I have this function:
function dulide($uid) {
global $mysqli, $sm;
$city = $mysqli->query("SELECT city FROM users WHERE id = '" . $sm['user']['id'] . "'");
$haha = $city->fetch_assoc();
$citye = $haha['city'];
$sql = "SELECT id,age,name,email,city,fixed FROM users WHERE fixed=1 AND city = '" . $citye . "' LIMIT 5";
$query = $mysqli->query($sql);
if ($query->num_rows > 0) {
while ($user = $query->fetch_object()) {
$return .= '<tr><td> ' . $user->name . ' </td></tr><tr><td>';
$uid = $user->id;
$photos = $mysqli->query("SELECT photo FROM users_photos WHERE approved = 1 and profile = 1 and u_id = '" . $uid . "' order by id desc LIMIT 1");
if ($photos->num_rows > 0) {
while ($up = $photos->fetch_object()) {
$return .= '<img src="' . $up->photo . '" alt="Smiley face" height="50" width="50">';
}
}
$return .= ' </td></tr> ';
}
}
return $return;
}
When I try to call the function with
<?=dulide($uid); ?>
Nothing happens. Do anyone have a solution for this?
Huge amount of charma and blessings is given out! :)
Thanks on behalf
So turns out there was a database fault that made my function not work..Thanks for your help, another time would be good to make }else{ after num rows to post if no result :)
Related
I have a page that display the logs of student according to date, year, section and IN/OUT. My question, how to count the number of student who displayed by filtering.
screenshot:http://oi60.tinypic.com/2a5ejgg.jpg
This is the code.
//SET UP SQL STATEMENT
$WHERE='';
if ($year<>'0')
{
$WHERE = " student.year = $year ";
}
if ($section<>'0')
{
if ($WHERE=='')
{
$WHERE = " student.section = '" . $section . "'";
}
else
{
$WHERE = $WHERE . "and student.section = '" . $section . "'";
}
}
//SET UP SQL STATEMENT
if ($in_out<>'0')
{
if ($WHERE=='')
{
$WHERE = " `log`.status_log = '" . $in_out . "'";
}
else
{
$WHERE = $WHERE . "and `log`.status_log = '" . $in_out . "'";
}
}
//SET UP SQL STATEMENT
if ($datefilter<>'')
{
if ($WHERE=='')
{
$WHERE = " `log`.date_log = '" . $datefilter . "'";
}
else
{
$WHERE = $WHERE . "and `log`.date_log = '" . $datefilter . "'";
}
}
$start = ($page-1)*$per_page;
if ($WHERE=='')
{
//SET UP SQL STATEMENT
$sql = "SELECT `log`.id, (student.id) as ids, student.name,
student.`year`, student.section, `log`.date_log,
`log`.time_log, `log`.ampm, `log`.status_log,
section.sec_name
FROM `log`
Inner Join student ON student.cardcode = `log`.stud_id
Inner Join section ON section.id = student.section
order by `log`.id DESC
limit $start,$per_page";
}
else
{//SET UP SQL STATEMENT SELECT COUNT(*) AS totalin FROM log WHERE status_log='in'
$sql = "SELECT `log`.id, (student.id) as ids, student.name,
student.`year`, student.section, `log`.date_log,
`log`.time_log, `log`.ampm, `log`.status_log,
section.sec_name
FROM `log`
Inner Join student ON student.cardcode = `log`.stud_id
Inner Join section ON section.id = student.section
WHERE $WHERE
order by `log`.id DESC
limit $start,$per_page";
}
//EXECUTE SQL STATEMENT
$result = mysql_query($sql);
//OOP ALL QUERY DATA ON LOAD AS LIST
while($row = mysql_fetch_array($result))
{
echo '<tr style="font-size: 12px;" class="record">';
echo '<td ><a style="text-decoration:none; color:#4F6B72" href="studentlog.php?id='.$row['ids'].'"</a>' .$row['name']. '</td>';
if ($row['year']=='1')
{ echo '<td> 1st</td>';}
else if ($row['year']=='2')
{ echo '<td> 2nd</td>';}
else if ($row['year']=='3')
{ echo '<td> 3rd</td>';}
else if ($row['year']=='4')
{ echo '<td> 4th</td>';}
echo '<td >'. $row['sec_name']. '</td>';
echo '<td >'. $row['status_log'] .'</td>';
echo '<td>'.$row['date_log'].'</td>';
echo '<td>'.$row['time_log'] . ' ' . $row['ampm'] .'</td>';
}
Once you have executed the query you can us mysql_num_rows() which tells you the actual number of row return by the query
So
//EXECUTE SQL STATEMENT
$result = mysql_query($sql);
$rows_returned = mysql_num_rows($result);
As it seems obvious you are just learning PHP and MYSQL can I suggest that you do not use the mysql_ extension!
