I have a simple PHP form to insert "models" (in dorpdown) with a price.
The thing I want to do is that you can only post model 1 once and model 2 once etc..
So if you choose model 1 in the dropdown and post it and try it again that it doesn't allow you because you already posted model 1.
sorry for my bad English
<select name="model">
<?
$modellen[1]= "Model 1";
$modellen[2]= "Model 2";
$modellen[3]= "Model 3";
foreach ($modellen as $key => $value)
{
echo "<option value='".$key."''>".$value."</option>";
}
?>
</select>
if(isset($_POST['toevoegen']))
{
$prijs = Safesql($_POST['prijs']);
$moment = date("Y-m-d h:i:sa");
$kiesmodel = Safesql($_POST['model']);
if(!$mysqli->query("INSERT INTO prijzen (prijs, created, model) VALUES (".$prijs.",'".$moment."' , '".$kiesmodel."')")) {echo $mysqli->error;}
else{ echo "het toevoegen is gelukt";}
Laden(0);
}
//show records from database
if ($query = $mysqli->query("SELECT * FROM prijzen")) { echo $mysqli->error;}
if ($query->num_rows >= 1)
{
while($row = $query->fetch_assoc())
{
?><tr><td><form action="index.php" method="post">
<? echo "Model" . " " . $row['model']; ?><img src="delete.png">
<img src="edit.png"><?
echo " prijs:" . $row['prijs']. "<br>" ."";?><?
}
}
try add validation before insert,
if(isset($_POST['toevoegen']))
{
$prijs = Safesql($_POST['prijs']);
$moment = date("Y-m-d h:i:sa");
$kiesmodel = Safesql($_POST['model']);
// validation
$sql = "SELECT * FROM prijzen WHERE model = '$kiesmodel'";
$query = $mysqli->query($sql);
$row = $query->fetch_assoc();
if (count($row) >= 1) {
echo "<script>alert('You already add this model')</script>";
}else{
if(!$mysqli->query("INSERT INTO prijzen (prijs, created, model) VALUES (".$prijs.",'".$moment."' , '".$kiesmodel."')")) {echo $mysqli->error;}
else{ echo "het toevoegen is gelukt";}
Laden(0);
}
}
may it can help you
Related
Hi I am trying to do a Registration that the users will put their name password and their answers to some questions and then an admin will manually answer to it if it's accepted.I did the system that loads their name password and answers in the database,and I also ran the things that will show the answers to the admin,but I can't figure a way to change a value just for one user not for all of them,I will leave you my codes and everything over here.
Here is my admin.viewapplications.php code
(Here,it shows everything fine,but I can't figure a way that the button to act just for one id not for all)
<?php
//include(__DIR__ . "/signup.php");
include("../resources/config.php");
//$name = $_POST['Name'];
//$mg = $_POST['MG'];
//$pg = $_POST['PG'];
//$rk = $_POST['RK'];
$sql = "SELECT id, name, tutorial, MG, PG, RK FROM rp_users WHERE tutorial = 2";
//$tutorial = "SELECT tutorial FROM rp_users";
$result = mysql_query($sql);
//$result2 = mysql_query($tutorial);
//$value = mysql_fetch_object($result2)
/*if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}*/
//if($value > 1)
//
while($row = mysql_fetch_array($result))
{
//$tutorial = row["tutorial"];
//f($tutorial == 2)
//}
$id = $row["id"];
$name = $row["name"];
$mg = $row["MG"];
$pg = $row["PG"];
$rk = $row["RK"];
echo "ID: " . $id."<br> <br>";
echo "Nume: " . $name."<br> <br>";
echo "MG: " . $mg."<br> <br>";
echo "PG: " . $pg."<br> <br>";
echo "RK: " . $rk."<br> <br>";
echo '<form action="./?p=applicationaccept" method="POST">';
echo '<input type="submit" name="accept" value="Accepta">';
echo '</form><br>';
echo '<form action="./?p=applicationdeny" method="POST">';
echo '<input type="submit" name="deny" value="Respinge">';
echo '</form><br> <br> <br>';
}
//}
//
?>
And here is my applicationaccept.php
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $id;
$sql = "UPDATE rp_users SET tutorial=0";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
/*while($row = mysql_fetch_array($result))
{
}*/
?>
I think what you want to do is a simple UPDATE to your MySQL database..
but make sure you format the PHP code you're using otherwise it'll give you an ERROR!
