I am new to mysql and php and i am self taught so there is no one to put me through. How can i remove this insertion process in my php file whenever i insert, because it is inserting well but i want to remove the process.
My PHP code is below
<?php
if(isset($_POST['insert_quiz'])) {
var_dump($_POST);
$quiz_add_id = $_SESSION['quiz_id'];
$count = $_SESSION['quiz_no'];
if (
!empty($_POST['question']) && !empty($_POST['optionA']) && !empty($_POST['optionB']) && !empty($_POST['optionC']) && !empty($_POST['optionD']) && count($_POST['op1']) === count($_POST['question']))
{
$question_array = $_POST['question'];
$optionA_array = $_POST['optionA'];
$optionB_array = $_POST['optionB'];
$optionC_array = $_POST['optionC'];
$optionD_array = $_POST['optionD'];
$op1_array = $_POST['op1'];
for ($i = 0; $i < $count; $i++) {
$question = $question_array[$i];
$op1 = $op1_array[$i];
$optionA = mysqli_real_escape_string($connection, $optionA_array[$i]);
$optionB = mysqli_real_escape_string($connection, $optionB_array[$i]);
$optionC = mysqli_real_escape_string($connection, $optionC_array[$i]);
$optionD = mysqli_real_escape_string($connection, $optionD_array[$i]);
$query = "INSERT INTO quizzes (quiz_add_id, quiz_question, quiz_option_A, quiz_option_B, quiz_option_C, quiz_option_D, quiz_option_correct)";
$query .= "VALUES ('{$quiz_add_id}', '{$question}', '{$optionA}','{$optionB}','{$optionC}','{$optionD}', '{$op1}')";
$create_quiz_query = mysqli_query($connection,$query);
}
if(!$create_quiz_query ) {
die('QUERY FAILED' . mysqli_error($connection));
}
//
}
}
?>
THis is what i dont want to see anymore when i insert
remove below code
var_dump($_POST);
Related
I'm unable to change an input string($prima = $_POST['id'];) and a db query result ($systemuser['id'];) into an array
which will be used for pattern matching using one single character at a time and then trying to
find a match in the database "id" row that is queried. The point is to use two-third of an id(supposedly incomplete id of a user of a system) to query and find the complete id. Please see my code. I'd appreciate some help. Thanks
I'm getting "undefined offset:0 through 9" error.
<?php
session_start();
include_once('server.php');
$error = false;
$gat = "";
$get = "";
$rt1 = "";
$rt2 = "";
$rt3 = "";
$rt4 = "";
$rt5 = "";
$rt6 = "";
$rt7 = "";
$rt8 = "";
$rt9 = "";
$rt0 = "";
if(isset($_POST['btn-login'])){
$firstname = $_POST['firstname'];
$firstname = trim($firstname);
$firstname = trim($_POST['firstname']);
$firstname = htmlspecialchars(strip_tags($firstname));
$lastname = $_POST['lastname'];
$lastname = trim($lastname);
$lastname = trim($_POST['lastname']);
$lastname = htmlspecialchars(strip_tags($lastname));
$id = $_POST['id'];
$id = trim($id);
$id = trim($_POST['id']);
$id = htmlspecialchars(strip_tags($id));
$gender = $_POST['gender'];
if(!$error) {
//search data if no errors
$query = "select * from subscribers";
$conditions = array();
if(! empty($firstname)){
$conditions[] = "firstname='$firstname'";
}
if(! empty($lastname)){
$conditions[] = "lastname='$lastname'";
}
if(! empty($gender)){
$conditions[] = "gender='$gender'";
}
$sql = $query;
if(count($conditions) > 0){
$sql .= " WHERE " . implode(' AND ', $conditions);
}
$result = mysqli_query($conn, $sql);
while($systemuser = mysqli_fetch_array($result, MYSQLI_ASSOC)){
$systemuser['id'];
$gat = $systemuser['id'];
}
//convert user input to array
$prima = $_POST['id'];
$prima = array();
$rt1 = $prima[0];
$rt2 = $prima[1];
$rt3 = $prima[2];
$rt4 = $prima[3];
$rt5 = $prima[4];
$rt6 = $prima[5];
$rt7 = $prima[6];
$rt8 = $prima[7];
