class="col-md-2">
<span> <br> <br> <br></span>
<button type="button" class="btn btn-info btn-lg">Visit</button>
<!--<a href="/jyp/<?php echo $id;?><?php echo $firm_name;?>"><button type="button" class="btn btn-info btn-lg">Visit</button>-->
</a>
</div>
</div>
</div>
<?php
}
?>
<?php
if(isset($_REQUEST['search'])){
?>
<h1 id="loadbtn"><span class="load-more">Load More</span></h1>
<input type="hidden" id="row" value="0">
<input type="hidden" id="cityname" name="cityname" value="<?php echo $city; ?>">
<input type="hidden" id="search_item" name="search_item" value="<?php echo $search_item; ?>">
<input type="hidden" id="all" value="<?php echo $allcount; ?>">
<?php
}
?>
The %20 gives a hint that the string is most probably Url Encoded (%20 is a single space character). So what you should probably be doing is trying to first Url Decode the string (then you will get the original string). Then afterwards you can remove/replace any characters that you do not want.
So in your question, you said you do not want %20 (a space) but a dash (-) instead. This could be achieved as follows...
<?php
error_reporting("0");
$rowperpage =10 ;
#$select_city=$_GET['city'];
if(isset($_REQUEST['search'])){
$allcount_query = "SELECT count(*) as allcount FROM inventory_details";
$allcount_result = mysqli_query($conn, $allcount_query);
$allcount_fetch = mysqli_fetch_array($allcount_result);
$allcount = $allcount_fetch['allcount'];
$sql="SELECT * FROM inventory_details";
$search_item = mysqli_real_escape_string($conn, $_REQUEST['search_box']);
$sql .= " WHERE (firm_name LIKE '%$search_item%'";
$sql .= " OR catagory_name LIKE'%$search_item%'";
$sql .= " OR mobile_no LIKE'%$search_item%'";
$sql .= " OR product_key LIKE'%$search_item%')";
$sql .= " AND city='$select_city' AND status='0' ";
$sql .="ORDER BY today_date DESC limit 0,$rowperpage";
// $sql .= " ORDER BY catagory_name LIMIT 0,5";
// echo $sql;
if($_GET['search_box']==""){
$msg=include"error_msg.php";
}
else{
$fquery=mysqli_query($conn, $sql);
$totalrec=mysqli_num_rows($fquery);
if ($totalrec=='0'){
$msg=include"error_msg.php";
}
}
}
// if($selct_city=$_GET['city']){
// SELECT * FROM inventory_details WHERE city LIKE '%DELHI%' && catagory_name LIKE '%belts%'
// SELECT * FROM inventory_details WHERE firm_name='keyboard' OR catagory_name='keyboard' OR mobile_no='keyboard' OR city='keyboard' OR product_key='keyboard' && city="delhi"
// echo $sql . $fquery;
// SELECT * FROM inventory_details WHERE city='delhi' AND catagory_name like '%foot%' OR firm_name LIKE'%foot%' OR product_key like '%foot%' OR mobile_no like '%foot%'
// SELECT * FROM inventory_details WHERE city='Delhi' AND firm_name LIKE '%foot%' OR catagory_name LIKE'%foot%' OR mobile_no LIKE'%foot%' OR product_key LIKE'%foot%'
// // }
?>
<?php
?>
<!-- Brand and toggle get grouped for better mobile display -->
<!-- <div class="container">
<form class="navbar-form" role="search">
<div class="input-group col-md-12 col-xs-12 ">
<div class=" col-md-offset-7 col-md-5">
<select class="form-control select country" name="city" required="">please select city
<?php ;?>
</select>
<select class="form-control input-lg" placeholder="Search By Firm name,Category name,Mobile no....." name="search_box">
<option>select city</option>
<option>Delhi</option>
<option>Mumbai</option>
<option>Channai</option>
<option>Kolkata</option>
</select>
</div>
<div class="input-group-btn ">
</div>
<div class=" col-md-12">
<input type="text" class="form-control" placeholder="Just Type Anything..." name="search_box">
</div>
<div class="input-group-btn ">
<button class="btn btn-info" type="submit" name="search"><span class=""></span>search</button>
</div>
</div>
</form>
</div> -->
<?php
while($row=mysqli_fetch_assoc(#$fquery)){ //handle rows.
