I have searched a long way for the result but still no success on this. I am trying to select radio button and hence showing its result on same page but my query somehow not getting records for the same. It says MySQL "QUERY EMPTY". Please let me know where am I doing wrong. Here is my code for that. A help would be highly appreciated.
PHP
<?php
include 'blocks/headerInc.php' ;
$errmsg = $module_id = $query = $date_from = $date_to = $sql1 = "";
//Search section start here
/*$sqlQuery = "SELECT * FROM tbl_user WHERE type =3 ";
if (isset($_REQUEST['submit'])) {
if (!empty($_REQUEST['date_from'])) {
$date_from = date("Y-m-d", strtotime($_REQUEST['date_from']));
}
if (!empty($_REQUEST['date_to'])) {
$date_to = date("Y-m-d", strtotime($_REQUEST['date_to']));
}
if (!empty($date_to) && empty($date_from)) {
$errmsg = "Please select valid date range.";
}
if (!empty($date_to) && (strtotime($date_from) > strtotime($date_to))) {
$errmsg = "Please select valid date range.";
}
if ($errmsg == '') {
if (!empty($date_to) && (strtotime($date_from) <= strtotime($date_to))) {
$sqlQuery .= " AND created_on BETWEEN '$date_from' AND '$date_to'";
}
$sqlQuery .= " order by id DESC";
}
$date_from = date("m/d/Y", strtotime($date_from));
$date_to = date("m/d/Y", strtotime($date_to));
$date_from = $date_from != '01/01/1970' ? $date_from : '';
$date_to = $date_to != '01/01/1970' ? $date_to : '';*/
if (isset($_POST['users']) && $_POST['users'] == 'approved') {
$sql1 = mysql_query("SELECT * FROM tbl_user WHERE type =3 and status = 1");
//$result = ($sql1);
while ($row = $sql1->fetch_assoc()) {
$users[] = $row;
}
} elseif (isset($_POST['users']) && $_POST['users'] == 'unapproved') {
$sql1 = mysql_query("SELECT * FROM tbl_user WHERE type =3 and status = 0");
//$result = mysql_query($sql1);
while ($row = $sql1->fetch_assoc()) {
$users[] = $row;
}
} elseif (isset($_POST['users']) && $_POST['users'] == 'all') {
$sql1 = mysql_query("SELECT * FROM tbl_user WHERE type =3");
//$result = mysql_query($sql1);
while ($row = $sql1->fetch_assoc()) {
$users[] = $row;
}
}
//}
?>
HTML:
<div class="container pagecontainer">
<!-- Static navbar -->
<div class="row row-offcanvas row-offcanvas-right">
<!--/.col-xs-12.col-sm-9-->
<div class="col-sm-3 col-md-3 sidebar" id="sidebar">
<div id="left_panel" class="clearfix left">
<?php include 'blocks/leftnavInc.php' ; ?>
</div>
</div>
<div class="col-xs-12 col-sm-9 page-right">
<div class="panel panel-primary">
<div class="panel-heading">Search Registered Candidate</div>
<div class="panel-body">
<div class="column col-sm-offset-0">
<?php if($errmsg!="") echo "<div class='error'>".ucwords($errmsg)."</div>"; ?>
<form class="form-horizontal" method="get" action="">
<div class="form-group">
<div class="col-md-6">
<div class="col-md-4">
<label for="username" class="control-label">Date From:</label>
</div>
<div class="col-md-8">
<div class="input-group date">
<input class="form-control datepicker" data-val="true" data-val-date="The field Dob must be a date." data-val-required="The Dob field is required." id="Dob" name="date_from" placeholder="Date From" type="text" value="<?php echo $date_from ; ?>" >
</div>
</div>
</div>
<div class="col-md-6">
<div class="col-md-4">
<label for="username" class="control-label">Date To:</label>
</div>
<div class="col-md-8">
<div class="input-group date">
<input class="form-control datepicker" data-val="true" data-val-date="The field Dob must be a date." data-val-required="The Dob field is required." id="Dob" name="date_to" placeholder="Date To" type="text" value="<?php echo $date_to ; ?>" >
</div>
</div>
</div>
</div>
<div class="form-group">
