**Hello..i know my type of question has been answered in different questions before;but i tried them all..none worked!So please have a look on my issue.
I've a table that contains form input fields where values come from database.I didn't wanted the values to be edited.So used "readonly". But the problem is:By the inspect element of a browser when readonly is removed..then the value can be edited and blank input can be submitted !!! So i want to disable the editing or at least want to disable the submit button if input field is empty.**
The code of the table:
<?php
if (isset($_POST['show'])) {
$class = $_POST["Class"];
$sql = "SELECT * FROM students WHERE Class='$class' ORDER BY Roll ";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
?>
<form action="" method="POST">
<table class="table table-bordered table-hover" style="width: 85%;text-align: center">
<tr >
<th>Roll</th>
<th>Student's Name</th>
<th>Attendance</th>
</tr>
<?php while ($row = $result->fetch_assoc()) { ?>
<tr>
<td><input value="<?php echo $row['Roll']; ?>" name="Roll[]" readonly required=""/></td>
<td><input value="<?php echo $row['Name']; ?>" name="Name[]" readonly required=""/></td>
<td><select name="Status[]">
<option value="0">0</option>
<option value="1">1</option>
</select></td>
</tr>
<?php } ?>
</table>
<input type="submit" name="save" value="Save" style="width: 50%;margin-left: 20%">
</form>
<?php
} else {
$message = "Sorry! No result!";
echo "<script type='text/javascript'>alert('$message');</script>";
}
$conn->close();
}
?>
The insertion code:
<?PHP
if (isset($_POST["save"])) {
foreach ($_POST["Roll"] as $rec => $value) {
$Roll = $_POST["Roll"][$rec];
$Name = $_POST["Name"][$rec];
$Status = $_POST["Status"][$rec];
$Date = date('Y-m-d');
$sql = "INSERT INTO `attendance`(`id`, `Date`, `Roll`, `Name`, `Status`) VALUES ('','$Date','$Roll','$Name','$Status')";
}
if ($conn->query($sql) === TRUE) {
$message = "Saved !";
echo "<script type='text/javascript'>alert('$message');</script>";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}
?>
this is correct way to not input empty field
$class = $_POST["Class"];
if(!empty($class)) {
$sql = "SELECT * FROM students WHERE Class='$class' ORDER BY DESC or ASC";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
}
}
?>
I edited part of your code to disallow editing. I hope it serves your pourpose. i used disabled attribute on the input tags.
<tr>
<td><input value="<?php echo $row['Roll']; ?>" name="Roll[]" disabled/></td>
<td><input value="<?php echo $row['Name']; ?>" name="Name[]" disabled/></td>
<td><select name="Status[]">
<option value="0">0</option>
<option value="1">1</option>
</select></td>
</tr>
Related
I'm pretty new to coding with php and SQL, so I'm probably going to have a lot of questions. But as the title states, I'm getting this error...
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
I'm not sure what this is referring to. I've gone over the code as much as I can, but I can't find a syntax error. Maybe it's something I just don't know yet.
<?php
// including the database connection file
include_once("config.php");
if(isset($_POST['update']) && isset($_GET['site']))
{
$sitenumber = $_POST['sitenumber'];
$videolink = $_POST['videolink'];
$daynight = $_POST['daynight'];
$maxtents = $_POST['maxtents'];
$maxpersons = $_POST['maxpersons'];
$geography = $_POST['geography'];
$view = $_POST['view'];
$forestcover = $_POST['forestcover'];
$waterfront = $_POST['waterfront'];
$firepit = $_POST['firepit'];
$description = $_POST['description'];
$reslink = $_POST['reslink'];
// checking empty fields
if(empty($sitenumber) || empty($videolink) || empty($daynight) ||
empty($maxtents) || empty($maxpersons) || empty($geography) ||
empty($view) || empty($forestcover) || empty($waterfront) ||
empty($firepit) || empty($description) || empty($reslink)) {
if(empty($sitenumber)) {
echo "<font color='red'>Site Number field is empty.</font><br/>";
}
if(empty($videolink)) {
echo "<font color='red'>YouTube Link field is empty.</font><br/>";
}
if(empty($daynight)) {
echo "<font color='red'>Day or overnight field is empty.</font>
<br/>";
}
if(empty($maxtents)) {
echo "<font color='red'>Maximum Tents field is empty.</font><br/>";
}
if(empty($maxpersons)) {
echo "<font color='red'>Maximum Persons field is empty.</font>
<br/>";
}
if(empty($geography)) {
echo "<font color='red'>Geography field is empty.</font><br/>";
}
if(empty($view)) {
echo "<font color='red'>View field is empty.</font><br/>";
}
if(empty($forestcover)) {
echo "<font color='red'>Forest Cover field is empty.</font><br/>";
}
if(empty($waterfront)) {
echo "<font color='red'>Waterfront Access field is empty.</font>
<br/>";
}
if(empty($firepit)) {
echo "<font color='red'>Firepit field is empty.</font><br/>";
}
if(empty($description)) {
echo "<font color='red'>Description field is empty.</font><br/>";
}
if(empty($reslink)) {
echo "<font color='red'>Reservation Link Access field is empty.
