Im currently coding a website in php, unfortunately ive hit a road block were i cant seem to get my amend.php and update.php pages to work and update on my created display page below is the code.
Display page displays a table with descriptive columns when the hyperlink 'amend' is select it runs the amend.php.
Amend
<?php
include 'connection.php';
$id = $_GET ['theid'];
$query = "SELECT * FROM place WHERE placeid = '$id'";
$results = mysqli_query($connection,$query);
$row = mysqli_fetch_assoc($results);
?>
<?php include 'header.php'; ?>
<body>
<h2>Amend</h2>
<form method="post" action="updateplace.php">
<fieldset class="fieldset-width1">
<input type="hidden" name="hiddenID" value= "<?php echo $row['placeid']; ?>" />
<br />
<br />
<label class="align" for="txtplacename">Place Name: </label>
<input type="text" name="txtplacename" value = "<?php echo $row['placename']; ?>" />
<br />
<br />
<label class="align"for="txtplacedesc">Place description: </label>
<input type="text" name="txtplacedesc" value = "<?php echo $row['placedesc']; ?>" />
<br />
<br />
<label class="align"for="txtplacecat">Place category: </label>
<input type="text" name="txtplacecat" value = "<?php echo $row['placecat']; ?>" />
<br />
<br />
<label class="align" for="txtplaceimg">Place image: </label>
<input type="text" name="txtplaceimg" value = "<?php echo $row['placeimg']; ?>" />
<br />
<br />
<input type="submit" value="Submit" name='submit' />
</fieldset>
</form>
</p>
<?php include 'footer.php'; ?>
</body>
</html>
This php page works as it displays all the data from phpmyadmin using the selected id.
update
<?php
include 'connection.php';
if(isset($_POST['submit'])){
$placeid = $_POST['hiddenID'];
$placename = $_POST['txtplacename'];
$placedesc = $_POST['txtplacedesc'];
$placecat = $_POST['txtplacecat'];
$placeimg = $_POST['txtplaceimg'];
}
$query = "UPDATE place
SET placename = '$placename';
SET placedesc = '$placedesc';
SET placecat = '$placecat';
SET placeimg = '$placeimg';
WHERE
placeid = '$placeid'";
mysqli_query($connection,$query);
header("location:admin.php");
when i select the submit button the header redirects me however none of the columns i change will have been updated. Any help would be appreciated thanks
Look at your UPDATE query,
$query = "UPDATE place
SET placename = '$placename'; <==
SET placedesc = '$placedesc'; <==
...
You're terminating your UPDATE operation in every line using ;, which is breaking your query. Furthermore, your UPDATE query itself is wrong, it should be like this:
$query = "UPDATE place SET placename = '$placename', placedesc = '$placedesc', placecat = '$placecat', placeimg = '$placeimg' WHERE placeid = '$placeid'";
Sidenote: Learn about prepared statement because right now your query is susceptible to SQL injection attacks. Also here's a good read on how you can prevent SQL injection in PHP.
You should not just assume the query was successful. Replace your mysqli_query line with this to figure out what is going on:
if (!mysqli_query($connection, $query)) {
echo("Error description: " . mysqli_error($connection));
die();
}
Assuming you have some sort of error, it will prevent the redirect and display. If you still get a redirect, there was nothing wrong with the query itself, rather your $placeid value does not exist in the database.
Related
I'm working on a PHP dynamic form based on the tutorial found here:
http://blog.calendarscripts.info/dynamically-adding-input-form-fields-with-jquery/
Here is the table layout:
ID | depratecat | MinBalance | InterestRate | APY | suborder
inputted rows
ID is auto-increment.
The form fields for depratecat are visible in my code only for testing; normally the user would not be able to change this value. The value of depratecat would come from a POST value from a previous page and should be the same for all rows inputted or edited in this instance. For testing I'm declaring the value as 14.
My test page is here:
http://www.bentleg.com/fcsbadmin/dynamictest4.php
The problems:
The "Add row" script function does not work and the code won't insert new data thru form; nothing happens. No errors are shown in the Chrome console
Editing or deleting pre-existing rows seems to work.
