mysql table not deleting values

mysql table not deleting values - php

I have a mysql data table that holds user information such as name,department,extension and phone number
Now I have a delete query that deletes a user based on the extension number the admin enters.
It was working yesterday and I have not changed a thing so I have no idea what could be wrong.
According to my code it must delete the user and then display the table. Now it does all that but the user still exists.
<?php
error_reporting(0);
require ("database.php");
session_start();
if (!isset($_SESSION['CheckLogin'])) { header("Location: login.php"); }
if($_POST['action'])
{
$this_user_ext =$_GET['extension'];
// sending query
mysql_query("DELETE FROM users WHERE extension = '$this_user_ext'")
or die(mysql_error());
include('maildelete.php');
$extension=$_POST['extension'];
header("Location: index.php");
}
?>
<center>
<form action="" method="post">
Enter 4 Digit Extension Number :
<br>
<input type="text" name="extension">
<br>
<h2>
<input type="submit" name="action" value="Delete Extension">
<br>
</h2>
<h3>
Main Menu
</h3>
</form>
</center>

You have used POST method but you are using $_GET so
change $this_user_ext =$_GET['extension']; to $this_user_ext =$_POST['extension'];

Inside your form's tag having a method POST. You're sending the POST request, not the GET request. Use this code instead $this_user_ext = $_POST['extension'];

<?php
error_reporting(0);
require ("database.php");
session_start();
if (!isset($_SESSION['CheckLogin'])) { header("Location: login.php"); }
if($_POST['action'])
{
$this_user_ext =$_POST['extension'];
// sending query
mysql_query("DELETE FROM users WHERE extension = '".$this_user_ext."'")
or die(mysql_error());
include('maildelete.php');
$extension=$_POST['extension'];
header("Location: index.php");
}
?>
<center><form action="" method="post">
Enter 4 Digit Extension Number :<br><input type="text" name="extension">
<br><h2><input type="submit" name="action" value="Delete Extension">
<br></h2>
<h3>
Main Menu
</h3>
</form>
</center>
I hope U got it :) Enjoy..

Related

I want all customer to input a specific number in form before proceeding to the next step of the transaction

<form action='' method='POST'>
<table align="center">
<tr><td>Transaction Access Code:</td></tr>
<tr><td><input type="password" name="code1"></td></tr>
<tr><td class="button1"><input type="submit" name="submitBtn" value="Log In" class="button"></td></tr>
</table>
</form>
<?php
if(isset($_REQUEST['submitBtn'])){
include '_inc/dbconn.php';
$code1=$_REQUEST['code1'];
$sql="SELECT code1 FROM code WHERE code1='$code1'";
$result=mysql_query($sql) or die(mysql_error());
$rws= mysql_fetch_array($result);
if($rws[0]==$code1 ){
header("customer_transfer_process.php");}
else
header("customer_transfer_process1.php");}
?>

Your code had some errors. You also should always scrub user input when using it in a database transaction.
<form method='POST'>
<table align="center">
<tr><td>Transaction Access Code:</td></tr>
<tr><td><input type="password" name="code1"></td></tr>
<tr><td class="button1"><input type="submit" name="submitBtn" value="Log In" class="button"></td></tr>
</table>
</form>
<?php
if(isset($_POST['code1'])){
include '_inc/dbconn.php';
$code1 = htmlspecialchars($_POST['code1']); // sanitize user input
$sql="SELECT code1 FROM code WHERE code1='{$code1}'";
$result = mysql_query($sql) or die(mysql_error());
$rws = mysql_fetch_array($result);
if($rws[0]==$code1 ){ //success, transfer
header("customer_transfer_process.php");
} else { //fail, send them somewhere else
header("customer_transfer_process1.php");
}
}
?>

<?php
if(isset($_REQUEST['submitBtn'])){
include '_inc/dbconn.php';
$code1=$_REQUEST['code1'];
$sql="SELECT code1 FROM code WHERE code1='$code1'";
$result=mysql_query($sql) or die(mysql_error());
$rws= mysql_fetch_array($result);
if($rws[0]==$code1 ){
header('location:customer_transfer_process1.php'); }
else
header('location:test.php');
}
?>