$rt9 = $prima[8];
$rt0 = $prima[9];
//retrieve and convert db data into array
$gat = array();
foreach( $gat as $get ){
$rt1 = $prima[0];
if (preg_match("/[$rt1]+/", $gat));{
$get += 1;
}
$rt2 = $prima[1];
if (preg_match("/[$rt2]+/", $gat)){
$get += 1;
}
$rt3 = $prima[2];
if (preg_match("/[$rt3]+/", $gat)){
$get += 1;
}
$rt4 = $prima[3];
if (preg_match("/[$rt4]+/", $gat)){
$get += 1;
}
$rt5 = $prima[4];
if (preg_match("/[$rt5]+/", $gat)){
$get += 1;
}
$rt6 = $prima[5];
if (preg_match("/[$rt6]+/", $gat)){
$get += 1;
}
$rt7 = $prima[6];
if (preg_match("/[$rt7]+/", $gat)){
$get += 1;
}
$rt8 = $prima[7];
if (preg_match("/[$rt8]+/", $gat)){
$get += 1;
}
$rt9 = $prima[8];
if (preg_match("/[$rt9]+/", $gat)){
$get += 1;
}
$rt0 = $prima[9];
if (preg_match("/[$rt0]+/", $gat)){
$get += 1;
}
if ($get > 9){
echo 'match found!';
}
else{
echo 'match not found!';
}
}
}
}
?>
I started to refactor but there is just too much that is wrong.
You are getting that Undefined offset: 0 notice because...
<?php
$prima = array();
$rt1 = $prima[0];
Is referencing offset zero on an empty array. The code makes no sense. You seem to frequently assign a value and then overwrite in on the next line.
FWIW: strings in PHP can behave much like an array...
UPDATE:
I'm a little confused about crux here honestly. If I wanted to reference the first and second letters in a string I would do:
$str = "I like PHP";
$firstLetter = (isset($str[0])) ? $str[0] : '';
$secondLetter = (isset($str[1])) ? $str[1] : '';
See if you can follow this example:
$str = 'I like PHP';
for ($i=0; $i<strlen($str); $i++) {
echo $str[$i] . "|";
}
And then... are you looking to do a WHERE foo LIKE 'a%' type query? A "wildcard" search?
In my code am trying to verify if query is true before outputing result i have tried:
require("init.php");
if(empty($_GET["book"]) && empty($_GET["url"])) {
$_SESSION["msg"] = 'Request not valid';
header("location:obinnaa.php");
}
if(isset($_GET["book"]) && isset($_GET["url"])) {
$book = $_GET['book'];
$url = $_GET['url'];
$drs = urldecode("$url");
$txt = encrypt_decrypt('decrypt', $book);
if(!preg_match('/(proc)/i', $url)) {
$_SESSION["msg"] = 'ticket printer has faild';
header("location:obinnaa.php");
exit();
} else {
$ql = mysqli_query($conn, "select * from books where book='$txt' AND used='loading'");
$count = mysqli_num_rows($sql);
if($count < 1) {
$_SESSION["msg"] = 'Transation has oready been made by a customer please check and try again';
header("location:obinnaa.php");
exit();
}
while($riow = mysqli_fetch_assoc($ql)) {
$id = $riow["id"];
$tqty = $riow["quantity"];
for($b = 0; $b < $tqty; $b++) {
$run = rand_string(5);
$dua .= $run;
}
}
$sql = mysqli_query($conn, "select * from books where book='$txt' AND used='loading'");
$split = $dua;
$show_plit = str_split($split, 5);
$b = 0;
while($row = mysqli_fetch_assoc($sql)) {
$id = $row["id"];
$qty = $row["quantity"];
$oldB = $b;
$am = " ";
for(; $b < $oldB + $qty; $b++) {
$am .= "$show_plit[$b]";
$lek = mysqli_query($conn, "UPDATE books SET ticket='$am' WHERE id=$id");
}
if($lek) {
$adr = urlencode($adr = "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
$ty = encrypt_decrypt("encrypt", $txt);
$vars = array(
"book" => $ty,
"url" => $adr
);
$querystring = http_build_query($vars);
$adr = "viewbuy.php?" . $querystring;
header("location: $adr");
} else {
$_SESSION["msg"] = 'Transation failed unknow error';
header("location:obinnaa.php");
}
}
}
}
but i get to
$_SESSION["msg"]='Transation has oready been made by a customer please check and try again
even when the query is right what are mine doing wrong.