</font><br/>";
}
} else {
//updating the table
$result = mysqli_query($mysqli, "UPDATE sites SET
sitenumber='$sitenumber',videolink='$videolink',daynight='$daynight',
maxtents='$maxtents',maxpersons='$maxpersons',geography='$geography',
view='$view',forestcover='$forestcover',waterfront='$waterfront',
firepit='$firepit',description='$description',reslink='$reslink' WHERE
sitenumber=$sitenumber");
//redirectig to the display page. In our case, it is index.php
//header("Location: index.php");
}
}
echo mysqli_error($mysqli);
?>
<?php
//getting id from url
$sitenumber = $_GET['site'];
//selecting data associated with this particular id
$result = mysqli_query($mysqli, "SELECT * FROM sites WHERE
sitenumber=$sitenumber");
while($res = mysqli_fetch_array($result))
{
$sitenumber = $res['sitenumber'];
$videolink = $res['videolink'];
$daynight = $res['daynight'];
$maxtents = $res['maxtents'];
$maxpersons = $res['maxpersons'];
$geography = $res['geography'];
$view = $res['view'];
$forestcover = $res['forestcover'];
$waterfront = $res['waterfront'];
$firepit = $res['firepit'];
$description = $res['description'];
$reslink = $res['reslink'];
}
echo mysqli_error($mysqli);
?>
<html>
<head>
<title>Edit Data</title>
</head>
<body>
Home
<br/><br/>
<form name="form1" method="post" action="edit.php">
<table border="0">
<tr>
<td>Site Number</td>
<td><input type="number" name="sitenumber" value="<?php echo
$sitenumber;?>"></td>
</tr>
<tr>
<td>YouTube Link</td>
<td><input type="url" name="videolink" value="<?php echo
$videolink;?>"></td>
</tr>
<tr>
<td>Day or Overnight</td>
<td><select name="daynight" value="<?php echo $daynight;?>">
<option value="Day">Day</option>
<option value="Overnight">Overnight</option></td>
</tr>
<tr>
<td>Maximum Tents</td>
<td><input type="number" name="maxtents" value="<?php echo
$maxtents;?>"></td>
</tr>
<tr>
<td>Maximum Persons</td>
<td><input type="number" name="maxpersons" value="<?php echo
$maxpersons;?>"></td>
</tr>
<tr>
<td>Geography</td>
<td><input type="text" name="geography" value="<?php echo
$geography;?>"></td>
</tr>
<tr>
<td>View</td>
<td><input type="text" name="view" value="<?php echo $view;?>">
</td>
</tr>
<tr>
<td>Forest Cover</td>
<td><input type="text" name="forestcover" value="<?php echo
$forestcover;?>"></td>
</tr
<tr>
<td>Waterfront Access</td>
<td><select name="waterfront" value="<?php echo $waterfront;?>">
<option value="Yes">Yes</option>
<option value="No">No</option></td>
</tr>
<tr>
<td>Firepit Availability</td>
<td><select name="firepit" value="<?php echo $firepit;?>">
<option value="Yes">Yes</option>
<option value="No">No</option></td>
</tr>
<tr>
<td>Site Description</td>
<td><input type="text" name="description" value="<?php echo
$description;?>"></td>
</tr>
<tr>
<td>Reservation Link</td>
<td><input type="url" name="reslink" value="<?php echo $reslink;?
>"></td>
</tr>
<td><input type="hidden" name="site" value="<?php echo
$_GET['site'];?>"></td>
<td><input type="submit" name="update" value="Update"></td>
</tr>
</table>
</form>
</body>
</html>
Sorry for the long code here, but I felt it was a little necessary to see the full context here.