First of all, don't use mysql_* functions anymore, they are removed in >= PHP7. Assuming you switch libraries (I will demonstrate using PDO), you should not append user-submitted data into the query, instead you should bind parameters/values. Last, you should probably employ a session to let your app know this user has already supplied the information required to start.
/_inc/dbconn.php
<?php
# Create connection. See documentation for more info on PDO
$con = new PDO("mysql:host=localhost;dbname=whatever",'root','');
/whatever_this_is_called.php
<?php
# NOTE: this php block should be placed at the top of the page, first thing
# Use session
session_start();
# Add this anyway
include('_inc/dbconn.php');
# Get action check
include(__DIR__.'/_inc/functions/getAction.php');
# Match form action
$action = getAction();
if($action == 'set_trans_code'){
# Set default redirect
$redirect = "customer_transfer_process1.php";
# Prepare and execute
$query = $con->prepare("SELECT code1 FROM code WHERE code1 = ?");
$query->execute(array($_REQUEST['code1']));
$result = $query->fetch(PDO::FETCH_ASSOC);
# Check the key you called from db
if($result['code1'] == $_REQUEST['code1']){
# Assign code here, then check on the next page
# Saves user from having to resubmit if user goes off page
$_SESSION['transcode'] == $_REQUEST['code1'];
# Overwrite default
$redirect = "customer_transfer_process.php";
}
header($redirect);
exit;
}
?>
<form action='' method='POST'>
<!-- I like to set action names to differentiate tasks -->
<input type="hidden" name="action" value="set_trans_code" />
<table align="center">
<tr><td>Transaction Access Code:</td></tr>
<tr><td><input type="password" name="code1"></td></tr>
<tr><td class="button1"><input type="submit" name="submitBtn" value="Log In" class="button"></td></tr>
</table>
</form>
/_inc/functions/getAction.php
I would really only create something like this if you use a lot of form actions over and over.
<?php
function getAction($type='POST')
{
$REQ = '_'.strtoupper($type);
return (!empty(${$REQ}['action']))? ${$REQ}['action'] : false;
}

restrict access to the second form page

Helloo, I have a mutistep form functionality where
in "Step1" ( page 1 ) i have a form with three radioButton
And in step 2 (page2 ) I have another form.
So, My problem is that I want to restrict access to page2 via URL like if I type in Browser Addressbar : localhost/page1.php then it should load page1.php but when I write localhost/page2.php then it should restrict user to have access for page2 and I would like to be redirected to localhost/page1.php
so i tried this :
page1 :
<form class="type" action="page2.php" method="post">
<label style="text-align:center;"> Type de compte : </label>
</br> </br>
<input type="radio" name="typeCompte" value="enseig" required>
Enseignant </br>
<input type="radio" name="typeCompte" value="etud" required>
Etudiant </br>
<input type="radio" name="typeCompte" value="admin" required>
Adminstrateur </br>
</br></br>
<input type="submit" class="make" name="submit" value="Valider">
</form>
<?php
if(isset($_POST['submit']))
{
$_SESSION['log']=1;
}
?>
page 2 :
<?php
session_start();
if($_SESSION['log']!=1)
header("location: page1.php");//redirecting to first page
?>

Try putting session variable as bool like...
In Page1.php
<?php
session_start();
if($_POST['submit']){
$_SESSION['log'] = "true";
header("Location: page2.php");
}
?>
Then In Page2.php
if(!isset($_SESSION['log']) && $_SESSION['log'] == "false"){
//send them back
header("Location: page1.php");
}
else{
//your logic if any.
}
I think in Php session might be working on true false basis only..

