I am trying to delete row from table.
Table name is username of user (which user logged in )
delete page is here
require('db.php');
if(isset($_POST["deletebtn"])){
$x = $_SESSION['username'];
$id=$_POST["statusid"];
$row=$conn->query("select id from $x where id='$id'");
if ($conn->query($row) === TRUE) {
$sql = "delete from $x where id ='$id'";
// echo 'success';
header( "Refresh:3; url=admin2.php", true, 303);
}else{
echo "not";
}
}
and here is my content code
$sql = "SELECT id,date,status FROM $x order by id DESC;";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$id = $row['id'];
echo "<div class='border'> ";
echo "";
echo "<form action='deletepage.php?action=$id'>";
echo "<input type='hidden' name='statusid' value='$id' >";
echo "<p> " . $row["status"] ."</p><br>";
echo "<input type='submit' value='delete' class='btn1 pull-right' name='deletebtn'> ";
echo "<a class=' btn1 pull-right' href='#'>edit </a>";
echo "<small> " . $row["date"]. "</small><br>";
echo "</form>";
echo "</div>";
}
} else {............}
You are not executing query on the sql
$sql = "delete from $x where id ='$id'";
Execute it like
$del= $conn->query($sql);
After the query
You forgot to execute query
require'db.php';
if(isset($_POST["deletebtn"])){
$x = $_SESSION['username'];
$id=$_POST["statusid"];
$row="select id from $x where id='$id'"; //<---remove query execution from here
if ($conn->query($row) === TRUE) {
$sql = "delete from $x where id ='$id'";
$conn->query($sql); //<-------- Add this line
// echo 'success';
header( "Refresh:3; url=admin2.php", true, 303);
}else{
echo "not";
}
}
There are several problems with your code.
there is no query execute for delete query.(which you may be solved later)
in your while loop you put $conn->query ($row) which is wrong. $row is not a query... It is the result set return from previous query.
and lastly $conn->query does not return true in SELECT, SHOW, DESCRIBE or EXPLAIN query. Check php manual
Change this
$sql = "delete from $x where id ='$id
To$sql = "delete from $table where id ='$sessionid'
Related
I have cleaned my code a little to have the following as my form. But I'm having trouble sending the data and Updating from the new update.php. The form works ok retrieving the data and displaying it. But on submission I get the ok update message but the record isn't changed in the database any ideas.
index.php
<?php
include 'connectdb.php';
// include 'query.php';
$sql = "SELECT id, WeightorMeasure FROM weightsmeasures";
$result = $conn->query($sql)
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<form action=\"update.php\"method=\"post\">";
echo "<input type=\"text\" name=\"id\" value = ".$row["id"].">";
echo "<input type=\"text\" name=\"WeightorMeasure\" value = ".$row["WeightorMeasure"] .">";
echo "<input type=\"submit\" value=\" Submit \" name=\"Update\">";
}
echo "</form>";
} else {
echo "0 results";
}
$conn->close();
?>
update.php
<?php
include 'connectdb.php';
$wm = $_POST['id'];
$id = $_POST['WeightorMeasure'];
$sql = "UPDATE weightsmeasures SET WeightorMeasure='$wm' WHERE id='$id'";
if (mysqli_query($conn, $sql)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
$conn->close();
?>
Have changed to Below and now get this error.
Error updating record: Unknown column 'sdada' in 'field list'. So it looks like its trying to use the form value $wm as a column header in the table rather than the input value.
$wm = $_POST['WeightorMeasure'];
$id = $_POST['id'];
$sql = "UPDATE weightsmeasures SET WeightorMeasure=$wm WHERE id=$id";
$wm = $_POST['id'];
$id = $_POST['WeightorMeasure'];
Maybe you have these the wrong way round? :D
$wm = $_POST['WeightorMeasure'];
$id = $_POST['id'];
By the way your query is vuln to MySQL injection, please consider using prepared statements
You realize that you switched your ID and WeightOrMeasure in the variable assignments from your $_POST data?
This results in an update query that can't find the ID but does not run into a problem. Thus telling you that the operation was successful
I figure out following possible problem in your code.
mysqli_query($conn, $sql); //should be $conn->query($sql);
and this line
$wm = $_POST['id']; //$_POST['WeightorMeasure'];
$id = $_POST['WeightorMeasure'];//$_POST['id'];
the order is wrong. I hope you already have $conn object created in dpconnect.php file.