There is also a break somewhere with the variables. The sitenumber variable isn't updating, and every variable after that is getting this error...
Notice: Undefined variable: videolink in C:\wamp\www\code\edit.php on line 124
So, this is kind of a two pronged problem. Help would be greatly appreciated.
Correct this :
$result = mysqli_query($mysqli, "SELECT * FROM sites WHERE sitenumber='".$sitenumber."' ");
And this :
$result = mysqli_query($mysqli, "UPDATE sites SET
sitenumber='$sitenumber',videolink='$videolink',daynight='$daynight',
maxtents='$maxtents',maxpersons='$maxpersons',geography='$geography',
view='$view',forestcover='$forestcover',waterfront='$waterfront',
firepit='$firepit',description='$description',reslink='$reslink' WHERE
sitenumber='$sitenumber'");
Your SQL query seems good, but the problem can come from the values of your variables.
Since your query is not escaped properly (and it should be for better security), I would advise you to debug your query before executing.
This way you will be able to understand what is going to be executed in your database.
If you don't use xdebug, you can just put your query into a variable and then dump it using var_dump.
Then, open phpmyadmin (I assume you have an access to it, at least), and paste the value of your variable (which is your query) into the SQL editor. Then execute it and you should have a message explaining where the error is.
It will help you understand why it is important to use prepared statement by seeing which variable has a wrong value (meaning it includes a ' or a ", for instance).
I hope it will help
index.php
<div class="tab">
<button class="tablinks" onclick="openCity(event, 'Engineering')">Engineering</button>
<button class="tablinks" onclick="openCity(event, 'LAW')">LAW</button>
</div>
<div id="Engineering" class="tabcontent">
<table class="items">
<tr>
<th>State</th>
<th>College Name</th>
</tr>
<?php
$query = "select * from college where field = 'engineering'";
$show = mysqli_query($link,$query);
while ($fetch = mysqli_fetch_array($show))
{
?>
<tr>
<td><?php echo $fetch['state']?></td>
<td><?php echo $fetch['college_name']?></td>
<td>
edit
</td>
</tr>
<?php
}
?>
</table>
</div>
<div id="Law" class="tabcontent">
<table class="items">
<tr>
<th>State</th>
<th>College Name</th>
</tr>
<?php
$query = "select * from college where field = 'law'";
$show = mysqli_query($link,$query);
while ($fetch = mysqli_fetch_array($show))
{
?>
<tr>
<td><?php echo $fetch['state']?></td>
<td><?php echo $fetch['college_name']?></td>
<td>
edit
</td>
</tr>
<?php
}
?>
</table>
</div>
edit.php
<?php
if(isset($_POST['update']))
{
$college_name = $_POST['colleges'];
$state = $_POST['state'];
$sqli = "update college set college_name = '$college_name', state = '$state' where id = '$id'";
$results = mysqli_query($link,$sqli);
if($result == true)
{
$msg .= "<p style='color:green;'>Your data update successfully</p>";
}
else
{
$msg .= "<p style='color:red;'>Errror!</p>";
}
}
?>
<form method="POST" enctype="multipart/form-data" >
<select name="state" id="state">
<option value="<?php echo $stateid; ?>"><?php echo $statename; ?></option>
<option value="">Select State</option>
<?php
$sql = "select * from statemaster";
$result = mysqli_query($link,$sql);
while($row = mysqli_fetch_array($result))
{
echo "<option value=".$row['stateid'].">".$row['statename']."</option>";
}
?>
</select>
<select name="colleges" id="colleges">
<option value="<?php echo $college_name; ?>"><?php echo $college_name; ?></option>
<option value="">Select College</option>
</select>
<button type="submit" name='update' id='update'>update</button>
</form>
In this code when I click on edit button then it will go to edit.php page where I get id from url and run update query after updating table college the data will update but when I move from edit page to index.php page the data will remain same but in database update data will be there. So, How can I fix this issue ?
Thank You
Check for caching. It could be that the browser is not going to the server in order to get the contents of index.php, as it thinks it has it.