to check for session you can use isset command
<?php session_start();
//if ! means not isset check if the session is active
if(!isset($_SESSION['log']))
header("location:page1.php");
?>
in your page where you assign the session for log you can use it to assign any value for the user that you might need later. however do some reading about .htaccess and put your limited access file in a different dir
on page 1
$t='1';
$_SESSION['log']=$t;
and very very important on the first line after <?php on page 1 you must have
session_start();
edit try this that i wrote only spend 5 min so it is not much but i tested it and it works make 2 file test1.php and test2.php
test1.php
<?php
session_start();
if(isset($_POST['set'])){
$log='1';
$_session['log']=$log;
include_once("test2.php");
exit;
}
if(isset($_POST['dontset'])){
include_once("test2.php");
}
?>
<html>
<body>
<form action="" method="post">
<input type="submit" name="set" value="set">
<input type="submit" name="dontset" value="dontset">
</form>
</body>
</html>
test2.php
<?php
session_start();
if (!isset($_session['log'])){
echo 'you are not authorised';
header("location:test1.php");
}
if (isset($_session['log'])){
echo 'you are authorised';
}
?>
<html>
<body>
<form action="" method="post">
<input type="submit" name="destroy" value="destroy">
</form>
</body>
</html>
<?php
if(isset($_POST['destroy'])){
session_destroy();
include_once("test2.php");
exit;
}
?>
it also shows you how to logout the user using sessions

sending phpmailer on data deletion

I have a form that adds a user to a mysql database table and emails the new information to a address (working).
Now I have a form that is used to delete records from the table but I am unable to get it to email the old users data before it deletes it.
for example if the user deletes the id 45 from the table, an email must be sent saying "A user was deleted from the table: 'Name','Phone','Extension'"
code for the delete.php:
<?php
require ("database.php");
?>
<?php
$this_Stud_ID =$_REQUEST['id'];
// sending query
mysql_query("DELETE FROM users WHERE id = '$this_Stud_ID'")
or die(mysql_error());
if($_POST['action'])
header("Location: index.php");
?>
<form action="<?php echo $_SERVER['php_self'] ?>" method="post">
Enter ID Number :<br><input type="text" name="id"><br />
<br><input type="submit" name="action" value="Delete!">
<br> <br>
<h3>
Main Menu
</h3>
</form>

You must fetch user data before delete.
Do something like this
<?php
require ("database.php");
if(isset($_POST['action'])){
if(isset($_REQUEST['id']) && (int)$_REQUEST['id']>0){
$this_Stud_ID =(int)$_REQUEST['id'];
$user_record=mysql_fetch_assoc(mysql_query('select * from users where id=' . $this_Stud_ID));
//now send an email to user or to anyone and use $user_record as user data
$to='';
$subject='';
$message='';
$headers='';
$mail_status=mail($to, $subject, $message, $headers);
if($mail_status){
mysql_query("DELETE FROM users WHERE id = '$this_Stud_ID'")or die(mysql_error());
header("Location: index.php");
exit();
}
}
}
?>
<form action="<?php echo $_SERVER['php_self'] ?>" method="post">
Enter ID Number :<br><input type="text" name="id"><br />
<br><input type="submit" name="action" value="Delete!">
<br> <br>
<h3> Main Menu </h3>
</form>

Look like the code isn't complete !
On form submit first fetch the data with WHERE id = $this_Stud_ID
and execute
mail("yourname#domain.com","Subject","phone no name ..etc");
then you can execute
mysql_query("DELETE FROM users WHERE id = '$this_Stud_ID'")
or die(mysql_error());
Please post your complete code !

Echoing a name from session php

I'm a student and I'm making a quiz using php and mysql, my problem is I'm trying to echo a name on the results page but it doesn't work.
My first page is an index page where I create a form which gets the users name which I send to my quiz.php page.
<form method="post" action="quiz.php">
<img src="pictures/indeximage.jpg" alt="horrormovies" width="1024" height="640">
<p>
Please Enter Your Name
<br>
<input type="text" name="name">
</p>
<input type="submit" name="submit" value="Start">
</form>
on my quiz.php page i put make a variable and put it in a session
<?php
//start session
session_start();
$var_name=$_REQUEST['name'];
$_SESSION['ses_name']=$var_name;
?>
On my results page I have this
<?php
session_start();
$var_name=$_SESSION['ses_name'];
?>
<p>
Thank you for taking the quiz <?php echo $var_name; ?>.
</p>

