update data in different table sql database - php

first of all, there are 3 table in my database which is:-
te_event, te_venue, te_category.
the te_event table display the categoryID, venueID, event description, title, date and price.
the te_venue table having venueID, venueName and location
the te_category having catID and catDesc.
here is the first page that admin need to select an event in order to update.
<!DOCTYPE html>
<html lang="en">
<html>
<head>
<link rel="stylesheet" type="text/css" href="test1.css">
<meta charset = "utf-8">
<title>
</title>
</head>
<body>
<div id="title">
<p><h1>Tyne Events</h1></p>
</div>
<div id="wrapper">
<div id="navbar" >
<ul class="nav">
<li>Home</li>
<li>Find out more</li>
<li>Offer</li>
<li>Credit</li>
<li>Admin</li>
<li>
<form class="formright">
<input type="text" placeholder="Search">
<button type="submit">Search</button>
</form>
</li>
</ul>
</div>
<div id= "detailCenter">
<?php
include "database_conn.php";
$sqlEvent = "SELECT * FROM te_events
INNER JOIN te_venue ON te_events.venueID = te_venue.venueID
INNER JOIN te_category ON te_events.catID = te_category.catID
ORDER by eventTitle ";//select all event record
//query the statement
$event= mysqli_query ($conn , $sqlEvent)
or die (mysqli_error($conn));
?>
<h1>Select Event To Modify</h1>
<table border = "1" cellpadding="10" width=100% >
<thead>
<th>Title</th>
<th>Category</th>
<th>Venue Name</th>
<th>Location</th>
<th>Start Date</th>
<th>End Date</th>
<th>Price</th>
</thead>
<?php
//display all the event record
while ($row = mysqli_fetch_assoc ($event)){
//extract the field
$id = $row ["eventID"];
$title = $row ["eventTitle"];
$desc = $row ["eventDescription"];
$venue = $row ["venueName"];
$location = $row ["location"];
$category = $row ["catDesc"];
$eStart = $row ["eventStartDate"];
$eEnd = $row ["eventEndDate"];
$ePrice = $row ["eventPrice"];
//start a row
echo"<tr>\n";
//output the URL
echo "<td>\n";
echo "<div> <a href = \"allDetails.php?eventID=$id\">
$title</a></div>\n";
echo "</td>\n";
echo "<td>\n";
echo "<div> $category</div>\n";
echo "</td>\n";
echo "<td>\n";
echo "<div> $venue</div>\n";
echo "</td>\n";
echo "<td>\n";
echo "<div> $location</div>\n";
echo "</td>\n";
echo "<td>\n";
echo "<div>$eStart</div> \n";
echo "</td>\n";
echo "<td>\n";
echo "<div>$eEnd</div>\n";
echo "</td>\n";
echo "<td> \n";
echo "<div>$ePrice</div>\n";
echo "</td>\n";
}
?>
</table>
</div>
</body>
</html>
<?php
mysqli_close($conn);
?>
here is the page that admin can edit the event details
<?php
include "database_conn.php";
if(isset($_GET['eventID'])){
$id = $_GET["eventID"]; //get event id
}
else {
header ("Refresh : 3; url=admin.php");//redirect to choose title
die ("Please use the Choose Event Title List");
}
//get event id
$id = $_GET["eventID"];//get event id
//select event
$sqlEvent =" SELECT * FROM te_events
INNER JOIN te_venue ON te_events.venueID = te_venue.venueID
INNER JOIN te_category ON te_events.catID = te_category.catID
WHERE te_events.eventID =".$id;
//excute sql statemente
$event = mysqli_query($conn , $sqlEvent) or die (mysqli_error($conn));
$_GET = mysqli_fetch_assoc($event) or die (mysqli_error($conn));
//extract each field$
$title = $_GET ["eventTitle"];
$desc = $_GET ["eventDescription"];
$venueId = $_GET ["venueID"];
$venue = $_GET ["venueName"];
$location = $_GET ["location"];
$categoryId = $_GET ["catID"];
$category = $_GET ["catDesc"];
$eStart = $_GET ["eventStartDate"];
$eEnd = $_GET ["eventEndDate"];
$ePrice = $_GET ["eventPrice"];
?>
<!DOCTYPE html>
<html lang="en">
<html>
<head>
<link rel="stylesheet" type="text/css" href="test1.css">
<meta charset = "utf-8">
<title>
</title>
</head>
<body>
<div id="title">
<p><h1>Tyne Events</h1></p>
</div>
<div id="wrapper">
<div id="navbar" >
<ul class="nav">
<li>Home</li>
<li>Find out more</li>
<li>Offer</li>
<li>Credit</li>
<li>Admin</li>
<li>
<form class="formright">
<input type="text" placeholder="Search">
<button type="submit">Search</button>
</form>
</li>
</ul>
</div>
<div id= "detailCenter">
<form id="updateEventDetail" method ="get" action ="updateEventDetail.php">
<fieldset>
<legend>Event details</legend>
<div><p>
<input type ="hidden" name ="eventID" value="<?=$eventID?>"/>
</p></div>
<div><p>
<label class="field" for="eTitle">Event title</label>
<input type ="text" name ="eventTitle" value="<?=$title?>"/>
</p></div>
<div><p>
<label class="field" for="cat">Category</label>
