I have to display a content based on their id but get id is not working. But I can see the url that it retrieves the id and it will change if I click the button. Should I force myself to use ajax or there is alternative way to retrieve the id?
I really appreciate any help.
$viewquery= mysqli_query($connection,"SELECT * from orders");
while($row = mysqli_fetch_assoc($viewquery)) {
$id =$row['id'];
$full_name =$row['full_name'];
$email_address =$row['email_address'];
$contact_number =$row['contact_number'];
$address =$row['address'];
$user_id =$row['user_id'];
$reference_number =$row['reference_number'];
$additional =$row['additional'];
$payment_method =$row['payment_method'];
$transaction_status = $row['transaction_status'];
echo' <tr>';
echo '<td>';echo "<a href='#?idrequest=$id'><button type='button'
class='btn btn-primary' data-toggle='modal' data-target='#exampleModalLong'
data-formid='.$id.'>
$reference_number
</button></a>";
echo'</td>';
echo "
<td> $id </td>
<td> $full_name </td>
<td> $email_address </td>
<td> $contact_number </td>
<td> $address </td>
<td> $user_id</td>
<td> $additional </td>
<td> $payment_method </td>
<td> $transaction_status </td>
<td>
<a href='delete.php'>
<i class='material-icons' id='coloricon'>delete </i>
</a>
</td>
</tr>
";
}
?>
<div class="modal fade" id="exampleModalLong" tabindex="-1" role="dialog"
aria-labelledby="exampleModalLongTitle" aria-hidden="true">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="exampleModalLongTitle">Modal title</h5>
<button type="button" class="close" data-dismiss="modal" aria-
label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<div class="modal-body">
<?php
include("conn.php");
$idrequest = $_GET['idrequest'];
$query = "SELECT * from orders where id ='$idrequest'";
$result = mysqli_query($connection,$query);
$view = mysqli_fetch_assoc($result);
$details = $view['summary_all'];
echo $details;
?>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-
dismiss="modal">Close</button>
<button type="button" class="btn btn-primary">Save changes</button>
</div>
</div>
</div>
This code above is for modal which I used bootstrap modal.
I really didn't want to write a post on this as there is so much going on that needs to be fixed but your immediate issue is
<a href='#?idrequest=$id'> .... </a>
This hashtag # or pound sign, will create what is called a URL fragment. Now you have to understand that fragments are client side only and are not sent to the server. So anything following the # will not be sent. Therefore there is no way to access this "pseudo" query string. So at the very least toss that #.
<a href='?idrequest=$id'> .... </a>
If you had error reporting turned on you would see a warning for an undefined index.
<?php
error_reporting(-1);
ini_set('display_errors', '1');
Because $_GET['idrequest'] doesn't exist, in this codes current form.
Beyond that, your SQL is wide open for SQLInjection, as I said in the comment if someone put the URL in with
$_GET['idrequest'] = "1' OR 1=1"
$idrequest = $_GET['idrequest'];
"SELECT * from orders where id ='$idrequest'"
Your SQL query is modified to this:
"SELECT * from orders where id ='1' OR 1=1"
Because 1 is always equal to 1 this "hack" will always return some rows. Therefor always use prepared statements.
Beyond that, if this is publicly accessible any user could simply iterate though your user table to look at orders from other users. These may include personal identifiable information, such as phone and address information. You could add the user_id into this search which should be a foreign key on this table anyway. That user id would then come from whatever system you are using for login (not user entered data). Which would only allow them to see their own orders.
I won't even touch on the styling/formatting issues, with wrapping a button in a link. Or this ad-hoc mixing of HTML and HTML in PHP strings, which make it a real challenge to read the code.
Or this
include("conn.php");
Which should be
require "conn.php";
include and require don't need the () and you should use require if the script won't execute without the included file. This being a DB connection, I would say things won't go as planed if that file is missing.
Cheers.
Related
I'm a beginner in mySQL database and html/css development,
I have a database which contain an "association" table and a "FinancialMaterial_assistance" table that contains every single association register, the received assistance, each with it's own id.
So my question is: how to filter and show in my list view every association with it's only own registration? (without showing registration of other association)
In my current listview , every association could see all the received assistance, without filtering or privacy and confidentiality of every one of them.
