I'm doing a table where the user can introduce the number of the products he want to buy and submit them pressing the submission button. I build the content of the table using a sql query (SELECT) setting the name of the input(text) like in the code below. My problem is that, probably, the form doesn't submit nothing because, if a check the variable $_REQUEST with isset(), it return FALSE. Someone can help me? Thanks!
$con=mysqli_connect("localhost","uPower","","info");
if (mysqli_connect_errno())
printf("<p>Error!!: %s<p>\n", mysqli_connect_error());
else{
$query = "SELECT * FROM product";
$result = mysqli_query ($con, $query);
echo "<form name=\"buy\" action=\"confirm.php\" method=\"POST\" onSubmit=\"return checkInputQty(qty.value) \">";
echo"<table>";
echo"<tr><th>Product name</th><th>Price</th><th>Available</th><th>Qty</th></tr>";
while ($row = mysqli_fetch_assoc($result)){
$pid = $row["pid"];
$name = $row["name"];
$qty = $row["qty"];
$price = ($row['price'])/100;
echo"<tr><th>$name</th><th>".number_format($price,2,',', '')." €</th><th>$qty</th><th><input type=\"text\" id=".$pid." name=".$name."></th></tr>";
}
echo"</table>";
echo "<p><input type=\"submit\" value=\"BUY\" class=\"button\" ><input type=\"button\" onclick=\"clearText()\" value=\"DELETE\" class=\"button\"></p>";
echo "</form>";
mysqli_free_result($result);
mysqli_close($con);
there is the part of confirm.php. It is a function in head that i called from the body of the page. It does a summary of what the user selected to buy. The control with if(isset($_REQUEST)) is false, so the page is blank....
<?php
function checkInputQty(){
$con=mysqli_connect("localhost","uPower","","info");
if (mysqli_connect_errno())
echo "error DB";
else{
$query = "SELECT * FROM product";
$result = mysqli_query ($con, $query);
while($row = mysqli_fetch_assoc($result)){
$nome = $row["name"];
if(isset($_REQUEST["$name"])){
$qty = trim($_REQUEST['$row["name"]']);
if($qty>0 && $qty<=$row["qty"]){
$new_qty = $row["qty"]-$qty;
$query2 = "UPDATE product SET qty = '$new_qty' WHERE qty = '".$row["qty"]."' ";
$result2 = mysqli_query ($con, $query2);
if($result){
echo "<table>";
echo "<tr><th>Name</th><th></th><th>Price</th></tr>";
do_content($row["name"],$qty,$row["price"]/100);
echo "</table>";
}
else
echo "Error!";
}
}e
}
mysqli_free_result($result);
}
mysqli_close($con);
}
?>
<?php
function do_content($name,$to_buy,$price){
echo "<tr><th>$name</th><th>$to_buy</th><th>$price</th></tr>";
}
?>
Related
I have cleaned my code a little to have the following as my form. But I'm having trouble sending the data and Updating from the new update.php. The form works ok retrieving the data and displaying it. But on submission I get the ok update message but the record isn't changed in the database any ideas.
index.php
<?php
include 'connectdb.php';
// include 'query.php';
$sql = "SELECT id, WeightorMeasure FROM weightsmeasures";
$result = $conn->query($sql)
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<form action=\"update.php\"method=\"post\">";
echo "<input type=\"text\" name=\"id\" value = ".$row["id"].">";
echo "<input type=\"text\" name=\"WeightorMeasure\" value = ".$row["WeightorMeasure"] .">";
echo "<input type=\"submit\" value=\" Submit \" name=\"Update\">";
}
echo "</form>";
} else {
echo "0 results";
}
$conn->close();
?>
update.php
<?php
include 'connectdb.php';
$wm = $_POST['id'];
$id = $_POST['WeightorMeasure'];
$sql = "UPDATE weightsmeasures SET WeightorMeasure='$wm' WHERE id='$id'";
if (mysqli_query($conn, $sql)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
$conn->close();
?>
Have changed to Below and now get this error.
Error updating record: Unknown column 'sdada' in 'field list'. So it looks like its trying to use the form value $wm as a column header in the table rather than the input value.
$wm = $_POST['WeightorMeasure'];
$id = $_POST['id'];
$sql = "UPDATE weightsmeasures SET WeightorMeasure=$wm WHERE id=$id";
$wm = $_POST['id'];
$id = $_POST['WeightorMeasure'];
Maybe you have these the wrong way round? :D
$wm = $_POST['WeightorMeasure'];
$id = $_POST['id'];
By the way your query is vuln to MySQL injection, please consider using prepared statements
You realize that you switched your ID and WeightOrMeasure in the variable assignments from your $_POST data?
