I am having a problem displaying a JOIN statement. When I add
WHERE id = " . $team_id;
The information that is on the database will not display, but when I remove that line the information will correctly join and display on the "teaminfo.php " page, but it will display all of the data instead of the data that is unique to that id. Also when I remove the JOIN the the data that is unique to the id will display. Can anyone tell me whats wrong here. Any help will be great. Than you.
teaminfo.php
<html>
<head>
<title>Team Info page</title>
</head>
<body>
<?php
include 'connect.php';
$team_id = $_GET['id'];
// SQL query
$query = " SELECT *
FROM pitscouting
JOIN fieldscouting
ON pteam_number = fteam_number
WHERE id = " . $team_id;
if ($result = mysqli_query($mysqli, $query)) {
/* fetch associative array */
while ($row = mysqli_fetch_assoc($result)) {
// Write the data of the team
echo "<br />";
echo "Pit scouting";
echo "<dt>Team:</dt><dd>" . $row["pteam_number"] . " " . $row["pteam_name"] . "</dd>";
echo "<dt>Auto:</dt><dd>" . $row["pauto"] . "</dd>";
echo "<dt>Drive:</dt><dd>" . $row["pdrive"] . "</dd>";
echo "<dt>Objetcs With No Problem?</dt><dd>" . $row["pobjNoProblem"] . "</dd>";
echo "<dt>Objects They have a problem with?</dt><dd>" . $row["pobjWithProblem"] . "</dd>";
echo "<dt>Can they shoot? If yes from where and how acc</dt><dd>" . $row["pshoot"] . "</dd>";
echo "<dt>Extra Notes about their robot?</dt><dd>" . $row["pdrive"] . "</dd>";
echo"<br />";
echo "Field Scouting ";
echo "<dt>Team Number:</dt><dd>" . $row["fteam_number"] . "</dd>";
echo "<dt>Auto:</dt><dd>" . $row["fauto"] . "</dd>";
echo "<dt>Drive:</dt><dd>" . $row["fdrive"] . "</dd>";
echo "<dt>Objetcs With No Problem?</dt><dd>" . $row["fobjNoProblem"] . "</dd>";
echo "<dt>Objects They have a problem with?</dt><dd>" . $row["fobjWithProblem"] . "</dd>";
echo "<dt>Shots taken</dt><dd>" . $row["fshots_taken"] . "</dd>";
echo "<dt>Shorts made</dt><dd>" . $row["fshots_made"] . "</dd>";
echo "<dt>Extra Notes</dt><dd>" . $row["fnotes"] . "</dd>";
}
mysqli_free_result($result);
}
// Close the database connection
mysqli_close($mysqli);
?>
<p>Return to the list</p>
</body>
</html>
Palmetto.php
<?php
include 'connect.php';
// SQL query
$query = "SELECT * FROM pitscouting ORDER BY pteam_number";
if($result = mysqli_query($mysqli, $query)){
if(mysqli_num_rows($result) > 0){
while($row = mysqli_fetch_array($result)){
$name = $row['pteam_number'] . " " . $row['pteam_name'];
// Create a link to teaminfo.php with the id-value in the URL
$strLink = "<a href = 'teaminfo.php?id= " . $row['id'] . "'>" . $name . "</a>";
// List link
echo "<li>" . $strLink . "</li>";
}
echo "</table>";
// Close result set
mysqli_free_result($result);
} else{
echo "No records matching your query were found.";
}
} else{
echo "ERROR: Could not able to execute $query. " . mysqli_error($mysqli);
}
// Close connection
mysqli_close($mysqli);
?>
If your tables both have an ID field you will have to specify which table you want to get the data from.
WHERE pitscouting.id = " . $team_id;
or
WHERE fieldscouting.id = " . $team_id;
Please do mention the sql injection in you're code
$team_id = $_GET['id'];
// SQL query
$query = " SELECT *
FROM pitscouting
JOIN fieldscouting
ON pteam_number = fteam_number
WHERE id = " . $team_id;
please take a look at prepared statements, to prevent sql injections in youre code
Try putting an alias.