Below is my complete test code minus the connection, Some print_r added to show the array.:
<?php
error_reporting(E_ALL);
// Connect to the DB
$link = myconnection stuff
$new_depratecat='14'; //for testing
// store in the DB
if(!empty($_POST['ok'])) {
//first delete the records marked for deletion. Why? Because we don't want to process them in the code below
if( !empty($_POST['delete_ids']) and is_array($_POST['delete_ids'])) {
// you can optimize below into a single query, but let's keep it simple and clear for now:
foreach($_POST['delete_ids'] as $id) {
$sql = "DELETE FROM tblRates_balance WHERE id=$id";
$link->query($sql);
}
}
// now, to edit the existing data, we have to select all the records in a variable.
$sql="SELECT * FROM tblRates_balance WHERE depratecat='$new_depratecat' ORDER BY suborder";
$result = $link->query($sql);
// now edit them
while($rates = mysqli_fetch_array($result)) {
// remember how we constructed the field names above? This was with the idea to access the values easy now
$sql = "UPDATE tblRates_balance SET
MinBalance='".$_POST['MinBalance'.$rates['id']]."',
InterestRate='".$_POST['InterestRate'.$rates['id']]."',
APY='".$_POST['APY'.$rates['id']]."',
suborder='".$_POST['suborder'.$rates['id']]."'
WHERE id='$rates[id]'";
$link->query($sql);
}
// (feel free to optimize this so query is executed only when a rate is actually changed)
// adding new
if($_POST['add_MinBalance']!= "") {
//echo ("OKAY");
$sql = "INSERT INTO tblRates_balance (depratecat, MinBalance, InterestRate, APY, suborder) VALUES ('$new_depratecat','".$_POST['add_MinBalance']."', '".$_POST['add_InterestRate']."', '".$_POST['add_APY']."','".$_POST['add_suborder']."' );";
$link->query($sql);
}
}
// select existing rates here
$sql="SELECT * FROM tblRates_balance where depratecat='$new_depratecat' ORDER BY suborder";
$result = $link->query($sql);
?>
<html>
<head>
<title>Example of dynamically adding row and inserting into mySql with jQuery</title>
<meta content="text/html;charset=utf-8" http-equiv="Content-Type">
<meta content="utf-8" http-equiv="encoding">
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js"></script>
</head>
<body>
<div style="width:90%;margin:auto;">
<h1>Example of dynamically adding row and inserting into mySql with jQuery </h1>
<form method="POST" id="newrate">
<div id="itemRows">
Minimum Balance: <input type="text" name="add_MinBalance" size="30" />
Interest Rate: <input type="text" name="add_InterestRate" />
APY: <input type="text" name="add_APY" />
Order: <input type="text" name="add_suborder" size="2"/>
<< Add data and click on "Save Changes" to insert into db. <br>
You can add a new row and make changes to existing rows all at one time and click on "Save Changes."
New entry row will appear above after saving.
<?php
// Next section does updating. let's assume you have the rate data from the DB in variable called $rates
while($rates = mysqli_fetch_array($result)): ?>
<p id="oldRow<?=$rates['id']?>">
<?php //echo $rates['id']; ?>
Minimum Balance: <input type="text" name="MinBalance<?=$rates['id']?>" value="<?=$rates['MinBalance']?>" />
Interest Rate: <input type="text" name="InterestRate<?=$rates['id']?>" value="<?=$rates['InterestRate']?>" />
APY: <input type="text" name="APY<?=$rates['id']?>" value="<?=$rates['APY']?>" />
Order: <input type="text" name="suborder<?=$rates['id']?>" value="<?=$rates['suborder']?>" />
<input type="checkbox" name="delete_ids[]" value="<?=$rates['id']?>"> Mark to delete</p>
<?php endwhile;?>
</div>
<p><input type="submit" name="ok" value="Save Changes"></p>
</form>
</div>
<script language="Javascript" type="text/javascript">
var rowNum = 0;
function addRow(frm) {
rowNum ++;
var row = '<p id="rowNum'+rowNum+'">Minimum Balance:<input type="text" name="add_MinBalance[]" value="'+frm['add_MinBalance[]'].value+'">Interest Rate:<input type="text" name="add_InterestRate[]" value="'+ frm['add_InterestRate[]'].value +'">APY:<input type="text" name="add_APY[]" value="'+frm['add_APY[]'].value+'">Order:<input type="text" name="add_suborder[]"value="'+ frm['add_suborder[]'].value+'"><input type="button" value="Remove" onclick="removeRow('+rowNum+')(this);"></p>';
jQuery('#itemRows').append(row);
frm['add_MinBalance[]'].value = '';
frm['add_InterestRate[]'].value = '';
frm['add_APY[]'].value = '';
frm['add_suborder[]'].value = '';
}
function removeRow(rnum) {
jQuery('#rowNum'+rnum).remove();
}
//}
</script>
</body>
</html>
The inputs in the initial form have names add_depratecat, add_MinBalance, add_InterestRate, add_APY, and add_suborder. When you add new rows, they have the same names, but with [] appended. So the original row creates single inputs, the added rows create array inputs, but they have the same names, and they conflict.