<div class="col-md-6">
<div class="col-md-8 text-left">
<button type="submit" name="submit" value="submit" class="btn btn-success"><i class="glyphicon glyphicon-floppy-disk"></i> Search</button>
<button type="reset" onClick="javascript:window.location.href='reportRegisteredUsers.php'" class="btn btn-danger"><i class="glyphicon glyphicon-ban-circle"></i> Cancel</button>
</div>
</div>
<div class="col-md-6">
<div class="col-md-4">
<label for="username" class="control-label"> </label>
</div>
<div class="col-md-8 text-right">
</div>
</div>
</div>
</form>
</div>
</div>
</div>
<div class="panel panel-primary">
<div class="panel-heading">Report:Registered Candidate</div>
<div class="panel-body">
<input type="radio" name="users" value="all" checked="checked"> All Candidates<br>
<input type="radio" name="users" value="approved"> Approved Candidates<br>
<input type="radio" name="users" value="unapproved"> Unapproved Candidates<br> </form>
<div class="column col-sm-offset-0">
<table id="example" class="table table-striped table-hover table-bordered dataTableReport dt-responsive nowrap" cellspacing="0" width="100%">
<thead>
<tr>
<th>S.No.</th>
<th>Email ID</th>
<th>SBI Employee ID</th>
<th>Name</th>
<th>Mobile No.</th>
<th>Date of Birth</th>
<th>Registration Date</th>
</tr>
</thead>
<tbody>
<?php
$sqr = $db->query($sql1);
//print_r($sqr);
//$i = 1 ;
//$sq = $db->query($sqlQuery);
$i = 1 ;
if($db->affected_rows > 0)
{
while($row=mysql_fetch_array($sqr))
{
extract($row);
?>
<tr>
<td><?php echo $i ; ?></td>
<td><?php echo $email ; ?></td>
<td><?php echo $employee_id ; ?></td>
<td><?php echo $first_name." ".$middle_name." ".$last_name ; ?></td>
<td><?php echo $mobile ; ?></td>
<td><?php if($dob !='1970-01-01'){echo date("d-m-Y", strtotime($dob)) ; }?></td>
<td><?php echo date("d-m-Y", strtotime($created_on)) ; ?></td>
</tr>
<?php $i++;}} ?>
</tbody>
</table>
</div>
</div>
</div>
<div>
<button type="reset" onClick="javascript:history.go(-1)" class="btn btn-danger"><i class="glyphicon glyphicon-ban-circle"></i> Go Back</button>
</div>
<!--/row-->
</div>
<!--/.sidebar-offcanvas-->
</div>
</div>
<?php include 'blocks/footerInc.php'; ?>
Does this need to be strictly PHP and MySQL? Can we include some JavaScript/jQuery? While this doesn't answer your question directly, I hope it helps.
For your issue, I would detect the change event of your radio field and fire off a quick jQuery $.post to process the selection.
When your JavaScript sends a POST request to your PHP, you would run your PHP logic and return (or echo) the result. This can then be "digested" by your JavaScript. Here is a simple/rough example using jQuery and PHP. Adapt to your needs:
<script>
// # on ready
$(function() {
// # current document - assumes you'll be submitting to self
var self = document.location.href;
// # when changing the user radios
$('input[type=radio][name=users]').change(function() {
// # grab the value of the radio and create a js array to post
var postData = {'users': $(this).val()};
// # post the postData to your PHP
$.post(self, postData).done(function(data, status, xhr) {
// # assumes you're returning JSON data
data = jQuery.parseJSON(data);
// # add your logic here
console.log('POST Response', data);
// # update an element with the returned data or response:
$('#example').before('<div>'+ data +'</div>');
});
});
});
</script>
Regarding your PHP code, as other users have suggested, you're using mysql_ functions that are no longer supported on modern versions of PHP. You're quickest and dirtiest adjustment, without rewriting everything, is to use mysqli_ functions (notice the additional 'i').
