We Keep Coding

SQL failing in one page on some machines

Edit: Forgot to mention none of the SQL works at all when it fails.
I seriously need help figuring this out. It has been about a month since the issue has arrived. I have rewrote the page a couple times and have tried removing some unneeded items in case it was a speed issue (had sidebar that auto scrolled and loaded in two social media widgets which was kinda slow on bad internet) and so far nothing. I really do not know why this happens at all.
Here is the kicker. It only happens to random people. Never breaks for me but breaks nearly every time for a customer on certain pc's. Another issue that person is running into is the cart cookie won't clear for that person either(just them).
I am Using Auth.net's DPM method which takes them offsite momentarily then to my Order_receipt page(the one in question). When arriving at that page you are given 2 $_GET properties example (order_receipt.php?response_code=1&transaction_id=136434353) which is coming in properly even when it fails.
Customer that has issue is using win 10, and has tried it with both chrome and edge running kaspersky antivirus (no issues on my end from either browser)
I'm going to include all code loaded and included in that page below, starting with the order_receipt itself.
** = redacted info
Order_receipt.php:
<?php
require_once 'system/init.php';
include 'includes/head.php';
include 'includes/navigation.php';
include 'includes/headerpartial.php';
?>
<div id="maincontent" class="col-md-12">
<?php
ini_set('error_reporting', -1); ini_set('display_errors', 'on');
ini_set('log_errors', 1);
ini_set('error_log', 'system/error_logs.log');
$error_code = uniqid(mt_rand(), true);
if ($_GET['response_code'] == 1)
{
$trans_id = $_GET['transaction_id'];
if (isset($cart_id)){
$db->query("UPDATE transactions SET charge_id = '$trans_id' WHERE cart_id = '$cart_id'");
$tsql = $db->query("SELECT * FROM transactions WHERE cart_id = '$cart_id' ");
$tran = mysqli_fetch_assoc($tsql);
?>
<h1 id="reciept">Thank you for your support!</h1><hr>
<p id="reciept">
On behalf of ** <?=$tran['full_name']?> we thank you for your purchase and hope you enjoy it!
</p>
<p id="reciept">
You have selected <b>"<?=$tran['pickup-location']?>"</b> as your pickup point.
</p>
<table id="nav-button" class="table table-bordered table-auto">
<tbody>
<tr>
<td>Transaction ID : <?=$tran['charge_id']?></td>
</tr>
<?php
$a = 1;
$it = 1;
$string = $tran['items'];
$itemar = explode(',', $string);
$num = 1;
$istr = $tran['inventory'];
$stri = explode(',', $istr);
if ($tran['status'] != "Complete") {
foreach (array_slice($stri, $num) as $inve ){
$exploded = explode('.', $inve);
$itname = $exploded['0'];
$itquan = $exploded['1'];
$db->query("UPDATE products SET `quantity` = `quantity` - '$itquan' WHERE title = '$itname'");
$db->query("UPDATE products SET `Sold` = `Sold` + '$itquan' WHERE title = '$itname'");
$it++;
}
$compl = "Complete";
$db->query("UPDATE transactions SET `status` = '$compl' WHERE cart_id = '$cart_id'");
}
foreach (array_slice($itemar, $num) as $itemr ){
?>
<tr>
<td><?=$itemr?></td>
</tr>
<?php
$a++;
} ?>
<tr>
<td>
Total: <?=money($tran['grand_total']);?>
</td>
</tr>
</tbody>
</table>
<?php
$domain = '.'.$_SERVER['HTTP_HOST'];
setcookie(CART_COOKIE,'',1,"/",$domain,false);
}else{echo "Cart Id not Set";}
}else
{
echo "Sorry, an error occurred: ".htmlentities($_GET['response_reason_text']);
}?>
</div>
<?php
include 'includes/footer.php';
?>
Init.php:
<?php
$db = mysqli_connect("**","**","**","**");
if(mysqli_connect_errno()){
echo 'Database connection failed with following errors: '. mysqli_connect_error();
die();
}
session_start();
require_once $_SERVER['DOCUMENT_ROOT'].'/config.php';
require_once BASEURL.'helpers/helpers.php';
$cart_id = '';
if(isset($_COOKIE[CART_COOKIE])){
$cart_id = sanitize($_COOKIE[CART_COOKIE]);
}