Also you have to use 'mysqli' now in PHP!
<?php
$someID = '1';
$sql = "UPDATE `rp_users` SET `tutorial`= '0' WHERE `id` = $someID";
$result = mysqli_query($link, $sql);
if($result)
{
echo "Success";
}
else
{
echo ("Error");
}
?>
BTW I forgot to mntion the '$link' is the connection to your database!
As of my understanding of your question if your form action is applicationaccept.php and you are trying to update for one user in applicationaccept.php file, try this:
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $_POST["id"]; // pass id as parameter in form
$sql = "UPDATE rp_users SET tutorial=0";// change this line to following line
$sql = "UPDATE rp_users SET tutorial=0 where id=$iduser";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
?>
Be aware your code is vulnerable
I can't get the option value from my form to pass it to my action codes.
Form :
<select required name ="class" class="form-control">
<option value="NULL">-select class-</option>
<?php
$link2 = query("select * from td_class");
while ($list = mysql_fetch_array($link2)) {
?>
<option value="<?php echo $list['class'] ?>"><?php echo $list['class']; ?></option>
<?php } ?>
<option value="Alumni">Alumni</option>
</select>
I wanted to use it to check the class capacity in my class table, if the class is at full capacity it will throw an error otherwise the student data will be successfully added. However, my action codes seems to unable to get the given class input and when I submit the button to add student data it will always throw an error saying that the class is full even though it's not full yet. Below is my action codes, what I have done so far :
if ($hal == 'managestudent') {
$name = $_POST['name'];
$image = $_FILES['image'];
$class = $_POST['class'];
$id = $_GET['id'];
if ($aksi == 'addstudent') {
$student = query("select name, count(name) from td_student where class='$class' ");
$student2 = mysql_fetch_array($student);
$capacity = query("select capacity from td_class where class='$class'");
$cap = mysql_fetch_array($capacity);
if (($student2) >= ($cap )) {
echo"<script> alert ('the class is full'); "
. "history.back();" . "</script>";
} else {
if (empty($image['tmp_name'])) {
echo "Without image<br>";
$sql = query("insert into td_student (name,class) values ('$name','$class)");
} else {
echo "With image<br>";
$namafile = uploadBerkas($image);
$sql = query("insert into td_student (name,class,image) values ('$name','$class,'$namafile')");
}
if ($sql == TRUE) {
echo "SQL True<br>";
echo"<script> alert('student data is added'); "
. "window.location='datasiswa.php';"
. "</script>";
} else {
echo "Sql Error " . mysql_error() . " ";
echo"<script> alert ('Error'); "
. "history.back();" . "</script>";
}
}
}
}
Thankyou for the helps.
Your issue is that mysql_fetch_array() Returns an array ..., not a string/value.
So when you do
if (($student2) >= ($cap ))
It is always returning false (the class if full) as it comparing 2 arrays, ie.
if((array(name, count(name)) >= (array(capacity)))
and not 2 values, ie.