Instead learn mysqli_ or PDO see this document for why
use query for access the $current_rank this value want to access in different query but this value can not access any where in different query so how to access $current_rank......
$query = "select * from menu_master where menu_id =
$row_id and hotel_id='" . $_REQUEST['hotel_id'] . "'";
$result = mysql_query($query)."<br/>";
while($row=mysql_fetch_array($result))
{
$rank = $row['set_rank'];
}
$current_rank = $rank;
//echo $current_id = $row_id."<br/>";
//echo $new_rank =$_REQUEST['set_rank']."<br/>";
$sql = "select * from menu_master where set_rank = '$new_rank ' and hotel_id='".$_REQUEST['hotel_id']."'" ;
// echo $sql."<br/>";
$rs = mysql_query($sql)."<br/>";
while($row = mysql_fetch_array($rs))
{
$menu_id = $row['menu_id'];
$sql="update menu_master
set set_rank=$current_rank where menu_id= $menu_id and hotel_id='".$_REQUEST['hotel_id']."'";
//echo $sql."<br/>";
mysql_query($sql)."<br/>";
}
$sql="update menu_master set menu_name = '" . mysql_real_escape_string($_REQUEST['menu_name']) . "',
menu_name_ar = '" . mysql_real_escape_string($_REQUEST['menu_name_ar']) . "',
is_active = '" . $is_active . "',
set_rank = $new_rank where menu_id = '$current_id' and hotel_id='".$_REQUEST['hotel_id']."'";
//echo $sql."<br/>";
//exit;
mysql_query($sql);
Your current_rank seems to be an array. If you have single value in current_rank, then do not use while loop for it.
Just use $row=mysql_fetch_array($result);
$current_rank = $row['set_rank'];
Also you have commented out this line.
//echo $new_rank =$_REQUEST['set_rank']."";
So you have no value for $new_rank
I've got a function that should return me a set of links based on an user id. What the function does momentarily is that it returns me just one link instead a set of links based on an user id. The function looks like this:
function retrieve_image_link($user_id)
{
$query = mysql_query("SELECT `image_link` FROM `imgit_images` WHERE user_id = '" . intval($user_id) . "'");
while ($row = mysql_fetch_assoc($query))
{
$link = $row['image_link'] . '<br />';
}
mysql_free_result($query);
return $link;
}
So this is the code that should get me multiple links instead of just one. Where is the problem that the query returns a string instead of an array?
Please help!
you need to apply links to an array like $array[] = "link";
function retrieve_image_link($user_id)
{
$query = mysql_query("SELECT `image_link` FROM `imgit_images` WHERE user_id = '" . intval($user_id) . "'");
while ($row = mysql_fetch_assoc($query))
{
//add bracktes to $link to return an array
$link[] = $row['image_link'] . '<br />';
}
mysql_free_result($query);
return $link;
}
or use .= opperator if you want all the links in one big string
function retrieve_image_link($user_id)
{
$query = mysql_query("SELECT `image_link` FROM `imgit_images` WHERE user_id = '" . intval($user_id) . "'");
while ($row = mysql_fetch_assoc($query))
{
//add . to = to append string to $link
$link .= $row['image_link'] . '<br />';
}
mysql_free_result($query);
return $link;
}
It seems the problem is here
$link = $row['image_link'] . '<br />';
At the end of the loop, $link should have last value instead of all the values. You have to append each link or create an array to push each link.