if (isset($_SESSION['LHUser'])) {
$user_id = $_SESSION['LHUser'];
$query = $db->query("SELECT * FROM users WHERE id = '$user_id'");
$user_data = mysqli_fetch_assoc($query);
$fn = explode(' ', $user_data['full_name']);
$user_data['first'] = $fn[0];
$user_data['last'] = $fn[1];
}
if (isset($_SESSION['success_flash'])) {
echo '<div class="bg-success"><p class="text-success text-center">'.$_SESSION['success_flash'].'</p></div>';
unset($_SESSION['success_flash']);
}
if (isset($_SESSION['error_flash'])) {
echo '<div class="bg-danger"><p class="text-danger text-center">'.$_SESSION['error_flash'].'</p></div>';
unset($_SESSION['error_flash']);
}
?>
config.php:
<?php
define('BASEURL', $_SERVER['DOCUMENT_ROOT'].'/');
define('CART_COOKIE','Sd4CqdgRt6J3gd3F7');
define('CART_COOKIE_EXPIRE', time() + (86400 * 30));
?>
helpers.php:
<?php
ob_start();
function display_errors($errors){
$display = '<ul class="bg-danger">';
foreach ($errors as $error) {
$display .= '<li class="text-danger">'.$error.'</li>';
}
$display .= '</ul>';
return $display;
}
function sanitize($dirty){
return htmlentities($dirty,ENT_QUOTES,"UTF-8");
}
function money($number){
return '$'.number_format($number,2);
}
function login($user_id){
$_SESSION['LHUser'] = $user_id;
global $db;
$date = date("Y-m-d H:i:s");
$db->query("UPDATE users SET last_login = '$date' WHERE id = '$user_id'");
$_SESSION['success_flash'] = 'You are now logged in!';
header('Location: index.php');
}
function is_logged_in(){
if (isset($_SESSION['LHUser']) && $_SESSION['LHUser'] > 0) {
return true;
}
return false;
}
function login_error_redirect($url = 'login.php'){
$_SESSION['error_flash'] = 'You must be logged in to access that page';
header('Location:'.$url);
}
function permission_error_redirect($url = 'login.php'){
$_SESSION['error_flash'] = 'You don\'t have permission to access that page';
header('Location:'.$url);
}
function has_permission($permission = 'admin'){
global $user_data;
$permissions = explode(',', $user_data['permissions']);
if (in_array($permission,$permissions,true)) {
return true;
}
return false;
}
function get_category($child_id){
global $db;
$id = sanitize($child_id);
$sql = "SELECT p.id AS 'pid', p.category AS 'parent', c.id AS 'cid', c.category AS 'child'
FROM categories c
INNER JOIN categories p
ON c.parent = p.id
WHERE c.id = '$id'";
$query = $db->query($sql);
$category = mysqli_fetch_assoc($query);
return $category;
}
head.php:
<!DOCTYPE html>
<html>
<head>
<title>LettuceHeads</title>
<link rel="stylesheet" href="css/bootstrap.min.css">
<link rel="stylesheet" href="css/main.css">
<link rel="icon" href="../images/header/logoicon.png">
<meta name="Viewport" content="width=device-width, initial-scale=1, user-scalable=no">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<script SRC="js/bootstrap.min.js"></script>
</head>
<body>
<div id="fb-root"></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.6";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
navigation.php:
<?php
$sql = "SELECT * FROM navigation ORDER BY `navigation`.`sort` ASC";
$pquery = $db->query($sql);
?>
<nav id="navbar" class="navbar navbar-default navbar-fixed-top" role="navigation">
<div id="navtext" class="containter">
<a id="navborder" href="index.php" class="navbar-brand">**</a>
<ul class="nav navbar-nav">
<?php while($parent = mysqli_fetch_assoc($pquery)) : ?>
<li id="navborder"><?=$parent['name'];?></li>
<?php endwhile; ?>
</li>
</ul>
<ul id="navright" class="nav navbar-nav navbar-right" >
<li id="navborder2"><span class = "glyphicon glyphicon-shopping-cart"></span> My Cart</li>
<?php if(has_permission('admin')): ?>
<li id="navborder">Staff</li>
<?php endif; ?>
</ul>
</div>
</nav>
headerpartial.php:
<div id="partialHeaderWrapper">
<div id="partialbackitem"></div>
<div id="partiallogotext"></div>
<div id="partialfore-item"></div>
</div>
<div class="container-fluid">
footer.php:

