I want to insert the foreign key of my customer_id in my feedback table. How should I do it?
customer table:
customer_id
coach_id
customer_name
feedback table:
feedback_id
feedback1
feedback2
customer_id
I want to do it where after user login, user insert information of the feedback it will automatically register the customer id.
This is my code after I login and want to register feedback:
<?php
session_name ('YourVisitID');
session_start();
$page_title = 'Feedback';
include('./header4.html');
//remember to delete.
echo "{$_SESSION['customer_name']}";
?>
<section id="main" class="wrapper">
<div class="container">
<form action = "feedback.php" method="post">
<div class="row uniform 50%">
<div class="6u 12u$(xsmall)">
<input type="text" name="weight" placeholder="Weight"
required autofocus/>
</div>
<div class="6u$ 12u$(xsmall)">
<input type="text" name="height" placeholder="Height"
required autofocus/>
</div>
<div class="6u 12u$(xsmall)">
<input type="text" name="water" placeholder="Water Level%"
required autofocus/>
</div>
<div class="6u$ 12u$(xsmall)">
<input type="text" name="body_fat" placeholder="Body Fat%"
required autofocus/>
</div>
<div class="6u 12u$(xsmall)">
<input type="text" name="calorie" placeholder="Calorie"
required autofocus/>
</div>
<div class="6u$ 12u$(xsmall)">
<input type="text" name="visceral" placeholder="Visceral Fat Level%"
required autofocus/>
</div>
<p><input type="submit" name="submit" value="Register" /></p>
<input type="hidden" name="submitted" value="TRUE" />
</div>
</form>
</div>
</section>
<?php
if(isset($_POST['submitted'])) {
require_once ('mysql_connect3.php');
function escape_data ($data){
global $dbc;
if (ini_get('magic_quotes_gpc')){
$data = stripslashes($data);
}
return mysql_real_escape_string(trim($data), $dbc);
}
$error = array();
$weight = escape_data($_POST['weight']);
$height = escape_data($_POST['height']);
$water = escape_data($_POST['water']);
$calorie = escape_data($_POST['calorie']);
$visceral = escape_data($_POST['visceral']);
$fat = escape_data($_POST['body_fat']);
mysqli_close($con);
header("location: add_user.php?remarks=success");
if (empty ($errors)) {
$query ="SELECT * FROM feedback WHERE weight ='$weight'";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) {
$query = "INSERT INTO feedback (weight, height, body_fat, water, calorie, visceral, feedback_date) VALUES
('$weight', '$height', '$water', '$calorie', '$visceral','$fat', NOW() )";
$result = #mysql_query ($query);
if ($result) {
echo '<script>
alert("Your feedback has been save");
</script>';
include ('./footer.html');
exit();
}else{
echo '<script>
alert("<h1 id="mainhead">System Error</h1>
<p class="error">You could not give feedback due to a system error.
We apologize for any inconvenience.</p>");
</script>';
echo '<p>'. mysql_error() . '<br /><br />Query: ' . $query . '</p>';
include ('./footer.html');
exit();
}
}
}else{
echo '<script>
alert("<h1 id="mainhead">Error!</h1>
<p class="error">Please try again.</p>");
</script>';
}
mysql_close();
}
?>
<?php
include ('./footer.html');
?>
I think you should define in sql table schema.
After you define foreign key customer_id in feedback table
You can use PHP to select data from that table
When a customer logs in, just store its customer_id in the session, just as you store its customer_name at the moment. When the customer submits the feedback form, you simply provide the customer_id from the session.
$query = "INSERT INTO feedback (weight, height, body_fat, water, calorie, visceral, feedback_date, customer_id) VALUES
('$weight', '$height', '$water', '$calorie', '$visceral','$fat', NOW(), ".$_SESSION ['customer_id']. ")";
$result = #mysql_query ($query);
Couple of notes:
Do not use mysql_*() functions any longer, they have been deprecated years ago and has been removed as of php7. Use mysqli or pdo instead.
Use prepared statements with parameter binding to prevent sql injection attacks.
Do not mix various mysql apis.