Try calling index.php with a variable, like:
Home
code:
<script>
$(document).ready(function(){
$(".menu").click(function(){
ids = $('.menu:checked').map(function() {
return this.id;
}).get().join(',');
console.log(ids);
$("#ids").val(ids);
});
});
</script>
<?php
if(isset($_POST['submit']))
{
$adminid = $_POST['admin'];
$menuids = explode(",", $_POST['ids']);
foreach ($menuids as $idd)
{
$sql = "update menu set admin_id = concat(admin_id,'$adminid',',') where id = '$idd'";
$result = mysqli_query($link,$sql);
}
if($result == true)
{
$msg .= "<p style='color:green'>successfull</p>";
}
else
{
$msg .= "<p style='color:red'>error!</p>";
}
}
?>
<form method="post">
<select name="admin" id="admin">
<option value="">---Select Admin---</option>
<?php
$sql = "select * from admin";
$result = mysqli_query($link,$sql);
while ($row = mysqli_fetch_array($result))
{
?>
<option value="<?php echo $row['id']; ?>"><?php echo $row['firstname']?></option>
<?php
}
?>
</select>
<table>
<tr>
<th>Share</th>
<th>Menu Name</th>
</tr>
<?php
$query = "select * from menu";
$results = mysqli_query($link,$query);
while ($fetch = mysqli_fetch_array($results))
{
?>
<tr>
<td>
<input type="checkbox" class="menu" id="<?php echo $fetch['id']; ?>" name="menuid" />
</td>
<td>
<?php echo $fetch['menu_name']; ?>
</td>
</tr>
<?php
}
?>
</table>
<input type="text" name="ids" id="ids" value=""/>
<input type="submit" name="submit" id="submit" />
</form>
In this code I am update a table having name menu in database. Now, I want to check only those checkbox where admin_id like ,1, or ,2, which is update by query. How can I fix this issue ?please please help.
Thank You
while ($fetch = mysqli_fetch_array($results))
{
?>
<tr>
<td>
<input type="checkbox" class="menu" value="<?php if($fetch['id']==1 or
$fetch['id']==2 ) { echo "checked";} else{} ?>" name="menuid" />
</td>
<td>
<?php echo $fetch['menu_name']; ?>
</td>
</tr>
<?php
}
?>
I have to make everything happened on the same page. I have used action="<?PHP echo $_SERVER['PHP_SELF']; ?>" here but it is not working. I have insert the PHP query below the form. Basically, my question is how do I make sure the form is posting the values on the same page. If it is updated, a pop up will come up.
$user_id=$_SESSION['user_id'];
$date = date("l jS \of F Y h:i:s A");
$query1 ="SELECT daily_limit FROM user WHERE user_id='$user_id'";
$result1 = mysqli_query($link, $query1) or die(mysqli_error($link));
while ($row1 = mysqli_fetch_array($result1)) {
$dailylimit=$row1['daily_limit'];
}
$query2 = "SELECT SUM(debit) AS debited_today FROM transaction WHERE user_id = '$user_id' AND date = CURRENT_DATE" ;
$result2 = mysqli_query($link, $query2) or die (msqli_error($link));
while ($row2 = mysqli_fetch_array($result2)){
$debited_today = $row2['debited_today'];
}
// form
<form method="POST" action="<?PHP echo $_SERVER['PHP_SELF']; ?>" >
<table id="table">
<tr>
<td class="alt">Existing Daily Limit</td>
<td>S$ <?php echo $dailylimit; ?> </td>
<input type="hidden" name="dailylimit" value="<?php echo $dailylimit ?> "/>
</tr>
<tr>
<td class="alt"><label for="newdailylimit">New Daily Limit</label></td>
<td>$ <select name="newdailylimit">
<option value="100.00">100.00</option>
<option value="500.00">500.00</option>
<option value="1000.00">1000.00</option>
<option value=5000.00">5000.00</option>
</select></td>
</tr>
<tr>
<td class="alt">Amount Debited Today</td>
<td>S$ <?php echo $debited_today; ?></td>
</tr>
<tr>
<td class="alt">Amount Debited Left</td>
<td>S$ <?php echo ($dailylimit - $debited_today); ?> </td>
</tr>
</table>
<br/>
<input type="submit" name="submit "value="Submit"></input>
</form>
// Values I need to POST
$dailylimit = $_POST['dailylimit'];
$newdailylimit = $_POST['newdailylimit'];
if ($dailylimit != $newdailylimit){
$query = "UPDATE user SET daily_limit='$newdailylimit' WHERE user_id='$user_id'";
$result = mysqli_query($link, $query) or die(mysqli_error($link));
echo "<script>alert('You have successfully updated your daily limit');</script>";
}
else if ($dailylimit == $newdailylimit){
echo "<script>alert('You have selected the same daily limit as your previous one. Please choose a different one. ');</script>";
}
else{
}
Ahh I may have found out what the problem is:
You have a space after the word submit and no space before value.
