I am trying to make a small image/quiz application that allows users to upload a question, while other users answer those questions. The other users are allowed to select up to three checkboxes for their answers. Once selected, this data is to be posted to a script that checks the guesses against a database that has the correct answers. Many questions are on the same page, and more are echoed onto the page via a php script as users upload data. To ensure that each question has a unique identifier, I have a hidden input for the quiz form that takes on the value given from a loop. The first question works great! However, the other questions are unanswerable, because the hidden input seems to only take on the value of the last element in the loop(DESCENDING order). Also, the POST mechanism only seems to care about the most recent item as well.
Here is the code which loops out images and questions to the page:
$sql = "SELECT * FROM gallery1 ORDER BY idGallery DESC";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
echo "SQL Statment Failed";
}else {
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
while ($row = mysqli_fetch_assoc($result)){
echo '<div class="maincontainer">
<div class="thecard">
<div class="thefront" style="background-image:url(gallery/'.$row["imageFullNameGallery"].'); background-size:100% 100%;">
</div>
<div class="theback">
<p class="heading"> The Story</p>
<p class="desc">
'.$row["descriptionGallery"].'
'.$row["imageFullNameGallery"].'
</p>
<form action="includes/survey.php" id="form1" method="POST">
<label> <img src="img/IMAGE1.png" class="radio">
<input type="checkbox" name="food" value="1">
</label>
<label> <img src="img/IMAGE2.png" class="radio">
<input type="checkbox" name="water" value="1">
</label>
<label> <img src="img/IMAGE3.png" class="radio">
<input type="checkbox" name="shelter" value="1">
</label>
<input type="hidden" name="image" value='.$row["imageFullNameGallery"].'>
</form>
<button type="submit" form="form1" name="submit">Submit </button>
</div>
</div>
</div>';
}
}
?>
Notice that the '.$row["imageFullNameGallery"].' is under the <p class="desc"> tag in the above code. This properly gives me the full name of each image. I did this just to test if there were errors here. There are none though.
This is the code that handles the hidden input once it has been received(survey.php):
<?php
if (isset ($_POST['submit'])) {
include_once "dbh.php";
$food=$_POST['food'];
$water=$_POST['water'];
$shelter=$_POST['shelter'];
$image=$_POST['image'];
$survey = array("foodGallery"=>$food, "waterGallery"=>$water, "shelterGallery"=>$shelter);
$sql= "SELECT foodGallery, waterGallery, shelterGallery FROM gallery1 WHERE imageFullNameGallery = '$image';";
$stmt = mysqli_stmt_init($conn);
mysqli_stmt_prepare($stmt, $sql);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($result);
print_r($row);
if ($survey !== $row){
echo "These are not the same";
} else{
echo "These have the same values!";
}
?>
I have done some research, and some suggest that it could be because all of the names for the hidden inputs would be the same, therefore it only goes with the final value passed from the loop. If this is the case, how could this be solved, so that each item has the proper value for its hidden input? Also, any thoughts as to why only the first form's input is being posted? (Remember the order is descending, so it is the form with the true value as being correct from the hidden input; the last value given from the loop). I appreciate you for taking your time to read (and hopefully aid me in my search for truth) my wordy question. THANK YOU!
So I solved the issue! All of the forms had an id="form1" . Each submit button also had the element form="form1". By changing both of these fields to be both id='.$row["imageFullNameGallery"].' and form='.$row["imageFullNameGallery"].' respectively, the solution was found! Each form matches with the correct information in the database, and all forms are workable! I hope this helps someone in the future!
Related
As you can see in the picture I have multiple button inside one FORM so when I click on button It insert always the last value :: S (126).
