PHP MySQL - Check if a specifc column was updated

PHP MySQL - Check if a specifc column was updated - php

I am trying to see the best approach for this scenario - i want to send an email alert whenever a user updates a specific column. The column name is rep. If the rep column isnt updated, do not send an email.
Here's my attempt:
<?php
include_once("connection.php");
if(isset($_POST['update'])) {
$id = mysqli_real_escape_string($mysqli, $_POST['record_update']);
$record_update = mysqli_real_escape_string($mysqli, $_POST['record_update']);
$comment = mysqli_real_escape_string($mysqli, $_POST['comment']);
$status = mysqli_real_escape_string($mysqli, $_POST['status']);
$rt = mysqli_real_escape_string($mysqli, $_POST['rt']);
$reason = mysqli_real_escape_string($mysqli, $_POST['reason']);
$username = mysqli_real_escape_string($mysqli, $_POST['username']);
$rep = mysqli_real_escape_string($mysqli, $_POST['rep']);
if(empty($record_update) ) {
if(empty($record_update)) {
echo "<script type='text/javascript'>alert('Date/Time field is blank.');window.location.href='dashboard.php';</script>";
}
} else {
$result = mysqli_query($mysqli, "UPDATE employee SET record_update='$record_update', comment='$comment', status='$status', rt='$rt', reason='$reason', username='$username', rep='$rep' WHERE id='$id'");
if($rep->(success() == true)) {
//do email
}
}
?>
so would it look like this?
<?php
include_once("connection.php");
if(isset($_POST['update'])) {
$id = mysqli_real_escape_string($mysqli, $_POST['record_update']);
$record_update = mysqli_real_escape_string($mysqli, $_POST['record_update']);
$comment = mysqli_real_escape_string($mysqli, $_POST['comment']);
$status = mysqli_real_escape_string($mysqli, $_POST['status']);
$rt = mysqli_real_escape_string($mysqli, $_POST['rt']);
$reason = mysqli_real_escape_string($mysqli, $_POST['reason']);
$username = mysqli_real_escape_string($mysqli, $_POST['username']);
$rep = mysqli_real_escape_string($mysqli, $_POST['rep']);
if(empty($record_update) ) {
if(empty($record_update)) {
echo "<script type='text/javascript'>alert('Date/Time field is blank.');window.location.href='dashboard.php';</script>";
}
} else {
$query = mysqli_query($mysqli, "SELECT rep FROM employee WHERE id='$id'");
$row = $query->fetch_assoc()[0];
if($row['rep'] != $_POST['rep']) {
//do nothing
} else {
//do email
}
$result = mysqli_query($mysqli, "UPDATE employee SET record_update='$record_update', comment='$comment', status='$status', rt='$rt', reason='$reason', username='$username', rep='$rep' WHERE id='$id'");
}
?>

Select the current value, and compare it to the inserted value, if it's different it needs to be updated?
$query = mysqli_query($mysqli, "SELECT rep FROM employee WHERE id='$id'");
$row = $query->fetch_assoc()[0];
if($row['rep'] != $_POST['rep'])
$record_update = true;

This might not be the best answer but I like to suggest that you capture the date and time of the first insert and then the update record them in a table columns and the compare the time or both when an update happens to the same data row.
$query = mysqli_query($mysqli, "SELECT time, date FROM employee WHERE id='$id'");
$row = $query->fetch_assoc()[0];
if($row['time'] > $_POST['time'] || $row['date'] > $_POST['date'])
$record_update = true;

Related

Inserting data in diferent tables

Im trying to add data to diferent tables in MySQL, but at the moment of run my code, it shows me a error is it "Fatal error: Uncaught Error: Call to a member function query()", is the firs time that y use the query function so I don't know whats going wrong.
<?php
session_start();
$_SESSION['ID_user'];
$id = $_SESSION['ID_user'];
$name = $_POST['name'];
$company = $_POST['company'];
$password = $_POST['password'];
$password = password_hash($password, PASSWORD_DEFAULT);
if($name == "" && $password == "" && $company == "" ){
return false;
}
else {
require './conectar.php';
$resultset = $conn->prepare("SELECT * FROM user WHERE ID_user = '$id' LIMIT 1");
$resultset->execute();
$resultkey = $resultset->fetch();
if($resultkey !== false) {
$update = "UPDATE user SET Name_user='$name', password='$password' WHERE ID_user = '$id' LIMIT 1";
$up = $conn->prepare($update);
$up->bindParam(':name', $_POST['name'], FILTER_SANITIZE_SPECIAL_CHARS);
$up->execute();
$result = $up->fetch();
$_SESSION['Name_user'] = $result['name'];
$lastid = $conn->query("SELECT last_insert_id()")->fetch();
$insert = "INSERT INTO rel_company_user (ID_user) VALUES ('$id')";
$in = $conn->prepare($insert);
$in->execute();
$insert = "INSERT INTO company (Name_company) VALUES ('$company')";
$in = $conn->prepare($insert);
$in->execute();
$update = "UPDATE rel_company_user SET ID_company='$lastid' WHERE ID_user = '$id' LIMIT 1";
$up = $conn->prepare($update);
$up->execute();
}
}
header('Location: http://seth.com/dashboard?ftime=1');
/* Pedir el id y actualizarlo */
?>