You should use the array form for the original inputs as well:
<form method="POST" id="newrate">
<div id="itemRows">
Dep_rate_cat:<input type="text" name="add_depratecat[]" size="30"/>
Minimum Balance: <input type="text" name="add_MinBalance[]" size="30" />
Interest Rate: <input type="text" name="add_InterestRate[]" />
APY: <input type="text" name="add_APY[]" />
Order: <input type="text" name="add_suborder[]" size="2"/>
so that they're consistent with the added rows.
Initially you are not adding [] in the form fields,
change <input type="text" name="add_depratecat" size="30"> to <input type="text" name="add_depratecat[]" size="30">, do the same for other fields as well.
And in foreach where you are inserting data to database use array $depratecat[] instead of string $depratecat
if(isset($_POST['add_depratecat'])) {
$depratecat = $_POST['add_depratecat']; ........
For debugging purpose write echo '<pre>'; print_r($_POST); OR var_dump($_POST); Instead of
echo '<pre>',print_r($_POST,true),'</pre>';.
I have this page thats a quick over view of the logged on users profile, along with some editing functions, so to avoid confusion I'm going to post all of the code, just ignore the html.
In the start of the code I'm retrieving the users information, and then storing it into an array called $row. Later on down the code, I'm retrieving rows from a seperate table, and I want to store those into an array aswell ($postRow). But I just figured out through reading that you can only preform one SQL query per page without running code that I, quite frankily don't understand, and the only tidbits of code that I found regarding that issue printed the information directly onto the page, I couldn't find any on how to store them both into arrays. Can someone help me regarding this issue? I'm really between a rock and a hard place.
<?php
include('header.php');
if (isset($_SESSION['username'])){
require 'connect.php';
$user = $_SESSION['username'];
$query = mysqli_query($connect, "SELECT * FROM users WHERE username='$user';", MYSQLI_USE_RESULT);
$row = mysqli_fetch_assoc($query);
?>
<h4>BlogHub > Profile > <?php echo $row['fname']." ".$row['lname']; ?></h4>
<div id="profileAva">
<img src="<?php echo $row['avatar']; ?>" />
</div>
<h5 id="infoDisp" style="margin:3px;"><?php echo "ID #".$row['ID']." - ".$row['fname']." ".$row['lname']." - ".$row['username']." - ".$row['email']." - ".$row['posts']." Posts"; ?></h5>
<?php
$id = $row['ID'];
$recentPost = mysqli_query($connect, "
SELECT *
FROM `blog_posts`
WHERE poster_id='$id'
LIMIT 1
", MYSQLI_USE_RESULT);
$postRow = mysqli_fetch_assoc($recentPost);
?>
<p></p>
<div id="changeAva">
<button class="cancelQuery">x</button>
<center>
<form style="padding-top:20px;" class="boxI" enctype="multipart/form-data" action="changeAva.php" method="POST">
<input style="padding-bottom:15px;" type="file" value="Choose a Avatar" name="file"/><br />
<button type="Submit">Submit</button>
</form>
</center>
</div>
<div id="changeInfoBox">
<button class="cancelQuery">x</button>
<center>
<form action="changeInfo.php" method="POST">
First Name: <input type="text" name="fname" value="<?php echo $row['fname']; ?>" /><br />
Last Name: <input type="text" name="lname" value="<?php echo $row['lname']; ?>" /><br />
Email: <input type="text" name="email" value="<?php echo $row['email']; ?>" /><br />
<button type="submit">Submit</button>
</form>
</center>
</div>
<?php
}
else {
echo "<center><p>You need to be logged in to view this page.</p></center>";
}
include('footer.php');
?>
There is no restriction on number of queries executed during a script execution. There is however no reason that you couldn't get this information in a single query. You would use a JOIN to do this.