This is my code:
<form method="post" action="" enctype="multipart/form-data">
<input type="text" class="form-control" placeholder="Numéro de chassit" name="chassit" id="chassit" >
<?php
if (mysqli_num_rows($result) > 0)
{ ?>
<?php
while($row = mysqli_fetch_array($result)) {
?>
<?php echo "<img alt='' src='../admin/image/mercedes/".$row['image']."' >";?>
<div class="card-body">
<input id="model" name="model" type="hidden" value="<?=$row['model'] ?>">
<input type="submit" name="mo" class="btn btn-secondary" value="<?=$row['model'] ?>">
</div>
</form>
And this is the process
<?php
if(ISSET($_POST['mo'])){
$demandeur = $_SESSION['username'];
$model = $_POST['model'];
$chassit = $_POST['chassit'];
$sql = "INSERT INTO tbl_xp_support (demandeur,model,chassit)
VALUES ('$demandeur','$model','$chassit')";
if (mysqli_query($con, $sql)) {
header("Location: ../xp_group.php");
} else {
echo "Error: " . $sql . " " . mysqli_error($con);
}
mysqli_close($con);
}
?>
The input name="model" it insert always the last value !!!
Because your all input fields has same name, so last one will overwrite any previous ones. If you want to select only one that was selected, you should make it as radio button:
<label class="card-body">
<input id="model" name="model" type="radio" style="display: none;" value="<?=$row['model'] ?>"/>
<input type="submit" name="mo" class="btn btn-secondary" value="<?=$row['model'] ?>">
</label>
Please note:
you never use $_POST['mo'] value that should contain selected model
You have same ID in every iteration, and that is invalid HTML
Your browser has no way to know that each submit button is supposed to be associated with a single hidden input, since they're all part of the same form. What will actually happen is that regardless of which button is pressed, all of the hidden fields will be submitted.
Since they all have the same name, but different values, PHP has to decide which value to actually put into the $_POST array. Its policy is to take the last value, which is what you see.
There are a few ways I can think of to make this work:
Put each hidden field and submit button into its own HTML <form>, rather than having one for the whole page.
Have a single hidden field at the bottom of the page, and write some JavaScript that updates that hidden field when you click a button, before submitting the form.
Look at the value of the submit button by examining the $_POST['mo'] variable, and get rid of the hidden fields completely. But beware that there are some extra cases you need to consider when doing this.
I am currently working on a form that uses PHP and SQL to update information in a database. It is functioning properly and updating the information but the issue is... is that it updates everything, including fields that I didn't even put any input in which means it will only update a particular row in the database and leave the others blanks... I need it to just change information from a field with an actual input and leave it if there is no input.
Here is the PHP and SQL code:
try {
$deleteRecId = $_GET['id'];
$update_event_name = $_POST['updateName'];
$update_event_location = $_POST['updateLocation'];
$update_event_date = $_POST['updateDate'];
include 'connect.php';
if(isset($_POST["submit"])) {
// new data
$sql = "UPDATE events SET event_name='$update_event_name',
event_location='$update_event_location', event_date='$update_event_date'
WHERE event_id=$deleteRecId";
// Prepare statement
$stmt = $conn->prepare($sql);
// execute the query
$stmt->execute();
// echo a message to say the UPDATE succeeded
echo $stmt->rowCount() . " records UPDATED successfully";
}
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
and here if the form:
<form class="update-form" action="<?php echo $_PHP_SELF ?>" method="post">
<p id="input-headers">Event Name</p>
<p id="update-input-field-wrapper">
<input type="text" name="updateName" value="">
</p>
<p id="input-headers">Event Location</p>
<p id="update-input-field-wrapper">
<input type="text" name="updateLocation" value="">
</p>
<p id="input-headers">Event Date</p>
<p id="update-input-field-wrapper">
<input type="text" name="updateDate" value="" placeholder="01/01/2000">
</p>
<input type="submit" name="submit" value="Submit" id="updateBtn">
</form>
So to sum up I need this application to only update information of a field with an actual input and if the form field has no input I need that database info to remain the same. I appreciate any help with this as I am pretty new to these concepts... thanks!
I found a really handy solution to this! Here is how I implemented it into my code.
$sql = "UPDATE events SET event_name=IF(LENGTH('$update_event_name')=0, event_name, '$update_event_name'), event_location=IF(LENGTH('$update_event_location')=0, event_location, '$update_event_location'), event_date=IF(LENGTH('$update_event_date')=0, event_date, '$update_event_date') WHERE event_id=$deleteRecId";
It basically just checks whether the string is empty or not. If it's empty it won't be updated. If it isn't empty it'll go through with the update! Very simple way to achieve this effect when creating an update form.
Using your current code structure, you can do this.
Use SQL to select * from event ID. Populate your update_event_xxx with the parameters.
