I was working on a forum script when i encounter this error
Notice: Undefined variable: userids in
C:\xampp\htdocs\myfolder\discussion\post_reply_parse.php on line 19
Unknown column 'email' in 'field list'
Please, help me. This is the code
<?php
session_start();
if ($_SESSION['uid']) {
if (isset($_POST['reply_submit'])) {
include_once("connect.php");
$creator = $_SESSION['uid'];
$cid = $_POST['cid'];
$tid = $_POST['tid'];
$reply_content = $_POST['reply_content'];
$sql = "INSERT INTO posts (category_id, topic_id, post_creator, post_content, post_date) VALUES ('".$cid."', '".$tid."', '".$creator."', '".$reply_content."', now())";
$res = mysql_query($sql) or die(mysql_error());
$sql2 = "UPDATE categories SET last_post_date=now(), last_user_posted='".$creator."' WHERE id='".$cid."' LIMIT 1";
$res2 = mysql_query($sql2) or die(mysql_error());
$sql3 = "UPDATE topics SET topic_reply_date=now(), topic_last_user='".$creator."' WHERE id='".$tid."' LIMIT 1";
$res3 = mysql_query($sql3) or die(mysql_error());
$sql4 = "SELECT post_creator FROM posts WHERE category_id='".$cid."' AND topic_id='".$tid."' GROUP BY post_creator";
$res4 = mysql_query($sql4) or die(mysql_error());
while ($row4 = mysql_fetch_assoc($res4)) {
$userids[] .= $row4['post_creator'];
}
foreach ($userids as $key) {
$sql5 = "SELECT id, email FROM users WHERE id='".$key."' AND forum_notification='1' LIMIT 1";
$res5 = mysql_query($sql5) or die(mysql_error());
if (mysql_num_rows($res5) > 0) {
$row5 = mysql_fetch_assoc($res5);
if ($row5['id'] != $creator) {
$email .= $row5['email'].", ";
}
}
}
$email = substr($email, 0, (strlen($email) - 2));
$to = "noreply#somewhere.com";
$from = "YOUR_SITE_EMAIL_HERE";
$bcc = $email;
$subject = "YOUR_SUBJECT_HERE";
$message = "YOU MESSAGE CONTENT HERE";
$headers = "From: $from\r\nReply-To: $from";
$headers .= "\r\nBcc: {$bcc}";
mail($to, $subject, $message, $headers);
if (($res) && ($res2) && ($res3)) {
echo "<p>Your reply has been successfully posted. <a href='view_topic.php?cid=".$cid."&tid=".$tid."'>Click here to return to the topic.</a></p>";
} else {
echo "<p>There was a problem posting your reply. Try again later.</p>";
}
} else {
exit();
}
} else {
exit();
}
?>
Look at the structure of the users table and make sure you use the correct name for the column containing the email address. After that, remove the period on the line
$userids[] .= $row4['post_creator'];
...so it turns into:
$userids[] = $row4['post_creator'];
Related
I want edit record in db table but it doesn't save in db table and nothing changed after i submit this form.
Here codes that i forgot to put.
<?php
require('db.php');
include("auth.php"); //include auth.php file on all secure pages
$id_doc=$_REQUEST['id_doc'];
$query = "SELECT * from doc where id_doc='".$id_doc."'";
$result = mysqli_query($connection, $query) or die ( mysqli_error());
$row = mysqli_fetch_assoc($result);
?>
This is my php codes
<?php
if(isset($_POST['new']) && $_POST['new']==1)
{
$id_doc=$_REQUEST['id_doc'];
$query = "SELECT * from doc where id_doc='".$id_doc."'";
$result = mysqli_query($connection, $query) or die ( mysqli_error());
$row = mysqli_fetch_assoc($result);
$title =$_REQUEST['title'];
$date = $_REQUEST['date'];
$from_to = $_REQUEST['from_to'];
$details = $_REQUEST['details'];
$d_location = $_REQUEST['d_location'];
$d_stat = $_REQUEST['d_stat'];
$update="update doc set title='".$title."', date='".$date."', from_to='".$from_to."', details='".$details."', d_location='".$d_location."', d_stat='".$d_stat."' where id_doc='".$id_doc."'";
mysqli_query($connection, $update) or die(mysql_error());
$status = "File Record Updated Successfully. </br></br><a href='v_doc.php'>View Updated Record</a>";
echo '<p style="color:#FF0000;">'.$status.'</p>';
}else {
// here some else code
}
?>
Not an answer. Too long for a comment.