Related
I have an application where a user can send request edit to the admin, now the problem is how to store the id of the requested asset from user_asset table to the request table so I can display it to the admin's page with full details of the asset
when the user clicks on the request edit he gets a form with editable fields filled with current information but how can I store this asset's id so I can fetch it to the admin's table with information from both tables (user_assets, requests)
I have user_asset table
asset_id
asset_category
code
title
userid
and requests table
id
reason
assetid
user_id
this is what I have done so far
if(isset($_POST['submit'])){
// get all values from input with no special charactere
$code = mysqli_real_escape_string($conn, $_POST['code']);
$asset_id = mysqli_real_escape_string($conn, $_GET['id']);
$reason = mysqli_real_escape_string($conn, $_POST['reason']);
if (!$error) {
if (!$error) {
// execute the sql insert
if(mysqli_query($conn, "INSERT INTO `requests`(id,reason,assetid, user_id)
VALUES( null, '" . $reason . "', '". $asset_id ."','" .$_SESSION['user_id'] . "')")) {
// if the insert result was true (OK)
$success_message = "req was successfully added ! ";
} else {
// if the insert result was false (KO)
$error_message = "Error in data...Please try again later!";
}
}
}
}
else{
if(isset($_GET['idedit']) ){
$result = mysqli_query($conn, "SELECT * from user_asset WHERE asset_id=".$_GET['idedit']);
$project = mysqli_fetch_array($result);
}
}
?>
and this is my form
<form method="post" action="req_ade.php" id="adding_new_assets">
<div class="control-group">
<label for="basicinput">الکود : </label>
<div class="controls">
<input type="number" id="basicinput" value="<?php echo $project['code']; ?>" placeholder="الكود" name="code" class="span8">
</div>
</div>
<div class="control-group">
<label for="basicinput">التفاصيل : </label>
<div class="controls">
<input type="text" id="basicinput" value="<?php echo $project['title']; ?>" placeholder="التفاصيل" name="title" class="span8">
</div>
</div>
<div>
<label style="color:black">السبب</label>
<textarea rows="8" cols="8" name="reason" class="form-control" placeholder="اذكر سبب التعديل ..." ></textarea>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" name="submit" class="btn">طلب تعديل</button>
</div>
</div>
</form>
these are the errors I'm getting
Notice: Undefined index: id in D:\wamp64\www\Caprabia-test\req_ade.php on line 28
Fatal error: Uncaught exception 'mysqli_sql_exception' with message 'Incorrect integer value: '' for column 'assetid' at row 1' in D:\wamp64\www\Caprabia-test\req_ade.php on line 37
( ! ) mysqli_sql_exception: Incorrect integer value: '' for column 'assetid' at row 1 in D:\wamp64\www\Caprabia-test\req_ade.php on line 37
Notice: Undefined index: id in D:\wamp64\www\Caprabia-test\req_ade.php on line 28
There is no "id" in your $_GET array. So your $asset_id variable will be empty and a empty string is not a valid int number. You should add (int) in your query:
mysqli_query($conn, "INSERT INTO `requests`(id,reason,assetid, user_id)
VALUES( null, '" . $reason . "', '". (int)$asset_id ."','" .$_SESSION['user_id'] . "')")
Or better check the the $_GET array before you use it. Like this:
If(isset($_GET['id']))
{
$asset_id = mysqli_real_escape_string($conn, $_GET['id']);
}
else
{
...
}
Thank you for all your suggestions.
After trying a lot of suggestions and manipulating with the code I have found a solution for it.