How to delete MySql database row with PHP button

I have an backend website setup that displays all the users on my site in an organised table, I should be able to edit and delete the users from the php page. However I cannot get the delete function to work, here is the code.
Data_Display.php
<?php
include('session.php');
?>
<?php include ("db.php"); ?>
<?php
$sql = "SELECT * FROM username ORDER BY UserNameID DESC";
$query = mysql_query($sql) or die(mysql_error());
if (isset($_GET['UserNameID'])) {
$id = mysql_real_escape_string($_GET['UserNameID']);
$sql_delete = "DELETE FROM users WHERE id = '{$UserNameID}'";
mysql_query($sql_delete) or die(mysql_error());
header("location: data_display.php");
exit();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="icon" type="image/ico" href="favicon.ico">
<title>Network TV - All Records</title>
<meta charset="utf-8" />
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body >
<div class="container">
<div class="content">
<h1>Network TV Users and User control panel</h1>
<br>
<div class="toolbar">
Add New Person
Home
</div>
<br>
</div>
</div>
<div class="container">
<div class="content">
<?php if (mysql_num_rows($query)) { ?>
<?php while ($rows = mysql_fetch_assoc($query)) { ?>
<div class="separator"></div>
<h2><b>User reference:</b> <?php echo $rows['UserNameID']; ?></h2>
<h2><b>Name:</b><?php echo $rows['name']; ?></h2>
<h2><b>Email address:</b> <?php echo $rows['email']; ?></h2>
<h2><b>Gender:</b> <?php echo $rows['sex']; ?></h2>
<h2><b>Profile Picture:</b> <?php echo $rows['imagelink']; ?></h2>
<div class="toolbar">
Edit
Delete
</div>
<?php } /* End Loop */ ?>
<div class="separator"></div>
<?php } else { ?>
<div class="separator"></div>
<h2>There are no records to display</h2>
<div class="separator"></div>
<?php } /* End Rows Checking */?>
</div>
</div>
<div class="container">
<br>
<br>
<br>
<br>
<br>
</div>
<script>
function confirmDelete ( message, url )
{
var confirmation = confirm ( message );
if ( confirmation == true ) {
window.location = url;
} else {
return false;
}
}
</script>
</body>
</html>
Session.php
<?php
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "root", "Oliver");
// Selecting Database
$db = mysql_select_db("users", $connection);
if(!isset($_SESSION)){session_start();}
// Storing Session
$user_check=$_SESSION['login_user'];
// SQL Query To Fetch Complete Information Of User
$ses_sql=mysql_query("select username from username where username='$user_check'", $connection);
$row = mysql_fetch_assoc($ses_sql);
$login_session =$row['username'];
if(!isset($login_session)){
mysql_close($connection); // Closing Connection
header('Location: home.php'); // Redirecting To Home Page
}
?>
db.php
<?php
$connection = mysql_connect('localhost', 'root', 'Oliver');
mysql_select_db('users', $connection) or die(mysql_error());
?>
Information
When I click the delete button in data_display.php, I do receive the javascript alert to confirm that I do want to delete the user from the database, but nothing actually happens.

if (isset($_GET['recordId'])) {
$id = mysql_real_escape_string($_GET['recordId']);
$sql_delete = "DELETE FROM users WHERE id = '{$id}'";
mysql_query($sql_delete) or die(mysql_error());
header("location: data_display.php");
exit();
}
You are sending recordId as parameter.