$team_id = $_GET['id'];
// SQL query
$query = " SELECT *
FROM pitscouting p
JOIN fieldscouting f
ON p.pteam_number = f.fteam_number
WHERE p1.id = " . $team_id;
Related
I am using php and mysql to display all the user information of different users and i have a button which gets the id which will be redirected to another page and the id will be displayed in the url. What i am trying to do now is display the user information with the selected id on the redirected page
$sql = "SELECT * FROM users";
if($result = mysqli_query($link, $sql)){
if(mysqli_num_rows($result) > 0){
while($row = mysqli_fetch_array($result)){
echo "<div class='users-data'>";
echo "<p>" . $row['username'] . "</p>";
echo "<p>" . $row['full_name'] . "</p>";
echo "<p>" . $row['age'] . "</p>";
echo "<p>" . $row['gender'] . "</p>";
echo "<p>" . $row['email'] . "</p>";
echo "<p>" . $row['medical_condition'] . "</p>";
echo "<img src=images/".$row['image'] ."/>";
echo '<td><a href="view-user-information.php?id='.$row['id'].'"><button>View Details</button></td>';
echo "</div>";
}
// Free result set
mysqli_free_result($result);
} else{
echo "No records matching your query were found.";
}
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
Use this code;
if(isset($_GET['u'])){
$id = $_GET['u'];
$sql = "SELECT * FROM `users` WHERE `id` = '$id'";
$result = mysqli_query ($link,$sql);
$row = mysqli_fetch_assoc($result);
echo "<div class='users-data'>";
echo "<p>" . $row['username'] . "</p>";
echo "<p>" . $row['full_name'] . "</p>";
echo "<p>" . $row['age'] . "</p>";
echo "<p>" . $row['gender'] . "</p>";
echo "<p>" . $row['email'] . "</p>";
echo "<p>" . $row['medical_condition'] . "</p>";
echo "<img src=images/".$row['image'] ."/>"
}
else
{
//you can redirect it to back to the previous page if no id exist in url;
header("LOCATION:index.php"); // change the index.php to your privious page url
}
I am making e-commerce site and add to basket script not doing anything
I expect it to insert data into shopping basket from products page that is working perfectly fine. Please have a look and help me figure it out.. it is not giving any syntax error or parse error it just dont do anything and when I click buy it just redirect me to homepage
<?php
error_reporting(E_ALL);
session_start();
require("db.php");
require("functions.php");
$validid = pf_validate_number($_GET['id'], "redirect", $config_basedir);
$prodsql = "SELECT * FROM products WHERE id = " . $_GET['id'] . ";";
$prodres = mysqli_query($prodsql);
$numrows = mysqli_num_rows($prodres);
$prodrow = mysqli_fetch_assoc($prodres);
if($numrows == 0)
{
header("Location: " . $config_basedir);
} else {
if($_POST['submit'])
{
if($_SESSION['SESS_ORDERNUM'])
{
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES("
. $_SESSION['SESS_ORDERNUM'] . ", "
. $_GET['id'] . ", "
. $_POST['amountBox'] . ")";
mysqli_query($itemsql);
} else {
if($_SESSION['SESS_LOGGEDIN'])
{
$sql = "INSERT INTO orders(customer_id, registered, date) VALUES("
. $_SESSION['SESS_USERID'] . ", 1, NOW())";
mysqli_query($sql);
session_register("SESS_ORDERNUM");
$_SESSION['SESS_ORDERNUM'] = mysqli_insert_id();
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES("
. $_SESSION['SESS_ORDERNUM']
. ", " . $_GET['id'] . ", "
. $_POST['amountBox'] . ")";
mysqli_query($itemsql);
} else {
$sql = "INSERT INTO orders(registered, date, session) VALUES("
. "0, NOW(), '" . session_id() . "')";
mysqli_query($sql);
session_register("SESS_ORDERNUM");
$_SESSION['SESS_ORDERNUM'] = mysqli_insert_id();
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES("
. $_SESSION['SESS_ORDERNUM'] . ", " . $_GET['id'] . ", "
. $_POST['amountBox'] . ")";
mysqli_query($itemsql);
}
}
$totalprice = $prodrow['price'] * $_POST['amountBox'] ;
$updsql = "UPDATE orders SET total = total + "