<?php
$sqlCategory ="SELECT DISTINCT catDesc FROM te_category ORDER BY 1";
//query sqlVenue
$rsCategory = mysqli_query ($conn ,$sqlCategory)
or die ("SQL ERROR :".mysqli_error($conn));
//create select item
echo"<select name=\"catDesc\">\n";
//iterate venue record
while ($_GET = mysqli_fetch_assoc($rsCategory)){
//populate select item
$category = $_GET[catDesc]; //get each venueName record
if($category==$category)
echo "<option value =\"$category\" selected>
$category</option>\n";
else{
echo "<option value =\"$venue\">
$category</option>\n";
}
}
echo"</select>\n";
?>
</p></div>
<div><p>
<label class="field" for="desc">Description</label>
<textarea style="resize:none" name="eventDescription" rows="10" cols="40" value="<?=$desc?>"><?=$desc?> </textarea>
</p></div>
<div>
<p>
<label class ="field" for="venue">Venue</label>
<?php
$sqlVenue ="SELECT DISTINCT venueName FROM te_venue ORDER BY 1";
//query sqlVenue
$rsVenue = mysqli_query ($conn ,$sqlVenue)
or die ("SQL ERROR :".mysqli_error($conn));
//create select item
echo"<select name=\"venueName\">\n";
//iterate venue record
while ($_GET = mysqli_fetch_assoc($rsVenue)){
//populate select item
$eVenue = $_GET[venueName]; //get each venueName record
if($eVenue==$venueName)
echo "<option value =\"$eVenue\" selected>
$eVenue</option>\n";
else{
echo "<option value =\"$venue\">
$eVenue</option>\n";
}
}
echo"</select>\n";
?>
</p>
</div>
<div><p>
<label class="field" for="location">Location</label>
<?php
$sqlLocation ="SELECT DISTINCT location FROM te_venue ORDER BY 1";
//query sqlLocation
$rsLocation = mysqli_query ($conn ,$sqlLocation)
or die ("SQL ERROR :".mysqli_error($conn));
//create select item
echo"<select name=\"location\">\n";
//iterate venue record
while ($_GET = mysqli_fetch_assoc($rsLocation)){
//populate select item
$eLocation = $_GET[location]; //get each location record
if($eLocation==$location)
echo "<option value =\"$eLocation\" selected>
$eLocation</option>\n";
else{
echo "<option value =\"$location\">
$eLocation</option>\n";
}
}
echo"</select>\n";
?>
</p></div>
<div><p>
<label class="field" for="sDate">Event Start Date</label>
<input name="eventStartDate" type="date" value="<?=$eStart?>"/>
</p></div>
<div><p>
<label class="field" for="eDate">Event End Date</label>
<input name="eventEndDate" type="date" value="<?=$eEnd?>"/>
</p></div>
<div><p>
<label class="field" for="ePrice">Event Price</label>
<input type="text" name="eventPrice" value="<?=$ePrice?>"readonly/>
</p></div>
<div><p>
<input type="submit" id="floatright" value="Update Event"/>
</p></div>
</fieldset>
</form>
</div>
</body>
</html>
<?php
mysqli_close($conn);
?>
the following code shows updatedetail.php
<?php
include "database_conn.php";
if(isset($_GET['eventID'])){
$id = $_GET["eventID"]; //get event id
}
//get all data submited
$id = $_GET ["eventID"];
$title = $_GET ["eventTitle"];
$desc = $_GET ["eventDescription"];
$venue = $_GET ["venueName"];
$location = $_GET ["location"];
$category = $_GET ["catDesc"];
$eStart = $_GET ["eventStartDate"];
$eEnd = $_GET ["eventEndDate"];
$ePrice = $_GET["eventPrice"];
$sqlUpdateEvent = " UPDATE te_event SET
eventTitle = '$title'
eventDescription = '$desc'
catDesc = '$category'
venueName = '$venue'
location = '$location'
eventStartDate = '$eStart'
eventEndDate = '$eEnd'
eventPrice = '$ePrice'
WHERE eventID = $id";
mysqli_query ($conn , $sqlUpdateEvent)
or die ("SQL ERROR :".mysqli_error($conn));
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>update mvie comfirmmation</title>
<meta charset="utf-8">
</head>
<body>
<h1>update mvoie detials</h1>
<?php
echo "Title : $eventTitle \n";
echo "Category : $catDesc \n";
echo "Description : $eventDescription \n";
echo "Venue : $venueName \n";
echo "Location : $location \n";
echo "Start Date : $eventStartDate \n";
echo "End Date : $eventEndDate \n";
echo "Price : $eventPrice \n";
if(mysqli_affected_rows($conn)>0)
echo "<p> Event update successfully </p>\n";
else
echo "<p> Update Fail</p>\n";
?>
Choose Event
</body>
</html>
<?php
mysqli_close($conn);
?>
the error i get is
SQL ERROR :You have an error in your SQL syntax; check the manual that
corresponds to your MariaDB server version for the right syntax to use
near 'eventDescription = 'The PLAYHOUSE Whitley Bay is delighted to
announce that Litt' at line 3
i edited my question by adding some code
i hopes it helps
thank you for helping.