PHP + mysqli trying to set up settings site for logged in user

I'm learning php and I'm using a tutorial to build a small community site.
I already have sign up, login and lost password set up as well as a profile page where the user can see his data which is saved in the database.
Now I'm trying to create a settings page where the user can edit his information and I scaled it down to just change the password for now for testing purposes.
So, to see if the user is logged in, I have this function, which I included on my settings page:
<?php
include_once("db_conx.php");
// Files that inculde this file at the very top would NOT require
// connection to database or session_start(), be careful.
// Initialize some vars
$user_ok = false;
$log_id = "";
$log_username = "";
$log_password = "";
// User Verify function
function evalLoggedUser($conx,$id,$u,$p){
$sql = "SELECT ip FROM users WHERE id='$id' AND username='$u' AND password='$p' AND activated='1' LIMIT 1";
$query = mysqli_query($conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows > 0){
return true;
}
}
if(isset($_SESSION["userid"]) && isset($_SESSION["username"]) && isset($_SESSION["password"])) {
$log_id = preg_replace('#[^0-9]#', '', $_SESSION['userid']);
$log_username = preg_replace('#[^a-z0-9]#i', '', $_SESSION['username']);
$log_password = preg_replace('#[^a-z0-9]#i', '', $_SESSION['password']);
// Verify the user
$user_ok = evalLoggedUser($db_conx,$log_id,$log_username,$log_password);
} else if(isset($_COOKIE["id"]) && isset($_COOKIE["user"]) && isset($_COOKIE["pass"])){
$_SESSION['userid'] = preg_replace('#[^0-9]#', '', $_COOKIE['id']);
$_SESSION['username'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['user']);
$_SESSION['password'] = preg_replace('#[^a-z0-9]#i', '', $_COOKIE['pass']);
$log_id = $_SESSION['userid'];
$log_username = $_SESSION['username'];
$log_password = $_SESSION['password'];
// Verify the user
$user_ok = evalLoggedUser($db_conx,$log_id,$log_username,$log_password);
if($user_ok == true){
// Update their lastlogin datetime field
$sql = "UPDATE users SET lastlogin=now() WHERE id='$log_id' LIMIT 1";
$query = mysqli_query($db_conx, $sql);
}
}
?>
And this is the settings page:
<?php
include 'php_includes/db_conx.php';
include 'php_includes/login_ex.php';
include_once("php_includes/check_login_status.php");
// Initialize any variables that the page might echo
$u = "";
$sex = "Male";
$userlevel = "";
$country = "";
$joindate = "";
$lastsession = "";
$password = "";
// Make sure the _GET username is set, and sanitize it
if(isset($_GET["u"])){
$u = preg_replace('#[^a-z0-9]#i', '', $_GET['u']);
} else {
header("location: index.php");
exit();
}
// Select the member from the users table
$sql = "SELECT * FROM users WHERE username='$u' AND activated='1' LIMIT 1";
$user_query = mysqli_query($db_conx, $sql);
// Now make sure that user exists in the table
$numrows = mysqli_num_rows($user_query);
if($numrows < 1){
echo "That user does not exist or is not yet activated, press back";
exit();
}
// Check to see if the viewer is the account owner
$isOwner = "no";
if($u == $log_username && $user_ok == true){
$isOwner = "yes";
}
// Fetch the user row from the query above
while ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
$profile_id = $row["id"];
$gender = $row["gender"];
$country = $row["country"];
$userlevel = $row["userlevel"];
$signup = $row["signup"];
$lastlogin = $row["lastlogin"];
$joindate = strftime("%b %d, %Y", strtotime($signup));
$lastsession = strftime("%b %d, %Y", strtotime($lastlogin));
if($gender == "f"){
$sex = "Female";
}
}
?>
<!doctype html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="robots" content="index, follow">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="css/bootstrap.css" rel="stylesheet" media="screen" type="text/css">
<link href="css/custom.css" rel="stylesheet" type="text/css">
<link href="css/bootstrap-min.css" rel="stylesheet" media="screen" type="text/css">
<script src="js/main.js"></script>
<title>KZ|Language exchange</title>
</head>
<body>
<div id="custom-bootstrap-menu" class="navbar navbar-default navbar-fixed-top" role="navigation">
<div class="container-fluid">
<div class="navbar-header"><a class="navbar-brand" href="#">Brand</a>
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-menubuilder"><span class="sr-only">Toggle navigation</span><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>
</button>
</div>
<div class="collapse navbar-collapse navbar-menubuilder">
<ul class="nav navbar-nav navbar-left">
<li>Home
</li>
<li>Profile
</li>
<li>About Us
</li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li><?php
if ($isOwner == "yes") {?>
<a class="navbar-brand" href="logout.php" style="border-left: 1px solid; padding-left: 10px;">Logout</a>
<?php
}
?>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="row-fluid">
<div class="col-md-9">
<h3><?php echo $u; ?></h3>
<p>Is the viewer the page owner, logged in and verified? <b><?php echo $isOwner; ?></b></p>
<p>Gender: <?php echo $sex; ?></p>
<p>Country: <?php echo $country; ?></p>
<p>User Level: <?php echo $userlevel; ?></p>
<p>Join Date: <?php echo $joindate; ?></p>
<p>Last Session: <?php echo $lastsession; ?></p>
<p>Password: <?php echo $password; ?></p>
<?php var_dump($_SESSION);
var_dump($_SESSION['username']);
?>
<?php
// i need to make sure that $isOwner = "yes"; so only logged in users see the form and can change the password
if (isset($_POST['submit'])) {
$password = $_POST["password"];
var_dump($password);
$sql = "UPDATE users SET password='$password' WHERE username='$u'";
}
?>
<h3>Create new password</h3>
<form action="user.php" method="post">
<div>Password</div>
<input type="text" class="form-control" id="password" name="password">
<br /><br />
<input type="submit" name="submit" value="Submit">
<p id="status" ></p>
</form>
</div>
<div class="col-md-3">
<div class="loginbox">
<?php
if ($isOwner == "yes") {?>
<h3>Welcome <?php echo $u; ?>!</h3>
<?php
if ($isOwner == "yes") {?>
<p>Last online: <?php echo $lastsession;?> </p>
<br /><br />
<?php
}
?>
<button class="btn btn-default" href="logout.php">Log Out</button>
<?php
}
?>
</div>
</div>
</div>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
</body>
<?php
include 'php_includes/footer.php';
?>
</html>
For some reason nothing is changing in the db when i hit submit, its so weird i am totally out of ideas...
But my knowledge is so limited that I can't see where the error lies and i am stuck.
Does anyone have an idea on how I could make this work?
Thanks in advance!
EQ

