i would like to know if their is a different way of uploading data to a database im using insert into but its not working every time i try to upload something it creates a different row with email is their a way to uploading lots of data in the same row or even combining the data into one row. im creating shirts and the user is going to be able to upload new images for the shirt and giving them a name each time the user creates a shirt i want it to be unlimited shirts
$email=$_POST['email'];
$sql = "SELECT * from register_login WHERE email='$email'";
$result = $mysqli->query($sql);
if (!$result->num_rows == 1) {
echo "<p>Invalid email Address</p>";
} else {
require_once("configur.php");
$query='INSERT INTO shirt_table SET email="'.$_POST[email].'", title="'.$_POST[title].'", keywords="'.$_POST[keywords].'"';
if ($mysqli->query($query) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$mysqli->close();
}
Related
I am developing a platform that allows me to enter presences at an event and I am stuck in one place. How can I load a series of checkboxes in order to change the user ID for each item?
A practical example, I have a table containing the name of all the people and next to it a checkbox once pressed submit php must upload the data for each user to the db.
Below the html form and the php script that manages the upload to the db.
'''php
<?php
$query = "SELECT * FROM utenti";
$ris = mysqli_query($conn, $query);
//$dati = mysqli_fetch_array($ris);
while($row = mysqli_fetch_assoc($ris)){
echo "<tr><td>".$row['nome']."</td>";
echo "<td>".$row['cognome']."</td>";
echo "<td>".$row['squadra']."</td>";
echo "<td>
<input type='checkbox' name='presenza' data-toggle='toggle' data-onstyle='success' data-offstyle='danger' data-on='Presente' data-off='Assente' value='1'>
</td></tr>";
}
'''
if (isset($_POST['submit'])){
if(!empty($_POST['presenza'])){
// Loop to store and display values of individual checked checkbox.
foreach($_POST['presenza'] as $selected){
echo $selected."</br>";
$sql="INSERT INTO presenze(id_utente,settimana,presenza) VALUES ('1','1','$selected')";
if(mysqli_query($conn, $sql)){
echo "Records added successfully.";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($conn);
}
}
}
}
'''
One of the way to get relationship between a user and a checkbox is to use user ID (or whatever unique identifier you have in your tables structure) in checkbox name e.g.:
"<input type='checkbox' name='presenza_" . $row['user_id'] . "'>"
Then on the backend you can iterate over all post params with presenza_ prefix and get user ID from it.
So your code will be a bit more sophisticated:
foreach($_POST as $param_key) {
// working only with params started with presenza_
if (0 !== strpos($param_key, "presenza_")) {
continue;
}
$presenza_parts = explode("_", $param_key);
$user_id = (int)$presenza_parts[1];
}
Keep in mind that checkbox field sends only value if it's switched on and sends nothing if it's switched off.
EDIT
I connected to my database and I want to verify if I can select my table. They do exist but I always get "Unable to select (one of) the Databases"
if ($DBConnect === false) { //We verify if we are connected to the Database
echo "<p> Connection failed </p>\n";
} else {
//We want to check if there is the two table in the database
$sqlPat = "SELECT * FROM `tbl_patient`";
$sqlUser = "SELECT * FROM `tbl_user`";
$ResultPat = mysqli_query($DBConnect, $sqlPat);
$ResultUser = mysqli_query($DBConnect, $sqlUser);
if (empty($ResultPat) || empty($ResultUser)) {
echo "<p> Unable to select (one of) the Databases</p>";
} else {
$sqlTruncP = "TRUNCATE TABLE `tbl_patient`";
$sqlTruncU = "TRUNCATE TABLE `tbl_user`";
$QResultTP = mysqli_query($DBConnect, $sqlTruncP);
$QResultTU = mysqli_query($DBConnect, $sqlTruncU);
if ($QResultTP) {
echo "<p> Well done my mate ".$sqlTruncP. " done ". $DBConnect->info."</p>";
if ($QResultTU) {
echo "<p> Well done my mate ".$sqlTruncU. " done ". $DBConnect->info."</p>";
}
} else {
echo "<p> No Way Hose - Unable to perform SQL Truncate Table </p>";
}
}
I get 'No Way Hose - Unable to perform SQL Truncate Table' each time
$ResultPat and $ResultUser will return an array not string therefore you have to check with the method given below the array is empty or not.
if (empty($ResultPat) || empty($ResultUser)){
echo "<p> Unable to select (one of) the Databases</p>";
}
you can also check the values in the array but just using
echo "<pre>"print_r($ResultUser);die;
the above code will print your array elements and die will stop the code after your array will be printed on the screen.