You should use parameters in all your queries. And you can't use bindParam() if you didn't put a placeholder in the query.
FILTER_SANITIZE_SPECIAL_CHARS is not a valid argument to bindParam(). The third argument is an optional data type.
You never set $thelast anywhere, that should be $conn.
If $id is already assigned, you can't use LAST_INSERT_ID() to get ID_user. Just insert that value into the user table.
You don't need to perform a query to get the last insert ID. Just use LAST_INSERT_ID() in the VALUES list of the next INSERT query.
You can't fetch the results of an UPDATE query.
You can't get the last insert ID if you haven't done an insert. The UPDATE user query should be INSERT INTO user.
In several places you assigned the SQL to $insert, but then did $conn->prepare($update).
<?php
session_start();
$id = $_SESSION['ID_user'];
$name = $_POST['name'];
$company = $_POST['company'];
$password = $_POST['password'];
$password = password_hash($password, PASSWORD_DEFAULT);
if($name == "" && $password == "" && $company == "" ){
return false;
}
else {
require './conectar.php';
$resultset = $conn->prepare("SELECT * FROM user WHERE ID_user = :id LIMIT 1");
$resultset->bindParam(':id', $id);
$resultset->execute();
$resultkey = $resultset->fetch();
if($resultkey !== false) {
$update = "INSERT INTO user (ID_user, Name_user, password) VALUES (:id, :name, :password)";
$up = $conn->prepare($update);
$up->bindParam(':id', $id);
$up->bindParam(':name', $name);
$up->bindParam(':password', $password);
$up->execute();
$result = $up->fetch();
$_SESSION['Name_user'] = $name;
$insert = "INSERT INTO rel_company_user (ID_user) VALUES (:id)";
$in = $conn->prepare($insert);
$in->bindParam(':id', $id);
$in->execute();
$insert = "INSERT INTO company (Name_company) VALUES (:company)";
$in = $conn->prepare($insert);
$in->bindParam(':company', $company);
$in->execute();
$update = "INSERT INTO rel_company_user (ID_company, ID_user) VALUES (LAST_INSERT_ID(), :id)";
$up = $conn->prepare($update);
$up->bindParam(':id', $id);
$up->execute();
}
}
header('Location: http://seth.com/dashboard?ftime=1');
/* Pedir el id y actualizarlo */
?>

Getting the ID of the other user along with its information inside database,

I am having a problem on how to get the id of the selected user along with it's information while I am logged in as an another user, using mysql, the two tables is innerjoined with each other I just dont know how to get the ID of other user, and passing it on other database
if(isset($_POST['send']))
{
$query = "SELECT * FROM tblmessage INNER JOIN tblusers ON tblmessage.userid=tblusers.userid";
$res = mysqli_query($con,$query);
while ($row = mysqli_fetch_assoc($res))
{
$receiverID = $row['userid'];
}
$sender = $_SESSION['Email'];
$receiver = $_POST['email'];
$message = $_POST['textmessages'];
$date = date("Y-m-d h:i:sa");
$q = 'INSERT INTO `tblmessage`(`id`,`sender_name`,`receiver_name`,`receiver_id`,`message_text`,`date_time`,`userid`)
VALUES("","'.$sender.'","'.$receiver.'","'.$receiverID.'","'.$message.'","'.$date.'","'.$user_id.'")';
$r = mysqli_query($con, $q);
if($r)
{
echo"<script>alert('Message Sent')</script>
<script>window.location.href='messages.php?id=$receiverID';</script>";
}
else
{
echo $q;
}
}

Update query in php doesn't update

When I tried to update some data in my library management system, the data doesn't update. It just keep on saving the same data. Here's the code:
if(isset($_POST['submit'])){
$postID = #$_POST['stud_id'];
$getID = #$_GET['stud_id'];
$postFullName = $_POST['fullname'];
$postEmail = $_POST['email'];
$postContact = $_POST['contact'];
$postSection =$_POST ['section'];
$postUsername = $_POST['username'];
$postPassword = $_POST['password'];
$postType = $_POST['type'];
$postStatus = $_POST['status'];
$rs3 = $db->query("SELECT * FROM users WHERE stud_id = '$postID' ");
$check = $rs3->num_rows;
if ($check > 0)
{
if ($action == "edit")
{
$edit = $db -> query("UPDATE users SET stud_id='$postID', fullname = '$postFullName', email = '$postEmail' , contact = '$postContact', section = '$postSection',username = '$postUsername',password = '$postPassword',type = '$postType', status = '$postStatus' WHERE user_id = '$postID' ");
echo "Record Updated.";
}
else
{
$edit = $db -> query("UPDATE users SET stud_id='$postID', fullname = '$postFullName', email = '$postEmail' , contact = '$postContact', section = '$postSection',username = '$postUsername',password = '$postPassword',type = '$postType', status = '$postStatus' WHERE user_id = '$postID' ");
echo "Record Updated.";
}
}