This will prevent your form from submitting.
<input type="submit" name="submit "value="Submit"></input>
---^ ^
Change this to:
<input type="submit" name="submit" value="Submit">
The double quote might mess things up.
Other things that are wrong but won't fix your problem
Also
<option value=5000.00">5000.00</option>
should be
<option value="5000.00">5000.00</option>
Also
<input type="hidden" name="dailylimit" value="<?php echo $dailylimit ?> "/>
// You have an extra space here ^
Which will change your $dailylimit, and append it with a space.
make your action=''. it will post to itself.
then on top of your page check if the request is post ex. if($_POST){//add your code}else{//yourform}
Good Day!
Guys can you help me to check why my is it that i cannot insert records using chekbox option on table..
Please Help..
Here's My Code...
--ADDING Subject Load for Teacher HTML Form-- (studsub.php)
<form action="setsubject.php" method="post">
<?php
include('../connect.php');
$id=$_GET['id'];
$result = mysql_query("SELECT * FROM student WHERE id='$id'");
while($row = mysql_fetch_array($result))
{
//$course=$row['course'];
//$year=$row['yearlevel'];
//$section=$row['section'];
$idnumber=$row['idnumber'];
echo '<br/>';
echo $row['lname'].", ".$row['fname'];
?>
<input type="hidden" name="studidnum" value="<?php echo $rows['idnumber']?>">
<?php }
?>
<br/><br/>
<label for="filter">Filter</label> <input type="text" name="filter" value="" id="filter" />
<table cellpadding="1" cellspacing="1" id="resultTable">
<thead>
<tr>
<th style="border-left: 1px solid #C1DAD7"><label>Assign</label></th>
<th style="border-left: 1px solid #C1DAD7"> Subject ID </th>
<th>Title</th>
<th>Units</th>
</tr>
</thead>
<tbody>
<?php
include('../connect.php');
$result = mysql_query("SELECT * FROM tbl_cur_sub where status='1' ");
while($row = mysql_fetch_array($result))
{
echo '<tr class="record">';
echo ' <td>' . '<input type="checkbox" name="subject[]" value="'.$rows['code'].'" />' . '</td> ' ;
echo '<td style="border-left: 1px solid #C1DAD7">'.$row['code'].'</td>';
echo '<td><div align="left">'.$row['subject'].'</div></td>';
echo '<td><div align="left">'.$row['units'].'</div></td>';
echo '</tr>';
}
?>
</tbody>
</table>
<br/>
Course<br>
<select name="course" class="ed">
<?php
include('../connect.php');
$results = mysql_query("SELECT * FROM course");
while($rows = mysql_fetch_array($results))
{
echo '<option>'.$rows['coursecode'].'</option>';
}
?>
</select>
<select name="yearlevel" class="ed">
<?php
include('../connect.php');
$results = mysql_query("SELECT * FROM tbl_yrlevel");
while($rows = mysql_fetch_array($results))
{
echo '<option>'.$rows['yearlevel'].'</option>';
}
?>
</select>
<select name="section" class="ed">
<option>A</option>
<option>B</option>
<option>C</option>
<option>D</option>
</select>
<br>
<br>
<input type="submit" value="Assign" id="button1">
</form>
--The Submission Page -- (setsubject.php)
<?php
include('../connect.php');
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str)
{
$str = #trim($str);
if(get_magic_quotes_gpc())
{
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$course = clean($_POST['course']);
$section = clean($_POST['section']);
$yearlevel = clean($_POST['yearlevel']);
$studidnum=$_POST['studidnum'];
$subject=$_POST['subject'];
$N = count($subject);
for($i=0; $i < $N; $i++)
{
mysql_query("INSERT INTO studentsubject (student, subject, section, course, level) VALUES ('$studidnum', '$subject[$i]','$section','$course', '$level')");
}
header("location: student.php");
mysql_close($con);
?>
--My Database--
TABLE: studentsubject
FIELDS: student, subject, section, course, level
Thanks IN advance for the Help..
TRY
mysql_query("SELECT * FROM tbl_cur_sub where status=1 ");
change the mysql statement...you need to differ the variable and string in the query
$result = mysql_query("SELECT * FROM student WHERE id='".$id."'");