$id=$row['id'];
$catagory_name=$row['catagory_name'];
$firm_name=$row['firm_name'];
// $user_pass=md5($_POST ['user_pass']);
$city=$row ['city'];
$product_key=$row ['product_key'];
$firm_email=$row ['firm_email'];
$mobile_no=$row ['mobile_no'];
$phone_no=$row ['phone_no'];
$address=$row ['address'];
$Fax_no=$row ['Fax_no'];
$Website=$row ['Website'];
$product_key=$row['product_key'];
$sotime=$row ['sotime'];
$sctime=$row ['sctime'];
$Contact_person=$row ['Contact_person'];
$Contact_person_mobile=$row ['Contact_person_mobile'];
$colorname=$row ['colorname'];
$textcolor=$row ['textcolor'];
$compLogo=$row ['compLogo'];
////////////////////////////////////////
$banner=$row ['banner'];
if(empty($banner))
{
$banner="default.jpg";
}
?>
<div class="container post" id="post_<?php echo $id; ?>">
<div class="col-md-12 inv_data" style="background:<?php echo $colorname; ?>; color:<?php echo $textcolor; ?>;">
<div class="col-md-3">
<!-- <?php ?>
<img src="image/banner/<?php echo $banner; ?>" class="img_style"> -->
<?php
$imageArr = explode(',',$compLogo);
foreach ($imageArr as $k=>$val) { if($val!=""){
?>
<img class="mySlides" src="image/logo/<?php echo $val; ?>">
<?php
}}
?>
<img class="mySlides" src="image/logo/defualt.jpg">
</div>
<div class="col-md-7">
<h3><strong><?php echo strtoupper($firm_name); ?></strong></h3>
<strong></strong> <?php echo $product_key; ?><br>
<strong> <span class="glyphicon glyphicon-home"></span> </strong> <?php echo $address; ?><br>
<!-- <strong>Category : -</strong> <?php echo $catagory_name." , " . $product_key;?><br> -->
<!-- <strong>Phone no : -</strong> <?php echo $phone_no; ?>
<strong>Mobile no : -</strong> <?php echo $mobile_no; ?>
<br>
<strong> Whatsapp no : -</strong> <?php echo $Contact_person_mobile ; ?>
<strong> Contact Person : -</strong> <?php echo $Contact_person ; ?>
<br>
<strong>Email : -</strong> <?php echo $firm_email;?>
<strong>Timing : -</strong> <?php echo $sotime. " to ".$sctime?><br>
<strong>Website : -</strong> <?php echo $Website;?><br> -->
</div>
<div class="col-md-2">
<span> <br> <br> <br></span>
<!-- there's the solution below -->
<?php
$firm_name = urldecode($firm_name); # decode the string (like converting %20 to a space character)
$firm_name = str_replace(' ', '-', $firm_name); # then replace any characters you don't want (like converting a space character to a -
$url = "category.php?edit=" . urlencode($id) . '/' . urlencode($firm_name);
?>
<button type="button" class="btn btn-info btn-lg">Visit</button>
<?php
// probably don't need these now.
$firm_name = urldecode($firm_name);
$firm_name = str_replace(' ', '-', $firm_name);
# are you missing a / here ???
$url = '/jyp/' . urlencode($id) . '' . urlencode($firm_name);
?>
<a href="<?php echo $url ?>"><button type="button" class="btn btn-info btn-lg">Visit</button>
</a>
</div>
</div>
</div>
<?php
}
?>
<?php
if(isset($_REQUEST['search'])){
?>
<h1 id="loadbtn"><span class="load-more">Load More</span></h1>
<input type="hidden" id="row" value="0">
<input type="hidden" id="cityname" name="cityname" value="<?php echo $city; ?>">
<input type="hidden" id="search_item" name="search_item" value="<?php echo $search_item; ?>">
<input type="hidden" id="all" value="<?php echo $allcount; ?>">
<?php
}
?>
You probably should encode whatever you echo to the browser using htmlspecialchars.
Disclaimer: The website where I was testing my PHP code gave the same result when using rawurldecode('hi%20you'); and urldecode('hi%20you');.
Related
I want to view all posts, all comments for each post at once. While I have no problems with displaying posts, displaying comments is already a problem. One post can have multiple comments, so I have no idea how to create a query to display this. I tried to use LEFT JOIN but it didn't help. I include a table schema below the code to make my problem easier to understand.