if(isset($_POST['submit'])){
// get all values from input with no special charactere
$code = mysqli_real_escape_string($conn, $_POST['code']);
$asset_id = mysqli_real_escape_string($conn, $_POST['asset_id']);
$reason = mysqli_real_escape_string($conn, $_POST['reason']);
if (!$error) {
if (!$error) {
// execute the sql insert
if(mysqli_query($conn, "INSERT INTO `requests1`(id,reason,assetid, user_id)
VALUES( null, '" . $reason . "', '". $asset_id ."','" .$_SESSION['user_id'] . "')")) {
// if the insert result was true (OK)
$success_message = "req was successfully added ! ";
} else {
// if the insert result was false (KO)
$error_message = "Error in data...Please try again later!";
}
}
}
}
else{
if(isset($_GET['idedit']) ){
$result = mysqli_query($conn, "SELECT * from user_asset WHERE asset_id=".$_GET['idedit']);
$project = mysqli_fetch_array($result);
}
}
and this is the form I have posted the asset_id in a hidden type
<form method="post" action="req_ade1.php" id="adding_new_assets">
<div class="control-group">
<label for="basicinput">الکود : </label>
<div class="controls">
<input type="hidden" value="<?php echo $project['asset_id'];?>" name="asset_id" />
<input type="number" id="basicinput" value="<?php echo $project['code']; ?>" placeholder="الكود" name="code" class="span8">
</div>
</div>
<div class="control-group">
<label for="basicinput">التفاصيل : </label>
<div class="controls">
<input type="text" id="basicinput" value="<?php echo $project['title']; ?>" placeholder="التفاصيل" name="title" class="span8">
</div>
</div>
<div>
<label style="color:black">السبب</label>
<textarea rows="8" cols="8" name="reason" class="form-control" placeholder="اذكر سبب التعديل ..." ></textarea>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" name="submit" class="btn">طلب تعديل</button>
</div>
</div>
</form>
Im trying to insert the steamid , steam real name . steam name into my db when the user login in my website
mycode :
<?php
if (isset($_GET['login'])){
$steamids= $steamprofile['steam_steamid'];
$name = $steamprofile['personaname'];
$real = $steamprofile['realname'];
$ESCAPING_real= mysqli_real_escape_string($connection,$real);
$ESCAPING_name= mysqli_real_escape_string($connection,$name);
$ESCAPING_steamids= mysqli_real_escape_string($connection,$steamids);
$query = "INSERT INTO users(steamnid,steamname, steamreal,user_logindate) ";
$query .= "VALUES('{$steamids}','{$name}', '{$real}', now())";
$insert_query = mysqli_query($connection,$query);
if(!$insert_query){
die("failed".mysqli_error($connection));
}
}
?>
$button = "<a href='?login'><img src='http".(isset($_SERVER['HTTPS']) ? "s" : "")."://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_".$button[$buttonstyle].".png'></a>";
When the user log in i dont get anything in the db .
i tried to store the user info using sessions and it works but alway duplicate the value
the code is a little bit messy Because im still learning
Any Idea?
<?php
$db = array("DB_HOST"=>"localhost","DB_USER"=>"root","DB_PASS"=>"mysql","DB_NAME"=>"databasename",);
foreach ($db as $key => $value)
{
define($key , $value);
}
$connection = mysqli_connect(DB_HOST,DB_USER,DB_PASS,DB_NAME);
if (!$connection)
{
die ('<h1>connecting failed</h1>');
}
if (isset($_GET['login'])){
$steamids= $_GET['steam_steamid'];
$name = $_GET['personaname'];
$real = $_GET['realname'];
$ESCAPING_real= mysqli_real_escape_string($connection,$real);
$ESCAPING_name= mysqli_real_escape_string($connection,$name);
$ESCAPING_steamids= mysqli_real_escape_string($connection,$steamids);
$query = "INSERT INTO users(steamnid,steamname, steamreal,user_logindate) ";
$query .= "VALUES('{$steamids}','{$name}', '{$real}', now())";
$insert_query = mysqli_query($connection , $query);
if ($insert_query) {
echo "User added";
}else{
die("we have error " . mysqli_error($connection));
}
}
?>
<form action="" method="GET">
<div class="form-group">
<label for="steam_steamid">Steam ID : </label>
<input name="steam_steamid" type="text">
</div><br>
<div class="form-group">
<label for="steam_steamid">Personal Name: </label>
<input name="personaname" type="text">
</div><br>
<div class="form-group">
<label for="steam_steamid">Real Name: </label>
<input name="realname" type="text">
</div><br>
<button type="submit" name="login"><img src='https://cdn.sstatic.net/Sites/stackoverflow/img/apple-touch-icon#2.png?v=73d79a89bded'></button>
</form>
check it we have create data base and check my code it work my table user have
steamid (varchar 255)
steamname (varchar 255)
steamreal (varchar 255)
user_logindate (Date)
i don't saw your HTML Form but i added and i think its work check this
<?php
if (isset($_GET['login'])){
$steamids= $_GET['steam_steamid'];