Your each columns are missing comma separators(,) in your query, so add them like below:-
$sqlUpdateEvent = "UPDATE te_event SET eventTitle = '$title', eventDescription = '$desc',catDesc = '$category',venueName = '$venue',location = '$location',eventStartDate = '$eStart',eventEndDate = '$eEnd',eventPrice = '$ePrice' WHERE eventID = $id";
Suggestion:- Your query is open to SQL Injection, so try to read about prepared statements and use them.
Code enhancement:-
<?php
include "database_conn.php";
if(isset($_GET['eventID']) && isset($_GET["eventTitle"]) && isset($_GET["eventDescription"]) && isset($_GET["venueName"]) && isset($_GET["location"]) && isset($_GET["catDesc"]) && isset($_GET["eventStartDate"]) && isset($_GET["eventEndDate"]) && isset($_GET["eventPrice"]) ){
$id = $_GET["eventID"];
$title = $_GET["eventTitle"];
$desc = $_GET["eventDescription"];
$venue = $_GET["venueName"];
$location = $_GET["location"];
$category = $_GET["catDesc"];
$eStart = $_GET["eventStartDate"];
$eEnd = $_GET["eventEndDate"];
$ePrice = $_GET["eventPrice"];
$sqlUpdateEvent = " UPDATE te_event SET eventTitle = '$title',eventDescription = '$desc',catDesc = '$category',venueName = '$venue',location = '$location',eventStartDate = '$eStart',eventEndDate = '$eEnd',eventPrice = '$ePrice' WHERE eventID = $id";
mysqli_query ($conn , $sqlUpdateEvent) or die ("SQL ERROR :".mysqli_error($conn));
}else{
echo "all data is required";
}
?>


You are not using comma here is the query
$sqlUpdateEvent = " UPDATE te_event SET
eventTitle = '$title',
eventDescription = '$desc',
catDesc = '$category',
venueName = '$venue',
location = '$location',
eventStartDate = '$eStart',
eventEndDate = '$eEnd',
eventPrice = '$ePrice'
WHERE eventID = $id";

Related

How can I sort table output when the query is dependent on a $_GET with only PHP?