Thank you for help I will be grateful if you create or give my PHP code or condition. This is my code:
<?php
if(isset($_GET['search'])==false){
$sql="select * from don ORDER BY idSub ASC ";
$result=mysqli_query($con,$sql);
if($result){
$num = 1;
while($ass = mysqli_fetch_array($result)){
$idSub=$ass['idSub'];
$date=$ass['date'];
$nomDon=$ass['nomDon'];
$description=$ass['description'];
$quantite=$ass['quantite'];
$source=$ass['source'];
echo '
<tr>
<th scope="row">'.$num++.'</th>
<td>'.$date.'</td>
<td>'.$nomDon.'</td>
<td>'.$description.'</td>
<td>'.$quantite.'</td>
<td>'.$source.'</td>
<td><button class="btn btn-primary">
<i class="fa fa-pencil" aria-hidden="true"></i>
Edit
</button>
</td>
<td> <button class="btn" >
<i class="fa fa-trash-o" aria-hidden="true" red-color></i>
Delete
</button>
</td>
</tr>
';
} }
?>
by the way I didn't link tables yet
Iam trying to make update option with modal form, I already made "ADD New" - works fine, but have alot problems with Update - I want to see actual data on modal form to edit this. Can u maybe help me with this one? I need help only with function part.
Thats my code for Add New one:
public function dodajAction()
{
$request = $this->getRequest();
$jsonModel = new JsonModel();
if ($request->isPost()) {
$dane = $request->getPost();
$formDodaj = new FormAdm\OfertaForm();
$formDodaj->setData($dane);
if ($formDodaj->isValid()) {
// dodaj
$this->oferta->dodaj($dane);
$jsonModel->setVariables(['wynik' => true]);
} else {
// w razie błędu renderuj formularz
$viewModel = new ViewModel(['form_dodaj' => $formDodaj]);
$viewModel->setTerminal(true);
$viewModel->setTemplate('admin/oferty/dodaj');
$jsonModel->setVariables(['wynik' => false, 'html' => $this->renderer->render($viewModel)]);
}
}
return $jsonModel;
}
And thats modal form:
<div class="modal fade" id="modalDodajOferte" tabindex="-1" role="dialog" aria-labelledby="modalDodajOferteLabel" aria-hidden="true">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="modalDodajOferteLabel">Dodaj ofertę</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<div class="modal-body">
<?=$this->partial('admin/oferty/dodaj', ['form_dodaj' => $this->form_dodaj]) ?>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-primary" id="btnDodajOferte">Dodaj</button>
<button type="button" class="btn btn-secondary" data-dismiss="modal">Zamknij</button>
</div>
</div>
</div>
</div>
Just an advice from a fellow Pole, PLEASE!!! use english words in your code. This improves readability, especially that later on you might find tools that help you by using defaults if you follow naming standards. e.g. $form->offer->add() is way more readable to anyone on stack overflow, than our native ->oferta->dodaj().
Coming back to the question though, you have not supplied us with any way to see how the update is performed on the system
I believe that
if ($formDodaj->isValid()) {
// dodaj
$this->oferta->dodaj($dane);
$jsonModel->setVariables(['wynik' => true]);
is responsible for sending the actual data to the database, however code for updating that should be completely in a different function, same for viewing.
It sounds more like an XY problem here, so you might need to rethink what you actually need us to help you with.
I have a list (displayed in a tabulated format). The list consists of names of various departments.
The same appears as below:
-------------------------------------------------------
Sr. No. Department Name Action
-------------------------------------------------------
1 Department A EDIT | DELETE
2 Department B EDIT | DELETE
3 Department C EDIT | DELETE
4 Department D EDIT | DELETE
5 Department E EDIT | DELETE
-------------------------------------------------------
Now I am trying to open a single modal when "EDIT" or "DELETE" is clicked. In the modal I want to display the EDIT Form (for the particular Department) or DELETE Form (for the particular Department).
Please Note: I am using CouchCMS so even a custom PHP code can be helpful which can be changed to fit the CouchCMS Purview.
I have generate a clonable template with custom routes using CouchCMS. The tag helps me generate the table (as shown above). Where in the buttons for EDIT and DELETE are also generated. I can easily provide to the button the page id using the of CouchCMS (if that helps).
I am using the native code of bootstrap to popup the Bootstrap v3 modal. Wherein, a single modal opens for every button that is clicked, hence saving me the memory issue that i might run into if I generate as many modals as the rows in the table.