You're already listening for the $_POST['users'] parm, so the only addition I would recommend is to actually use that $users[] array. I could get into re-writing the PHP so it makes sense, but here is a quick adjustment to your existing code:
<?php
$users = array();
if(isset($_POST['users']) && $_POST['users'] == 'approved'){
$query = "SELECT * FROM tbl_user WHERE type = 3 AND status = 1";
} else if(isset($_POST['users']) && $_POST['users'] == 'unapproved') {
$query = "SELECT * FROM tbl_user WHERE type =3 and status = 0";
} else if (isset($_POST['users']) && $_POST['users'] == 'all') {
$query = "SELECT * FROM tbl_user WHERE type =3";
}
if ($result = $mysqli->query($query)) {
/* fetch associative array */
while ($row = $result->fetch_assoc()) {
$users[] = $row;
}
// # encode your $row array into JSON and echo for JavaScript
echo json_encode($users);
// # free result set
$result->free();
}
?>
While this isn't a complete solution, I hope it points you in the right direction.
A couple things to note - you'll need to adjust your MySQL connection code if you're to use mysqli_ functions. You'll also need to include jQuery (ideally from CDN) for that JavaScript to work (or you could rewrite it to not use a library like jQuery). This should return the results of your query to your JavaScript. The result should be available as "data" in your js. I've added a console.log so you can view the response in your inspector.
Good Luck!
Related
I would like to have a confirmation page where it can show what are the results of an updated form using php.
I have the edit.php form, and I also created an updated.php page, where I want to show the results of the edited rows.
edit.php
<?php
//get ID sent by GET collection
$parentID = $_GET['id'];
ob_start();
include('connection.php');
include('functions.php');
//query the database with client ID
$query = "SELECT * FROM users WHERE id='$parentID'";
$result = mysqli_query( $conn, $query );
//if result is returned
if( mysqli_num_rows($result) > 0 ) {
//we have data
//set some variables
while( $row = mysqli_fetch_assoc($result) ) {
$parentName = $row['p_name'];
$parentEmail = $row['email'];
$studentName = $row['s_name'];
$parentPhone = $row['phone'];
$notes = $row['notes'];
$parentDeposit = $row['deposit'];
$packageNotColl = $row['Package-NotCollected'];
$depositNotColl = $row['deposit-not-collected'];
}
} else {
$alertMessage = "<div class='alert alert-warning'>Nothing to see here.<a href='list.php'>Head back</a></div>";
}
// id update button was submitted
if( isset( $_POST['update'] ) ) {
//set variables
$parentName = validateFormData( $_POST['parentName'] );
$parentEmail = validateFormData( $_POST['parentEmail'] );
$studentName = validateFormData( $_POST['studentName'] );
$parentPhone = validateFormData( $_POST['parentPhone'] );
$notes = validateFormData( $_POST['notes'] );
$parentDeposit = validateFormData( $_POST['parentDeposit'] );
//create new database query result
$query = "UPDATE users
SET p_name = '$parentName',
email = '$parentEmail',
s_name = '$studentName',
phone = '$parentPhone',
notes = '$notes',
deposit = '$parentDeposit'
WHERE id ='$parentID'";
$result = mysqli_query( $conn, $query );
if( $result ) {
//redirect to client page with query string
header("Location: updated.php?alert=updatesuccess");
return $result;
} else {
echo "Error updating record: " . mysqli_error($conn);
}
}
if( isset( $_POST['delete'] ) ) {
$alertMessage = "<div class='alert alert-danger'>
<p>Are you sure you want to delete this profile? This action cannot be undone!</p><br>
<form action='". htmlspecialchars( $_SERVER['PHP_SELF'] ) ."?id=$parentID' method='post'>
<input type='submit' class='btn btn-danger btn-sm' name='confirm-delete' value='Yes, delete!'>
<a type='button' class='btn btn-default btn-sm' data-dismiss='alert'>Maybe not this time.</a>
</form>
</div>";
}
if( isset( $_POST['confirm-delete'] ) ) {
$query = "DELETE FROM users WHERE id='$parentID'";
$result = mysqli_query( $conn, $query );