$link = $row['image_link'] . '<br />';
You're overwriting the value of $link in the loop. Add [] to make it an array:
function retrieve_image_link($user_id)
{
$query = mysql_query("SELECT `image_link` FROM `imgit_images` WHERE user_id = '" . intval($user_id) . "'");
$link = array( );
while ($row = mysql_fetch_assoc($query))
{
$link[] = $row['image_link'] . '<br />';
}
mysql_free_result($query);
return $link;
}
use .=
function retrieve_image_link($user_id)
{
$query = mysql_query("SELECT `image_link` FROM `imgit_images` WHERE user_id = '" . intval($user_id) . "'");
while ($row = mysql_fetch_assoc($query))
{
$link .= $row['image_link'] . '<br />';
}
mysql_free_result($query);
return $link;
}
I looked through the stack questions and answers, but didn't see anything I could directly apply here. Maybe I'm just missing something.
The code below works fine, except when I include my where statement which refers to the value of the $wp_user_id variable.
I've checked that the variable IS actually being populated with a $user_id when the script is loaded. It appears that the value of this variable is lost right after the call to the conManager function, but I don't understand why. There doesn't appear to be anything within the ConnectionManager.php file (which defines the conManager function) which would touch this variable, so I'm at a loss.
I'm a PHP hack, so go easy on me, but what is causing me to lose the value of my variable, and how do I address it? Here's the code:
<?php
include_once("/home/evaluate/public_html/admin/php/ConnectionManager.php");
header('Content-type:text/javascript;charset=UTF-8');
$wp_user_id = $_GET["user"];
$json1=json_decode(stripslashes($_POST["_gt_json"]));
$pageNo = $json1->{'pageInfo'}->{'pageNum'};
$pageSize = $json1->{'pageInfo'}->{'pageSize'};
if(isset($json1->{'sortInfo'}[0]->{'columnId'})){
$sortField = $json1->{'sortInfo'}[0]->{'columnId'};
}
else{
$sortField = "miles_on_oil";
}
if(isset($json1->{'sortInfo'}[0]->{'sortOrder'})){
$sortOrder = $json1->{'sortInfo'}[0]->{'sortOrder'};
}
else{
$sortOrder = "ASC";
}
if($json1->{'sortInfo'}[0]->{'sortOrder'} == "defaultsort"){
$sortField = "miles_on_oil";
$sortOrder = "ASC";
}
if($json1->{'filterInfo'}[0]->{'value'} != "") {
for ($i = 0; $i < count($json1->{'filterInfo'}); $i++) {
if($json1->{'filterInfo'}[$i]->{'logic'} == "equal"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . "='" . $json1->{'filterInfo'}[$i]->{'value'} . "' ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "notEqual"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . "!='" . $json1->{'filterInfo'}[$i]->{'value'} . "' ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "less"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . "<" . $json1->{'filterInfo'}[$i]->{'value'} . " ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "lessEqual"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . "<=" . $json1->{'filterInfo'}[$i]->{'value'} . " ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "great"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . ">" . $json1->{'filterInfo'}[$i]->{'value'} . " ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "greatEqual"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . ">=" . $json1->{'filterInfo'}[$i]->{'value'} . " ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "like"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . " LIKE '%" . $json1->{'filterInfo'}[$i]->{'value'} . "%' ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "startWith"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . " LIKE '" . $json1->{'filterInfo'}[$i]->{'value'} . "%' ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == "endWith"){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . " LIKE '%" . $json1->{'filterInfo'}[$i]->{'value'} . "' ";
}elseif($json1->{'filterInfo'}[$i]->{'logic'} == ""){
$filter .= $json1->{'filterInfo'}[$i]->{'columnId'} . " LIKE '%" . $json1->{'filterInfo'}[$i]->{'value'} . "' ";
}
$filter .= " AND ";
}
}
else {
$filter = '';
}
//print_r ($json1);
//die;
// Temp TEsting Values
// End Temp Testing Values
$conManager = new ConManager();
$conManager->getConnection();
if($json1->{'action'} == 'load'){
//to get how many records totally.