I have a Website which presents the tools from one table and the corresponding ratings from another table within on page calles f_toolseite.php. I would like for the user to be able to sort the ratings according to best rating and worst ratings. however, since I am using only php the info which tool is being looked at is getting deleted when i press the button to sort the ratings. What I mean by that is that the $_GET variables im using to get to the tool and ratings the user wishes to see are being deleted from the adress bar.
Ive tought of implementing sessions but i cant get it to work. is there any way i can solve this problem with php only?
here is my code
for f_toolseite.php
'''
<html>
<head>
<center>
<div class="tool-container">
<?php
$name = mysqli_real_escape_string($conn, $_GET['name']);
$sql = "SELECT * FROM Tools WHERE t_name = '$name' ";
$result = mysqli_query($conn, $sql);
$queryResults = mysqli_num_rows($result);
if($queryResults > 0 ){
while ($row = mysqli_fetch_assoc($result)){
## $image = base64_encode($row['t_bild']);
## echo "
## <img src=data:image/png;base64,'$image'>";
echo " <div class='tool-box'>
<img src=".$row['t_logo']. " width= 200>
<h3> ".$row['t_kategorie']."</h3>
<br>
<img src=".$row['t_bild']. " width= 800>
<br>
<br>
<p>".$row['t_beschreibung']."<p>
<br>
<p><b>Probier's doch gleich aus!</b></p>
".$row['t_link']."
</div>";
}
}
?>
<br>
<br>
<br>
<br>
<div class="avg-container">
<?php
$id = mysqli_real_escape_string($conn, $_GET['id']);
$sql3 = "SELECT ROUND (AVG (b_nivg)) AS average FROM Bewertungen WHERE t_id = '$id'";
$result3 = mysqli_query($conn, $sql3);
$row = mysqli_fetch_assoc($result3);
$average = $row['average'];
echo ("ALLES IN ALLEM EINE $average VON 10 ");
$sql4 = "SELECT b_industrie
COUNT(b_industrie) AS oft
FROM Bewertungen WHERE t_id = '$id'
GROUP BY b_industrie
ORDER BY oft DESC
LIMIT 1";
$result4 = mysqli_query($conn, $sql4);
$row = mysqli_fetch_assoc($result4);
$industry = $row['oft'];
echo ("Am beliebtesten in der $industry Industrie ");
?>
</div>
<br>
<br>
<br>
<div class="filter-container">
<form action="f_toolseite.php" method="post">
<select name="sort">
<option value="" selected="selected">Nach den neusten Bewertungen geordnet</option>
<option value="b_nivg ASC">Am besten bewertet</option>
<option value="b_nivg DESC">Am schlechtesten bewertet</option>
</select>
<input name="search" type="submit" value="Ordnen"/>
</form>
<?php
if(isset($_POST['sort'])) {
$sort = $_POST['sort'];
}
?>
</div>
<div class="rate-container">
<?php
$id = mysqli_real_escape_string($conn, $_GET['id']);
if(!empty($sort)){
$sql2 = "SELECT * FROM Bewertungen WHERE t_id = '$id' ORDER BY b_datum DESC,'$sort'";
}
else{
$sql2 = "SELECT * FROM Bewertungen WHERE t_id = '$id' ORDER BY b_datum DESC";
}
$result2 = mysqli_query($conn, $sql2);
$queryResults2 = mysqli_num_rows($result2);
$crown= "https://project-disti.wbs.hs-rm.de/learn/ss2021/workspace/dbmgruppe2/Collatio%20(22.06.2021)/img/Webtool-Bilder/crown_PNG16.png";
if($queryResults2 > 0 ){
while ($row = mysqli_fetch_assoc($result2)){
echo " <div class='rating-box'>
<p>".$row['b_vorname']." ".$row['b_nachname']."</p>
<br>
<p>".$row['b_industrie']."</p>
<p>".$row['b_dauer']."<p>
<p>".$row['b_niveau']."<p>
".( $row['b_exp'] == 'pro' ? "<img src= $crown width:10 />" : "" )."
<p>Design: ".$row['b_niv1']." / 10 </p>
<p>Intuitivität: ".$row['b_niv2']." / 10 </p>
<p>Vielseitigkeit: ".$row['b_niv3']." / 10 </p>
<p>Mehrwert: ".$row['b_niv4']." / 10 </p>
<p>Einzigartigkeit: ".$row['b_niv5']." / 10 </p>
<p>Gesamteindruck: ".$row['b_nivg']." / 10 </p>
<p>".$row['b_pro']."<p>
<p>".$row['b_con']."</p>
<p>".$row['b_kommentar']."</p>
<p>".$row['b_datum']."</p>
<br>
<br>
</div>";
}
}
?>
</div>
<footer>
<?php include '../Include/footer.php';?>
</footer>
</body>
</html> '''

You need to change your html form like this and to fetch sort value in from get request instead of post
<form action="f_toolseite.php" method="get">
<input type = "hidden" name = "name" value = "<?= $_GET['name'] ?>" />
<input type = "hidden" name = "id" value = "<?= $_GET['id'] ?>" />
<select name="sort">
<option value="" selected="selected">Nach den neusten Bewertungen geordnet</option>
<option value="b_nivg ASC">Am besten bewertet</option>
<option value="b_nivg DESC">Am schlechtesten bewertet</option>
</select>
<input name="search" type="submit" value="Ordnen"/>