The issue of parametrised queries aside, I find this easier to read:
UPDATE doc
SET title = '$title'
, date = '$date'
, from_to = '$from_to'
, details = '$details'
, d_location = '$d_location'
, d_stat = '$d_stat'
WHERE id_doc = '$id_doc'
And now see about parametrised queries
Try below:
<?php
if(isset($_POST['new']) && $_POST['new']==1)
{
$id_doc=$_REQUEST['id_doc'];
$query = "SELECT * from doc where id_doc='".$id_doc."'";
$result = mysqli_query($connection, $query) or die ( mysqli_error());
$row = mysqli_fetch_assoc($result);
$title =$_REQUEST['title'];
$date = $_REQUEST['date'];
$from_to = $_REQUEST['from_to'];
$details = $_REQUEST['details'];
$d_location = $_REQUEST['d_location'];
$d_stat = $_REQUEST['d_stat'];
$update="update doc set title='".$title."', date='".$date."', from_to='".$from_to."', details='".$details."', d_location='".$d_location."', d_stat='".$d_stat."' where id_doc='".$id_doc."'";
if(mysqli_query($connection, $update)) {
$status = "File Record Updated Successfully. </br></br><a href='v_doc.php'>View Updated Record</a>";
} else {
die(mysqli_error($connection));
}
echo '<p style="color:#FF0000;">'.$status.'</p>';
} else {
// here some else code
}
?>
This should show you exact error, once you get it. show it here, so we can check and do correction.
I have the code below and i can't figure why it's not working. The problem it's that i can insert a post with it, but when i try to update a post it's create a new page instead to update.
I have tried to remove isset from if(isset($_POST['id']) != 'null') and the update work, but then the insert doesn't work anymore.
Any idea what it's wrong with my code? Thanks.
<?php
if(isset($_POST['submitted']) == 1)
{
$title = mysqli_real_escape_string($dbc, $_POST['title']);
$header = mysqli_real_escape_string($dbc, $_POST['header']);
$body = mysqli_real_escape_string($dbc, $_POST['body']);
if(isset($_POST['id']) != 'null')
{
$q = "UPDATE pages SET user = $_POST[user], title = '$title', header = '$header', body = '$body' WHERE id = $_GET[id]";
}
else
{
$q = "INSERT INTO pages (user, title, header, body) VALUES ($_POST[user], '$title', '$header', '$body')";
}
$r = mysqli_query($dbc, $q);
if($r)
{
$message = '<p>Page was added!</p>';
}
else
{
$message = '<p>Page could not be added because:</p>'.mysqli_error($dbc);
$message .= '<p>'.$q.'</p>';
}
}
?>
You are using post and get at the same time. first check whethet it is post or get. then just simply do isset() check
<?php
if(isset($_POST['submitted']) == 1)
{
$title = mysqli_real_escape_string($dbc, $_POST['title']);
$header = mysqli_real_escape_string($dbc, $_POST['header']);
$body = mysqli_real_escape_string($dbc, $_POST['body']);
if(isset($_GET['id']) && $_GET['id']!="")
{
$q = "UPDATE pages SET user = $_POST[user], title = '$title', header = '$header', body = '$body' WHERE id = $_GET[id]";
}
else
{
$q = "INSERT INTO pages (user, title, header, body) VALUES ($_POST[user], '$title', '$header', '$body')";
}
$r = mysqli_query($dbc, $q);
if($r)
{
$message = '<p>Page was added!</p>';
}
else
{
$message = '<p>Page could not be added because:</p>'.mysqli_error($dbc);
$message .= '<p>'.$q.'</p>';
}
}
?>
Try this :
if(isset($_POST['id']) AND $_POST['id'] != 'null')
use this code: if(isset($_POST['id'] && $_POST['id']!= '')
I am not getting any errors but the database does not get updated. Please render assistance. Here is my code.