Check your return variable name from the query. You have $ql when it should be $sql.
$sql = mysqli_query($conn, "select * from books where book='$txt' AND used='loading'");
$count = mysqli_num_rows($sql);
A good IDE would flag this. NetBeans is a good free one.
Public Service Announcement:
NEVER build SQL queries straight from a URL parameter. Always sanitize your inputs and (better yet) use parameterized queries for your SQL calls. You can Google these topics for more info.
Am attempting to update multiple records in a table all at once when a user clicks on the submit button of the form. My code only updates the first row and does nothing to the rest, no error. Below is the code am working with on post
<?php
if (isset($_POST['submit'])) {
$subject_id = $_POST["subject_id"];
$student_id = $_POST["student_id"];
$test1 = $_POST["test1"];
$test2 = $_POST["test2"];
$test3 = $_POST["test3"];
for($i=0; $i < count($student_id); $i++) {
$studentid = mysqli_real_escape_string($connection, $student_id[$i]);
$subjectid = mysqli_real_escape_string($connection, $subject_id);
$test_1 = mysqli_real_escape_string($connection, $test1[$i]);
$test_2 = mysqli_real_escape_string($connection, $test2[$i]);
$test_3 = mysqli_real_escape_string($connection, $test3[$i]);
$query = "UPDATE records SET test1='{$test_1}', test2='{$test_2}', test3='{$test_3}' WHERE student_id={$studentid} AND subject_id={$subjectid}";
$result = mysqli_query($connection, $query);
if ($result) {
redirect_to("dashboard.php");
} else {
echo 'MySQL Error: ' . mysqli_error($connection);
exit;
}
}
}
?>
What could be responsible for only the first row being updated and the others ignored? Questions similar to multiple row update haven't helped much as they seem different from what am trying to do here.
In loop you made redirect_to("dashboard.php"); so it probably exit the loop ;)
Redirect condition placed wrongly. Find the below code.
if (isset($_POST['submit'])) {
$subject_id = $_POST["subject_id"];
$student_id = $_POST["student_id"];
$test1 = $_POST["test1"];
$test2 = $_POST["test2"];
$test3 = $_POST["test3"];
for($i=0; $i < count($student_id); $i++) {
$studentid = mysqli_real_escape_string($connection, $student_id[$i]);
$subjectid = mysqli_real_escape_string($connection, $subject_id);
$test_1 = mysqli_real_escape_string($connection, $test1[$i]);
$test_2 = mysqli_real_escape_string($connection, $test2[$i]);
$test_3 = mysqli_real_escape_string($connection, $test3[$i]);
$query = "UPDATE records SET test1='{$test_1}', test2='{$test_2}', test3='{$test_3}' WHERE student_id={$studentid} AND subject_id={$subjectid}";
$result = mysqli_query($connection, $query);
if (!$result) {
break;
}
}
if(!$result){
echo 'MySQL Error: ' . mysqli_error($connection);
exit;
}
else {
redirect_to("dashboard.php");
}} ?>
i want to update my data from database but unfortunately i can't be update.
there is anyone can help me.
i will be appreciated.
the problem is error can not show when my code does wrong.
sorry for my bad english.
here is my code
<?