$sql = "select count(*) as cnt from oil_analysis_data where $filter user_id = '".$wp_user_id."'";
$handle = mysql_query($sql);
$row = mysql_fetch_object($handle);
$totalRec = $row->cnt;
$sql2 = "select * from oil_analysis_data where $filter user_id = '".$wp_user_id."' ORDER BY " . $sortField . " " . $sortOrder . " limit " . ($pageNo - 1)*$pageSize . ", " . $pageSize;
$handle2 = mysql_query($sql2);
$retArray2 = array();
while($row2 = mysql_fetch_assoc($handle2)) {
// Grab Vehicle Make, Model & Year "Names" from their respective tables & insert into the array
$year = "select Name from vehicle_data_years where ID = {$row2['list1']}";
$year1 = mysql_query($year);
$year2 = mysql_fetch_assoc($year1);
$year3 = $year2['Name'];
$make = "select Name from vehicle_data_makes where ID = {$row2['list2']}";
$make1 = mysql_query($make);
$make2 = mysql_fetch_assoc($make1);
$make3 = $make2['Name'];
$model = "select Name from vehicle_data_all where ID = {$row2['list3']}";
$model1 = mysql_query($model);
$model2 = mysql_fetch_assoc($model1);
$model3 = $model2['Name'];
$row2['list1'] = $year3;
$row2['list2'] = $make3;
$row2['list3'] = $model3;
// Grab Motor oil Viscosity, Brand & Product "Names" from their respective tables & insert into the array
$visc = "select name from viscosity where id = {$row2['viscosity']}";
$visc1 = mysql_query($visc);
$visc2 = mysql_fetch_assoc($visc1);
$visc3 = $visc2['name'];
$brand = "select brandname from oil_brand where brandid = {$row2['brand']}";
$brand1 = mysql_query($brand);
$brand2 = mysql_fetch_assoc($brand1);
$brand3 = $brand2['brandname'];
$product = "select product_name from oil_data where id = {$row2['product']}";
$product1 = mysql_query($product);
$product2 = mysql_fetch_assoc($product1);
$product3 = $product2['product_name'];
$row2['viscosity'] = $visc3;
$row2['brand'] = $brand3;
$row2['product'] = $product3;
if($row2['bypass_filtration'] == 1) {
$row2['bypass_filtration'] = "<img src='http://themotoroilevaluator.com/admin/php/crud/images/checkmark.png' style='border: 0px;'>";
}
else {$row2['bypass_filtration'] = "";
}
if($row2['oil_change'] == 1) {
$row2['oil_change'] = "<img src='http://themotoroilevaluator.com/admin/php/crud/images/checkmark.png' style='border: 0px;'>";
}
else {$row2['oil_change'] = "";
}
$retArray[] = $row2;
}
$analysis_data = json_encode($retArray);
$ret = "{data:" . $analysis_data .",\n";
$ret .= "pageInfo:{totalRowNum:" . $totalRec . "},\n";
$ret .= "recordType : 'object'}";
echo $ret;
}
?>
I'm curious, why do you add a semi colon after the $wp_user_id; ? I've noticed you doing this in more than one place. This may be the culprit.
$filter user_id = '".$wp_user_id;."'";
Nevermind. It would appear that my problem actually resulted from a change in my code that I had forgotten about. I changed $_REQUEST['user'] to $_GET['user'], thinking that, in this case, since the value was being passed as a URL query string, that wouldn't be a problem.
To be honest, I'm still not entirely sure why that made a difference - although I can research that on my own. But, at any rate, changing that back corrected my problem entirely.
Thanks to those who responded, though. Even if not solutions to my actual problem, the information from both turned out to be very useful.
Any hacker can severely screw up or delete your database because of the way you use direct user provided data to build up your SQL query. Please instead read up on SQL Injection, and the use of PHP prepared statements.
Relevant
I have an attendance page which outputs a list of students in a class through the following loop:
$sql10 = "SELECT class.name, student_to_class.class_id, student_to_class.student_id
FROM
student_to_class
INNER JOIN
class
ON class.id=student_to_class.class_id
WHERE
class.name = '$classid'";
$result10 = mysql_query($sql10) or die(mysql_error());
while ($row = mysql_fetch_array($result10)) {
$student = $row['student_id'];
$classid = $row['class_id'];
$sql3 = "select * from student where id = '$student'";
$result3 = mysql_query($sql3) or die(mysql_error());
$row3 = mysql_fetch_assoc($result3);
$studentfname = $row3['first_name'];
$studentlname = $row3['last_name'];
$sql4 = "select * from student where first_name = '$studentfname' AND last_name = '$studentlname'";
$result4 = mysql_query($sql4) or die(mysql_error());
$row4 = mysql_fetch_assoc($result4);
$studentrfid = $row4['rfid'];
$sql5 = "select * from class where id = '$classid'";
$result5 = mysql_query($sql5) or die(mysql_error());
$row5 = mysql_fetch_assoc($result5);
$class_name = $row5['name'];
//Define the default variables assuming attendance hasn't been taken.