This might look like this:
SELECT bp.*
FROM users AS u
INNER JOIN blog_posts AS bp
ON u.id = bp.poster_id
WHERE u.username = '?'
The particular problem you mention in comment to other answer is because you need to call mysql_free_result() before making your next query.
I am making a very simple storage system, and i want to make it so that the user puts a number in the box, and press the + or - button, to add or subtract.
I don't know if it's even possible to do it, as simple as i wanted it to be :)
but anyway, here is the code so far for index.php
<?php $v_stk = "v_stk" ?>
<form action="index_sql.php" method="POST">
<input name="v_id" type="hidden" value="<?php echo $v_assoc["v_id"] ?>" />
<input name="v_stk" type="textfield" size="8" />
<input name="+" type="submit" value="+" style="height:23px; width:35px;" />
<input name="-" type="submit" value="-" style="height:23px; width:35px;" />
</form>
<td class="width50 sidepadding">
<?php echo $v_assoc["v_stk"]; ?></td>
<?php }; ?>
and here is for index_sql.php
<?php
require("db/db.php");
$v_id = mysql_real_escape_string($_POST["v_id"]);
$v_stk = mysql_real_escape_string($_POST["v_stk"]);
$sql = mysql_query("SELECT v_stk FROM vare WHERE v_id = '$v_id'");
$assoc = mysql_fetch_assoc($sql);
$v_nu = $v_stk + $assoc;
mysql_query("UPDATE vare SET v_nu = '$v_stk' WHERE v_id = '$v_id'");
header("location: index.php");
?>
I don't know if it is remotely close to something that would work, but with this code it gives me:
Fatal error: Unsupported operand types in C:\wamp\www\lager\index_sql.php on line 8
Because, You are performing addition with an array type variable.
$assoc = mysql_fetch_assoc($sql);
Here, $assoc is an array variable so try like this,
$v_nu = $v_stk + $assoc['v_stk'];
Hello there first time doing this, Basically I am rather confused on how to Re-populate text boxes from the database.
My current issue is that basically I have two tables in my database 'USER' and 'STATISTICS'.
Currently what is working is that my code is looking up the values of 'User_ID' in the 'USER' table and populating the values in the drop down list.
What I want from there is for the text fields to populate corresponding to those values from the database looking up the 'User_ID' E.G 'goal_scored' , 'assist', 'clean_sheets' and etc.
I am pretty baffled I have looked up on various different questions but cannot find what im looking for.
<?php
$link = mysql_connect("localhost","root","");
mysql_select_db("f_club",$link);
$sql = "SELECT * FROM user ";
$aResult = mysql_query($sql);
?>
<html>
<body>
<title>forms</title>
<link rel="stylesheet" type="text/css" href="css/global.css" />
</head>
<body>
<div id="container">
<form action="update.php" method="post">
<h1>Enter User Details</h1>
<h2>
<p> <label for="User_ID"> User ID: </label> <select id="User_ID" id="User_ID" name="User_ID" >
<br> <option value="">Select</option></br>
<?php
$sid1 = $_REQUEST['User_ID'];
while($rows=mysql_fetch_array($aResult,MYSQL_ASSOC))
{
$User_ID = $rows['User_ID'];
if($sid1 == $id)
{
$chkselect = 'selected';
}
else
{
$chkselect ='';
}
?>
<option value="<?php echo $id;?>"<?php echo $chkselect;?>>
<?php echo $User_ID;?></option>
<?php }
?>
I had to put this in because everytime I have text field under the User_ID it goes next to it and cuts it off :S
<p><label for="null"> null: </label><input type="text" name="null" /></p>
<p><label for="goal_scored">Goal Scored: </label><input type="text" name="Goal_Scored" /></p>
<p><label for="assist">assist: </label><input type="text" name="assist" /></p>
<p><label for="clean_sheets">clean sheets: </label><input type="text" name="clean_sheets" /></p>
<p><label for="yellow_card">yellow card: </label><input type="text" name="yellow_card" /></p>
<p><label for="red_card">red card: </label><input type="text" name="red_card" /></p>
<p><input type="submit" name="submit" value="Update" /></p></h2>
</form>
</div>
</body>
</html>
If anyone can help with understanding how to get to the next stage would be much appreciated thanks x
Rather than spending time on something complicated like AJAX, I'd recommend going the simple route of pages with queries, such as user.php?id=1.