. $totalprice . " WHERE id = "
. $_SESSION['SESS_ORDERNUM'] . ";";
mysqli_query($updres);
header("Location: " . $config_basedir . "showcart.php");
} else {
require("header.php");
echo "<form action='addtobasket.php?id="
. $_GET['id'] . "' method='POST'>";
echo "<table cellpadding='10'>";
echo "<tr>";
if(empty($prodrow['image']))
{
echo "<td><img src='./productimages/dummy.jpg' width='50' alt='"
. $prodrow['name'] . "'></td>";
} else {
echo "<td><img src='./productimages/" . $prodrow['image']
. "' width='50' alt='" . $prodrow['name']
. "'></td>";
}
echo "<td>" . $prodrow['name'] . "</td>";
echo "<td>Select Quantity <select name='amountBox'>";
for($i=1;$i<=100;$i++)
{
echo "<option>" . $i . "</option>";
}
echo "</select></td>";
echo "<td><strong>£"
. sprintf('%.2f', $prodrow['price'])
. "</strong></td>";
echo "<td><input type='submit' name='submit' value='Add to basket'></td>";
echo "</tr>";
echo "</table>";
echo "</form>";
}
}
require("footer.php");
error_reporting(E_ALL);
?>
there are two redirects that makes your user return to your home page
first:
$validid = pf_validate_number($_GET['id'], "redirect", $config_basedir);
make sure $_GET['id] has valid value
second:
$prodsql = "SELECT * FROM products WHERE id = " . $_GET['id'] . ";";
$numrows = mysqli_num_rows($prodres);
// ...
if($numrows == 0)
{
header("Location: " . $config_basedir);
}
check your query in this line:
$prodsql = "SELECT * FROM products WHERE id = " . $_GET['id'] . ";";
make sure it returns not an empty results ( $numrows == 0 )
Test it first on your DBMS front-end
Ive included a block of code below detailling how im placing sections of data from a table in my database in their own divs. However, im new to PHP and cant find out how to also output the "cup_id" from the database into their respective divs here: echo $cup["cup_name"] . "<br />"; Thanks for all the help in advance!
So in short how do i get this to work: echo $cup["cup_id", "cup_name"] . "<br />";
<?php
require_once("action/dbcon.php"); // Get the database connection
$get_cup = "SELECT * FROM cups";
$show_cup = mysqli_query($conn, $get_cup);
if (!$show_cup) {
echo "Could not load cup. " . "(" . mysqli_error($conn) . ")";
}
while ($cup = mysqli_fetch_assoc($show_cup)) {
echo '<div class="cup-info">';
echo $cup["cup_name"] . "<br />";
echo '</div>';
}
?>
Do you want to concatenate strings? use the dot operator:
echo $cup["cup_id"] . $cup["cup_name"];
And if you want to print it in another div, make this:
echo '<div class="cup-info">';
echo $cup["cup_id"] . "<br />";
echo '</div>';
echo '<div class="cup-info">';
echo $cup["cup_name"] . "<br />";
echo '</div>';
if you want the name and id to be in the same raw then you can follow this method
<?php
require_once("action/dbcon.php"); // Get the database connection
$get_cup = "SELECT * FROM cups";
$show_cup = mysqli_query($conn, $get_cup);
if (!$show_cup) {
echo "Could not load cup. " . "(" . mysqli_error($conn) . ")";
}
while ($cup = mysqli_fetch_assoc($show_cup)) {
echo '<div class="cup-info">';
echo $cup["cup_id"] . $cup["cup_name"]."<br />";
echo '</div>';
}
?>
if you want the name and id to be in different raw then you can follow this method
<?php
require_once("action/dbcon.php"); // Get the database connection
$get_cup = "SELECT * FROM cups";
$show_cup = mysqli_query($conn, $get_cup);
if (!$show_cup) {
echo "Could not load cup. " . "(" . mysqli_error($conn) . ")";
}
while ($cup = mysqli_fetch_assoc($show_cup)) {
echo '<div class="cup-info">';
echo $cup["cup_id"]."<br />";
echo '</div>';
echo '<div class="cup-info">';
echo $cup["cup_name"]."<br />";
echo '</div>';
}
?>
I am new to php and SQL and just toying around with a project for my own understanding of accessing, updating and deleting data from my Database.