If $_POST[xx] is blank, ignore. Else, update_event_xx = $_POST[xx]
How to I get the input id of selected button, and post it from next php page? I have this code inside my form it's dynamically populate from my database.
<?php
include('connection.php');
$query = "Select * from tblproduct where categoryID = 1 and statusProd = 1";
$result = $conn->query($query);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$id=$row["ID"];
$product=$row["product"];
$image=$row["images"];
echo '
<div class="col-sm-4 divProduct" style="outline: none;background-color: transparent;border:none;height:320px;width:300px">
<div class="content">
<input type="submit" name="btnGame" id="btnGame" class="btnSubmit" value="">
<input type="hidden" name="prodID" value="'.$id.'">
<div class="btnBuyBuy text-center">
<img src="'.$image.'" class="imgProd" style="width:200px;height:170px;">
<br><br>
<label class="nameProd">'.$product.'</label>
<br><br>
<div class="divBuy2">
<label class="lblBuy">BUY NOW</label>
</div>
</div>
</div>
</div>';
}
}
And here's my code to the next page where the id displaying.
<?php
if (isset($_POST['btnGame'])) {
$id = $_POST['prodID'];
echo "$id";
}
else{
echo "failed";
}
And the output is the last id from my tblproduct which is 13. How can I get the id of selected button?
<input type="submit" name="btnGame" id="btnGame" class="btnSubmit" value="">
<input type="hidden" name="prodID" value="'.$id.'">
You aren't trying to get the "id" (you mean value) of the button, you are trying to get the value of the hidden input next to it.
The problem with this is that proximity to the clicked submit button means nothing. All hidden inputs will be successful controls. All will be submitted to the server. Since they all share the same name, only one of them will show up in $_POST. (If you renamed them so the name ended in [] then they would all should up as an array and you still couldn't tell which was selected).
Don't use a hidden input for this.
If you care about the button that is used, then make use of the submit button.
Only the submit button used to submit the form will be successful, so its name and value can be used to tell which one was clicked.
<input type="submit" name="btnGame" id="btnGame" class="btnSubmit" value="$id">
… and then look at $_POST['btnGame'] instead of $_POST['prodID'].
Given that you have value="" I'm guessing that you don't want any text displayed on the image and that you are using CSS background image to display something in it.
Obviously, the above won't be compatible with this, so use a <button> element instead.
That allows you to have a different label and value.
It also allows you to put elements inside the label, so you can use a content image with an alt attribute instead of a background image and score a big accessibility win.
<button name="btnGame" id="btnGame" class="btnSubmit" value="$id">
<img src="/path/to/icon.png" alt="Select product number $id">
</button>
At the bottom of this code you'll see an 'Accept Offer' button, when I click on that another piece of code gets executed as you can see on the bottom of this post.
For example this project has 3 bidders, so 3 times bidder_id and writer_bid so I use 'foreach' and load it in divs, works fine, but now I need to store those variables in a database, which technically works but it doesn't store the bids from the row I pull them from, it just takes the data from the last row, that is if I place the code at the bottom of this thread in my header.
However when I put it inside the loop it executes three times, I saw that when I got an error message that I had to close 3 times cause there are 3 rows in the database table that I pull the data from.
How can I prevent this, and either have it load once when the code is inside the foreach loop, or have it pull the correct writer_bid and bidder_id to store.
<div class="WB-Bottom-block lefts">
<?php $getBidders=" AND project_id=$project_id"; $bidders=getBidder($getBidders); foreach($bidders as $bidder) {
$bidder_id=$bidder['writer_id'];
$writer_bid=$bidder['writer_bid'];
?>
<div class="findwriters_boxes">
<div class="findwriters_right">
<div style="float:right;margin-top:6px;width:170px;">
<input type="hidden" name="writer_bid" id="writer_bid" value="<?php echo $writer_bid; ?>" />
<input type="hidden" name="bidder_id" id="bidder_id" value="<?php echo $bidder_id; ?>" />
<input type="submit" class="homebtn11" name="submit" id="submit" value="Accept Offer"/>
</div>
</div>
</div><?php } ?>
Below the code that needs to be executed and that results in issues, whether I place it inside the foreach loop, or inside the header instead.