if($result) {
header("Location: list.php?alert=deleted");
} else {
echo "Error deleting client: " . mysqli_error($conn);
}
}
mysqli_close($conn);
include('header.php');
?>
<h1>Edit Profile</h1>
<?php echo $alertMessage; ?>
<form action="<?php echo htmlspecialchars( $_SERVER['PHP_SELF'] ); ?>?id=<?php echo $parentID; ?>" method="post" class="row">
<div class="form-group col-sm-6">
<label for="parent-name">Parent Name</label>
<input type="text" class="form-control input-lg" id="client-name" name="parentName" value="<?php echo $parentName; ?>">
</div>
<div class="form-group col-sm-6">
<label for="parent-email">Email</label>
<input type="text" class="form-control input-lg" id="client-email" name="parentEmail" value="<?php echo $parentEmail; ?>">
</div>
<div class="form-group col-sm-6">
<label for="student-name">Student Name</label>
<input type="text" class="form-control input-lg" id="student-name" name="studentName" value="<?php echo $studentName; ?>">
</div>
<div class="form-group col-sm-6">
<label for="parent-phone">Phone #</label>
<input type="text" class="form-control input-lg" id="parent-phone" name="parentPhone" value="<?php echo $parentPhone; ?>">
</div><div class="form-group col-sm-6">
<label for="student-name">Notes</label>
<input type="textarea" class="form-control input-lg" id="notes" name="notes" value="<?php echo $notes; ?>">
</div>
<div class="form-group col-sm-6">
<label for="parent-deposit">Deposit</label>
<input type="text" class="form-control input-lg" id="parent-deposit" name="parentDeposit" value="<?php echo $parentDeposit; ?>">
</div>
<hr>
<div class="col-sm-12">
<hr>
<button type="submit" class="btn btn-lg btn-danger pull-left" name="delete">Delete</button>
<div class="pull-right">
Cancel
<button type="submit" class="btn btn-lg btn-success" name="update">Update</button>
<!-- Print -->
</div>
</div>
</form>
<hr>
<div>
<?php if($packageNotColl > 0) { ?>
<div class='col-sm-3 alert alert-danger'>Package not collected 2018: $<?php echo $packageNotColl; ?></div>
<?php } ?>
</div>
<?php
include('footer.php');
?>
updated.php
<?php
//get ID sent by GET collection
$parentID = $_GET['id'];
ob_start();
include('connection.php');
include('functions.php');
//query the database with client ID
$query = "SELECT * FROM users WHERE id='$parentID'";
$result = mysqli_query( $conn, $query );
mysqli_close($conn);
include('header.php');
?>
<table class="table table-striped table-bordered">
<tr>
<th>ID</th>
<th>Parent Name</th>
<th>Email</th>
<th>Student Name</th>
<th>Phone #</th>
<th>Notes</th>
<th>Deposit</th>
<th>Edit</th>
</tr>
<?php
if(isset($_GET['id'])) {
if(mysqli_num_rows($result) > 0) {
//we have data
//output the data
while( $row = mysqli_fetch_assoc($result) ) {
echo "<tr>";
echo "<td>" . $row['id'] . "</td><td>" . $row['p_name'] . "</td><td>" . $row['email'] . "</td><td>" . $row['s_name'] . "</td><td>" . $row['phone'] . "</td><td>" . $row['notes'] . "</td><td>" . $row['deposit'] . "</td>";
echo '<td><span class="glyphicon glyphicon-edit"></span></td>';
echo '</tr>';
}
} else { //if no entries
echo "<div class='alert alert-warning'>You have no clients!</div>";
}
}
?>
<?php
include('footer.php');
?>
The updated.php page shows the table, but does not include any sql query results.
header('Location: ...) returns the uri/url you provide to the browser, which then calls this page. any information your script had, when you called that redirection, is gone, since it's a different request.
Hence, you should add the id to the url you provide. Like
header('Location: /updated.php?id='.$parentID.'&alert=deleted');
However You really should prevent the sql injection that's just waiting to happen. PLEASE read up on how to prevent it, because your script is vulnerable to it. Your script is also vulnerable to XSS. Sanitize ALL externally provided data ($parentID = $_GET['id']; should at the very least be $parentId = intval($_GET['id']) to fight XSS).
I have a modal that will let user choose an equipment then input the quantity.