if((count(name)) >= (capacity))
What you need to do is use the column name to get the actual value to evaluate, ie. $student2["count(name)"]/$cap["capacity"]
$student = query("select name, count(name) from td_student where class='$class' ");
$student2 = mysql_fetch_array($student);
$capacity = query("select capacity from td_class where class='$class'");
$cap = mysql_fetch_array($capacity);
if (($student2["count(name)"]) >= ($cap["capacity"])) {
I am working on a lead management system - and as the database for it grows the need for more bulk functions appears - and unfortunately I am getting stuck with one of them. The database stores many different leads - with each lead being assigned to a specific closer; thus the database stores for each lead the lead id, name, closer name, and other info. The main lead list shows a checkbox next to each lead which submits the lead id into an array:
<input type=\"checkbox\" name=\"multipleassign[]\" value=\"$id\" />
Now this all goes to the following page:
<?php
include_once"config.php";
$id = $_POST['multipleassign'];
$id_sql = implode(",", $id);
$list = "'". implode("', '", $id) ."'";
$query = "SELECT * FROM promises WHERE id IN ($list) ";
$result = mysql_query($query);
$num = mysql_num_rows ($result);
if ($num > 0 ) {
$i=0;
while ($i < $num) {
$closer = mysql_result($result,$i,"business_name");
$businessname = mysql_result($result,$i,"closer");
echo "$closer - $businessname";
echo"<br>";
++$i; } } else { echo "The database is empty"; };
echo "<select name=\"closer\" id=\"closer\">";
$query2 = "SELECT * FROM members ";
$result2 = mysql_query($query2);
$num2 = mysql_num_rows ($result2);
if ($num2 > 0 ) {
$i2=0;
while ($i2 < $num2) {
$username = mysql_result($result2,$i2,"username");
$fullname = mysql_result($result2,$i2,"name");
echo "<option value=\"$fullname\">$fullname</option>";
++$i2; } } else { echo "The database is empty"; }
echo "</select>";
?>
I want to be able to use the form on this page to select a closer from the database - and then assign that closer to each of the leads that have been selected. Here is where I have no idea how to continue.
Actually - i got it. I don't know why I didn't think of it sooner. First off I passed the original $list variable over to the new page - and then:
<?php
include_once"config.php";
$ids = $_POST['list'];
$closer = $_POST['closer'];
$query = "UPDATE `promises` SET `closer` = '$closer' WHERE id IN ($ids) ";
mysql_query($query) or die ('Error updating closers' . mysql_error());
echo "A new closer ($closer) was assigned to the following accounts:";
$query = "SELECT * FROM promises WHERE id IN ($list) ";
$result = mysql_query($query);
$num = mysql_num_rows ($result);
if ($num > 0 ) {
$i=0;
while ($i < $num) {
$businessname = mysql_result($result,$i,"business_name");
echo "<li>$businessname";
++$i; } } else { echo "The database is empty"; };
?>
The updated page before this:
$query = "SELECT * FROM promises WHERE id IN ($list) ";
$result = mysql_query($query);
$num = mysql_num_rows ($result);
if ($num > 0 ) {
$i=0;
while ($i < $num) {
$closer = mysql_result($result,$i,"business_name");
$businessname = mysql_result($result,$i,"closer");
echo "$closer - $businessname";
echo"<br>";
++$i; } } else { echo "The database is empty"; };
echo "<form name=\"form1\" method=\"post\" action=\"multiple_assign2.php\">";
echo "<input type=\"hidden\" name=\"list\" value=\"$list\" />";
echo "<select name=\"closer\" id=\"closer\">";
$query2 = "SELECT * FROM members ";
$result2 = mysql_query($query2);
$num2 = mysql_num_rows ($result2);
if ($num2 > 0 ) {
$i2=0;
while ($i2 < $num2) {
$username = mysql_result($result2,$i2,"username");
$fullname = mysql_result($result2,$i2,"name");
echo "<option value=\"$fullname\">$fullname</option>";
++$i2; } } else { echo "The database is empty"; }
echo "</select>";
echo "<input name=\"submit\" type=\"submit\" id=\"submit\" value=\"Reassign Selected Leads\">";
?>
After you select the leads and submit the form , your script should show them in a list with hidden inputs (with name=leads[] and value=the_lead's_id) and next to each lead there will be a dropdown box () which will be populated with all the closers.
After choosing and sending the second form your script will "run" all-over the leads' ids array and update each and every one of them.
Got the idea or you want some code?
From a dropdown menu a user can choose: view all, athletic, dress, or sandals. I am creating a function that if the user chooses athletic--only the Product Type 'Athletic', only athletic items from the database will be shown.