MySQL/PHP <select> not displaying submitted value

I am working on a school assignment and I have run into some issues. I have PHP code for a form that, when selected, sends the selected result to a MySQL database and then loops through and displays the results. The only problem is that, instead of showing the selected <option>, it shows all four of the options.
Here is my code:
<?php
include_once (connection.php);
if (($_SERVER["REQUEST_METHOD"] == "POST") && (isset($_POST['card_catalog_form']))) {
$card_name = mysqli_real_escape_string($conn, $_POST['card_name']);
$card_label = mysqli_real_escape_string($conn, $_POST['card_label']);
$insert_card_genre_query = sprintf("INSERT into card_catalog (card_name, card_label) VALUES ('%s', '%s')",
$card_name,
$card_label);
$insert_card_genre = mysqli_query($conn, $insert_card_genre_query) or die (mysqli_error($conn));
$last_record = mysqli_insert_id($conn);
}
$card_genre_query = "SELECT card_genre.genre_id, card_label from `card_genre` order by card_label asc";
$card_genre = mysqli_query($conn, $card_genre_query) or die(mysqli_error($conn));
$get_card_genre_query = "SELECT card_catalog.id, card_catalog.card_name, card_catalog.card_label, card_genre.genre_id from card_catalog right join card_genre on card_catalog.card_label = card_genre.card_label";
$get_card_genre = mysqli_query($conn, $get_card_genre_query) or die(mysqli_error($conn));
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>The Marketplace By The Mana Club</title>
<link rel="stylesheet" type="text/css" href="stylesheets/tmp.css">
</head>
<body>
<?php include(templatestuff/top_of_tmp.php); ?>
<main>
<h1>Products:</h1>
<section>
<ul id="products_list">
<li><b>Product 1: "Jack-In-The-Mox"</b></li>
<li><b>Product Description: "Roll a six-sided die for Jack-in-the-Mox. On a 1, sacrifice Jack-in-the-Mox and lose 5 life. Otherwise, Jack-in-the-Mox has one of the following effects. Treat this ability as a mana source..."</b></li>
<img src="productimages/jackinthemox.jpeg" alt="Jack In The Mox"/>
</ul>
</section>
<div>
<h2>What Card Are You Looking For?</h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" enctype="multipart/form-data">
<fieldset>
<p><b>What's The Card Name? <input type="text" name="card_name"></b></p>
<p>
<p><b>Card Type:</b></p>
<select name="card_genre">
<?php while ($row_card_genre = mysqli_fetch_assoc($card_genre)) { ?>
<option value="<?php echo $row_card_genre['genre_id'];?>"><?php echo $row_card_genre['card_label'];?></option>
<?php } ?>
</select>
</p>
<p><input type="submit"></p>
<input type="hidden" name="card_catalog_form">
</fieldset>
</form>
<?php
if ($last_record) {
echo "<p><b>You just created form query #" . $last_record ."</b><p>";
}
?>
<p>You are submitting your form at
<?php
date_default_timezone_set('America/New_York');
echo date('g:i a \o\n l, F j, Y');
?>
</p>
</div>
<?php
$query = "SELECT card_catalog.card_name, card_catalog.card_label, card_genre.genre_id FROM card_catalog, card_genre";
$result = mysqli_query($conn, $query) or die(mysqli_error($conn));
while($row = mysqli_fetch_array($result)){
echo $row['card_name']. " - ". $row['genre_id'];
echo "<br />";
}
?>
</main>
<?php include('templatestuff/bottom_of_tmp.php'); ?>
</body>
</html>`
(If you want to see the website that contains the problem, you can go here)
Any help, or constructive criticism, would be greatly appreciated.
Thanks

This might point you in the right direction:
if (isset($_POST['card_genre'])) {
$query = "SELECT card_catalog.card_name, card_catalog.card_label, card_genre.genre_id FROM card_catalog, card_genre WHERE card_genre.genre_id = ?";
$stmt = mysqli_prepare($conn, $query);
$stmt->bind_param('s', $_POST['card_genre']);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
echo $row['card_name']." - ".$row['genre_id'];
echo "<br />";
}
} else {
$query = "SELECT card_catalog.card_name, card_catalog.card_label, card_genre.genre_id FROM card_catalog, card_genre";
$result = mysqli_query($conn, $query) or die(mysqli_error($conn));
while ($row = mysqli_fetch_array($result)) {
echo $row['card_name']." - ".$row['genre_id'];
echo "<br />";
}
}

PHP Stuck on Mysqli_error()