Why are you using a select query on users where you check on ID, Username and password. I assume every username has his own ID so you can just check on ID. Dont put password in the session.
change to:
<form action="" method="post">

query was empty in search php

Im trying to make this search with a select option to select which site, or all the sites.
When i click on all sites it works. When i click on "4shared" it works. But when i click "putlocker" i get this. Query was empty.
I really dont know what i did wrong
<?php
include"inc/connect.php";
include"inc/functions.php";
error_reporting(0);
if(isset($_GET['s']) && $_GET['s'] != ""){
$s = $_GET['s'];
$w = $_GET['w'];
if($w == 'all'){
$sql = "SELECT * FROM result WHERE (`name` LIKE '%".$s."%') OR (`keywords` LIKE '%".$s."%')";
}else if($w == 'Sockshare'){
$sql = "SELECT * FROM result WHERE website='Sockshare' AND (`name` LIKE '%".$s."%') OR (`keywords` LIKE '%".$s."%')";
}else if($w == 'Putlocker'){
$sql == "SELECT * FROM result WHERE website='Putlocker' AND (`name` LIKE '%".$s."%') OR (`keywords` LIKE '%".$s."%')";
}else if($w == '4shared'){
$sql = "SELECT * FROM result WHERE website='4shared' AND (`name` LIKE '%".$s."%') OR (`keywords` LIKE '%".$s."%')";
}else if($w == 'Rapidshare'){
$sql = "SELECT * FROM result WHERE website='Rapidshare' AND (`name` LIKE '%".$s."%') OR (`keywords` LIKE '%".$s."%')";
}
$query = mysql_query($sql) or die(mysql_error());
$count = mysql_num_rows($query);
if($count > 1){
while($row = mysql_fetch_array($query)){
$name = $row["name"];
$details = $row["details"];
$url = $row["url"];
$results .= '
<div id="stitle">' .$name. '</div>
<div id="details">' .$details. '</div>
<div id="url"><a target="_blank" href="' .$url. '">' .$url. '</a></div>';
}
} else {
$results = 'Nothing found!';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Findrfile.com - Putlocker Search | Sockshare search | Mediafire Search</title>
<link href='http://fonts.googleapis.com/css?family=Orienta' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="main.css" />
</head>
<body>
<script type="text/javascript" src="js/jquery-1.7.2.js"></script>
<script type="text/javascript" src="js/main.js"></script>
<?php include"header.php"; ?>
<div id="spacer"></div>
<?php include"litsearch.php"; ?>
<div id="nuresults"><span class="blue"><?php echo $count; ?> Results found</span></div>
<div id="spacerx"></div>
<div id="wrapper">
<div id="spacerx"></div>
<div id="content">
<?php echo $results; ?>
<div class="clear"></div>
</div>
<div id="spacerx"></div>
<div id="spacer"></div>
</div>
<?php include"footer.php"; ?>
</body>
</html>

You have $sql == "SELECT * FROM result WHERE website='Putlocker' AND (name LIKE '%".$s."%') OR (keyword LIKE '%".$s."%')"; notice the ==, this is a comparison operator so it won't set a value to $sql
I think that may be your issue.