Second Question Answer: -
if ($QResultTP)
{ echo " Well done my mate ";
echo " Well done my mate ";
}else
{
echo "<p> No Way Hose - Unable to perform SQL Truncate Table </p>";
}
explaination: -
In your 1st question query will return you an array it may be empty or can have data. empty used to check null,'',0, values in the variable.
they truncate query will not return you any data. it will just truncate the tables.
Hello iam trying to create a disciplinary system. i created a table where accused and the victim had to put their information. I have created another table for report and i have failed to combine all the information given in the first table into one doc file so that i can use it in report. I need help?
enter code here
if(isset($_POST['call'])){
$accused = $_POST['dss'];
$report= $_POST['cas'];
$action = $_POST['uect'];
$u_cat = intval($_POST[id]);
if($report ==''){
echo "<font color='Green'><b>Please fill in the Report!</b></font>";
}else{
if($u_cat) $insert = "update discip_report set accused_student='$accused', case='$report', action_taken='$action' where id='$u_cat'";
else $insert = "insert into discip_report(accused_student, report, action_taken, date) values('$accused','$report', '$action', NOW())";
$run = mysql_query($insert);
if ($run) {
echo "<font color='Green'><b>The Category was added</b></font>";
}else{
echo "<font color='Green'><b>The Category was not added</b></font>";
}
}
}
?>
In my PHP script, there are 3 echo, based on the conditionals
echo "Error"
echo "User already existed"
echo "Success"
One of the echo will be passed to my android apps, if (s.equals("Success")), where s is the echo message.
But the echo I got when the registration success is <br />, according to the logcat. For User already existed have no problem.
Since s is not Success, I can't start another activity which is depended on the string. Can anyone explain how the break tag got echoed? The registration information successfully inserted into database, though.
elseif ($roleID == "C") {
$sql6 = "SELECT runnerID FROM tr_customer WHERE customerID = '$newID'";
$check4 = mysqli_fetch_array(mysqli_query($con,$sql6));
if(!isset($check4)) {
// add into db
$customerID = $roleID . $newID;
$sql7 = "INSERT INTO tr_customer(customerID, name, phoneNo, locationID, roleID, email) VALUES ('$customerID', '$name', '$phoneNo', '$locationID', '$roleID', '$email')";
if(mysqli_query($con,$sql7)) {
echo "Success";
}
} else {
$newID = checkExist();
}
I would examine the code where the variable is defined. If you could post that part of the code as an edit then perhaps someone can review it for you as well. There is just not enough information here to discern where your error is coming from.
EDIT:
Consider changing the way you check for a successful update.
$result = mysqli_query($con,$sql7);
if(mysqli_num_rows($result) == 1){
echo "Success";
}
I'm creating a website where users will need to be able to upload images, and I'd like them to be able to delete those images. Right now, I have a page that will display all of the images that that user has uploaded, and I have a php set up to delete an image from the database. It just needs to be given the id of the image. I have it functioning with the GET method, but I'm concerned a user could find the URL for my delete php and put in random ids, deleting everyone's images. Is there a way I can adjust my code to make it safer?
<?php
$sql = "SELECT id, userid, name, image FROM images";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
// output data of each row
while($row = mysqli_fetch_assoc($result)) {
if ($imageUser == $row["userid"]){
echo "<tr>";
echo "<th>".$row["userid"]."</th>";
echo "<th>".$row["name"]."</th>";
echo "<th><img src='showimage.php?id=".$row["id"]."'></th>";
echo "<th><a href='imgdelete.php?id=".$row["id"]."'>delete</a></th>";
echo "</tr>";
}
}
} else {
echo "0 results";
}
?>
The delete.php simply deletes the entry WHERE id=$_GET['id'];
In a RESTful API, a GET request should never modify the data. If you want to delete items, you should use a POST or a DELETE request.