<div class="container">
<!-- Trigger the modal with a button -->
<button type="button" class="button-1 btn-lg" data-toggle="modal" data-target="#myModal" style="width: 26%; margin:0; height: 40px; font-size: 100%;">Choose Equipment</button>
<!-- MODAL -->
<div class="modal fade" id="myModal" role="dialog">
<div class="modal-dialog">
<!-- MODAL CONTENT-->
<div class="modal-content">
<div class="modal-header">
<p>Choose An Equipment Below</p>
<button type="button" class="close" data-dismiss="modal">×</button>
</div>
<div class="modal-body">
<p>Available Equipments</p>
<div class="form-inline">
<!-- DROPDOWN LIST FROM DATABASE -->
<select id="equipment" name="equipment" class="form-control">
<option selected="" disabled="">Select Equipment</option>
<?php
$sql = mysqli_query($conn, "SELECT resource_name From resources WHERE resource_type = 'EQUIPMENT';");
$row = mysqli_num_rows($sql);
while ($row = mysqli_fetch_array($sql)){
echo "<option name = 'equipment' value ='". $row['resource_name'] ."'>" .$row['resource_name'] ."</option>" ;
}
?>
</select>
<br><br>
<input type="text" id="qnty-1" class="form-control" placeholder="Quantity" name="quantity" style="width:24%; margin-left: 50px;"><br/>
<br/><br/>
</div>
</div>
<div class="modal-footer">
<input class="submit-3" id="addToTable" type="submit" value="Submit" name="submit-2" onclick="passValue1(); trigData()" data-dismiss="modal" />
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
</div>
When submitted, the modal will disappear and the data that has been selected will display on the table. I can insert the first selected data to the database but if I choose 2 different data or same data, It will just insert one on the database. Is there a way I can insert all selected data to the database?
<div class="b-form-outline">
<h1>Equipment Borrowing Form</h1>
<div class="borrow-list-area">
<table class="container-2" id="container-2">
<thead>
<tr>
<style>
th,
td {
text-align: center;
}
</style>
<th>Equipment</th>
<th>Quantity</th>
<th hidden>Serial No.</th>
</tr>
</thead>
<tbody></tbody>
</table>
</div>
<script>
function passValue1() {
document.getElementById("quantity").innerHTML =
document.getElementById("qnty-1").value;
}
$('#addToTable').click(function() {
var eqpmnt = $('#equipment').val(),
qnt = $('#qnty-1').val();
$('table tbody').append('<tr><td>' + eqpmnt + '</td><td>' + qnt + '</td>
</tr>');
});
I've tried this insert code but again, it will only insert one row of data from the table. If anyone can please help me. Thanks a lot!
<?php
include('dbconnector.php');
$id_num = $_POST['idnumber'];
$s_date = $_POST['startdate'];
$e_date = $_POST['enddate'];
$s_time = $_POST['starttime'];
$e_time = $_POST['endtime'];
$prpse = $_POST['purpose'];
$equipment = $_POST['equipment'];
$qnty = $_POST['quantity'];
$subj = $_POST['subject'];
$onCamp = isset($_POST['check-1']) ? $_POST['check-1'] : "Off-Campus";
// CREATES A NEW TRANSACTION THAT WAS SUBMITTED USING THE BORROW FOWM
$query = "SELECT * FROM resources;"; // ACCESS TABLE RESOURCES
$con = mysqli_query($conn, $query);
if ($con->num_rows > 0){
while($row = mysqli_fetch_array($con)){
$rsname = $row['resource_name'];
if (strcmp($equipment, $rsname) == 0) {
$sql = "INSERT INTO transactions (id_number, start_date, end_date, start_time, end_time, purpose, quantity, subject, use_place) VALUES ('$id_num', '$s_date', '$e_date', '$s_time', '$e_time', '$prpse', '$qnty', '$subj', '$onCamp');";
}
}
}
if (!mysqli_query($conn,$sql)) {
$message = "Error Sending Form";
echo "<script type='text/javascript'>alert('$message');</script>";
}
else {
header("refresh: 1; url=borrow.php");
}
?>
Adjusted for #Jon Stirling
$query = "SELECT * FROM resources;"; // ACCESS TABLE RESOURCES
$con = mysqli_query($conn, $query);
if ($con->num_rows > 0){
while($row = mysqli_fetch_array($con)){
$rsname = $row['resource_name'];
if (strcmp($equipment, $rsname) == 0) {
$sql = "INSERT INTO transactions (id_number, start_date, end_date, start_time, end_time, purpose, quantity, subject, use_place) VALUES ('$id_num', '$s_date', '$e_date', '$s_time', '$e_time', '$prpse', '$qnty', '$subj', '$onCamp');";
if (!mysqli_query($conn,$sql)) {
$message = "Error Sending Form";
echo "<script type='text/javascript'>alert('$message');</script>";
}
else {
header("refresh: 1; url=borrow.php");
}
}
}
}
I have a standard form with a drop down list of customers, using ajax when a customer is selected it calls the load-customers.php page and changes the form fields entirely based on customer_id whilst filling it with the relevant information.