Change
while($row = mysql_fetch_array($query)){
to
while($row = mysql_fetch_assoc($query)){
Because you use associative array.
$name = $row["name"];
$details = $row["details"];
$url = $row["url"];
If you want to use
while($row = mysql_fetch_array($query)){
like:
$name = $row[0];
$details = $row[1];
$url = $row[2];
Am I wrong?
ALSO:
you check if $_GET["s"] is set but you do not check $_GET["w"]

Deducting Numbers From Database Php

I have this table venue which consists of:
idVenue
name
description
room_size
What i'm trying to do is
ie. Venue A can have 5 person.
In DB, i have a room_size field which is 5.
So everytime a person is being selected to Venue A, just deduct 1 from the total (which is 5 for now). Once it reaches 0, then don't show out the Venue.
I heard flagging is possible, how do i actually go upon doing that?
Here's the code:
do_select.php
<?php
session_start();
if(($_SESSION['role'])!='Admin'){
echo "You have not logged in as admin yet.<br/>";
echo "Please <a href='login.php'>login</a>.";
exit;
}
?>
<?php
//member id
$id = $_POST['id'];
$idimplode = implode (", ", $id);
$idexplode= explode(", ", $idimplode);
//accept, reject
$select=$_POST['select'];
$comma = implode (", ", $select);
$comma1 = explode(", ", $comma);
$check =($idexplode);
//class id
$idc = $_POST['idc'];
include('dbconfig.php');
for($i=0;$i< sizeof($comma1);$i++)
{
if($comma1[$i]=="accept")
{
//Select Query if status is accept
$query="UPDATE attendance SET status='accept' WHERE Member_idMember ='$check[$i]' and Class_idClass='$idc'" ;
$result = mysqli_query($link, $query) or die(mysqli_error($link));
}
else
{
//Select Query if status is reject
$query2="UPDATE attendance SET status='reject' WHERE Member_idMember ='$check[$i]' and Class_idClass='$idc'" ;
$result1 = mysqli_query($link, $query2) or die(mysqli_error($link));
}
}
//select members based on status
$query3 = "SELECT * FROM member m, attendance a, class c
WHERE a.Member_idMember = m.idMember
AND a.Class_idClass = c.idClass
AND a.status = 'accept'
AND a.Class_idClass = '$idc'
";
$result3 = mysqli_query($link, $query3) or die (mysqli_connect_error($link));
//select query to get the class dates
$query4 = "SELECT day01, day02, day03, day04, day05, day06, day07, day08, day09, day10, day11, day12 FROM class
WHERE idClass = '$idc'";
$result4 = mysqli_query($link, $query4) or die (mysqli_connect_error($link));
//select query to get venue id
$query6 = "SELECT DISTINCT idVenue FROM venue";
$result6 = mysqli_query($link, $query6) or die (mysqli_connect_error($link));
while($row = mysqli_fetch_array($result4, MYSQL_NUM))
{
$day[] = implode(", ", $row);
}
$iday = implode(", ", $day);
$eday = explode(", ", $iday);
while($row = mysqli_fetch_array($result6, MYSQL_NUM))
{
$ven[] = implode(",", $row);
}
$iven = implode(", ", $ven);
$even = explode(", ", $iven);
$date = ($eday);
$venue= ($even);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>ST JOHN</title>
<link rel="stylesheet" type="text/css" href="main.css" />
<script language="JavaScript" type="text/javascript">
</script>
</head>
<body>
<!-- Begin Wrapper -->
<div id="wrapper">
<!-- Begin Header -->
<div id="header">
<img src="Image/1.jpg" width="900" height="100" />
</div>
<!-- End Header -->
<!-- Begin Navigation -->
<div id="navigation">
<img src="Image/4.png" width="30" height="30" > Welcome!!! <br>;