Right now, because how my code is written, if the user selects 'Athletic' they will see athletic items, but also all other products in the database because the function showAllProducts was called.
I'm not sure how to write, that if a user selects a specific product type, only that product type will be shown.
if (isset($_SESSION['valid_user']))
{
//echo "I am in the if statement of the session";
echo 'You are logged in as: '.$_SESSION['valid_user'].' <br />';
showAllProducts();
} else {
echo "I am not setting the session variable";
//die;
}
$userCat = getUserCategory();
orderByCategory($userCat);
//function athleticCategory ---------------------------------------------
function athleticCategory() {
echo "I am in the athletic function" . "<br/>";
$con = getConnection();
$sqlQuery = "SELECT * from Products
WHERE ProductType='Athletic'";
// Execute Query -----------------------------
$result = mysqli_query($con, $sqlQuery);
if(!$result) {
echo "Cannot do query" . "<br/>";
exit;
}
$row = mysqli_fetch_row($result);
$count = $row[0];
if ($count > 0) {
echo "Query works" . "<br/>";
} else {
echo "Query doesn't work" ."<br/>";
}
// Display Results -----------------------------
$num_results = mysqli_num_rows($result);
for ($i=0; $i<$num_results; $i++) {
$row = mysqli_fetch_assoc ($result);
// print_r($row);
echo '<img src="data:image/jpeg;base64,'.base64_encode($row['Image']).'" />';
echo "Price: " . stripslashes($row['Price']);
}
}
Dropdown Menu
<form action="register_script.php" name="frm" method="post">
<select name="category" id="category">
<option value="viewall">View All</option>
<option value="dress">Dress</option>
<option value="athletic">Athletic</option>
<option value="sandals">Sandals</option>
</select>
<input type="submit" value="Go" />
</form>
Edited Code:
$sqlQuery = "SELECT * from Products";
if($pUserCat == "athletic") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='athletic'";
} elseif ($pUserCat == "dress") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='dress'";
} elseif ($pUserCat == "sandals") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='sandals'";
} elseif ($pUserCat == "viewall") {
$sqlQuery = "SELECT * from Products";
}
make a function , that accept one parameter ie category name and use default hint as 0
function categoryList($cat=false){
if($cat)
$sqlQuery = "SELECT * from Products
WHERE ProductType={$cat}";
else
$sqlQuery = "SELECT * from Products";
//do other stuff of Reading option
}
Set your 'View All' form option like this:
<option value="">View All</option>
You can use it as it is.
if (isset($_POST['category']))
$category = $_POST['category'];
$sqlQuery = "SELECT * from Products";
if ( ! empty($category)) {
if (get_magic_quotes_gpc()) {
$category = stripslashes($category);
}
if ( ! is_numeric($category)) {
$category = "'" . mysql_real_escape_string($category) . "'";
}
$sqlQuery .= " WHERE ProductType='{$category}'";
}
It has basic security features so people can't inject malicious SQL into your script.
If you call that function without any category, it will be assumed you want to show all values.
You dont need to check if for each and every single case and then write the sqlQuery according to that, as long as you use the same <option value="xxx"> as the categories are called in your db.
I'm in the process of learning how to create an e-commerce site. I'm trying to figure out how to order product results by price. Code below is a menu list to either filter a specific product category or the option to view all products--the code for that works.
I'm not sure how to add code to "sort by price" (low to high, high to low).
I've tried creating a function called priceList and calling inside the function categoryList (which queries the database for which product type or to view all products), but does not work.