<?php foreach ($tweet->userData as $user)
{ ?>
<div class='col-xl-8' id='posty'>
<div class='row' id='time'>
<div class='btn-block d-flex justify-content-between'>
<div class='imie'>
<?php echo $user['autor'] ?>
</div>
<div class='czas'>
<?php echo $user['date_to_add'] ?>
</div>
</div>
</div>
<?php echo $user['comment'] ?>
<form action='' method='post' id="myForm">
<div class='row'>
<div class='col-12 col-xl-12 d-flex justify-content-between' id='icon'>
<button class='button2' name='dodaj_like' style="background-color: <?php if($user['like_color']==1){echo '#00FA9A';}else{echo 'black';} ?>" ><i class='fas fa-heart' ></i><input type='hidden' name='like' value="<?php echo $user['id']?>" /><span id="font"><?php echo $user['likes']?></span></button>
<button class='button2' name='dodaj_dislike' style="background-color: <?php if($user['dislike_color']==1){echo '#00FA9A';}else{echo 'black';} ?>"><i class='fas fa-heart-broken'></i><input type='hidden' name='dislike' value="<?php echo $user['id']?>"/><span id="font"><?php echo $user['dislikes']?></span></button>
<button class='button2' name='dodaj_comment' id="com" ><i class='far fa-comment-dots'></i><input type='hidden' name='comment' value="<?php echo $user['id']?>"/><span id="font">Comment</span></button>
<button class='button2' name='dodaj_share' style="background-color: <?php if($user['share_color']==1){echo '#00FA9A';}else{echo 'black';} ?>" ><i class='far fa-share-square' ></i><input type='hidden' name='share' value="<?php echo $user['id']?>"/><span id="font"><?php echo $user['shares'] ?></span></button>
</div>
</div>
</form>
<div class="row d-flex">
<div class="col-xl-12 bg-success ">
<form method="post">
<textarea id="form103" class="md-textarea form-control" rows="5" placeholder="Co słychać?" name="komentarz"></textarea>
<div>
<?php echo $aabbcc ?? '' ?>
</div>
<div class="button">
<button class="btn btn-danger mt-2" name='dodaj_comment'><input type='hidden' name='com' value="<?php echo $user['id']?>"/>Publikuj</button>
</div>
</form>
</div>
</div>
</div>
<?php } ?>
$id = $_GET['id'];
$session = $_SESSION['id'];
$sql = $this->database->connect()->prepare("SELECT post.id, CONCAT(first_name,' ', last_name) AS author, post.comment, post.date_to_add, post_comment.comment, post_comment.date_to_add FROM user JOIN post ON user.id = post.user_id LEFT JOIN post_comment ON post.user_id=post_comment.post_id where post.user_id = :user_id order by post.id DESC");
$sql->bindParam(':user_id',$id, PDO::PARAM_INT);
$sql->bindParam(':id',$session, PDO::PARAM_INT);
$sql->execute();
if($sql->rowCount())
{
$this->userData = [];
while ($row = $sql->fetch())
{
$this->userData[] = $row;
}
}
}
You can get the Comment form database for specific Post using post_id by selecting Comment Table:
$query="select * form post_comment where post_id=". $post_id;
here is the PHP Implementation :
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql_post = "SELECT * FROM post";
$result = $conn->query($sql_post );
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<br> post id: ". $row["id"]. " - <br> Post: ". $row["post"]<br>";
$comment_query=$conn->query("select * form post_comment where post_id=". $row["id"]);
if ($comment_query->num_rows > 0) {
// output data of each row
while($comment= $result->fetch_assoc()) {
echo " <p>Comment ".comment['comment']." </p>";
}
}
}
} else {
echo "0 results";
}
$conn->close();
How do make my search work from a class... i can display my search results on the major page but i want it to display all results and if it is more than the paginated result, client can easily move to another page.
<?php
// if it's going to need the database, then it's
//probably smart to require it before we start.
#require_once(LIB_PATH.DS.'database.php');
class Product extends DatabaseObject {
protected static $table_name="products";
protected static $db_fields=array('id', 'product_id', 'image', 'title', 'slug', 'description', 'price');
public $id;
public $product_id;
public $image;
public $title;
public $slug;
public $description;
public $price;
public static function search(){
global $database;
$sql = "SELECT * FROM products WHERE image LIKE '{%$search%'";
$sql .= " OR title LIKE '{%$search%}'";
$sql .= " OR slug LIKE '%$search%'";
$sql .= " OR description LIKE '%$search%'";
$sql .= " OR price LIKE '%$search%'";
$total_count = count($sql);
$result_set = $database->query($total_count);
$row = $database->fetch_assoc($result_set);
return array_shift($row);
}
?>
Please check my code... i am a bit confused.
