I'm totally stuck with my code.
<?php
$id = $_GET['kid'];
if (isset($_POST['mainit'])) {
if(!empty($_POST['new_kateg'])){
$jaunakategorija = $_POST['new_kateg'];
$kmst = $conn->prepare('UPDATE kategorijas SET kat_vards=:katvards WHERE kat_id=:katid');
$kmst->bindParam(':katvards', $jaunakategorija);
$kmst->bindParam(':katid', $id);
$kmst->execute();
if($kmst->execute()){
header('Location: new_kateg.php');
} else {
$message = '<p class="red">Kļūda </p>';
}
} else {
$message = '<p class="red">Lauks nedrīkst būt tukšs! </p>';
}
}
?>
<form action="kateg_edit.php" method="POST">
<p>Ievadiet jaunās kategorijas nosaukumu</p>
<?php echo $id; ?>
<input type="text" name="new_kateg" placeholder="Ievadiet nosaukumu">
<input type="submit" name="mainit" value="Mainīt!">
</form>
This is my code for updating record from database.
My URL is: localhost/....../kateg_edit.php?kid=2
when i echo $id it says it's 2. Code do its job but record is not changed.
If i hard code $id ='2';
code works and record that's ID is 2 is changed.
Im stuck why it dont change record when i get the same number from URL!
this is previous page where is button labot(edit)
<?php
$query = $conn->prepare("SELECT * FROM kategorijas");
$query->execute();
$result = $query;
echo
"<table class='table-fill'>
<tr>
<th>ID</th>
<th>Kategorijas nosaukums</th>
<th style='text-align:center;'>Darbība</th>"
;
foreach($result as $row)
{
echo "<tr>";
echo "<td>" . $row['kat_id'] . "</td>";
echo "<td>" . $row['kat_vards'] . "</td>";
echo '<td style="text-align:center;">Labot
Dzēst</td>';
}
echo "</tr>";
echo "</table>";
?>
Thanks for help...
instead of
$id = $_GET['kid'];
try this
$id = $_POST['kid'];
instead of
method="POST"
try this
method="GET"
ANYWAY THANKS FOR A HELP EVERYONE!
SOLVED BY MYSELF!
just inserted one more input field with value from GET and then use in query id which is taken from form.
">
Related
I have a form in which I enter the name, surname and function (result one select), I display them with a foreach in a table.
I want to add a button to every foreach record that will load the first form with the data from the row but I can not.
Thanks for the help!
<?php
require_once 'functii/functii.php';
$r = functia();
$options = "";
while ($row = mysqli_fetch_array($r)) {
$options = $options . "<option>$row[0]</option>";
}
?>
<form method="POST">
<table id="add"><tr><td>Nume:</td><td><input type="text" name="nume"/></td></tr>
<tr><td>Prenume:</td><td><input type="text" name="prenume"/></td></tr>
<tr><td>Functia:</td><td><select name="functia"><?php echo $options; ?></select></td></tr>
<tr><td>Activ:</td><td><input type="radio" name="activ"/></td></tr>
<tr><td></td><td><input type="submit" name="adaugare" value="Adauga"/><input type="submit" name="modificare" value="Modifica"/></td></tr></table>
</form>
<?php
if (isset($_POST['adaugare'])) {
require_once 'functii/functii.php';
$n = $_POST['nume'];
$p = $_POST['prenume'];
$f = $_POST['functia'];
$r = adaug_utilizator($n, $p, $f);
}
require_once 'functii/functii.php';
$utilizatori = grid_utilizatori();
if (count($utilizatori) == 0) {
print 'Nu sunt utilizatori adaugati';
} else {
?>
<table id="view">
<thead><tr><th colspan="4">Utilizatori adaugati</th></tr>
<tr><th>Nume</th><th>Prenume</th><th>Functia</th></tr>
</thead>
<tbody>
<?php
foreach ($utilizatori as $utilizator) {
print "<tr>";
print "<td>" . $utilizator['nume'] . "</td>";
print "<td>" . $utilizator['prenume'] . "</td>";
print "<td>" . $utilizator['denumire'] . "</td>";
print "<td><input type='submit' name='modifica' value='Modifica'></td>";
print "</tr>";
}
if (isset($_POST['modifica'])) {
$_POST['nume'] = $utilizator['nume'];
$_POST['prenume'] = $utilizator['prenume'];
$_POST['functia'] = $utilizator['denumire'];
}
?>
</tbody>
</table>
<?php
}
?>
You can execute loop as follows:
<?php
foreach($utilizatori as $index => $utilizator){
?>
<input type='submit' name='modifica<?php echo ($index+1);?>' value='Modifica' class="clickBtn"></td>
<?php
}
?>
with above loop name attribute will be as modifica1, modifica2 etc.