This results in an update query that can't find the ID but does not run into a problem. Thus telling you that the operation was successful
I figure out following possible problem in your code.
mysqli_query($conn, $sql); //should be $conn->query($sql);
and this line
$wm = $_POST['id']; //$_POST['WeightorMeasure'];
$id = $_POST['WeightorMeasure'];//$_POST['id'];
the order is wrong. I hope you already have $conn object created in dpconnect.php file.
Ok found the problem was a mixture of the above having $_POST["WeightorMeasure"]; and $_POST["id"]; mixed up but the most important factor was that the table I was posting from contained Multiple Rows and on _POST to update.php it didn't know what to do with all the different rows as the SQL was only dealing with one row. Once I sent single rows through the post it worked fine. Now to learn and add prepared statements as suggested.
update.php
<?php
include 'connectdb.php';
$wm = $_POST["WeightorMeasure"];
$id = $_POST["id"];
echo $wm . "<br>";
echo $id . "<br";
$sql = "UPDATE weightsmeasures SET WeightorMeasure=\"$wm\", id=
$idWHERE id= $id";
if (mysqli_query($conn, $sql)) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . mysqli_error($conn);
}
$conn->close();
?>
Manual single entry.
index.php
<?php
include 'connectdb.php';
// include 'query.php';
$sql = "SELECT id, WeightorMeasure FROM weightsmeasures WHERE id=11";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<form action=\"update.php\"method=\"post\">";
echo "<input type=\"text\" name=\"id\" value = ".$row["id"].">";
echo "<input type=\"text\" name=\"WeightorMeasure\" value = ".$row["WeightorMeasure"].">";
echo "<input type=\"submit\" value=\" Submit \" name=\"Update\">";
}
echo "</form>";
} else {
echo "0 results";
}
$conn->close();
?>
I am trying to delete row from table.
Table name is username of user (which user logged in )
delete page is here
require('db.php');
if(isset($_POST["deletebtn"])){
$x = $_SESSION['username'];
$id=$_POST["statusid"];
$row=$conn->query("select id from $x where id='$id'");
if ($conn->query($row) === TRUE) {
$sql = "delete from $x where id ='$id'";
// echo 'success';
header( "Refresh:3; url=admin2.php", true, 303);
}else{
echo "not";
}
}
and here is my content code
$sql = "SELECT id,date,status FROM $x order by id DESC;";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$id = $row['id'];
echo "<div class='border'> ";
echo "";
echo "<form action='deletepage.php?action=$id'>";
echo "<input type='hidden' name='statusid' value='$id' >";
echo "<p> " . $row["status"] ."</p><br>";
echo "<input type='submit' value='delete' class='btn1 pull-right' name='deletebtn'> ";
echo "<a class=' btn1 pull-right' href='#'>edit </a>";
echo "<small> " . $row["date"]. "</small><br>";
echo "</form>";
echo "</div>";
}
} else {............}
You are not executing query on the sql
$sql = "delete from $x where id ='$id'";
Execute it like
$del= $conn->query($sql);
After the query
You forgot to execute query
require'db.php';
if(isset($_POST["deletebtn"])){
$x = $_SESSION['username'];
$id=$_POST["statusid"];
$row="select id from $x where id='$id'"; //<---remove query execution from here
if ($conn->query($row) === TRUE) {
$sql = "delete from $x where id ='$id'";
$conn->query($sql); //<-------- Add this line
// echo 'success';
header( "Refresh:3; url=admin2.php", true, 303);
}else{
echo "not";
}
}
There are several problems with your code.
there is no query execute for delete query.(which you may be solved later)
in your while loop you put $conn->query ($row) which is wrong. $row is not a query... It is the result set return from previous query.
and lastly $conn->query does not return true in SELECT, SHOW, DESCRIBE or EXPLAIN query. Check php manual
Change this
$sql = "delete from $x where id ='$id
To$sql = "delete from $table where id ='$sessionid'
Code will not display topics from database. I just get a blank pages.
Any solutions?
The pages loads but it will not display any thing. They want me to add more context but it breaks it so here you go.