$david = "select * from student where rfid='$studentrfid'";
$davidresult = mysql_query($david) or die(mysql_error());
$drow = mysql_fetch_assoc($davidresult);
if (($drow['excused'] == '1') && ($drow['excuseddate'] == $date)) {
//if($drow['excuseddate'] == $date;
$excusedabsense = '<option value="Excused Absense" label="Excused Absense" selected="selected">Excused Absense</option>';
} else {
$excusedabsense = '';
}
$presentpunctual = '<option value="Present" label="Present">Present</option>';
$presenttardy = '<option value="Tardy" label="Tardy">Tardy</option>';
$unexcusedabsense = '<option value="Absent" label="Absent">Absent</option>';
if (isset($_POST['editdate'])) {
$date = $_POST['date'];
}
$realfname = $studentfname;
$reallname = $studentlname;
$sql4 = "select * from attendance_main where StudentID = '$studentrfid' AND date = '$date' AND classID = '$class_name'";
$result4 = mysql_query($sql4) or die(mysql_error());
$row4 = mysql_fetch_assoc($result4);
if ($row4['status'] == "Present") {
$presentpunctual = '<option value="Present" label="Present" selected="selected">Present</option>';
} else {
$presentpunctual = '<option value="Present" label="Present">Present</option>';
}
if ($row4['status'] == "Tardy") {
$presenttardy = '<option value="Tardy" label="Tardy" selected="selected">Tardy</option>';
} else {
$presenttardy = '<option value="Tardy" label="Tardy">Tardy</option>';
}
if ($row4['status'] == "Absent") {
$unexcusedabsense = '<option value="Absent" label="Absent" selected="selected">Absent</option>';
} else {
$unexcusedabsense = '<option value="Absent" label="Absent">Absent</option>';
}
$b++;
echo "<tr>";
if (!isset($dateform)) {
$dateform = date('m/d/Y');
}
$date = date('m/d/Y');
echo '<td><iframe src="flag.php?&flagdate=' . $dateform . '&curdate=' . $date . '&class=' . $classid . '&flag=1&user=' . $studentrfid . '&curflag=' . $realrfid['flag'] . '&flagclass=' . $classname . '" width="50" height="30" frameborder="0" scrolling="no"> </iframe></td>';
//Yesterday
$sql8 = "select * from attendance_main where StudentID = '$studentrfid' AND date='$yesterdaysql' AND classID = '$class_name'";
$result8 = mysql_query($sql8) or die(mysql_error());
$tooltiprow = mysql_fetch_assoc($result8);
if (mysql_num_rows($result8) == 0) {
$tooltipresult_yesterday = "N/A";
} else {
$tooltipresult_yesterday = $tooltiprow['status'];
}
//2 days
$sql8 = "select * from attendance_main where StudentID = '$studentrfid' AND date='$days2sql' AND classID = '$classid'";
$result8 = mysql_query($sql8) or die(mysql_error());
$tooltiprow = mysql_fetch_assoc($result8);
if (mysql_num_rows($result8) == 0) {
$tooltipresult_2days = "N/A";
} else {
$tooltipresult_2days = $tooltiprow['status'];
}
//3 days
$sql8 = "select * from attendance_main where StudentID = '$studentrfid' AND date='$days3sql' AND classID = '$class_name'";
$result8 = mysql_query($sql8) or die(mysql_error());
$tooltiprow = mysql_fetch_assoc($result8);
if (mysql_num_rows($result8) == 0) {
$tooltipresult_3days = "N/A";
} else {
$tooltipresult_3days = $tooltiprow['status'];
}
$tooltip = "<b>" . $yesterday . ":</b> " . $tooltipresult_yesterday . " - <b>" . $days2 . ":</b> " . $tooltipresult_2days . " - <b>" . $days3 . ":</b> " . $tooltipresult_3days;
echo "
<!-- Loop #" . $b . " --> <td><a href='#'";
?> onMouseover="ddrivetip('<?php
echo $tooltip;
?>')"; onMouseout="hideddrivetip()"> <?php
echo $realfname . " " . $reallname . "</a></td>";
echo '<td>
<select name="status' . $b . '">
' . $presentpunctual . '
' . $presenttardy . '
' . $excusedabsense . '
' . $unexcusedabsense . '
</select>
' . $hiddenfield . '
<input type="hidden" name="i" value="' . $b . '" />
<input type="hidden" name="studentid' . $b . '" value="' . $studentrfid . '">
<input type="hidden" name="classid" value="' . $class_name . '"></td>
<td><input type="text" name="comments' . $b . '" size="40" /></td></tr>
<!-- End Loop -->';