<?php
ob_start();
include("dbinc.php");
$msg = "";
if($_SESSION['usertype'] != "admin"){
header("Location: index.php");
exit;
}
$pagetitle = "Sync Job Details";
include("header.php");
if(isset($_POST['Submitaccount'])){
$allowedusers = $_POST['users'];
$accountid = trim($_POST['accountid']);
if(!$_POST['copyperms']) $_POST['copyperms']='N';
if(!$_POST['allusers']) $_POST['allusers']='N';
if(!$_POST['enabled']) $_POST['enabled']='N';
if(!$_POST['servertime']) $_POST['servertime']='N';
if(!$_POST['delremovals']) $_POST['delremovals']='N';
unset($_POST['Submitaccount']);
unset($_POST['accountid']);
unset($_POST['users']);
// $qpart = "";
$notmust = array("email" , "skip" , "comments" , "firstmod");
foreach($_POST as $key=>$val){
if(!trim($val) && !in_array($key , $notmust)) {
$err = 1;
$empty = "$key";
break;
}
$qpart .= "`$key` = '".mysql_escape_string($val)."' , " ;
}
if($qpart) $qpart = substr($qpart , 0 , -2);
if(!$err){
$chk = mysql_num_rows(mysql_query("SELECT * from accounts WHERE name = '".mysql_escape_string($_POST['name'])."' and id <> '$accountid'"));
if($chk >0){
$err = 2;
}
}
if(!$err){
if(!$accountid){
$q = "INSERT into accounts SET $qpart ";
mysql_query($q) or die("Error inserting the record :".mysql_error()."<br>".$q);
$accountid = mysql_insert_id();
}else{
$q = "UPDATE accounts SET $qpart WHERE id = '$accountid'";
mysql_query($q) or die("Error updating the record :".mysql_error()."<br>".$q);
}
if($_POST['allusers']!= "Y" && is_array($allowedusers)){
mysql_query("DELETE from accountusers WHERE accountid = '$accountid'");
foreach($allowedusers as $userid){
list($alljobs) = mysql_fetch_row(mysql_query("SELECT alljobs from users WHERE id= '$userid'"));
if($alljobs != "Y") {
mysql_query("INSERT into accountusers SET userid = '$userid' , accountid = '$accountid'");
}
}
}else{
mysql_query("DELETE from accountusers WHERE accountid = '$accountid'");
}
header("location: accountslist.php?done=1");
exit;
}
}
// if(isset($_GET['id'])){
// $record = mysql_fetch_assoc(mysql_query("SELECT * from accounts WHERE id = '$_GET[id]'"));
// foreach($record as $key=>$val) $record[$key] = stripslashes($val);
// }
if(isset($_GET['id'])){
$record = mysql_fetch_assoc(mysql_query("SELECT * from accounts WHERE id = '$_GET[id]'"));
foreach($record as $key=>$val) $record[$key] = stripslashes($val);
}
// if($err ==1)
// {
// $record = $_POST;
// foreach($record as $key=>$val)
// $record[$key] = stripslashes($val);
// $msg ="Please fill the empty field";
// }
if( isset($err) && $err == 1 )
{
$record = $_POST;
foreach($record as $key=>$val) $record[$key] = stripslashes($val);
$msg ="Please fill the empty field";
}
if( isset($err) && $err == 2)
{
$msg = "The name has already been used.";
}
?>
I feel your frustration. If i could assist you i would. People in this forum are scared to answer you as they don't want to lose reputation points as the question was marked down to -4. I suggest do some more research and post your question eslewhere.