I am new to php still learning i have made a navigation with the drop down submenus its working when im inserting new item in navigation but the problem exist when i try to edit the same navigation i get the error in function everything seems fine need help.
![Edit Form][1]
Error:
<code>
Database Query Failed in get subject by idYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIMIT 1' at line 1
</code>
functions.php
<code>
// Get Subject By ID
function get_subject_by_id($subject_id){
global $connection;
$query = "SELECT * FROM subjects WHERE id = {$subject_id} LIMIT 1";
$result_set = mysqli_query($connection, $query);
if(!$result_set){
die("Database Query Failed in get subject by id" . mysqli_error($connection));
}
if($subject_data = mysqli_fetch_array($result_set)) {
return $subject_data;
} else {
return null;
}
}
</code>
edit_subject.php
<code>
<?php include('includes/connection.php'); ?>
<?php require_once('includes/functions.php'); ?>
<?php
if(isset($_POST['submit'])) {
$id = $_GET['subj'];
$menu_name = $_POST['menu_name'];
$position = $_POST['position'];
$visible = $_POST['visible'];
$content = $_POST['content'];
$query = "UPDATE subjects SET menu_name = '{$menu_name}', position = {$position}, visible = {$visible}, content = '{$content}' WHERE id = {$id}";
$result_update = mysqli_query($connection, $query);
if(mysqli_affected_rows($connection) == 1){
$message = "The Subject was successfully created.";
} else {
}
}
?>
<?php
if(isset($_GET['subj'])){
$sel_subject = get_subject_by_id($_GET['subj']);
$sel_page = NULL;
} elseif (isset($_GET['page'])) {
$sel_subject = NULL;
$sel_page = get_page_by_id($_GET['page']);
} else {
$sel_subject = NULL;
$sel_page = NULL;
}
?>
<?php include('includes/header.php'); ?>
<div class="sidebar">
<ul class="sideNav">
<?php
$query_sub = "SELECT * FROM subjects";
$subject_set = mysqli_query($connection, $query_sub);
if(!$subject_set){
die("Database Query Failed1");
}
while($subject = mysqli_fetch_array($subject_set)){
?>
<li><?php echo $subject["menu_name"]; ?>
<?php
$query_page = "SELECT * FROM pages WHERE subject_id = {$subject["id"]}";
$page_set = mysqli_query($connection, $query_page);
if(!$page_set){
die("Database Query Failed2");
} ?>
<ul>
<?php
while($page = mysqli_fetch_array($page_set))
{
?><li><?php echo $page["menu_name"]; ?></li><?php
} ?>
</ul>
</li>
<?php } ?>
</ul>
<br>
+ Add a new Subject
</div><!-- end of sidebar -->
<h2>Edit Subject: <?php echo $sel_subject['menu_name']; ?></h2>
<div class="main">
<br/> <br/>
<?php if(!empty($message)) { ?> <p><?php echo $message; ?></p> <?php } ?>
<form action="edit_subject.php?subj=<?php $sel_subject['id']; ?>" method="post">
<fieldset>
<legend>Edit Subject:</legend>
<p>Subject Name:
<input type="text" name="menu_name" value="<?php echo $sel_subject['menu_name']; ?>">
</p>
<p>Position:
<select name="position">
<?php
$query_opt = "SELECT * FROM subjects ORDER BY position ASC";
$subject_opt = mysqli_query($connection, $query_opt);
if(!$subject_opt){
die("Database Query Failed3");
}
$subject_count = mysqli_num_rows($subject_opt);
for($count=1; $count <= $subject_count+1; $count++){
echo "<option value=\"{$count}\"";
if($sel_subject['position'] == $count){
echo " selected";
}
echo ">{$count}</option>";
}
?>
</select>
</p>
<p>Visible:
<input type="radio" name="visible" value="0"<?php if($sel_subject['visible'] == 0){ echo " checked"; } ?>> No
<input type="radio" name="visible" value="1"<?php if($sel_subject['visible'] == 1){ echo " checked"; } ?>> Yes
</p>
<p>Content:<br/>
<textarea name="content" rows="20" cols="150"><?php echo $sel_subject['content']; ?></textarea>
</p>
<p>
<input type="submit" name="submit" value="Add Subject" class="button-submit">
</p>
</fieldset>
</form>
<br /><br />
</div><!-- end of main -->
<?php include('includes/footer.php'); ?>
</code>