$name = $_GET['personaname'];
$real = $_GET['realname'];
$ESCAPING_real= mysqli_real_escape_string($connection,$real);
$ESCAPING_name= mysqli_real_escape_string($connection,$name);
$ESCAPING_steamids= mysqli_real_escape_string($connection,$steamids);
$query = "INSERT INTO users(steamnid,steamname, steamreal,user_logindate) ";
$query .= "VALUES('{$steamids}','{$name}', '{$real}', now())";
$insert_query = mysqli_query($connection,$query);
if(!$insert_query){
die("failed".mysqli_error($connection));
}
}
?>
<form action="" method="GET">
<div class="form-group">
<label for="steam_steamid">Steam ID : </label>
<input name="steam_steamid" type="text">
</div><br>
<div class="form-group">
<label for="steam_steamid">Personal Name: </label>
<input name="personaname" type="text">
</div><br>
<div class="form-group">
<label for="steam_steamid">Real Name: </label>
<input name="realname" type="text">
</div><br>
<button type="submit"><img src='https://cdn.sstatic.net/Sites/stackoverflow/img/apple-touch-icon#2.png?v=73d79a89bded'></button>
</form>
you can add your src in image tag just copy and paste it in image Tag
I am trying to make a change password for users. But I cant manage to do it. Whatever I tried, it returns me the problem alert I wrote. Can anyone suggest anything? I am trying to fix it for hours.
The below is my form code;
<form action="change_s_pwd.php" method="POST" class='form-horizontal form-validate' id="bb">
<div class="control-group">
Kullanıcı Adı :
<div class="controls">
<input type="text" name="user" placeholder="Your Login ID" data-rule-required="true" data-rule-minlength="4"/>
</p>
</div>
<div class="control-group">
<p>Secure ID : </p>
<div class="controls">
<input type="text" name="sec_id" class="input-xlarge" placeholder="Your Secure ID" data-rule-required="true" data-rule-minlength="6"></div>
</div>
<div class="control-group">
Password :
<div class="controls">
<input type="password" name="pass" id="pass" class="input-xlarge" data-rule-required="true" data-rule-minlength="6" placeholder="Your new passowrd">
</div>
</div>
<div class="control-group">
Confirm password :
<div class="controls">
<input type="password" name="confirmfield" id="confirmfield" class="input-xlarge" data-rule-equalto="#pass" data-rule-required="true" data-rule-minlength="6" placeholder="Confirm Your new passowrd">
</div>
</div>
<div class="control-group">
<div class="controls"></div>
</div>
</div> <div class="form-actions">
<input type="submit" class="btn btn-primary" value="Submit">
<button type="button" class="btn">Cancel</button>
</div>
</form>
And the below is the submit code;
<?php
include 'index.php';
include '../include/db_conn.php';
if (isset($_POST['sec_id']) && isset($_POST['pass']) && isset($_SESSION['user_data'])) {
$sec_id = rtrim($_POST['sec_id']);
$pass = rtrim($_POST['pass']);
$user_id_auth = $_SESSION['user_data'];
$sql = "SELECT * FROM login_auth WHERE sec_id='$sec_id'";
$result = mysqli_query($con, $sql);
$count = mysqli_num_rows($result);
if ($count == 1) {
mysqli_query($con, "UPDATE login SET pass='$pass' WHERE user='$user_id_auth'");
echo "<html><head><script>alert(Password Changed Succesfully ');</script></head></html>";
echo "<meta http-equiv='refresh' content='0; url=index.php'>";
} else {
echo "<html><head><script>alert('There has been a problem while changing password');</script></head></html>";
echo "<meta http-equiv='refresh' content='0; url=index.php'>";
}
} else {
echo "<html><head><script>alert('There has been a problem while changing password');</script></head></html>";
echo "<meta http-equiv='refresh' content='0; url=index.php'>";
}
?>
<center>
<img src="loading.gif">
</center>
I will be so glad if you guys can help me. Thanks in advance
you are making the check on the $count variable in which it contains the number of rows that returns from the $result (result set)and it maybe equal to 0 if the mysqli_query function return no result (empty query result ...) so you must check first the result set ($result) then get the $count ... in this case you will be sure if the mysqli_query returns a result or not .. like the below code ... :
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql = "SELECT * FROM login_auth WHERE sec_id='$sec_id'";
if ($result=mysqli_query($con,$sql))
{
// Return the number of rows in result set
$rowcount=mysqli_num_rows($result);
printf("Result set has %d rows.\n",$rowcount);
// Free result set
mysqli_free_result($result);
}
mysqli_close($con);
also do not write html code as a string with php ... this will lead to many errors and it will be hard for you to debug the problem ... use the header function in php or the redirect to redirect to the page you want in the case you want ...