Logout;
</div>
<!-- End Navigation -->
<!-- Begin Faux Columns -->
<div id="faux">
<!-- Begin Left Column -->
<div id="leftcolumn">
<center><img src="Image/2.jpg" width="150" height="100" /><br>
<ul>
<li>About Us</li>
<li>Public Courses</li>
<li>Cadet Affairs</li>
<li>Events</li>
<li>Contact Us</li>
</ul></center>
</div>
<!-- End Left Column -->
<!-- Begin Right Column -->
<div id="rightcolumn">
<h1>Assign Venue</h1><br/>
<?php
echo"<table border='1'>";
echo"<th>Name</th>";
echo"<th>Signup Datetime</th>";
echo"<th>Status</th>";
echo"<th>Class</th>";
echo"<th>Venue</th>";
while($row=mysqli_fetch_assoc($result3))
{
$idc=$row['idClass'];
$id=$row['idMember'];
$Name = $row['name'];
$Status = $row['status'];
$Signup_datetime = $row['signup_datetime'];
$class=$row['Class_idClass'];
$idt=$row['Time_Slot_idTime_Slot'];
echo "<form method='post' action='assign_venue.php'>";
echo "<tr>";
echo "<td>".$Name."</td>";
echo "<td>".$Signup_datetime."</td>";
echo "<td>".$Status."</td>";
echo "<td>".$class."</td>";
echo "<input name='idc' type='hidden' value= '$idc'/>";
echo "<input name='id[]' type='hidden' value= '$id'/>";
echo "<td><select id ='idv[]' name='idv[]'>";
for ($v=0; $v <count($venue); $v++)
{
for ($d=0; $d <count($date); $d++)
{
//select query to determine which are the dates that are in conflict with each other
$sql = "SELECT * FROM venue v, class c, attendance a
WHERE a.Venue_idVenue = v.idVenue
AND a.Class_idClass = c.idClass
AND v.idVenue = '$venue[$v]'
AND (day01='$date[$d]' OR day02='$date[$d]' OR day03='$date[$d]' OR day04='$date[$d]' OR day05='$date[$d]' OR day06='$date[$d]'
OR day07='$date[$d]' OR day08='$date[$d]' OR day09='$date[$d]' OR day10='$date[$d]' OR day11='$date[$d]' OR day12='$date[$d]')
AND c.Time_Slot_idTime_Slot = '$idt'";
$rs = mysqli_query($link, $sql) or die (mysqli_connect_error($link));
while ($row = mysqli_fetch_assoc($rs))
{
//if there are no conflict, then display the venue
if (mysqli_num_rows($rs) != 0)
{
$ve[]= $row['idVenue'];
break;
}
}
}
}
$if = implode(",", $ve);
$ef = explode(",", $if);
$ve = ($ef);
for ($f=0; $f <count($ve); $f++)
{
//select query to get venue id and name
$sql1 = "SELECT * FROM venue WHERE idVenue != '$ve[$f]'";
$rs1 = mysqli_query($link, $sql1) or die (mysqli_connect_error($link));
}
while($row = mysqli_fetch_assoc($rs1))
{
//display venue id and venue name
$idv=$row['idVenue'];
$name=$row['name'];
echo"<option name='idv[]' value='$idv'>$name</option> ";
}
echo "</select>";
}
echo "</table>";
echo "<td><input type='submit' value= 'Submit'>
</form>";
mysqli_close($link);
?>
<div class="clear"></div>
</div>
<!-- End Right Column -->
<div class="clear"></div>
</div>
<!-- End Faux Columns -->
<!-- Begin Footer -->
<div id="footer">
<center><p>Copyright© St. John Ambulance Singapore # 420, Beach Road, Singapore 199582 Tel: 6298 0300 Fax: 6296 5797click here for map</p></center>
</div>
<!-- End Footer -->
</div>
<!-- End Wrapper -->
</body>
</html>

you should have another field called current_occupancy
When you create the row
update venue set current_occupancy = room_size where id = <idOfVenue>
Then when someone selects:
update venue set current_occupancy = current_occupancy - 1 where id = <idOfVenue>
And only show fields that match
select * from venue where current_occupancey > 0 <whatever else>