Are you sure that $subject_id in function get_subject_by_id() is not empty ? Try the below code after $query = "SELECT * FROM subjects WHERE id = {$subject_id} LIMIT 1"; in functions.php (only for testing) and make sure that your query is correct.
echo $query;
die();

you've missed the single quotes in the query string.
$query = "SELECT * FROM subjects WHERE id = {$subject_id} LIMIT 1";
should be
$query = "SELECT * FROM subjects WHERE id = '{$subject_id}' LIMIT 1";
youve also done it here.
$query = "UPDATE subjects SET menu_name = '{$menu_name}', position = {$position}, visible = {$visible}, content = '{$content}' WHERE id = {$id}";
should be
$query = "UPDATE subjects SET menu_name = '{$menu_name}', position = '{$position}', visible = '{$visible}', content = '{$content}' WHERE id = '{$id}'";
a note you dont need to wrap in {} for simple variables. You only need them if calling complex variables such as {$array['test']} as expained in this answer

Php mysql search option

I'm currently self studying PHP and right now, I'm trying to create a simple library system. And now, I'm having some trouble with the search option. I believe that my query and conditional statement are correct but I still can't show the output.
This are the codes:
<html>
<link rel="stylesheet" type="text/css" href="style.css">
<head>Home Page!</head>
<h1>List of Books</h1>
<?php include 'show.php'; ?>
<?php
require 'dbcon.php';
$Terror = $Aerror = $Derror = $Cerror = $matches = "";
if ($_SERVER["REQUEST_METHOD"] == "POST"){
$T = $_POST['title'];
$A = $_POST['Author'];
$D = $_POST['Desc'];
$C = $_POST['Category'];
$X = $_POST['Opt'];
$del_sql = "delete from a where Title = '".$T."' AND Author = '".$A."' ";
"delete from b where Title = '".$T."' AND Description = '".$D."' AND Category = '".$C."' ";
if($X == 'Add'){
$in_sql = "insert a (Title, Author) values ('".$T."', '".$A."'); insert b (Title, Description, Category) values ('".$T."', '".$D."', '".$C."')";
if(empty($T) || empty($A) || empty($D) || empty($C)){
if(empty($A)) $Aerror = "Fill up Author";
if(empty($T)) $Terror = "Fill up Title";
if(empty($D)) $Derror = "Fill up Description";
if(empty($C)) $Cerror = "Fill up Category";
}
else if(mysqli_multi_query($dbcon, $in_sql)){
echo "New recored added";
}
}
else if ($X == 'Del'){
if (mysqli_multi_query($dbcon, $del_sql)){
echo "Record deleted";
}
}
else if ($X == 'Search'){
$sea1_sql = "select count(Title) from a where Title = '".$T."'";
$sea_sql = mysqli_multi_query($dbcon, "select * from a where Title = '".$T."' AND Author = '".$A."'");
"select Description, Category from b where Title = '".$T."' AND Description = '".$D."' AND Category = '".$C."'";
if (mysqli_query($dbcon, $sea1_sql) > 0){
while ($row = mysqli_fetch_array($sea_sql)){
echo "<table class = fix>";
echo "<tr><th>Title</th> <th> ". $row['Title'] . " </th></tr>";
echo "<tr><th>Author </th> <th> ". $row['Author'] . " </th></tr>";
echo "<tr><th>Description </th> <th> ". $row['Description'] . " </th></tr>";
echo "<tr><th>Category </th> <th> ". $row['Category'] . " </th></tr>";
echo "</table><br>";
}
}
else if (mysqli_query($dbcon, $sea1_sql) < 0){
echo "Can't find data!";
}
}
}
?>
<body>
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<br>Title: <input type="text" name="title"> <?php echo $Terror; ?><br>
Author: <input type="text" name="Author"><?php echo $Aerror; ?><br>
Description: <input type="text" name="Desc"><?php echo $Derror; ?><br>
Category: <input type="text" name="Category"><?php echo $Cerror; ?><br>
<select name="Opt">
<option disabled selected>N/A</option>
<option value='Add'>Add</option>
<option value='Edit'>Edit</option>
<option value='Del'>Del</option>
<option value='Search'>Search</option>
</select><br>
<input type="submit" name="submit">
</form>
</body>
</html>

This is wrong:
if (mysqli_query($dbcon, $sea1_sql) > 0){
myqli_query() doesn't return the value of count(Title). You need to fetch the row.
$sea1_result = mysqli_query($dbcon, $sea1_sql);
$row = mysqli_fetch_assoc($sea1_result);
if ($row['count(Title)'] > 0) {
You're also using mysqli_multi_query() incorrectly. It doesn't return a mysqli_result object that you can fetch results from, it returns a boolean that indicates whether the first query was successful or got an error. You need to call mysqli_use_result() to get the results of each query, and then call mysqli_fetch_array() on this.
But it looks like you shouldn't be using mysqli_multi_query() at all. You want to get the rows from a and b for the same title together, not all a rows before all b rows. You should join the two tables:
$sea_result = mysqli_query("SELECT a.*, b.Description, b.Category
FROM a JOIN b ON a.Title = b.Title
WHERE a.Title = '$T' AND a.Author = 'A'
AND b.Description = '$D' AND b.Category = '$C'");