One of these fields is another drop drown called address_id which again allows the user to select from multiple addresses already defined for the selected customer.
The issue is, address_id is not being passed to $_POST on submit, to be fair none of the other fields are either... but the other fields are just placeholders and i only care about the customer_id and address_id.
How do i get around this? This is the only bit of ajax I've ever used.
ajax:
function getCustomer(val) {
$.ajax({
type: "POST",
url: "load-customers.php",
data:'id='+val,
success: function(data){
$("#customer").html(data);
}
});
}
customer:
<div class='form-group row'>
<label class='col-md-4 control-label'>Quick Select</label>
<div class='col-md-8 selectContainer'>
<div class='input-group'>
<span class='input-group-addon'><i class=''></i></span>
<select name='Customer_ID' class='form-control selectpicker' id='Customer_ID'
onChange="getCustomer(this.value);">
<option value='0'>Please create a new Customer</option>
<?php
$sell_type = "Trade";
$getcustomer = $conn->prepare("SELECT * FROM customers WHERE type = :type");
$getcustomer->bindParam(':type', $sell_type);
$getcustomer->execute();
foreach ($getcustomer->fetchAll(PDO::FETCH_ASSOC) as $row) {
$customer_id = $row['id'];
$customer_name = $row['name'];
$customer_company = $row['company'];
if (!empty($customer_company)) {
$customer = $customer_company;
} else {
$customer = $customer_companyname;
}
echo "<option value='$customer_id'>$customer</option> ";
}
?>
</select>
</div>
</div>
</div>
<div id='address'>
// address results go here
</div>
address:
<div class='form-group row'>
<label class='col-md-4 control-label'>Postcode</label>
<div class='col-md-8 selectContainer'>
<div class='input-group'>
<span class='input-group-addon'><i class=''></i></span>
<select id='address_id' class='form-control selectpicker' name='address_id' >
";
$getaddresses = $conn->prepare("SELECT * FROM addresses WHERE customer_id = :id");
$getaddresses->bindParam(':id', $customer_id);
$getaddresses->execute();
foreach ($getaddresses->fetchAll(PDO::FETCH_ASSOC) as $row) {
$address_id = $row['id'];
$postcode = $row['postcode'];
$areacode = $row['areacode'];
echo "
<option value='$address_id'>$postcode</option>
";
}
echo "
</select>
</div>
</div>
</div>
The form itself is quite large but the header is:
<form class="form-horizontal justify-content-center" action="new.php" method="post" id="form">
and submitted with:
<button type="submit" class="btn btn-primary mb-2">Submit</button>
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I have mysql table storing company id, opening/closing hours for days of week and status (closed/open). Made form with fields and updating function. It looks like this. Works, but i believe it can be optimised. Can you suggest how?