I'm currently making a simple script that takes a user input named comments and putting it in a database. Every time I use the same email, I want it to overwrite their last entry. However, it keeps putting a new entry every time. Here is my code:
if($comments){
try{
echo "<img width=\"245\" height=\"130\" src=\"logo.png\"/><br/>";
echo "<h1>Thank you. You should receive your order on xx-xx-xx</h1>";
$TF = "TRUE";
if($numrows == 0){
$postquery = "INSERT INTO TTT25 (email,card,changes,comments) VALUES ('$email','$businesscard','$TF','$comments')";
$querythepost = sqlsrv_query($conn, $postquery);
}
else{
$postquery = "UPDATE TTT25 SET changes = '$TF', comments = '$comments' WHERE email = '$email'";
$querythepost = sqlsrv_query($conn, $postquery);
}
}
catch(Exception $e){}
}
elseif($optout=="false"){
echo "<img width=\"245\" height=\"130\" src=\"logo.png\"/><br/>";
echo "<h1>Thank you. You should receive your order on xx-xx-xx</h1>";
$TF = "FALSE";
$comments = "";
if($numrows == 0){
$postquery = "INSERT INTO TTT25 (email,card,changes,comments) VALUES ('$email','$businesscard','$TF','$comments')";
$querythepost = sqlsrv_query($conn, $postquery);
}
else{
$postquery = "UPDATE TTT25 SET changes = '$TF', comments = '$comments' WHERE email = '$email'";
$querythepost = sqlsrv_query($conn, $postquery);
}
}
Sorry it must have cut off:
my num rows and other variables defined before the conditional statements:
$optout = $_GET['opt'];
$encodedemail = $_GET['email'];
$email = base64_decode($encodedemail);
$originalcard = base64_decode($_GET['card']);
$businesscard = $originalcard;
$comments = $_POST['comments'];
//$primary = md5(uniqid(rand (), true)); no longer needed
$postquery;
$TF;
$sqlmatch = sqlsrv_query("SELECT * FROM TTT25 WHERE email = '".$email."'");
$numrows = sqlsrv_num_rows($sqlmatch);
echo $numrows;
I would appreciate it if anyone willing to tell how to echoing /print.
Below is the process of entering data into the database, before inserting it how can I echoing it to the table?
<?php
session_start();
if(isset($_POST['submit']))
{
include('class/stock_class.php');
$st = new st_exchange_conv(DEFAULT_SOURCE);
$from = mysql_real_escape_string(stripslashes($_POST['from']));
$value = floatval($_POST['amount']);
$date = date('Y-m-d H:i:s');
$_SESSION['selected'] = $from;
$stocks = $st->stocks();
asort($stocks);
foreach($stocks as $key=>$stock)
{
$st->convert($from,$key,$date);
$stc_price = $st->price($value);
$stock = mysql_real_escape_string(stripslashes($stock));
$count = "SELECT * FROM oc_stock WHERE stock = '$key'";
$result = mysql_query($count) or die(mysql_error());
$sql = '';
if(mysql_num_rows($result) == 1)
{
$sql = "UPDATE oc_stock SET stock_title = '$stock', stc_val = '$stc_price', date_updated = '$date' WHERE stock = '$key'";
}
else
{
$sql = "INSERT INTO oc_stock(stock_id,stock_title,stock,decimal_place,stc_val,date_updated) VALUES ('','$stock','$key','2',$stc_price,'$date')";
}
$result = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
}
header("Location: index.php");
exit();
}
?>
Insert this:
echo "<table><tr><th>".implode(array_keys($stocks), '</th><th>')."</th></tr>";
foreach($stocks as $row) echo "<tr><td>".implode('</td><td>', $row)."</tr>";
echo "</table>";
Edit: If printing the data is the goal and the table-view is not important, I recommend print_r($stocks) instead.