Use isset for assign value in session variable. for good practice.
if(isset($_POST['submit']))
{
//start session
session_start();
$var_name=$_REQUEST['name'];
$_SESSION['ses_name']=$var_name;
}

quiz.php
session_start();
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
$_SESSION['ses_name']=$_REQUEST['name'];
}
Try this code :-
results page
<?php
//start session
session_start();
if(!empty($_SESSION['ses_name']))
{
?>
<p>Thank you for taking the quiz <?php echo $_SESSION['ses_name']; ?>.</p>
<?php
}
else{
echo 'session not set ';die;
}
?>

Message that database is updated after redirecting

I'm new to PHP. I want to display a message that the database is updated after each time I redirect it after entering the data.
$sql = "INSERT INTO incoming (recipt, userid, username, money)
VALUES ('$recipt', '$userid', '$username', '$money')";
if ($conn->query($sql) === TRUE) {
echo "<script>window.open('incoming2.php','_self')</script>";
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
}

2 methods
1-you can redirect to any page adding message in get variable and check at that page if that variable is set then display it as message
//redirect to index.php with msg as
header('location:index.php?msg=2 records updated');
//at index page where you want to display message
if(isset($_GET['msg']) && !empty($_GET['msg'])){
echo '<p class="myMsg">'.$_GET['msg'].'</p>'
}
2- second method is to save the message to session variable and access it at page but you will have to unset that variable as below
//sending message assuming session_start() is written at to of all pages
$_SESSION['msg']="2 records updated or what ever your message is";
//where you want to display message
if(isset($_SESSION['msg']) && !empty($_SESSION['msg'])){
echo '<p class="myMsg">'.$_SESSION['msg'].'</p>'
unset($_SESSION['msg']);
}

Pass the message to your url:
echo "<script>window.open('incoming2.php?message=New+record+created+successfully','_self')</script>";
Then you can get the message in incoming2.php:
echo urldecode($_GET['message']);
Be careful: sanatize your input!

Use header("Location: incoming2.php"); instead of echoing JS.
Also, check your SQL statement for SQL injection vulnerabilities.

If you are posting the data on the same page you could do the following:
<?php
if(isset($_REQUEST["submit"])){
// mySQL code here
// return either success or failed
$confirmation="success";
}
?>
<html>
<head>
<title>Feedback</title>
</head>
<body>
<div>
<?php
if(isset($confirmation)){
echo $confirmation;
}
?>
</div>
<form method="post" action="">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" Value="Submit">
</form>
</body>
</html>
If you are sending the data to a separate page:
On the receiving page:
<?php
// mySQL code here
// return either success or failed
//redirect to index.php with confirmation as true or false
header('location:index.php?confirmation=success');
?>
and on the page that you Sent the data from:
<html>
<head>
<title>Feedback</title>
</head>
<body>
<div>
<?php
//at index page where you want to display message
if(isset($_GET['confirmation']) && !empty($_GET['confirmation'])){
echo $_GET['confirmation'];
}
?>
</div>
<form method="post" action="uploaddata.php">
<input type="text" name="username">
<input type="password" name="password">
<input type="submit" name="submit" Value="Submit">
</form>
</body>
</html>
You can then use CSS3 animations to fade the message in and out for a better user experience :-)

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.

mysql table not deleting values - php

You have used POST method but you are using $_GET so change $this_user_ext =$_GET['extension']; to $this_user_ext =$_POST['extension'];

Inside your form's tag having a method POST. You're sending the POST request, not the GET request. Use this code instead $this_user_ext = $_POST['extension'];

Related

I want all customer to input a specific number in form before proceeding to the next step of the transaction

restrict access to the second form page

sending phpmailer on data deletion

Echoing a name from session php

Message that database is updated after redirecting

Categories

Resources