FORM:
<form role="form" method="post" action="" autocomplete="off">
<div class="box-body">
<div class="row">
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Day</div></div>
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Status</div></div>
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Opening</div></div>
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Closing</div></div>
</div>
<?php while ($h = dbarray($get_hours)) { ?>
<input type="text" name="day" value="<?php echo $h['day_day']; ?>">
<?php
// FORM VALUES
if ($h['day_status'] == 1) {
$status_o = "checked";
$status_c = "";
}
if ($h['day_status'] == 0) {
$status_o = "";
$status_c = "checked";
}
?>
<div class="row">
<div class="col-sm-3">
<h4><?php echo $l['day_'.$h[day_day]]; ?></h4>
</div>
<div class="col-sm-3">
<div class="input-group">
<div class="checkbox">
<label><input type="radio" name="status_<?php echo $h['day_day']; ?>" value="1" <?php echo $status_o; ?>> Dirbame</label>
<label><input type="radio" name="status_<?php echo $h['day_day']; ?>" value="0" <?php echo $status_c; ?>> Uždaryta</label>
</div>
</div>
</div>
<div class="col-sm-3">
<div class="form-group">
<input type="text" name="open_<?php echo $h['day_day']; ?>" class="form-control <?php if ($h['day_status'] == 0) { echo "bg-gray"; } ?>" value="<?php echo $h['day_open']; ?>">
</div>
</div>
<div class="col-sm-3">
<div class="form-group">
<input type="text" name="close_<?php echo $h['day_day']; ?>" class="form-control <?php if ($h['day_status'] == 0) { echo "bg-gray"; } ?>" value="<?php echo $h['day_close']; ?>">
</div>
</div>
</div>
<hr style="margin: 3px 0;">
<?php } ?>
</div>
<div class="box-footer">
<button type="submit" name="save" class="btn btn-success pull-right">Save</button>
</div>
</form>
UPDATING PHP:
<?php
if (isset($_POST['save'])) {
// VALUES
$mon_status = stripinput(descript($_POST['status_1'])); $mon_open = stripinput(descript($_POST['open_1'])); $mon_close = stripinput(descript($_POST['close_1']));
$tue_status = stripinput(descript($_POST['status_2'])); $tue_open = stripinput(descript($_POST['open_2'])); $tue_close = stripinput(descript($_POST['close_2']));
$wed_status = stripinput(descript($_POST['status_3'])); $wed_open = stripinput(descript($_POST['open_3'])); $wed_close = stripinput(descript($_POST['close_3']));
$thu_status = stripinput(descript($_POST['status_4'])); $thu_open = stripinput(descript($_POST['open_4'])); $thu_close = stripinput(descript($_POST['close_4']));
$fri_status = stripinput(descript($_POST['status_5'])); $fri_open = stripinput(descript($_POST['open_5'])); $fri_close = stripinput(descript($_POST['close_5']));
$sat_status = stripinput(descript($_POST['status_6'])); $sat_open = stripinput(descript($_POST['open_6'])); $sat_close = stripinput(descript($_POST['close_6']));
$sun_status = stripinput(descript($_POST['status_7'])); $sun_open = stripinput(descript($_POST['open_7'])); $sun_close = stripinput(descript($_POST['close_7']));
// UPDATE
$result1 = dbquery("UPDATE a_days SET day_status='".$mon_status."', day_open='".$mon_open."', day_close='".$mon_close."' WHERE day_day=1");
$result2 = dbquery("UPDATE a_days SET day_status='".$tue_status."', day_open='".$tue_open."', day_close='".$tue_close."' WHERE day_day=2");
$result3 = dbquery("UPDATE a_days SET day_status='".$wed_status."', day_open='".$wed_open."', day_close='".$wed_close."' WHERE day_day=3");
$result4 = dbquery("UPDATE a_days SET day_status='".$thu_status."', day_open='".$thu_open."', day_close='".$thu_close."' WHERE day_day=4");
$result5 = dbquery("UPDATE a_days SET day_status='".$fri_status."', day_open='".$fri_open."', day_close='".$fri_close."' WHERE day_day=5");
$result6 = dbquery("UPDATE a_days SET day_status='".$sat_status."', day_open='".$sat_open."', day_close='".$sat_close."' WHERE day_day=6");
$result7 = dbquery("UPDATE a_days SET day_status='".$sun_status."', day_open='".$sun_open."', day_close='".$sun_close."' WHERE day_day=7");
}
?>
Loop over the numeric suffixes of the field names.
$results = array();
foreach (range(1, 7) AS $daynum) {
$status = stripinput(descript($_POST['status_' . $daynum]));
$open = stripinput(descript($_POST['open_' . $daynum]));
$close = stripinput(descript($_POST['close_' . $daynum]));
$results[$daynum] = dbquery("UPDATE a_days SET day_status='".$status."', day_open='".$open."', day_close='".$close."' WHERE day_day='.$daynum);
}
I'm trying to make a paginating blog using PHP, HTML, and MySQL. I wrote the code but for some reason the webpage shows up blank. What's wrong with my code? Chrome's console returns a 500 internal server error.