Ok found the problem was a mixture of the above having $_POST["WeightorMeasure"]; and $_POST["id"]; mixed up but the most important factor was that the table I was posting from contained Multiple Rows and on _POST to update.php it didn't know what to do with all the different rows as the SQL was only dealing with one row. Once I sent single rows through the post it worked fine. Now to learn and add prepared statements as suggested.
update.php
<?php
include 'connectdb.php';
$wm = $_POST["WeightorMeasure"];
$id = $_POST["id"];
echo $wm . "<br>";
echo $id . "<br";
$sql = "UPDATE weightsmeasures SET WeightorMeasure=\"$wm\", id=
$idWHERE id= $id";
if (mysqli_query($conn, $sql)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
$conn->close();
?>
Manual single entry.
index.php
<?php
include 'connectdb.php';
// include 'query.php';
$sql = "SELECT id, WeightorMeasure FROM weightsmeasures WHERE id=11";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<form action=\"update.php\"method=\"post\">";
echo "<input type=\"text\" name=\"id\" value = ".$row["id"].">";
echo "<input type=\"text\" name=\"WeightorMeasure\" value = ".$row["WeightorMeasure"].">";
echo "<input type=\"submit\" value=\" Submit \" name=\"Update\">";
}
echo "</form>";
} else {
echo "0 results";
}
$conn->close();
?>
Hi I am trying to do a Registration that the users will put their name password and their answers to some questions and then an admin will manually answer to it if it's accepted.I did the system that loads their name password and answers in the database,and I also ran the things that will show the answers to the admin,but I can't figure a way to change a value just for one user not for all of them,I will leave you my codes and everything over here.
Here is my admin.viewapplications.php code
(Here,it shows everything fine,but I can't figure a way that the button to act just for one id not for all)
<?php
//include(__DIR__ . "/signup.php");
include("../resources/config.php");
//$name = $_POST['Name'];
//$mg = $_POST['MG'];
//$pg = $_POST['PG'];
//$rk = $_POST['RK'];
$sql = "SELECT id, name, tutorial, MG, PG, RK FROM rp_users WHERE tutorial = 2";
//$tutorial = "SELECT tutorial FROM rp_users";
$result = mysql_query($sql);
//$result2 = mysql_query($tutorial);
//$value = mysql_fetch_object($result2)
/*if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}*/
//if($value > 1)
//
while($row = mysql_fetch_array($result))
{
//$tutorial = row["tutorial"];
//f($tutorial == 2)
//}
$id = $row["id"];
$name = $row["name"];
$mg = $row["MG"];
$pg = $row["PG"];
$rk = $row["RK"];
echo "ID: " . $id."<br> <br>";
echo "Nume: " . $name."<br> <br>";
echo "MG: " . $mg."<br> <br>";
echo "PG: " . $pg."<br> <br>";
echo "RK: " . $rk."<br> <br>";
echo '<form action="./?p=applicationaccept" method="POST">';
echo '<input type="submit" name="accept" value="Accepta">';
echo '</form><br>';
echo '<form action="./?p=applicationdeny" method="POST">';
echo '<input type="submit" name="deny" value="Respinge">';
echo '</form><br> <br> <br>';
}
//}
//
?>
And here is my applicationaccept.php
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $id;
$sql = "UPDATE rp_users SET tutorial=0";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
/*while($row = mysql_fetch_array($result))
{
}*/
?>
I think what you want to do is a simple UPDATE to your MySQL database..
but make sure you format the PHP code you're using otherwise it'll give you an ERROR!
Also you have to use 'mysqli' now in PHP!
<?php
$someID = '1';
$sql = "UPDATE `rp_users` SET `tutorial`= '0' WHERE `id` = $someID";
$result = mysqli_query($link, $sql);
if($result)
{
echo "Success";
}
else
{
echo ("Error");
}
?>
BTW I forgot to mntion the '$link' is the connection to your database!
As of my understanding of your question if your form action is applicationaccept.php and you are trying to update for one user in applicationaccept.php file, try this:
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $_POST["id"]; // pass id as parameter in form
$sql = "UPDATE rp_users SET tutorial=0";// change this line to following line
$sql = "UPDATE rp_users SET tutorial=0 where id=$iduser";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
?>
Be aware your code is vulnerable
I'm doing a table where the user can introduce the number of the products he want to buy and submit them pressing the submission button. I build the content of the table using a sql query (SELECT) setting the name of the input(text) like in the code below. My problem is that, probably, the form doesn't submit nothing because, if a check the variable $_REQUEST with isset(), it return FALSE. Someone can help me? Thanks!