<?php
//Database stuff.
include_once("connect.php");
if ($conn->connect_error) {
trigger_error('Database connection failed: ' . $conn->connect_error, E_USER_ERROR);
}else{
mysqli_select_db($conn,"2159928_db");
}
$tid = '';
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sql = "SELECT * FROM topics WHERE category_id='".$cid."' AND id='".$tid."' LIMIT 1";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) == 1){
echo "<table width ='75%'>";
if (isset($_SESSION['uid'])) {
//echo "<form action ='post_reply.php?cid=".$cid." &tid =".$tid. "' method = 'post'>
//<input type = 'submit' name = 'submit' value = 'Reply'/>";
//echo "<tr><td colspan ='2'><center><input type='submit' value='Reply' onClick = 'window.open = 'post_reply.php?cid=".$cid." &tid =".$tid."' />";
echo "<tr><td colspan ='2'><center><input type='submit' value='Reply' onClick='window.open(\"post_reply.php?cid=$cid&tid=$tid\")' />";
} else {
echo "<tr><td colspan = '2'><p><center> Please login to reply to topics.</p></td></tr>";
}
//Trying to display this. Doesn't even display border box.
while ($row = mysqli_fetch_assoc($result)) {
$sql2 = "SELECT * FROM posts WHERE category_id='".$cid."' AND topic_id='".$tid. "'";
$result2 = mysqli_query($conn, $sql2);
while ($row2 = mysqli_fetch_assoc($result2)){
echo "<tr><td valign ='top' style = 'border: 5px solid #ffffff;'><div style = 'min-height: 125px;'>".$row['topic_title']."<br/>
by ".$row2['post_username']. " - " .$row2['post_date']. "<hr/>".$row2['post_content']."</div></td>";
}
//This part not relevant.
$old_views = $row['topic_views'];
$new_views = $old_views + 1;
$sql3 = "UPDATE topics SET topic_views='".$new_views."' WHERE category_id='".$cid."' AND id ='".$tid."' LIMIT 1";
$result3 = mysqli_query($conn, $sql3);
}
echo "</table>";
} else {
echo "<p>This topic does not exist.</p>";
}
?>
Try echo-ing out your $sql to see if the query is correct.
If query is correct. Try var_dump to see if there are any results.
I am trying to remove a string from DB by a Href in a form. Why does this not work for me? The query is right, nothing happens.
<?php
// Make a MySQL Connection
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("cms") or die(mysql_error());
// Get all the data from the "example" table
$result = mysql_query("SELECT * FROM pages")
or die(mysql_error());
echo "<table border='1'>";
while ($row = mysql_fetch_array($result)) {
echo "<li class='list-group-item'>";
echo $row['header'];
echo "<br/>";
echo $row['description'];
echo "<br/>";
echo "<form method='POST'><a href='delete.php?id=".$row['page_id']."'>Remove</a></form>";
echo "</li>";
}
echo "</table>";
?>
delete.php
<?php
$db = new mysqli('localhost', 'root', '', 'cms');
$id = mysqli_query($db, "SELECT page_id FROM pages");
if (isset($_POST['id'])) {
mysqli_query($db, "DELETE FROM pages WHERE id='".$_GET['id']."'");
}
?>
And it still won't work. Just sends me to a blank page with no query.
Change this :
echo "<form method='POST'><a href='delete.php?".$row['page_id']."'>Remove</a></form>";
to
echo "<form method='POST' action='delete.php'><input type='hidden' value=".$row['page_id']." name='id'/><input type='submit' value='Remove'/></form>";
And in delete.php
This :
if (isset($_GET['id'])) {
To
if (isset($_POST['id'])) {
This
mysqli_query($db, "DELETE FROM pages WHERE id='".$_GET['id']."'");
to
mysqli_query($db, "DELETE FROM pages WHERE id='".$_POST['id']."'");
I am needing help with my small script.
You see, when I press $_POST['accept_req'] it doesn't select the $req_user I want ($row['username']). It either selects the row above or the row below it, I have no idea what to do.
$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'");
while ($row = mysql_fetch_array($requests, MYSQL_ASSOC)){
$req_user = mysql_real_escape_string($row['username']);
if(isset($_POST['accept_req'])){
$query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed.");
$result = mysql_query($query);
mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' ");
header("Location: ". $_SERVER['REQUEST_URI']);
exit;
}
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";
}
I am aware that mysql_* is deprecated, please ignore that.
You can do it this way.
$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'");
while ($row = mysql_fetch_array($requests, MYSQL_ASSOC))
{
$req_user =$row['username'];
}
if(isset($_POST['accept_req']) and isset($req_user))
{
$query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed.");
$result = mysql_query($query);
mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' ");
header("Location: ". $_SERVER['REQUEST_URI']);
exit;
}
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";
or this way :
if(isset($_POST['accept_req']))
{
$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'");
while ($row = mysql_fetch_array($requests, MYSQL_ASSOC))
{
$req_user =$row['username'];
}
$query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed.");
$result = mysql_query($query);
mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' ");
header("Location: ". $_SERVER['REQUEST_URI']);
exit;
}
if(mysql_num_rows($requests)){ //If there isn't any results it outputs "No requests"
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";
}else{
echo "No requests";
}
The select statement is outside the
if(isset($_POST['accept_req'])){...}
so the code is retrieving the wrong id. You need to put it inside the if statement if i'm understanding what you are trying to do