I have managed to show the selected data, create a button to delete a specific Id but really needing some assistance with deleting the selected row or record instead of hard coding in the ID in my delete php script.
Here is an example of my script:
<?php
$sql = "SELECT id, firstname, lastname, joinDate FROM customers";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo
"<div class='trow'>" .
$row["id"]. ": " .
$row["firstname"] . " " .
$row["lastname"]. " " .
$row["joinDate"]. " " .
"<span class='deleteMember'>
<form action='deleteMember.php' method='POST'>
<button type='submit'>Delete</button>
</form>
</span>" . " " .
"<span class='editMember'><a href='#'>Edit</a></span>" .
"<br></div>";
}
} else {
echo "0 results";
}
$conn->close();
?>
Here is the delete.php
<?php
// sql to delete a record
$sql = "DELETE FROM customers WHERE id='6' ";
if ($conn->query($sql) === TRUE) {
header("Location: index.php");
} else {
echo "Error deleting record: " . $conn->error;
}
$conn->close();
?>
what I would like it to do is, delete the row from which you hit the delete button from and not just delete the row I have specified in the delete.php script. I understand HOW it should work by posting the id but not sure how to do it.
Do like this
<?php
// sql to delete a record
$sql = "DELETE FROM customers WHERE id='".$_GET['id']."' ";
if ($conn->query($sql) === TRUE) {
header("Location: index.php");
} else {
echo "Error deleting record: " . $conn->error;
}
$conn->close();
?>
<?php
$sql = "SELECT id, firstname, lastname, joinDate FROM customers";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo
"<div class='trow'>" .
$row["id"]. ": " .
$row["firstname"] . " " .
$row["lastname"]. " " .
$row["joinDate"]. " " .
"<span><a href='deleteMember.php?id=".$row['id']."'>Delete</a></span>" .
"<span class='editMember'><a href='#'>Edit</a></span>" .
"<br></div>";
}
} else {
echo "0 results";
}
$conn->close();
?>
in place of your form use this
DELETE
and in your delete query must be like below
$sql = "DELETE FROM customers WHERE id='".$_GET['id']."' ";
or stay in your post form with:
while($row = $result->fetch_assoc()) {
echo
"<div class='trow'>" .
$row["id"]. ": " .
$row["firstname"] . " " .
$row["lastname"]. " " .
$row["joinDate"]. " " .
"<span class='deleteMember'>
<form action='deleteMember.php' method='POST'>
<input type='hidden' name='myid' value='".$row['id']."' />
<button type='submit'>Delete</button>
</form>
</span>" . " " .
"<span class='editMember'><a href='#'>Edit</a></span>" .
"<br></div>";
}
And in your delete.php :
<?php
$id=(int) $_POST['myid'];
// sql to delete a record
$sql = "DELETE FROM customers WHERE id=".$id;
if ($conn->query($sql) === TRUE) {
header("Location: index.php");
} else {
echo "Error deleting record: " . $conn->error;
}
$conn->close();
?>
No need to add extra form element for Delete or Edit purpose. Try this way to pass the id of row for Eelete or Edit operation
while($row = $result->fetch_assoc())
{
$id=$row['id'];// capture your row id & pass to your delete & edit
echo
"<div class='trow'>" .
$row["id"]. ": " .
$row["firstname"] . " " .
$row["lastname"]. " " .
$row["joinDate"]. " " .
"<span class='deleteMember'>
<a href='deleteMember.php?id=<?=$id;?>'>Delete</a>
</span>" . " " .
"<span class='editMember'>
<a href='editMember.php?id=<?=$id;?>'>Edit</a>
</span>" .
"<br>
</div>";
}
EDIT:
Then catch the id on your relevant page for your operation.