The code for Bootstrap v3 modal that i am referring to is available here.
In CouchCMS we have a edit form (for editing the data queried from the database) where the page_id parameter needs to be set in order to edit that particular data item. I need to set this page_id. But am unable to figure out how to?
Code to generate the Table list:
<table class="table table-striped table-hover">
<thead>
<tr>
<th>Sr. No.</th>
<th>Name</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<cms:pages masterpage='department/department.php' limit='10' paginate='1' show_future_entries='1'>
<tr>
<td><cms:show absolute_count /></td>
<td><cms:show k_page_title /></td>
<td>
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#exampleModal" data-id="<cms:show k_page_id />">
EDIT
</button>
<button type="button" class="btn btn-danger" data-toggle="modal" data-target="#exampleModal" data-id="<cms:show k_page_id />">
DELETE
</button>
</td>
</tr>
</cms:pages>
</tbody>
</table>
Code to open a single modal for every button that is clicked, EDIT or DELETE button:
$('#exampleModal').on('show.bs.modal', function (event) {
var button = $(event.relatedTarget) // Button that triggered the modal
var page = button.data('id') // Extract info from data-* attributes
// If necessary, you could initiate an AJAX request here (and then do the updating in a callback).
var modal = $(this)
modal.find('.modal-title').text('New message to ' + page)
modal.find('.modal-body input').val(page)
})
Code for the modal is:
<div class="modal fade" id="exampleModal" tabindex="-1" role="dialog" aria-labelledby="exampleModalLabel">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button>
<h4 class="modal-title" id="exampleModalLabel">New message</h4>
</div>
<div class="modal-body">
<!-- Edit Form Content Here -->
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">CANCEL</button>
<button type="button" class="btn btn-primary">SAVE</button>
</div>
</div>
</div>
</div>
An edit form in CouchCMS is defined as:
In this form I need to have the page_id=k_page_id set. The k_page_id is available to the button in the table under the data-* (data-id) attribute. If only this data-id could be supplied to the page_id, the rest can be taken forward from there using CouchCMS.
I am also open to the option of using AJAX, if required. But if it is possible without AJAX, it would still be fine.
Any help in this regards will be greatly appreciated. If any clarification or post editing is required or any more inputs are required, I shall do show if someone points out the short coming in my description/code.
Thanks to the community, in advance.
I am fetching the details of a user according to Id on button click in a popup in laravel but It is showing some error.
This is viewuser.blade.php
<div class="modal fade" id="myModal">
<div class="modal-dialog">
<div class="modal-content">
<!-- Modal Header -->
<div class="modal-header">
<h4 class="modal-title">Modal Heading</h4>
<button type="button" class="close" data-dismiss="modal">×</button>
</div>
<!-- Modal body -->
<div class="modal-body">
<table class="table table-bordered">
<tr>
<td>{{$usersview->id}}</td>
<td>{{$usersview->firstname}}</td>
<td>{{$usersview->filename}}</td>
</tr>
</table>
</div>
<!-- Modal footer -->
<div class="modal-footer">
<button type="button" class="btn btn-danger" data-dismiss="modal">Close</button>
</div>
</div>
</div>
This is viewparticipant.blade.php in which I have a button View. When the user will click on this button a popup will open and show the details according to Id.
<td>
View
</td>
My Controller:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Session;
use App\Imageupload;
class ParticipantController extends Controller
{
public function show($id)
{
$usersview = Imageupload::find($id);
return View::make('viewuser', compact('usersview'));
}
}
My Web.php
Route::get('/participant/show/{id}','ParticipantController#show');
The error is showing that unknown variables in modal.
well you only have $usersview in your blade file and you're calling $row->id in viewparticipant.blade.php , which should be the $usersview->id instead
after Edit -->
so you need to make an ajax call to the function you want to get the results. the ajax must contain the id of the user so you should get the id some how. I usually define an on click function and get the id. then on the same click trigger an ajax call, something like this:
$('#user').on('click', function (event) {
$.ajax({
url: '/users?user_id=' + $(this).val(),
success: function (data) {
// parse the data
},
fail: function () {
// do something in case of failure
}
});
});
$(this).val(); is the id here, I assumed you would store that in an input
Try this:
<td>
View
</td>
Because laravel is figuring out where you want to place your $row->id variable, and to my guessing it's not passing the variable correctly in your route.
try
#foreach($usersview as $usersview)
<tr>
<td>{{$usersview->id}}</td>
<td>{{$usersview->firstname}}</td>
<td>{{$usersview->filename}}</td>
</tr>
#endforeach
Hey guys I am a little confused, I have a listing page that displays all of my rows in my SQL table.