Now, you want to fill information based on button clicked to the form shown at your top of code, I think so.
For this, you can use jQuery:
$('.clickBtn').click(function(e){
var buttonOfRowClicked = $(this).attr('name');
var rowNumber = buttonOfRowClicked.substr(8); // It will get 1,2,3 etc table row.
$('input[name=nume]').val($(tr:nth-child(rowNumber) td:nth-child(1).val());
$('input[name=prenume]').val($(tr:nth-child(rowNumber) td:nth-child(2).val()); //similarly fill other variables.
});
I have not check the code by executing. It is overview for you to run your code. I think idea is sufficient for you for direction how should your code works.
I have a database containing books. On a page, I have loop that prints each record in the database which each book's title, author, publisher, date, and rating. I want to use a delete button at the bottom of each record in order to delete it.
When I click on the delete button, the page is updated, but the record is not deleted.
I have tried to find solutions to this problem, but have yet to. I tried to use the book_id category in my database table as my index, in order to identify each record and delete it but it does not work.
Here is the code for my button form, as it appears with html code:
while ($row = mysqli_fetch_array($result))
{
echo '<div id="forminput">';
$timestamp = strtotime($row['date']);
echo '<div id = "bookpicture">';
echo '<img src="images/Book Cover 8crop.jpg" alt="Book Cover">';
echo '</div>';
echo '<div id = "bookinfo">';
echo '<div id = "titleauthor">';
echo '<h3>' . htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8') . '</h3>';
echo '<p>' . htmlspecialchars($row['author'], ENT_QUOTES, 'UTF-8') . '</p>';
echo '</div>';
echo '</div>';
$id = htmlspecialchars($row['book_id'], ENT_QUOTES, 'UTF-8');
echo '</div>' ;
echo '<div id = "publisher">' ;
echo '<p>' . 'Published on' . " " . htmlspecialchars(date('F j, Y,', $timestamp),
ENT_QUOTES, 'UTF-8') .
" " . 'by' . " " . htmlspecialchars($row['publisher'], ENT_QUOTES, 'UTF-8') . '</p>';
echo '</div>';
echo '<div id = "formDelete">';
echo '<form name="deleteForm" method="post" id="deleteForm" action="index.php">';
echo '<input type="submit" value="Update" name="myAdd" id="myAdd" style = "width:
100px" required>';
echo '<input type="submit" value="Delete" name="myDelete" id="$id" style = "width:
100px" required>';
echo '</form>';
echo '</div>';
echo '</div>';
echo '<hr>' ;
echo '</div>';
}
?>
Here is the code from my index.php file.
else if (isset($_POST['myDelete']))
{
$ids = mysqli_real_escape_string($link, $_POST['$id']);
$sql="DELETE FROM readbooks WHERE book_id = '$ids'";
if (!mysqli_query($link, $sql))
{
$error = 'Error with submission: ' . mysqli_error($link);
include 'php/error.html.php';
exit();
}
}
Here is the updated code.
The Problem is you are not trying to send the row ID from the form.