<?php if(empty($_POST['search'])){
$session->message("<div class='error-msg'>Search cannot be empty</div>");
redirect_to('photos.php');
}
?>
<?php include_layout_template('header2.php'); ?>
<div class="container">
<div class="row">
<?php
if(isset($_POST['submit'])){
// 1. the current page number ($current_page)
$page = !empty($_GET['page']) ? (int)$_GET['page'] : 1;
// 2. records per page ($per_page)
$per_page = 10;
// 3. total record count ($total_count)
//$total_count = Product::count_all();
$total_count = Product::search();
// Find all photos
// use pagination instead
$pagination = new Pagination($page, $per_page, $total_count);
// Instead of finding all records, just find the records
$search = $database->escape_value($_POST['search']);
// $sql = "SELECT * FROM products WHERE image LIKE '%$search%'";
// $sql .= " OR title LIKE '%$search%'";
// $sql .= " OR slug LIKE '%$search%'";
// $sql .= " OR description LIKE '%$search%'";
// $sql .= " OR price LIKE '%$search%'";
// $sql .= " LIMIT {$per_page} ";
// $sql .= "OFFSET {$pagination->offset()}";
$search = new Product();
$search->search = $search;
$photos = Product::find_by_sql($search);
//$total_count = count($photos);
//echo $numresults = '<p class="error-msg">There are '.$total_count.' results in your search</p><br/><br/>';
foreach ($photos as $photo): ?>
<div class="col-md-4 col-sm-6">
<div class="row">
<div id="pagination" style="clear: both;">
<nav aria-label="Page navigation example">
<ul class="pagination">
<?php
for($i=1; $i <= $pagination->total_pages(); $i++){
if($i == $page) {
// echo " <span class=\"selected\">{$i}</span> ";
// } else{
// echo " {$i} ";
}
}
if($pagination->total_pages() > 1) {
if($pagination->has_previous_page()) {
echo "<li class='page-item'><a class='page-link' href=\"search.php?page=";
echo $pagination->previous_page();
echo "\">« Previous</a></li> ";
}
if($pagination->has_next_page()){
echo "<li class='page-item'><a class='page-link' href=\"search.php?page=";
echo $pagination->next_page();
echo "\">Next »</a></li>";
}
}
?>
</ul>
</nav>
</div>
</div>
<div class="thumbnail">
<form method="post" action="cart.php?action=add&id=<?php echo $photo->id; ?>" role="form" class="form-vertical">
<a href="order_review.php?id=<?php echo $photo->id; ?>"><img src="<?php echo $photo->image_path();
?>" class="img-thumbnail" alt="responsive image"></a>
<div class="caption">
<h3 class="text-info text-center"><?php echo $photo->title; ?></h3>
<p class="text-muted text-center price card-header"><span class="currency">N</span><?php echo $photo->price; ?></p>
<p class="text-center"><em><?php echo $photo->description; ?></em></p>
<input type="hidden" name="id" class="form-control" value="<?php echo $photo->id; ?>" />
<input type="hidden" name="title" class="form-control" value="<?php echo $photo->title; ?>" />
<input type="hidden" name="slug" class="form-control" value="<?php echo $photo->slug; ?>" />
<input type="hidden" name="description" class="form-control" value="<?php echo $photo->description; ?>" />
<input type="hidden" name="price" class="form-control" value="<?php echo $photo->price; ?>"/>
<div class="col-sm-4 mx-auto d-block">
<select name="quantity" class="form-control" name="quantity">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
</select>
</div>
</div>
<div class="col-sm-4 col-sm-push-3 mx-auto d-block">
<input type="submit" name="add_to_cart" class="btn bg-success" value="Add to cart" />
</div><br/>
</form>
</div>
</div>
<?php endforeach; }
?>
</div>
</div>
PLease take note of the code i commented out... I am a bit confused.
This question already has answers here:
"Notice: Undefined variable", "Notice: Undefined index", "Warning: Undefined array key", and "Notice: Undefined offset" using PHP
(29 answers)
Reference - What does this error mean in PHP?