An example of what I am developing can be seen here: http://www.drivencarsales.co.uk/used-cars.php
So as you can see I have developed a listing page that fetches all of the table rows, each row is equivalent to one vehicle.
I now want to let users filter the results using the form to the left, I was going to use AJAX originally however I feel as if it would take way to long to learn how to develop it that way.
Here is the code setup I am using to achieve the example I have shown:
<?php
include('database.php');
try {
$results = $db->query("SELECT Make, Model, Colour, FuelType, Year, Mileage, Bodytype, Doors, Variant, EngineSize, Price, Transmission, PictureRefs, ServiceHistory, PreviousOwners, Options, FourWheelDrive FROM import ORDER BY Make ASC");
} catch (Exception $e) {
echo "Error.";
exit;
}
try {
$filterres = $db->query("SELECT DISTINCT Make FROM import ORDER BY Make ASC");
} catch (Exception $e) {
echo "Error.";
exit;
}
?>
As you can see the first block of code has two SQL selectors, the $results is used to fetch the whole table and list all vehicles.
The second block is used to display the 'Make' column for the form.
This block of code is the actual form:
<form>
<select class="form-control select-box" name="">
<option value="make-any">Make (Any)</option>
<?php while($make = $filterres->fetch(PDO::FETCH_ASSOC))
{
echo '
<option value="">'.$make["Make"].'</option>
';
} ?>
</select>
<button href="#" class="btn btn-block car-search-button btn-lg btn-success"><span class="glyphicon car-search-g glyphicon-search"></span> Search cars
</button>
</form>
As you can see this block is using a while loop to display all of the 'Make's' in the 'Make' column and uses a DISTINCT clause so that it doesn't show identical options.
Here is the block that lists the results to the page:
<?php while($row = $results->fetch(PDO::FETCH_ASSOC))
{
echo '
<div class="listing-container">
<h3 class="model-listing-title clearfix">'.$row["Make"].' '.$row["Model"].' '.$row["Variant"].'</h3>
<h3 class="price-listing">£'.number_format($row['Price']).'</h3>
</div>
<div class="listing-container-spec">
<img src="'.(explode(',', $row["PictureRefs"])[0]).'" class="stock-img-finder"/>
<div class="ul-listing-container">
<ul class="overwrite-btstrp-ul">
<li class="diesel-svg list-svg">'.$row["FuelType"].'</li>
<li class="saloon-svg list-svg">'.$row["Bodytype"].'</li>
<li class="gear-svg list-svg">'.$row["Transmission"].'</li>
<li class="color-svg list-svg">'.$row["Colour"].'</li>
</ul>
</div>
<ul class="overwrite-btstrp-ul other-specs-ul h4-style">
<li>Mileage: '.number_format($row["Mileage"]).'</li>
<li>Engine size: '.$row["EngineSize"].'cc</li>
</ul>
<button href="#" class="btn h4-style checked-btn hover-listing-btn"><span class="glyphicon glyphicon-ok"></span> History checked
</button>
<button href="#" class="btn h4-style more-details-btn hover-listing-btn tst-mre-btn"><span class="glyphicon glyphicon-list"></span> More details
</button>
<button href="#" class="btn h4-style test-drive-btn hover-listing-btn tst-mre-btn"><span class="test-drive-glyph"></span> Test drive
</button>
<h4 class="h4-style listing-photos-count"><span class="glyphicon glyphicon-camera"></span> 5 More photos</h4>
</div>
';
} ?>
So down to my question... How can I filter these results displayed in the listing block using the select element, when a user selects a 'Make' from the select element I want them to be able to submit the form and return all rows in the SQL table containing the same 'Make' string and hide other rows that are false.
Any ideas how I can achieve this or any easier ways?
Thanks
My best guess is for you to use JS to submit the form again, when select-option is selected, with a parameter stating the model.
Then in your PHP file, you should look for that parameter and edit the query-string accordingly.
see this answer on how to submit a form when option is selected.
This answer will show you how to handle parameters in PHP (using GET method)