As you can see I tried to store it in input fields so that it stays there so the header can pull it on refresh of the page / click of the button.
<?php if(isset($_POST['todo']) && $_POST['todo']=='submit_project') {
$balance=get_client_balance_info($current_user->ID);
$writer_bid=$_POST['writer_bid'];
$bidder_id=$_POST['bidder_id'];
if($balance >= $_POST['writer_bid']) {
global $wpdb;
$sql3="UPDATE `wp_project` SET `writer_id` = '".$bidder_id."' WHERE `id` =". $project_id;
$wpdb->query($sql3);
$sql4="UPDATE `wp_project` SET `price` = '".$writer_bid."' WHERE `id` =". $project_id;
$wpdb->query($sql4);
$sql5="UPDATE `wp_project` SET `status` = '2' WHERE `id` =". $project_id;
$wpdb->query($sql5);
$success_msg="You accepted a bid, the money will be deducted from your account.";
}
else $fail_msg="Your balance is not sufficient.";
I think you should make a form for each div that you are adding right now you are putting the bidder_id in the different inputs but the same name.
So it will get the last inputs, maybe it's better to specify the inputs with the row id or to separate the forms or make the input names as array.
I hope this helps you.
I fixed it with the help of Diar Selimi like this:
<div style="float:right;margin-top:6px;width:170px;">
<form action="" name="frmeditor" method="post" id="frmeditor" >
<input type="hidden" name="todo" id="todo" value="submit_project" />
<input type="hidden" name="writer_bid" id="writer_bid" value="<?php echo $writer_bid; ?>" />
<input type="hidden" name="writer_id" id="writer_id" value="<?php echo $writer_id; ?>" />
<input type="submit" class="homebtn11" name="submit" id="submit" value="Accept Offer"/>
</form>
Before that my form and value="submit_project" tags were scattered all over the place!
So, I have a page with a bunch of workorders on it. Each workorder is a row in a single table, and gets put on the page with a while() statement.
I'm trying to update each row with a simple form that I put inside the while(), and an UPDATE/WHERE statement to actually add the information to the table.
Instead of adding it to the specific row, it adds it to Every row. The only thing I can think of is that my WHERE condition is wrong, but I can't seem to figure it out. Maybe it just needs fresh eyes, or maybe I'm heading in Completely the wrong direction.
Also, any specific instructions on security, a better way to do it, etc. would be very helpful. I'm learning PHP on the fly and could use a helping hand. :)
<?php
$query = "SELECT * FROM client_information";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
$which_ad = $row['ID'];?>
<b>Name:</b> <? echo $row['billing_name']; ?> <br>
<b>Job Type:</b> <? echo $row['job_type']; ?> <br>
<b>Size:</b> <? echo $row['size']; ?> <br>
<b>Text:</b> <? echo $row['text']; ?> <br>
<b>Notes:</b> <? echo $notes; ?> <br>
<br><br>
<form action="small_update.php" method="POST">
<strong>Email Message:</strong><br>
<textarea rows="8" cols="60" name="email_message"></textarea>
<input type="submit" name="submit" value="Submit"></form>
<?
$email_message = htmlspecialchars ("{$_POST['email_message']}", ENT_QUOTES);
if (mysql_errno() != 0) {
die(mysql_error());
}
mysql_query(
"UPDATE client_information
SET email_message='$email_message'
WHERE ID='$which_ad'"
);
if (mysql_errno() != 0) {
die(mysql_error());
}
}
?>
You don't specify the id in your form:
<form action="small_update.php" method="POST">
<strong>Email Message:</strong><br>
<textarea rows="8" cols="60" name="email_message"></textarea>
<input type="hidden" name="id" value="<?php echo $which_ad; ?>">
<input type="submit" name="submit" value="Submit">
</form>
you need to also make sure you know what id was submitted:
"UPDATE client_information
SET email_message='$email_message'
WHERE ID='$_POST['id']'"
Of course, you're wide open to attacks like this as everyone else is saying. You need to look into mysqli or pdo to sanitize your input...
Ans also upon inspection you're evaluating your post data in the loop. Don't do that. Just do your evaluation before everything else is processed on the page...
<?php
if($_POST)
{
//run processing here
}
// do your fetch code here and display the forms...