PHP Multiple tables, Multiple Insert & Updates

I am trying to update 3 tables and insert on 2. The thing is I get errors and I get some tables to update and insert, I am thinking there is a better way to put this. Please give me some wonderful input. Sorry that this is horrible coding. :(
<?php
require 'includes/db_connect.php';
if ( !empty($_POST)) {
// keep track validation errors
$vehiclenumError = null;
$chauffeuridError = null;
// keep track post values
$alias = $_POST['alias'];
$vehiclenum = $_POST['vehiclenum'];
$chauffeurid = $_POST['chauffeurid'];
// validate input
$valid = true;
if (empty($vehiclenum)) {
$vehiclenumError = 'Please select a Vehicle #';
$valid = false;
}
if (empty($chauffeurid)) {
$chauffeuridError = 'Please select a Chauffeur #';
$valid = false;
}
// insert data
if ($valid) {
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO unit_logs (alias,vehiclenum,chauffeurid,status) values (?, ?, ?, 1)";
$sql1 = "INSERT INTO active_units (alias,vehiclenum,chauffeurid,status) values (?, ?, ?, 1)";
$sql2 = "UPDATE ipads SET status='1' WHERE alias=$alias";
$sql3 = "UPDATE vehicles SET active='1' WHERE vehiclenum=$vehiclenum";
$sql4 = "UPDATE chauffeurs SET active='1' WHERE chauffeurid=$chauffeurid";
$q = $pdo->prepare($sql);
$l = $pdo->prepare($sql1);
$x = $pdo->prepare($sql2);
$z = $pdo->prepare($sql3);
$h = $pdo->prepare($sql4);
$q->execute(array($alias,$vehiclenum,$chauffeurid));
$l->execute(array($alias,$vehiclenum,$chauffeurid));
$x->execute(array($alias));
$z->execute(array($vehiclenum));
$h->execute(array($chaffeurid));
Database::disconnect();
header("Location: testing.php");
}
}
?>
<code>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<link href="css/bootstrap.min.css" rel="stylesheet">
<script src="js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="span10 offset1">
<div class="row">
<h3>Tablet Check Out</h3>
</div>
<?php
mysql_connect('localhost', 'allen', 'w0wr0cks');
mysql_select_db('wcldb');
$sql = "SELECT alias FROM ipads WHERE status = 0 ORDER BY alias ASC";
$result = mysql_query($sql);
?>
<form class="form-horizontal" action="checkout.php" method="post">
<div class="control-group">
<label class="control-label">Tablet Alias</label>
<div class="controls">
<select name="alias">
<?php
while ($row = mysql_fetch_array($result)) {
echo "<option value='" . $row['alias'] ."'>" . $row['alias'] ."</option>";
} ?>
</select>
</div>
</div>
<?php
mysql_connect('localhost', 'allen', 'w0wr0cks');
mysql_select_db('wcldb');
$sql = "SELECT vehiclenum FROM vehicles WHERE ownertype = 'JKS' AND active = '0' ORDER BY vehiclenum ASC";
$result = mysql_query($sql);
?>
<div class="control-group <?php echo !empty($vehiclenumError)?'error':'';?>">
<label class="control-label">Vehicle #</label>
<div class="controls">
<select name="vehiclenum">
<?php
while ($row = mysql_fetch_array($result)) {
echo "<option value='" . $row['vehiclenum'] ."'>" . $row['vehiclenum'] ."</option>";
}
echo '</select>';
?>
</div>
</div>
<?php
mysql_connect('localhost', 'allen', 'w0wr0cks');
mysql_select_db('wcldb');
$sql = "SELECT chauffeurid FROM chauffeurs WHERE ownertype = 'JKS' AND active='0' ORDER BY chauffeurid ASC";
$result = mysql_query($sql);
?>
<div class="control-group <?php echo !empty($chauffeuridError)?'error':'';?>">
<label class="control-label">Driver #</label>
<div class="controls">
<?php
echo "<select name='chauffeurid'>";
while ($row = mysql_fetch_array($result)) {
echo "<option value='" . $row['chauffeurid'] ."'>" . $row['chauffeurid'] ."</option>";
}
echo '</select>';
?>
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-success">Create</button>
<a class="btn" href="testing.php">Back</a>
</div>
</form>
</div>
</div> <!-- /container -->
</body>
</html>

Categories