(38 answers)
Closed 5 years ago.
I don't what is the wrong about this, there's no error but its not working about the update query. I don't know if its the latest code or old code. The first code is the accommodation_server.php.
Here's the structure:
<?php
session_start();
$title_room = "";
$room_size = "";
$occupancy = "";
$bed = "";
$rate = "";
$others = "";
$others1 = "";
$others2 = "";
$others3 = "";
$others4 = "";
$id = 0;
$edit_state = false;
//connect to the database
$db = mysqli_connect('localhost', 'root', '', 'accommodation');
//update
if (isset($_POST['update'])) {
$title_room = $_POST['text_title'];
$room_size = $_POST['text_size'];
$occupancy = $_POST['text_occupancy'];
$rate = $_POST['text_rate'];
$others = $_POST['text_others1'];
$others1 = $_POST['text_others2'];
$others2 = $_POST['text_others3'];
$others3 = $_POST['text_others4'];
$others4 = $_POST['text_others5'];
$bed = $_POST['text_bed'];
$description = $_POST['text_description'];
$id = $_POST['text_id'];
mysqli_query($db, "UPDATE rooms SET title_room = '$title_room', room_size = '$room_size', occupancy = '$occupancy', rate = '$rate', bed = '$bed', others = '$others', others1 = 'others1', others2 = '$others2', others3 = '$others3', others4 = '$others4', description = '$description' where id=$id");
$_SESSION['msg'] = "Room Updated!";
header('location: accommodation.php');
}
//retrieve records
$results = mysqli_query($db, "SELECT * FROM rooms");
?>
and this is the accommodation.php
<?php include ('accomodation_server.php');
//fetch the record
if (isset($_GET['edit'])) {
$id = $_GET['edit'];
$edit_state = true;
$rec = mysqli_query($db, "SELECT * FROM rooms where id=$id");
$record = mysqli_fetch_array($rec);
$title_room = $record['title_room'];
$room_size = $record['room_size'];
$occupancy = $record['occupancy'];
$rate = $record['rate'];
$others = $record['others'];
$others1 =$record['others1'];
$others2 = $record['others2'];
$others3 = $record['others3'];
$others4 = $record['others4'];
$bed = $record['Bed'];
$description = $record['description'];
$id = $record['id'];
}
?>
<html>
<head>
<title>C M S</title>
<link rel="stylesheet" type="text/css" href="css/accommodation.css">
<meta name="viewport" content="width=device-width, initial-scale: 1.0, user-scalable=0"/>
</head>
<body>
<?php if(isset($_SESSION['msg'])): ?>
<div class="msg">
<?php
echo $_SESSION['msg'];
unset($_SESSION['msg']);
?>
</div>
<?php endif ?>
<div id="container">
<div class="sidebar">
<ul id="nav">
<li>Dashboard</li>
<li><a class="selected" href="cms.php">CMS</a></li>
<li>Account Settings</li>
<li>Logout</li>
</ul>
</div>
<div class="content">
<br>
<br>
<h1>Accommodation</h1>
<p>Edit and remove images or description.</p>
<?php while ($row = mysqli_fetch_array($results)) { ?>
<form method="post" action="#">
<input type="hidden" name="id" value="<?php echo $id; ?>">
<div id="box">
<div class="title-room"><b> <!--title ng room--> <?php echo $row['title_room']; ?></b></a>
Edit
<input type="text" name="text_title" placeholder = "Enter the name of the room..." class="title" value="<?php echo $title_room; ?>">
</div>
<div class="box-top">Room Size:<p><?php echo $row['room_size']; ?></p></a>
<input type="text" name="text_size" placeholder = "Enter the size of the room..." class="size" value="<?php echo $room_size; ?>">
</div>
<div class="box-top">Bed: <p><?php echo $row['Bed']; ?></p></a>
<input type="text" name="text_bed" placeholder = "Enter the bedtype of the room..." class="bed" value="<?php echo $bed; ?>">
</div>
<div class="box-top">Occupancy: <p><?php echo $row['occupancy']; ?></p></a>
<input type="text" name="text_occupancy" placeholder = "Enter the occupancy of the room..." class="occupancy" value="<?php echo $occupancy; ?>">
</div>
<div class="box-top">Rate from: <p><?php echo $row['rate']; ?></p></a>
<input type="text" name="text_rate" placeholder = "Enter the rate of the room..." class="rate" value="<?php echo $rate; ?>">