}
}
}
It essentially prints out student name and a drop down of statuses (if attendance was taken that day, the status will be whatever is set in the database). The date, flag, and tooltip functions are extra additions. (Date is for previous days, tooltip shows previous attendance on hover)
This data is being executed through the following loop:
if (isset($_GET['update'])) {
mysql_query("UPDATE teacher_accounts SET attendance = '1' WHERE username = '$username'") or die(mysql_error());
$error = 0;
$limit = $_GET['i'];
$starter = 0;
$num = 0;
while ($starter < $limit) {
$num++;
$statusinc = "status" . $num;
$studentinc = "studentid" . $num;
$commentsinc = "comments" . $num;
$starter++;
$studentID = $_GET[$studentinc];
$status = $_GET[$statusinc];
$comments = $_GET[$commentsinc];
$date = date("m/d/Y");
$sql = "select * from student where id = '$studentID'";
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_assoc($result);
$classid = $_GET['classid'];
if (isset($_GET['dateedit'])) {
$date = $_GET['dateedit'];
$count = "select * from attendance_main where StudentID = '$studentID' AND date = '$date' AND classID='$classid'";
$cresult = mysql_query($count) or die(mysql_error());
if (mysql_num_rows($cresult) > 0) {
$sql = "UPDATE attendance_main SET status='$status',comments='$comments',date='$date',classID='$classid' where StudentID = '$studentID'";
} else {
$sql = "INSERT INTO attendance_main (StudentID,status,comments,date,classID) VALUES ('$studentID','$status','$comments','$date','$classid')";
}
if (mysql_query($sql)) {
$return = "<h3>Successfully updated the attendance.</h3>";
}
} else {
$count = "select * from attendance_main where StudentID = '$studentID' AND date = '$date' AND classID='$classid'";
$cresult = mysql_query($count) or die(mysql_error());
if (mysql_num_rows($cresult) > 0) {
$sql = "UPDATE attendance_main SET status='$status',comments='$comments',date='$date',classID='$classid' where StudentID = '$studentID'";
if (mysql_query($sql)) {
$return = "<h3>Successfully updated the attendance for " . $num . " students.</h3>";
}
} else {
$sql = "INSERT INTO attendance_main (StudentID,status,comments,date,classID) VALUES ('$studentID','$status','$comments','$date','$classid')";
if (mysql_query($sql)) {
$return = "<h3>Successfully inserted today's attendance for " . $num . " students.";
}
}
}
}
echo $return;
For some reason, data is sometimes not being inserted properly. For example, a teacher might submit attendance on 02/08/2011, for a specific class, and certain students might appear twice under that attendance. This shouldn't be the case according to the code, because it should first check if they exist and, if they do, update the record rather than insert.
I've also seen cases where records are randomly deleted altogether. When a teacher takes attendance, all statuses are automatically set to Present. However, when I searched records on a certain date in the database, 2 students were missing records (which isn't even possible unless its being deleted)
Anyone have any idea why this might happen? I've tried replicating it myself (by repeatedly submitting the form, refreshing the page after it's processed, etc, to no avail.)
Thank you for the help!
Your query that check if a record exists is looking for all 3. 1) $studentID, 2) $classid and 3) $classid However the UPDATE statement is just looking for $studentID.
I would suggest you create a PRIMARY KEY (or UNIQUE INDEX) on StudentID,date,classID, then use the MySql INSERT ON DUPLICATE KEY UPDATE...
INSERT INTO attendance_main (StudentID,status,comments,date,classID)
VALUES ('$studentID','$status','$comments','$date','$classid')
ON DUPLICATE KEY UPDATE
status = VALUES(status),
comments = VALUES(comments)
Don't forget to sanitize the database input by using mysql_real_escape_string for example $status = mysql_real_escape_string($_GET[$statusinc]);.