Mysql UPDATE needs one more refresh to display values

I am trying to update database using form. Here is the php code
require 'connect.php';
include_once('header.php');
if (isset($_GET['id']) && is_numeric($_GET['id'])){
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
if(isset($_REQUEST['value1'])){
$value1 = $_REQUEST['value1'];
$value2 = $_REQUEST['value2'];
$value3 = $_REQUEST['value3'];
$update = mysql_query("UPDATE `table` SET `value1` = $value1, `value2` = $value2 WHERE `id` = $id");
if($update){
$msg = "<div class=\"alert alert-success\">Server UPDATED Successfully.</div>";
}else{
$msg ="<div class=\"alert alert-danger\">Failed to Update server!</div>";
}
It is working perfectly and updating the database. But once it shows "Server updated successfully." Below, it still shows old values in form.
How do i make the page or values reload after successful update?
}

Order of operations should be
update
select
show
so you put the update part first (taking care to prevent sql injection):
require 'connect.php';
include_once('header.php');
$id = (integer) #$_GET['id'];
if (! empty($id)) {
if (isset($_REQUEST['value1'])) {
$value1 = mysql_real_escape_string($_REQUEST['value1']);
$value2 = mysql_real_escape_string($_REQUEST['value2']);
$value3 = mysql_real_escape_string($_REQUEST['value3']);
$update = mysql_query("UPDATE `table` SET `value1` = '$value1', `value2` = '$value2' WHERE `id` = $id");
if ($update) {
$msg = "<div class=\"alert alert-success\">Server UPDATED Successfully.</div>";
} else {
$msg ="<div class=\"alert alert-danger\">Failed to Update server!</div>";
}
}
now you can do your select:
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
}
now you can show your page:

Check below code
require 'connect.php';
include_once('header.php');
if (isset($_GET['id']) && is_numeric($_GET['id'])){
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
if(isset($_REQUEST['value1'])){
$value1 = $_REQUEST['value1'];
$value2 = $_REQUEST['value2'];
$value3 = $_REQUEST['value3'];
$update = mysql_query("UPDATE `table` SET `value1` = $value1, `value2` = $value2 WHERE `id` = $id");
if($update){
$result = mysql_query("SELECT * FROM table WHERE id=$id");
$get = mysql_fetch_assoc($result);
$msg = "<div class=\"alert alert-success\">Server UPDATED Successfully.</div>";
}else{
$msg ="<div class=\"alert alert-danger\">Failed to Update server!</div>";
}

Updating User Information using SQL query

Updated code, after information is typed in and the submit button clicked to run this code, it goes back to the account page but doesnt update the database:
<font face="ClearSans-Thin">
<font color="lightgray">
<?php
include 'editaccount.php';
include 'connection.php';
?>
<center>
<?php
if (isset($_POST['uregsubmit'])) {
$firstname = $_POST['ufirstname'];
$lastname = $_POST['ulastname'];
$email = $_POST['uemail'];
$dob = $_POST['udob'];
$user = $_POST['uregisterusername'];
$pass = $_POST['uregisterpassword'];
}
//the query
$query = "UPDATE Users SET FirstName='$firstname', LastName='$lastname' WHERE Username='$user'";
//execute the query
$result = mysqli_query($connection, $query)
or die("Error: ".mysqli_error($connection));
//check and see if any data returned
?>
</center>

Write sql query inside if statement
<?php
if (isset($_POST['uregsubmit'])) {
$firstname = $_POST['ufirstname'];
$lastname = $_POST['ulastname'];
$email = $_POST['uemail'];
$dob = $_POST['udob'];
$user = $_POST['uregisterusername'];
$pass = $_POST['uregisterpassword'];
//the query
$query = "UPDATE Users SET FirstName='$firstname', LastName='$lastname' WHERE Username='$user'";
//execute the query
$result = mysqli_query($connection, $query)
or die("Error: ".mysqli_error($connection));
//check and see if any data returned
}
?>

you have an extra comma before WHERE

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.

PHP MySQL - Check if a specifc column was updated - php

Select the current value, and compare it to the inserted value, if it's different it needs to be updated? $query = mysqli_query($mysqli, "SELECT rep FROM employee WHERE id='$id'"); $row = $query->fetch_assoc()[0]; if($row['rep'] != $_POST['rep']) $record_update = true;

Related

Inserting data in diferent tables

Getting the ID of the other user along with its information inside database,

Update query in php doesn't update

Mysql UPDATE needs one more refresh to display values

Updating User Information using SQL query

Categories

Resources