In Form try sending row id from the form
echo '<input type="hidden" name="id" value="$id">'
try receiving that parameter
$id = $_POST['id'];
$con = mysql_connect("host address","mysql_user","mysql_pwd");
$query = "DELETE FROM readbooks WHERE id = $id";
mysql_query($query,$con);
Moving from comment, you're not actually getting the $id anywhere. Add a field to your form:
<input type='hidden' name='id' value='$id'>
and then refer to it in your php:
$ids = mysqli_real_escape_string($link, $_POST['id']);
Since your using mysqli now, use prepared statements. Do not directly use your user input to the query! Example:
$books = array();
// connection
$con = new mysqli('localhost', 'your_username', 'password_of_username', 'your_database');
if(isset($_POST['myDelete'])) {
$book_id = $_POST['myDelete']; // get the variable id
$stmt = $con->prepare('DELETE FROM readbooks WHERE book_id = ?');
$stmt->bind_param('i', $book_id);
$stmt->execute();
}
$result = mysqli_query($con, 'SELECT * FROM readbooks');
while($row = $result->fetch_assoc()) {
$books[] = $row;
}
?>
<form method="POST">
<table border="1" cellpadding="10">
<tr>
<th>Title</th>
<th>Author</th>
<th>Publisher</th>
<th></th>
</tr>
<?php foreach($books as $book): ?>
<tr>
<td><?php echo $book['title']; ?></td>
<td><?php echo $book['author']; ?></td>
<td><?php echo $book['publisher']; ?></td>
<td><button type="submit" name="myDelete" value="<?php echo $book['book_id']; ?>">Delete</button></td>
</tr>
<?php endforeach; ?>
</table>
</form>
I think you're having problem with the id that you are passing to your PHP code. Try to use var_dump($_POST) to see what is the content of your $_POST variable. As I can see, the index of $_POST is wrong.
<input type="submit" value="Delete" name="myDelete" id="$id" style = "width:100px" required>';
Try to change this to
<input type="submit" name="book_id" value="$id" style = "width:100px" required>';
In your php use this $_POST["book_id"] to get the value of book_id you posted.
Note : The attribute "name" of the input tags will be the index of your $_POST variable
I understand that you want to have a delete and update button at the same time. The problem is your logic behind the situation. You need to have a hidden field and put the id inside it. Try to use this.
echo '<form name="deleteForm" method="post" id="deleteForm" action="index.php">';
echo '<input type="hidden" value="$id" name="book_id" id="myAdd" required>';
echo '<input type="submit" value="Update" name="action" id="myAdd" required>';
echo '<input type="submit" value="Delete" name="action" id="$id" required>';
echo '</form>';
In your php code use try to have a condition like this :
$book_id = $_POST["book_id"];
if($_POST["action"] == "delete")
{
//do your deletion code here. use the variable $book_id
}
else{
//do your update code here.use the variable $book_id
}
I've been doing some work on my website control panel for a game I'm working on. But I can't seem to get the "Ban!" button to be "Unban!" if the result $row['banned'] is FALSE. I get it to output TRUE : FALSE depending on what it says in the table.
Any help getting this fixed would be greatly appreciated. I have struggled with this for a few days now and I felt like giving up once or twice but this has to be completed to help the admins on my game have it easier to check banned accounts and control the options.
p.s "connect.php" only has a few variables that are used and the mysql connect string.