function priceList() {
$con = getConnection();
if($pUserCat == "lowToHigh") {
$sqlQuery = "SELECT Price from Products
ORDER BY Price ASC";
} elseif($pUserCat == "highToLow") {
$sqlQuery = "SELECT Price from Products
ORDER BY Price DESC";
// Execute Query -----------------------------
$result = mysqli_query($con, $sqlQuery);
if(!$result) {
echo "Cannot do query" . "<br/>";
exit;
}
$row = mysqli_fetch_row($result);
$count = $row[0];
if ($count > 0) {
echo "Query works" . "<br/>";
} else {
echo "Query doesn't work" ."<br/>";
}
// Display Results -----------------------------
$num_results = mysqli_num_rows($result);
for ($i=0; $i<$num_results; $i++) {
$row = mysqli_fetch_assoc ($result);
// print_r($row);
echo '<img src="data:image/jpeg;base64,'.base64_encode($row['Image']).'" />';
echo "Price: " . stripslashes($row['Price']);
}
// Close connection
closeConnection($con);
}
Form
<!--category and price form ------------------------- -->
<form action="register_script.php" name="frm" method="post">
<select name="category" id="category">
<option value="viewall">View All</option>
<option value="dress">Dress</option>
<option value="athletic">Athletic</option>
<option value="sandals">Sandals</option>
</select>
<input type="submit" value="Go" />
</form>
<form action="register_script.php" name="frm" method="post">
<select name="price" id="price">
<option value="lowToHigh">Low to High</option>
<option value="highToLow">High to Low</option>
</select>
<input type="submit" name="orderPrice" value="orderPrice" />
</form>
</div>
PHP
<?php
function categoryList($pUserCat=false) {
echo "I am in category list" . "<br/>";
$con = getConnection();
$sqlQuery = "SELECT * from Products";
if($pUserCat == "athletic") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='athletic'";
} elseif ($pUserCat == "dress") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='dress'";
} elseif ($pUserCat == "sandals") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='sandals'";
} elseif ($pUserCat == "viewall") {
$sqlQuery = "SELECT * from Products";
}
// Execute Query -----------------------------
$result = mysqli_query($con, $sqlQuery);
if(!$result) {
echo "Cannot do query" . "<br/>";
exit;
}
$row = mysqli_fetch_row($result);
$count = $row[0];
if ($count > 0) {
echo "Query works" . "<br/>";
} else {
echo "Query doesn't work" ."<br/>";
}
// Display Results -----------------------------
$num_results = mysqli_num_rows($result);
for ($i=0; $i<$num_results; $i++) {
$row = mysqli_fetch_assoc ($result);
// print_r($row);
echo '<img src="data:image/jpeg;base64,'.base64_encode($row['Image']).'" />';
echo "Price: " . stripslashes($row['Price']);
}
// priceList();
$priceOrder = getPriceBtn(); //$priceOrder holds value of option selected in
//price order menu
priceList($priceOrder);
// Close connection
closeConnection($con);
}
function getPriceBtn() {
//echo "<br/>"."I am calling getPriceBtn function" . "<br/>";
$priceBtn = $_POST["orderPrice"]; // price button
return $price;
//echo $priceBtn;
}
?>
I think you need to pass the $pUserCat to the function priceList($pUserCat);
A tip, you should have a default query like from high to low and if the other option is selected then run that query:
$sqlQuery = "SELECT Price FROM Products ORDER BY Price DESC";
if($pUserCat == "lowToHigh") {
$sqlQuery = "SELECT Price FROM Products ORDER BY Price ASC";
}
Also you could re-write this:
$sqlQuery = "SELECT * from Products"; // is this needed?
if($pUserCat == "athletic") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='athletic'";
} elseif ($pUserCat == "dress") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='dress'";
} elseif ($pUserCat == "sandals") {
$sqlQuery = "SELECT * from Products
WHERE ProductType='sandals'";
} elseif ($pUserCat == "viewall") {
$sqlQuery = "SELECT * from Products";
}
like this categoryList($pUserCat):
if($pUserCat != 'viewall') {
$sqlQuery = "SELECT * FROM Products WHERE ProductType='%s'";
$sqlQuery = sprintf($sqlQuery, $pUserCat);
} else {
$sqlQuery = "SELECT * from Products";
}
Local function variables are not shared. If a function variable is defined within a function, then a function that you call from within that function does not have access to the parent's local variables, which is the very reason they are called "local". You need to pass the variable as a parameter:
When defining:
function priceList( $pUserCat ) {
...
}
When calling:
priceList( $pUserCat );