</div>
<div class="box-top">Others:
<p class="others1"> <br>
<input type="text" name="text_others1" placeholder = "Others..." class="t_others1" value="<?php echo $others; ?>">
<?php echo $row['others']; ?></p> <br>
<p class="others2">
<input type="text" name="text_others2" placeholder = "Others..." class="t_others2" value="<?php echo $others1; ?>">
<?php echo $row['others1']; ?></p> <br>
<p class="others3">
<input type="text" name="text_others3" placeholder = "Others..." class="t_others3" value="<?php echo $others2; ?>">
<?php echo $row['others2']; ?></p><br>
<p class="others4">
<input type="text" name="text_others4" placeholder = "Others..." class="t_others4" value="<?php echo $others3; ?>">
<?php echo $row['others3']; ?></p> <br>
<p class="others5">
<input type="text" name="text_others5" placeholder = "Others..." class="t_others5" value="<?php echo $others4; ?>">
<?php echo $row['others4']; ?></p></a><br> </div>
<div class="box-panel">
<?php echo $row['description']; ?>
<br><p> </p>
<textarea placeholder = "Enter the Description of the Room..." rows="4" cols="100" class="description" name="text_description" value="<?php echo $description; ?>">
</textarea>
</div>
<?php if ($edit_state == false): ?>
<button type="submit" name="edit_button" class="edit_button">Edit</button>
<?php else: ?>
<button type="submit" name="update" class="btn">Update</button>
<?php endif ?>
</form>
<?php } ?>
<div id="box">
<div class="box-top">Destination</div>
<div class="box-panel">
Information of the resort (contact number, destination, etc)
</div>
<div id="box">
<div class="box-top">Accommodation</div>
<div class="box-panel">
Rooms, and the description of the room.
</div>
<div id="box">
<div class="box-top">Photos</div>
<div class="box-panel">
All images of the website.
</div>
</div>
</div>
</div>
<div id="header">
<div class="logo">Pacific Sky Beach Resort Admin Panel <span></span></div>
</div>
</body>
</html>
mysqli_query($db, "UPDATE rooms SET title_room = '$title_room', room_size = '$room_size', occupancy = '$occupancy', rate = '$rate', bed = '$bed', others = '$others', others1 = 'others1', others2 = '$others2', others3 = '$others3', others4 = '$others4', description = '$description' where id='$id'");
you missed the '' surrounding id='$id' in the first code sample
and again in the second
$rec = mysqli_query($db, "SELECT * FROM rooms where id='$id'");
also if you add print_r($db) after your query's it will show you if there are any errors in your sql request
I have problem, I am trying to create a form with a few checkboxes, each assigned a different value, i just can update value first and last, between not working, can you help me?
Check.php
<div class="top-on">
<div class="top-on1">
<p class="text-center"> <?php echo $row['username'];?></p>
<br>
<select class="form-control col-sm-12" name="edit_level">
<?php
global $pdo;
$sql = $pdo->query("SELECT * FROM level");
while ( $row_c = $sql->fetch(PDO::FETCH_ASSOC) ) {
?>
<option <?php if($row_c["level"]==$row["level"])
{
echo "selected=\"selected\"";
}?>
value="<?php echo $row_c['level']?>"> <?php echo $row_c['name'];?> </opition>
<?php } ?>
</select>
</div>
<label style="float: right;">
<input type="checkbox" class="checkbox" name="idlevel[]" value="<?php echo $row['id'];?>"> </label>
<div class="clearfix"> </div>
</div>
page Control.php
function edit_level(){
global $pdo;
$sql1="SELECT * From user ";
$stmt1 = $pdo->query($sql1);
if(isset($this->btnlevel))
{
for($i=0;$i<$stmt1->rowCount();$i++){
$elve=$this->idlevel[$i];
$sql ="UPDATE user SET level='$this->editlevel' WHERE id='".$elve."'";
$upt = $pdo->prepare($sql);
$upt->execute();
}
}
}
I'm trying to make a paginating blog using PHP, HTML, and MySQL. I wrote the code but for some reason the webpage shows up blank. What's wrong with my code? Chrome's console returns a 500 internal server error.