<div id="article">
<?php
include 'php/mysql_connect.php';
if(empty($_GET)){
$current_id = SELECT max(id) FROM posts;
}
else{
$current_id = mysql_safe_string($_GET['id']);
}
$result = mysql_safe_query('SELECT * FROM posts WHERE id=%s LIMIT 1',$current_id);
if(!mysql_num_rows($result)){
echo '<h2>No Posts Found</h2>';
exit;
}
$row = mysql_fetch_assoc($result)
echo '<h2>'.$row['title'].'</h2>';
echo '<div class="row">';
echo ' <div class="group1 col-sm-6 col-md-6">';
echo ' <span class="glyphicon glyphicon-pencil"></span><a data-toggle="collapse" data-target="#comments" class"collapsed">'.$row['num_comments'].' Comments </a>';
echo ' <span class="glyphicon glyphicon-time"></span>'.date('F j<\s\up>S</\s\up>, Y', $row['date']);
echo ' </div>';
echo '</div>';
echo '<br />';
echo '<p class="lead">'.n12br($row['body']).'</p>';
?>
<div id="comments" class="collapse" >
<div class="well">
<h4>Leave a comment</h4>
<?php echo '<form role="form" method="post" action="php/comment_add.php?id=($current_id)" class="clearfix">'; ?>
<div class="col-md-6 form-group">
<label class="sr-only" for="name">Name</label>
<input type="text" class="form-control" id="name" placeholder="Name" required />
</div>
<div class="col-md-6 form-group">
<label class="sr-only" for="email">Email</label>
<input type="email" class="form-control" id="email" placeholder="Email" required />
</div>
<div class="col-md-12 form-group">
<label class="sr-only" for="content">Comment</label>
<textarea class="form-control" id="content" placeholder="Comment" required></textarea>
</div>
<div class="col-md-12 form-group text-right">
<button type="submit" class="btn btn-primary">Submit</button>
</div>
</form>
</div>
<br>
<?php
$result = mysql_safe_query('SELECT * FROM comments WHERE post_id=%s ORDER BY date ASC',$current_id);
echo ' <ul id="comments" class="comments">';
while($row = mysql_fetch_assoc($result)){
echo ' <li class="comment">';
echo ' <div id="inline" ><h4 style="display:inline;">'.$row['name'].'</h1><sup><p style="display:inline; font-size:10px;"> '.date('j-M-Y g:ia', $row['date']).'</p></sup></div>';
echo ' <em>'.n12br($row['content']).'</em>';
echo ' </li>';
echo ' </ul>';
}
?>
<hr>
</div>
</div>
<nav>
<ul class="pager">
<?php
$newer_id = IFNULL(mysql_safe_query('SELECT min(id) FROM posts WHERE id > $current_id ORDER BY id ASC LIMIT 1'),-1);
$older_id = IFNULL (mysql_safe_query('SELECT max(id) FROM posts WHERE id < $current_id ORDER BY id ASC LIMIT 1'),-1);
if($newer_id != -1){
echo '<li>Newer</li>';
}
if ($older_id != -1){
echo '<li>Older</li>';
}
?>
</ul>
</nav>
This is php/mysql_connect.php, which is supposed to prevent sql injection (i got this from a tutorial):
<?php
// mysql.php
function mysql_safe_string($value) {
$value = trim($value);
if(empty($value)) return 'NULL';
elseif(is_numeric($value)) return $value;
else return "'".mysql_real_escape_string($value)."'";
}
function mysql_safe_query($query) {
$args = array_slice(func_get_args(),1);
$args = array_map('mysql_safe_string',$args);
return mysql_query(vsprintf($query,$args));
}
function redirect($uri) {
header('location:'.$uri);
exit;
}
mysql_connect('localhost','(username)','(password)');
mysql_select_db('(database)');
From the logs I locate the failure which is:
Syntax error, unexpected 'max' (T_STRING) on line 6 (if(empty($_GET)){$current_id = SELECT max(id) FROM posts})
As other pointed out (and it should be immediately clear by the syntax error you are facing), your $current_id query is not being quoted. A good beginning is to fix the first block as such:
if(empty($_GET)) {
$current_id = "SELECT max(id) FROM posts;";
} else {
$current_id = mysql_safe_string($_GET['id']);
}
if(empty($_GET)){
$current_id = SELECT max(id) FROM posts;
}
no quotes around the sql is a mistake.
If your file is myfile.html and you don't have permission for embedded PHP it will not execute on the server.