include "new.php";
$response = array("updated data", 1);
if (isset($_POST['ID_Person']) && isset($_POST['FirstName']) && isset($_POST['MiddleName']) && isset($_POST['LastName']) && isset($_POST['AliasName'])
&& isset($_POST['Gender']) && isset($_POST['CityBirth']) && isset($_POST['DateBirth']) && isset($_POST['MonthBirth']) && isset($_POST['YearBirth']))
{
$id = $_POST['ID_Person'];
$name = $_POST['FirstName'];
$middle = $_POST['MiddleName'];
$last = $_POST['LastName'];
$alias = $_POST['AliasName'];
$gender = $_POST['Gender'];
$citybirth = $_POST['CityBirth'];
$datebirth = $_POST['DateBirth'];
$monthbirth = $_POST['MonthBirth'];
$yearbirth = $_POST['YearBirth'];
$hasil = sqlsrv_query($conn,"UPDATE T_Person SET
First_Name_Person = '$name' ,
Middle_Name_Person = '$middle' ,
Last_Name_Person = '$last' ,
Alias_Person = '$alias',
Gender_Person = '$gender',
City_Birth_Person = '$citybirth',
Date_Birth_Person = '$datebirth',
Month_Birth_Person = '$monthbirth',
Year_Birth_Person = '$yearbirth',
WHERE ID_Person = '$id'"
);
$rows_affected = sqlsrv_rows_affected($hasil);
if ($rows_affected === false)
{
die( print_r( sqlsrv_errors(), true));
}
if ($hasil)
{
$response["success"] = 1;
$response["message"] = "Product successfully edit.";
// echoing JSON response
echo json_encode($response);
}
}
else {
echo 'Data fail update';
}
?>
You have an error in your query with comma juste before WHERE
$hasil = sqlsrv_query($conn,"UPDATE T_Person SET First_Name_Person = '$name' ,
Middle_Name_Person = '$middle' ,
Last_Name_Person = '$last' ,
Alias_Person = '$alias',
Gender_Person = '$gender',
City_Birth_Person = '$citybirth',
Date_Birth_Person = '$datebirth',
Month_Birth_Person = '$monthbirth',
Year_Birth_Person = '$yearbirth',
no comma here ^
WHERE ID_Person = '$id'");
Try to echo your query in the PHP and copy paste this query in phpMyAdmin.
i guess there is no T_Person with ID_Person == $id in your table so nothing is updated
Please remove comma after this,
Year_Birth_Person = '$yearbirth'
I have a script that checks the submitgame table and if both approve1 and approve 2 are not blank it inserts data into clanstats. There is no mysql_error it simply redirects to the header without inserting anything into the clanstats table, so I have no idea what is going on. Below is the code.
<?php
include("user.php");
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM submitgame WHERE id='$id'") or die(mysql_error());
$playerclan = $row['playerclan'];
$opponentclan = $row['opponentclan'];
$win = $row['win'];
$approve1 = $row['approve1'];
$approve2 = $row['approve2'];
if($win == "won") {
$win = 1;
$points = 2;
$win2 = 0;
$points2 = 1;
}
else {
$win = 0;
$points = 1;
$win2 = 1;
$points2 = 2;
}
if($approve1 != "" && $approve2 != "") {
$query=mysql_query("INSERT INTO clanstats (clan, points, wins) VALUES ('$playerclan', '$points', '$win')");
$query=mysql_query("INSERT INTO clanstats (clan, points, wins) VALUES ('$opponentclan', '$points2', '$win2')");
echo mysql_error($query);
}
else {
header("location:../approvegames.php");
}
mysql_close($con);
header("location:../approvegames.php");
?>
<?php
//first off are you connecting, ill presume so
include("user.php");
//sql injection!!!
$id = mysql_real_escape_string($_GET['id']);
$result = mysql_query("SELECT * FROM submitgame WHERE id='$id' limit 1") or die(mysql_error());
//you were missing this
$row=mysql_fetch_array($result);
$playerclan = $row['playerclan'];
$opponentclan = $row['opponentclan'];
$win = $row['win'];
$approve1 = $row['approve1'];
$approve2 = $row['approve2'];
if($win == "won") {
$win = 1;
$points = 2;
$win2 = 0;
$points2 = 1;
}else{
$win = 0;
$points = 1;
$win2 = 1;
$points2 = 2;
}
if($approve1 != "" && $approve2 != "") {
//you can have multiple inserts
$query=mysql_query("INSERT INTO clanstats (clan, points, wins) VALUES
('$playerclan', '$points', '$win'),
('$opponentclan', '$points2', '$win2')");
header("location:../approvegames.php");
//adding die after the header will make sure nothing else gets executed
die();
}else{
header("location:../approvegames.php");
die();
}
//no need to kill the connection as it will close when the script exits
?>
I think you are missing a line. Perhaps something like:
$row = mysql_fetch_row($result)