I'm trying to use a form to update a sql table by first getting its data (editrower.php) and setting that as values in the form, then using the form to update the table (update_contactrequest.php) but it returns saying the rower was updated yet the table does not update.
editrower.php
<?php
require('login.php');
?>
<?php
include 'php/mysql_connect.php';
if(isset($_GET['id'])){
$q = $db->prepare('SELECT * FROM rowercontacts WHERE id=:id LIMIT 1');
$q->execute(array(':id'=>$_GET['id']));
$row = $q->fetch(PDO::FETCH_ASSOC);
if($row){
echo '
<form method="post" action="php/update_contactrequest.php"><div class="col-xs-9 col-md-6 col-lg-6">
<div class="form-group">
<input type="hidden" name="id" id="id" value="'.$_GET['id'].'">
<label for="firstname">First Name</label>
<input type"text" class="form-control" name="firstname" placeholder="First Name" value="'.$row['firstname'].'" />
</div>
<div class="form-group">
<label for="lastname">Last Name</label>
<input type="text" class="form-control" name="lastname" placeholder="Last Name" value="'.$row['lastname'].'" />
</div>
<br><br>
<br><br>
<input type="submit" class="btn btn-default" value="Update" />
</div></form>
';
}
else{
echo 'No rower found';
}
}
else{
echo 'No rower found';
}
?>
update_contactrequest.php:
<?php
session_start();
if($_SESSION['loggedIn'] == true){
$rower_id= $_POST['id'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
// connection to the database
try {
$bdd = new PDO('mysql:host=localhost;dbname=home','username','password');
} catch(Exception $e) {
exit('Unable to connect to database.');
}
// insert the records
$sql = "UPDATE rowercontacts SET firstname=:firstname, lastname=:lastname WHERE id=:rower_id";
$q = $bdd->prepare($sql);
if($q->execute(array(':firstname'=>$firstname, ':lastname'=>$lastname, ':rower_id'=>$id))){
echo '<script type="text/javascript">alert("Rower Updated.");location.href="../rowerlist.php";</script>';
}
else{
echo '<script type="text/javascript">alert("Something went wrong...");location.href="../rowerlist.php";</script>';
}
}
?>
With $q->rowCount(). Prepared statements will return the number of affected rows.
If the query itself is error free and executes fine, you need the affected rows.
$q = $bdd->prepare($sql);
if($q->execute(array(':firstname'=>$firstname, '...'))){
$updRows = $q->rowCount();
if($updRows==0){
echo '<script type="text/javascript">alert("Affected Rows = 0 !!!");location.href="../rowerlist.php";</script>';
}
else{
echo '<script type="text/javascript">alert("Rows affected : '.$updRows.'");location.href="../rowerlist.php";</script>';
}
}
else{
echo '<script type="text/javascript">alert("Something went wrong...");location.href="../rowerlist.php";</script>';
}
Over 70% of update queries with 0 affected rows are due to an incorrect WHERE the rest comes from the attempt to replace a record with exactly the same values that already exist.
The first thing I do in such a case, I let my query as readable text display.
With $q->debugDumpParams(); you get that query array.
WHERE id = null is usually not what anyone expected.
To your problem I'm sure you can find the wrong part yourself in following 3 lines . :-)
$rower_id= $_POST['id'];
....
$sql = "UPDATE rowercontacts ... WHERE id=:rower_id";
if($q->execute(array(':firstname'=>$firstname,...,':rower_id'=>$id)))
Hi i try to make a 2 register form. First register form for normal user and second register page is for business user.
I am using one mysql table for users. this table for same like normaluser and business user.