$con=mysqli_connect("localhost","uPower","","info");
if (mysqli_connect_errno())
printf("<p>Error!!: %s<p>\n", mysqli_connect_error());
else{
$query = "SELECT * FROM product";
$result = mysqli_query ($con, $query);
echo "<form name=\"buy\" action=\"confirm.php\" method=\"POST\" onSubmit=\"return checkInputQty(qty.value) \">";
echo"<table>";
echo"<tr><th>Product name</th><th>Price</th><th>Available</th><th>Qty</th></tr>";
while ($row = mysqli_fetch_assoc($result)){
$pid = $row["pid"];
$name = $row["name"];
$qty = $row["qty"];
$price = ($row['price'])/100;
echo"<tr><th>$name</th><th>".number_format($price,2,',', '')." €</th><th>$qty</th><th><input type=\"text\" id=".$pid." name=".$name."></th></tr>";
}
echo"</table>";
echo "<p><input type=\"submit\" value=\"BUY\" class=\"button\" ><input type=\"button\" onclick=\"clearText()\" value=\"DELETE\" class=\"button\"></p>";
echo "</form>";
mysqli_free_result($result);
mysqli_close($con);
there is the part of confirm.php. It is a function in head that i called from the body of the page. It does a summary of what the user selected to buy. The control with if(isset($_REQUEST)) is false, so the page is blank....
<?php
function checkInputQty(){
$con=mysqli_connect("localhost","uPower","","info");
if (mysqli_connect_errno())
echo "error DB";
else{
$query = "SELECT * FROM product";
$result = mysqli_query ($con, $query);
while($row = mysqli_fetch_assoc($result)){
$nome = $row["name"];
if(isset($_REQUEST["$name"])){
$qty = trim($_REQUEST['$row["name"]']);
if($qty>0 && $qty<=$row["qty"]){
$new_qty = $row["qty"]-$qty;
$query2 = "UPDATE product SET qty = '$new_qty' WHERE qty = '".$row["qty"]."' ";
$result2 = mysqli_query ($con, $query2);
if($result){
echo "<table>";
echo "<tr><th>Name</th><th></th><th>Price</th></tr>";
do_content($row["name"],$qty,$row["price"]/100);
echo "</table>";
}
else
echo "Error!";
}
}e
}
mysqli_free_result($result);
}
mysqli_close($con);
}
?>
<?php
function do_content($name,$to_buy,$price){
echo "<tr><th>$name</th><th>$to_buy</th><th>$price</th></tr>";
}
?>
I have problem in retrieving one question on one page for online examination system from database. Currently I am retrieving with session variable. But problem in that is if we refresh page then session variable is increment and question is change with next serial number. Currently I am increment retrieving session variable from other page. So my question is how to solve change of question problem while refreshing page? Below is my code. and remaining code is in image file.
include("database.php");
$query="select * from ctip_question";
if($submit=='Next Question' && isset($ans))
{
mysql_data_seek($rs,$_SESSION[qn]);
$row= mysql_fetch_row($rs);
$question = $_SESSION[question];
$time = date('Y-m-d h:i:s');
mysql_query("insert into ctip_answer(test_id, q_no, qtype, answer,time) values ('1', '$_SESSION[qn]','$question','$ans','$time')") or die(mysql_error());
if($ans==$row[7])
{
$_SESSION[trueans]=$_SESSION[trueans]+1;
}
$_SESSION[qn]=$_SESSION[qn]+1;
$initialize_qn_no++;
}
else if($submit=='Get Result' && isset($ans))
{
mysql_data_seek($rs,$_SESSION[qn]);
$row= mysql_fetch_row($rs);
$time = date('Y-m-d h:i:s');
$question = $_SESSION[question];
mysql_query("insert into ctip_answer(test_id, q_no, qtype, answer,time) values ('1', '$_SESSION[qn]','$question','$ans','$time')") or die(mysql_error());
if($ans==$row[7])
{
$_SESSION[trueans]=$_SESSION[trueans]+1;
}
echo "<h1 class=head1> Result</h1>";
$_SESSION[qn]=$_SESSION[qn]+1;
echo "<Table align=center><tr class=tot><td>Total Question<td> $_SESSION[qn]";
echo "<tr class=tans><td>True Answer<td>".$_SESSION[trueans];
$w=$_SESSION[qn]-$_SESSION[trueans];
echo "<tr class=fans><td>Wrong Answer<td> ". $w;
echo "</table>";
mysql_query("insert into mst_result(login,test_id,test_date,score) values('$login',$tid,'".date("d/m/Y")."',$_SESSION[trueans])") or die(mysql_error());