<div id="article">
<?php
include 'php/mysql_connect.php';
if(empty($_GET)){
$current_id = SELECT max(id) FROM posts;
}
else{
$current_id = mysql_safe_string($_GET['id']);
}
$result = mysql_safe_query('SELECT * FROM posts WHERE id=%s LIMIT 1',$current_id);
if(!mysql_num_rows($result)){
echo '<h2>No Posts Found</h2>';
exit;
}
$row = mysql_fetch_assoc($result)
echo '<h2>'.$row['title'].'</h2>';
echo '<div class="row">';
echo ' <div class="group1 col-sm-6 col-md-6">';
echo ' <span class="glyphicon glyphicon-pencil"></span><a data-toggle="collapse" data-target="#comments" class"collapsed">'.$row['num_comments'].' Comments </a>';
echo ' <span class="glyphicon glyphicon-time"></span>'.date('F j<\s\up>S</\s\up>, Y', $row['date']);
echo ' </div>';
echo '</div>';
echo '<br />';
echo '<p class="lead">'.n12br($row['body']).'</p>';
?>
<div id="comments" class="collapse" >
<div class="well">
<h4>Leave a comment</h4>
<?php echo '<form role="form" method="post" action="php/comment_add.php?id=($current_id)" class="clearfix">'; ?>
<div class="col-md-6 form-group">
<label class="sr-only" for="name">Name</label>
<input type="text" class="form-control" id="name" placeholder="Name" required />
</div>
<div class="col-md-6 form-group">
<label class="sr-only" for="email">Email</label>
<input type="email" class="form-control" id="email" placeholder="Email" required />
</div>
<div class="col-md-12 form-group">
<label class="sr-only" for="content">Comment</label>
<textarea class="form-control" id="content" placeholder="Comment" required></textarea>
</div>
<div class="col-md-12 form-group text-right">
<button type="submit" class="btn btn-primary">Submit</button>
</div>
</form>
</div>
<br>
<?php
$result = mysql_safe_query('SELECT * FROM comments WHERE post_id=%s ORDER BY date ASC',$current_id);
echo ' <ul id="comments" class="comments">';
while($row = mysql_fetch_assoc($result)){
echo ' <li class="comment">';
echo ' <div id="inline" ><h4 style="display:inline;">'.$row['name'].'</h1><sup><p style="display:inline; font-size:10px;"> '.date('j-M-Y g:ia', $row['date']).'</p></sup></div>';
echo ' <em>'.n12br($row['content']).'</em>';
echo ' </li>';
echo ' </ul>';
}
?>
<hr>
</div>
</div>
<nav>
<ul class="pager">
<?php
$newer_id = IFNULL(mysql_safe_query('SELECT min(id) FROM posts WHERE id > $current_id ORDER BY id ASC LIMIT 1'),-1);
$older_id = IFNULL (mysql_safe_query('SELECT max(id) FROM posts WHERE id < $current_id ORDER BY id ASC LIMIT 1'),-1);
if($newer_id != -1){
echo '<li>Newer</li>';
}
if ($older_id != -1){
echo '<li>Older</li>';
}
?>
</ul>
</nav>
This is php/mysql_connect.php, which is supposed to prevent sql injection (i got this from a tutorial):
<?php
// mysql.php
function mysql_safe_string($value) {
$value = trim($value);
if(empty($value)) return 'NULL';
elseif(is_numeric($value)) return $value;
else return "'".mysql_real_escape_string($value)."'";
}
function mysql_safe_query($query) {
$args = array_slice(func_get_args(),1);
$args = array_map('mysql_safe_string',$args);
return mysql_query(vsprintf($query,$args));
}
function redirect($uri) {
header('location:'.$uri);
exit;
}
mysql_connect('localhost','(username)','(password)');
mysql_select_db('(database)');
From the logs I locate the failure which is:
Syntax error, unexpected 'max' (T_STRING) on line 6 (if(empty($_GET)){$current_id = SELECT max(id) FROM posts})
As other pointed out (and it should be immediately clear by the syntax error you are facing), your $current_id query is not being quoted. A good beginning is to fix the first block as such:
if(empty($_GET)) {
$current_id = "SELECT max(id) FROM posts;";
} else {
$current_id = mysql_safe_string($_GET['id']);
}
if(empty($_GET)){
$current_id = SELECT max(id) FROM posts;
}
no quotes around the sql is a mistake.
If your file is myfile.html and you don't have permission for embedded PHP it will not execute on the server.