<?php
require('connect.php');
if(isset($_POST['ban'])){
$id = $_POST['ban_rec_id'];
$query = "UPDATE accounts SET banned=1 WHERE id=$id";
$result = mysql_query($query);
}else if(isset($_POST['unban'])){
$id = $_POST['unban_rec_id'];
$query = "UPDATE accounts SET banned=0 WHERE id=$id";
$result = mysql_query($query);
}
$query = "SELECT id, uuid, name, REPLACE(REPLACE(banned,'0','FALSE'),'1','TRUE') AS banned FROM accounts ORDER BY id ASC";
$result = mysql_query($query);
echo "<center>
<table>
<tr>
<th>Acccount Id</th>
<th>Username</th>
<th>In-Game Name</th>
<th>Banned</th>";
if($ban === true){
echo "<th>Ban</th>";
}
echo "</tr>";
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$username = $row['uuid'];
$gamename = $row['name'];
$banned = $row['banned'];
echo "<tr>";
echo "<td>" . $id . "</td>";
echo "<td>" . $username . "</td>";
echo "<td>" . $gamename . "</td>";
echo "<td>" . $banned . "</td>";
if($ban === true){
if($row['banned'] == FALSE){
echo "<td>"?>
<form id="ban" method="post" action="">
<input type="hidden" name="ban_rec_id" value="<?php print $id; ?>"/>
<input class="button-small" type="submit" name="ban" value="Ban!"/>
</form>
<?php "</td>";
} else {
echo "<td>"?>
<form id="unban" method="post" action="">
<input type="hidden" name="unban_rec_id" value="<?php print $id; ?>"/>
<input class="button-small" type="submit" name="unban" value="Unban!"/>
</form>
<?php "</td>";
}
}
echo "</tr>";
}
echo "</table></center>";
mysql_close($link);
?>
Try use string for FALSE instead since looks like you might have assigned it with String rather than Boolean value in your error-prone REPLACE(REPLACE(banned,'0','FALSE'),'1','TRUE'):
if($row['banned'] == 'FALSE')
So what actually is the problem with that? The code seems to be fine, in case the value in 'banned' column is false or true.
But you should check the right value type in your columns. If it is string (varchar, text etc) that is saying 'FALSE' or 'TRUE' you should use
'FALSE' instead of FALSE
I am creating an insert process in php but I have a problem in my code. when I refresh my page, it will also submit and insert the data.
here is my code :
<form action="/drupal/node/1" method="post">
Name: <input type="text" name="name" />
Price: <input type="text" name="price" />
Minutes: <input type="text" name="minutes" />
<input type="submit" />
</form>
<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
// some code
mysql_select_db("zain", $con);
if (isset($_POST['name']) && isset($_POST['price']) && isset($_POST['minutes']))
{
$val_name = $_POST['name'];
$val_price = $_POST['price'];
$val_min = $_POST['minutes'];
$max_id_sql = mysql_query("SELECT MAX(id) FROM card_category");
$data = mysql_fetch_array($max_id_sql);
if ($data[0]==0)
{
$val_id = 1;
}
else
{
$val_id = $data[0] + 1;
}
mysql_query("INSERT INTO card_category (id, name, price, minutes) VALUES ($val_id,'$val_name',$val_price,$val_min )");
$_POST['name'] == NULL;
$_POST['price'] == NULL;
$_POST['minutes'] == NULL;
}
$result = mysql_query("SELECT * FROM card_category");
echo "<table border='1'>
<tr>
<th>id</th>
<th>name</th>
<th>price</th>
<th>mins</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . $row['minutes'] . "</td>";
echo "</tr>";
}
echo "</table>";
if (isset($_POST['lastname']))
{
print $_POST['lastname'];
}
mysql_close($con);
?>
my question is, how can I handle when I refresh the page and it will not submit the data?
thanks in advance
When you get the POST submission:
Process the data
Return a Redirect response
Get a GET request from the browser on the URL you redirect to
Respond to that with the HTML
If the browser is refreshed, it will resubmit the GET request which your PHP won't use to modify the database.
This is the POST-REDIRECT-GET pattern. There are some more details in this blog entry (which also has example PHP code in the comments).
How to fix refresh the page do not post the value using php:
if ($_SERVER['HTTP_CACHE_CONTROL']=="")
{
// process the data
}
If you look at $_SERVER['REQUEST_METHOD'] variable, it will say 'POST' when the user submitted data and 'GET' when he did not. So:
if($_SERVER['REQUEST_METHOD']=='POST')
{
// process the data
}
By the way, your code is eminently vulnerable to SQLI attacks ...