Craft a user.php file (like yours) and if id is set (if isset($_GET['id'])) select that user from the database (after having sanitised your input, of course) with select * from users where id = $id (I of course assume you have an id for each user).
You can still have the <select>, but remember to close it with </select>. You might end up with something like this:
<form method="get">
<label for="user">Select user:</label>
<select name="id" id="user">
<option value="1">User 1</option>
...
</select>
<submit name="submit" value="Select user" />
</form>
This will send ?id=<id> to the current page and you can then fill in your form. If you further want to edit that data, create a new form with the data filled in with code like <input type="text" name="goal_scored" value="<?php echo $result['goal_scored']; ?>" /> then make sure the method="post" and listen on isset($_POST['submit']) and update your database.
An example:
<?php
// init
// Use mysqli_ instead, mysql_ is deprecated
$result = mysqli_query($link, "SELECT id, name FROM users");
// Create our select
while ( $row = mysqli_fetch_array($link, $result, MYSQL_ASSOC) ) {?>
<option value="<?php echo $result['id']; ?>"><?php echo $result['name'] ?></option>
<?php}
// More code ommitted
if (isset($_GET['id'])) {
$id = sanitise($_GET['id']); // I recommend creating a function for this,
// but if only you are going to use it, maybe
// don't bother.
$result = mysqli_query($link, "SELECT * FROM users WHERE id = $id");
// now create our form.
if (isset($_POST['submit'])) {
// data to be updated
$data = sanitise($_POST['data']);
// ...
mysqli_query($link, "UPDATE users SET data = $data, ... WHERE id = $id");
// To avoid the 'refresh to send data thing', you might want to do a
// location header trick
header('Location: user.php?id='.$id);
}
}
Remember, this is just an example of the idea I'm talking about, lots of code have been omitted. I don't usually like writing actually HTML outside <?php ?> tags, but it can work, I guess. Especially for smaller things.
The way I've structured my form data is by creating them in a while loop, but each time they are created the form will take a unique id.
So my question is, how do I access them individually and update specified data to a MYSQL server.
I've attempted to do it in the code at the end of the script, but I'm not sure how to access the forms individually
<?php
include 'user_data.php';
include 'core.inc.php';
$query = mysql_query("SELECT `post_text` FROM `posts`,`sub_posts` WHERE sub_posts.post_id = posts.id AND sub_posts.user_id='$user_id'");
while($row = mysql_fetch_array($query)){
?><?php echo $row[post_text].'<br>'?>
<form action="<?php $curent_file ?>" method="POST">
<textarea name="answer_field" > </textarea><br />
<input type="submit" value="Submit Answer">
<input type="hidden" name="post_id" value="<?php echo $row['post_id']; ?>" />
</form>
<?php
}//While Loop
if (isset($_POST['answer_field']) && !empty($_POST['answer_field'])){
$answer = mysql_real_escape_string($_POST['answer_field']);
$id = intval($_POST ['post_id']);
$query = "UPDATE `sub_posts` SET `sub_answer`='$answer' WHERE `post_id`='$id'";
}
?>
Only a single form gets posted when clicking the "submit" field. The form name does not get submitted by itself. Instead, you would place the post ID to which the form corresponds as a hidden field:
<input type="hidden" name="post_id" value="<?php echo $row['post_id']; ?>" />
And then later:
$answer = mysql_real_escape_string ($_POST ['answer']);
$id = intval ($_POST ['post_id']);
$query = "UPDATE `sub_posts` SET `sub_answer`='{$answer}' WHERE `post_id`={$id}";
Note that you definitely need to escape the answer before putting it in the query and make sure that the ID is a number. Otherwise, you're opening up your code to SQL injection attacks.