This is user type module. Normal user type is 0 it is ok but when the registered business user in my website his type same 0 not 1 .
I am asking this because normal user profile page is normal user profile. When normal user loged in my website he see automatically normal user profile and also when business user loged in my website he see business user profile. There are 2 profile page .
What can i do automatically user type 1 when business user registered and also when normal user registered in my website his user type is automatically 0 ?
What i am adding in my code for user type automatiacally 1 for business user ?
My code is this :
This is my HTML code
<form method="post" action="kaydol.php">
<div class="registiration_form1">
<div class="name_surname">
<div class="name">
<input onfocus="this.value=''" type="text" name="vname" autocomplete="off" value="NAME"/> </div>
<div class="surname">
<input onfocus="this.value=''" type="text" name="vsurname" autocomplete="off" value="USERNAME"/>
</div>
</div>
<div class="email"><input onfocus="this.value=''" type="text" name="vemail" value="E-Mail"/></div>
<div class="email-tekrar"><input onfocus="this.value=''" type="text" name="vemailagain" value="Re-Email" /></div>
<div class="password"><input onfocus="this.value=''" type="password" name="vpassword" value="PASSWORD" /></div>
<div class="dogum_tarihi_text">
BIRTHDAY
</div>
<div class="birthday_div">
<div class="d"><select> <option value="" selected>Day</option></select></div>
<div class="m"><select> <option value="" selected>MO</option></select></div>
<div class="y"><select> <option value="" selected>YEAR</option></select></div>
<div class="neden">....... ?</div>
</div>
<div class="ekt">Cinsiyet</div>
<div class="erkek_kadin"><div class="erkek"><div class="check"><input type="radio" name="gender"
<?php if (isset($gender) && $gender=="female") echo "checked";?>
value="female"></div><div class="k_etxt">Erkek</div></div>
<div class="kadin"><div class="check"><input type="radio" name="gender"
<?php if (isset($gender) && $gender=="male") echo "checked";?>
value="male"></div><div class="k_etxt">Kadın</div></div></div>
<div class="attantion">Hesap Aç düğmesine tıklayarak, Çerez Kullanımı dahil Veri Kullanımı İlkemizi okuduğunu ve Koşullarımızı kabul etmiş olursun.</div>
<div class="kaydol">
<div class="kaydol_buton">
<input type="submit" name="submit" value="Hesap Aç"/> </div>
</div>
</div>
</form>
And this is my PHP code:
<?php
include("includes/connect.php");
if(isset($_POST['submit'])){
$name = $_POST['name'];
$surname = $_POST['surname'];
$business_name = $_POST['business_name'];
$email = $_POST['email'];
$emailagain = $_POST['emailagain'];
$password = $_POST['password'];
$business_category = $_POST['business_category'];
$country = $_POST['country'];
$city = $_POST['city'];
$type = $_POST['type'];
if($name==''){
echo"<div class='error_name'>Write name!</div>";
exit();
}
if($surname==''){
echo"<div class='error_name'>Write surname!</div>";
exit();
}
if($business_name==''){
echo"<div class='error_name'>Write name write business name!</div>";
exit();
}
if($email==''){
echo"<div class='error_name'>write email!</div>";
exit();
}
if($_POST['email'] !== $_POST['emailagain']){
echo"<div class='error_name'>it is not much!</div>";
exit();
}
$check_email = "SELECT * FROM users WHERE email='$email'";
$run = mysql_query($check_email);
if(mysql_num_rows($run)>0){
echo "<div class='error_name'>this email alredy exist!</div>";
exit();
}
$query ="INSERT INTO `users` (`name`,`surname`,`business_name`, `email`,`emailagain`,`password`,`business_category`,`country`,`city`,`type`) VALUES ('$name','$surname','$business_name', '$email','$emailagain','$password','$business_category','$country','$city','type')";
$result = mysql_query($query) or die(mysql_error());
if($result){
echo("<center><h1>Success!</h1></center>");
}
else {
echo("<center><h1>Something wrong!</h1></center>");
}
}
?>
I noticed you have "type" in your SQL... why is it not 1 for business user?
$query ="...VALUES ('$name','$surname','$business_name', '$email','$emailagain','$password','$business_category','$country','$city','type')";