echo "<h1 align=center><a href=review.php> Review Question</a> </h1>";
unset($_SESSION[qn]);
unset($_SESSION[sid]);
unset($_SESSION[tid]);
unset($_SESSION[trueans]);
exit;
}
$sql = "select * from ctip_test_question where test_id='$_SESSION[testid]' && sr_no=$_SESSION[qn]";
$result = mysql_query($sql);
while ($row1 = mysql_fetch_array($result)) {
{
$question = $row1['que_no'];
$_SESSION[question]=$question;
$rs=mysql_query("select * from ctip_question where que_id=$question",$cn) or die(mysql_error());
mysql_data_seek($rs,$_SESSION[qn]);
$row= mysql_fetch_row($rs);
echo "action=self_page";
$n=$_SESSION[qn]+1;
echo "here is my question";
echo "option1";
echo "option2";
echo "option3";
echo "option4";
if($_SESSION[qn]<20)
echo "next question";
else
echo "get result";
}
}
My first page to delete queries selected by user query.php which is working absolutely fine:
<form method=post action="delete.php">
List of queries<br/>
<?php
$ebits = ini_get('error_reporting');
error_reporting($ebits ^ E_NOTICE);
mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("testdb") or die(mysql_error());
echo "<br />";
$query = "select * from queries ";
$result = mysql_query($query) or die(mysql_error());
$count=mysql_num_rows($result);
while($row = mysql_fetch_array($result))
{
print "<input type='checkbox' name='Query[]' value=\"".$row['queryId']."\"> ";
echo " ". $row['name']." ". $row["address"]." ". $row["contactNo"]."
". $row["query"];
echo "<br />";
}
?>
<input type="submit" value="Delete" name="Delete">
<br/>
</form>
I've tried with following codes for second page delete.php but nothing seems to work.
Code1:
<?php
if($_POST['Delete'])
{
if(count($_POST['checkbox']) > 0) {
foreach($_POST['checkbox'] as $checkbox)
{
$del_id=$checkbox;
$sql = "DELETE * FROM queries WHERE `queryId`= '$del_id'";
$result = mysql_query($sql);
mysql_error();
}
echo "Selected Rows deleted";
} else {
$NEW="Nothing to Delete";
}
}
?>
Code2:
<?php
if(($_POST['Delete']))
{
$count=array();
$count=$_POST['checkbox'];
for($i=0;$i<count($count);$i++){
$del_id = $checkbox[$i];
$sql = "DELETE FROM queries WHERE queryId='$del_id' ";
$result = mysql_query($sql);
}
$NEW="Selected records Deleted";
}
var_dump($_POST['checkbox']);
var_dump($count);
?>
Your checkbox names are "Query", but you're accessing it as $_POST['checkbox']. This should be $_POST['Query'] instead.
EDIT checking from your updated code:
if($_POST['Delete']) {
if(count($_POST['Query']) > 0) {
foreach($_POST['Query'] as $checkbox) {
$del_id=$checkbox;
$sql = "DELETE * FROM queries WHERE queryId= '$del_id'";
$result = mysql_query($sql);
mysql_error();
}
echo "Selected Rows deleted";
}
else {
$NEW="Nothing to Delete";
}
}
Instead of this:
$del_id=$checkbox;
do this:
// if queryId is numeric
$del_id=intval($checkbox);
This makes sure that the value you're working with is numeric, instead of potential malicious input from your user. I'm going under the assumption that queryId is numeric. If it's not, then you need to do this:
// if queryId is not numeric:
$del_id = mysql_real_escape_string($checkbox);
Your DELETE syntax is incorrect:
$sql = "DELETE * FROM queries WHERE queryId= '$del_id'";
You want just DELETE FROM. Also if the value for queryId is numeric, you don't need the quotes around it:
$sql = "DELETE FROM `queries` WHERE `queryId` = $del_id";
Finally, your MySQL error call doesn't do anything useful as is:
mysql_error();
Here's how you should do this, along with the rest of the code:
if($_POST['Delete']) {
if(count($_POST['Query']) > 0) {
foreach($_POST['Query'] as $checkbox) {
$del_id= intval($checkbox);
$sql = "DELETE FROM `queries` WHERE `queryId` = $del_id";
$result = mysql_query($sql);
if(!$result) {
echo "There was an error in the query: " . mysql_error();
}
}
echo "Selected Rows deleted";
}
else {
$NEW="Nothing to Delete";
}
}