I would like to apologize if the duplicate of this question exist. i tried to find and could find anything here that could solve my problem..
I am using a form to get the input and update it in the mysql database, and then retrieve the records in the html form, and have defined the code for deleting the records individually through hyperlinks. however i want to do more, i want to use the checkboxes to delete the multiple records.
my code goes like this.
<?php
//include connection string
include('connection.php');
?>
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post"/>
Username : <input type="text" name="user"/><br />
Password : <input type="password" name="pass"/><br />
<input type="submit" name="submit" value="Send"/>
</form>
<?php
// query to insert into database
if(isset($_POST['user']) && isset($_POST['pass'])) {
$user = empty($_POST['user']) ? die(mysql_error()) : mysql_escape_string($_POST['user']);
$pass = empty($_POST['pass']) ? die(mysql_error()) : sha1(mysql_escape_string($_POST['pass']));
$query = "INSERT INTO users(name, pass) VALUES ('$user', '$pass')";
$result = mysql_query($query) or die(mysql_error());
}
if(isset($_GET['id'])) {
//query to delete the records
$query = "DELETE FROM users WHERE id = " . intval($_GET['id']);
$result = mysql_query($query);
}
//query to retrieve records
$query = "SELECT * FROM users";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0 ) {
echo "<table cellpadding=10 border=1>";
while ($row = mysql_fetch_row($result)) {
echo "<tr>";
echo "<td>" . $row[0] . "</td>";
echo "<td>" . $row[1] . "</td>";
echo "<td>" . $row[2] . "</td>";
echo "<td>delete";
echo "</tr>";
}
echo "</table>";
}
?>
i would like you to know that i am a newbie to programming world and i am not so sure of how exactly html checkbox work and how do i use it to delete the multiple records. i want to know what extra code do i have to write for it, and i would appreciate a lot if someone explains me that extra code in brief..
thank you..
This is probably a good time for another form:
<?php
// query to insert into database ...
// ... etc...
if(isset($_POST["formDeleteSelected"])) {
//query to delete the records
$query = "DELETE FROM users WHERE id IN (" . implode(", ",$_POST["rowid"]) . ")";
$result = mysql_query($query);
header("Location: mycode.php"); // just so 'refresh' doesn't try to run delete again
exit();
}
?>
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
<?php
//query to retrieve records
$query = "SELECT * FROM users";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0 ) {
echo "<table cellpadding=10 border=1>";
while ($row = mysql_fetch_row($result)) {
echo "<tr>";
echo "<td><input type="checkbox" name="rowid[]" value=\"" . $row[0] . "\" /></td>";
echo "<td>" . $row[0] . "</td>";
echo "<td>" . $row[1] . "</td>";
echo "<td>" . $row[2] . "</td>";
echo "</tr>";
}
echo "</table>";
}
?>
<input type="submit" name="formDeleteSelected" text="Delete Selected" />
</form>
Or something like that (I haven't actually tried that code so there may be a typo). Also note that you should make sure to sanitize any form/get inputs for SQL Injection (plenty of information on that in other Stack Overflow questions).
First of all you need a checkbox and the id you want to delete:
<input id="delete" type="checkbox" name="delete" /><label for="delete">Delete user</label>
<input type="hidden" name="user_id" value="12345" />
You can then test if the checkbox has been set and then manually set the GET parameter to reuse your existing code:
if(isset($_POST['delete'])){
$_GET['id'] = $_POST['user_id'];
}
That's not the most elegant solution but a really simple one that should work with your code.
try an SQL query with a list of IDs
... WHERE id=$sentIds[0] OR id=$sentIds[1] OR ...
or use a set operation
... WHERE id IN ($i1,$i2 ... );
You sure have to send ids in the form for this to work, but You know that ;)