//deleteMember.php
<?php
$id=$_GET['id'];
// sql to delete a record
$sql = "DELETE FROM customers WHERE id='".$id."'";
if ($conn->query($sql) === TRUE) {
header("Location: index.php");
} else {
echo "Error deleting record: " . $conn->error;
}
$conn->close();
?>
Note: Please Use Prepared Statements of PDO or MYSQLi instead to avoid SQL Injection and manual escaping.
Trying to retrieve related data from the relationships table, after user clicks on the the bookname on the previous page. Nothing is being printed on the page even though in the database there is data.
The table schema is:
relationshipID,bookone,booktwo,relation,relationlike,relationdislike
<html>
<head>
<title>Retrieve Relationships</title>
</head>
<body>
<dl>
<?php
// Connect to database server
mysql_connect("latcs7.cs.latrobe.edu.au","12ice06","EsnYkuxuwh9RbtQuRcQt") or die (mysql_error ());
// Select database
mysql_select_db("12ice06") or die(mysql_error());
$sTitle=0;
// Get data from the database depending on the value of the id in the URL
$title = (isset($_GET['title']) && is_string($_GET['title'])) ? $_GET['title'] : null;
$sTitle = mysql_real_escape_string($title);
$strSQL = "SELECT R.bookone, B.title, B.author,
R.booktwo, B.title, B.author,
R.relation, R.relationlike, R.relationdislike
FROM relationships R
INNER JOIN books B ON R.bookone = B.bookid";
$rs = mysql_query($strSQL) or die(mysql_error());
// Loop the recordset $rs
while($row = mysql_fetch_array($rs)){
// Write the data of the book
echo "<dt>Book One:</dt><dd>" . $row["bookone"] . "</dd>";
echo "<dt>Title:</dt><dd>" . $row["title"] . "</dd>";
echo "<dt>Author:</dt><dd>" . $row["author"] . "</dd>";
echo "<dt>Book Two:</dt><dd>" . $row["booktwo"] . "</dd>";
echo "<dt>Title:</dt><dd>" . $row["title"] . "</dd>";
echo "<dt>Author:</dt><dd>" . $row["author"] . "</dd>";
echo "<dt>Relationship:</dt><dd>" . $row["relation"] . "</dd>";
echo "<dt>Likes:</dt><dd>" . $row["relationshiplikes"] . "</dd>";
echo "<dt>Dislikes:</dt><dd>" . $row["relationshipdislikes"] . "</dd>";
}
echo $strSQL;
// Close the database connection
mysql_close();
?>
</dl>
<p>Return to the list</p>
</body>
</html>
if($row = mysql_fetch_array($rs)){
// Write the data of the book
echo "<dt>Book One:</dt><dd>" . $row["bookone"] . "</dd>";
echo "<dt>Book Two:</dt><dd>" . $row["booktwo"] . "</dd>";
echo "<dt>Relationship:</dt><dd>" . $row["relation"] . "</dd>";
echo "<dt>Likes:</dt><dd>" . $row["relationshiplikes"] . "</dd>";
echo "<dt>Dislikes:</dt><dd>" . $row["relationshipdislikes"] . "</dd>";
}while($row!=0);
Should be
while($row = mysql_fetch_array($rs)){
// Write the data of the book
echo "<dt>Book One:</dt><dd>" . $row["bookone"] . "</dd>";
echo "<dt>Book Two:</dt><dd>" . $row["booktwo"] . "</dd>";
echo "<dt>Relationship:</dt><dd>" . $row["relation"] . "</dd>";
echo "<dt>Likes:</dt><dd>" . $row["relationshiplikes"] . "</dd>";
echo "<dt>Dislikes:</dt><dd>" . $row["relationshipdislikes"] . "</dd>";
}
My advice:
a) Please reform the variable in your SQL-Statement like this:
$strSQL = "SELECT [...]
WHERE books.bookid=relationships.bookone
AND relationships.bookone='".$sTitle."'";
b) Make sure your variable $sTitle isn't empty. If it still is an issue, echo the whole SQL-Statement (echo $strSQL;) for further debugging.
c) While on it, please reform the whole SQL statement. The following statement does the same and is much more readable:
$strSQL = "SELECT R.bookone, R.booktwo,
R.relation,
R.relationlike, R.relationdislike
FROM relationships R
INNER JOIN books B ON R.bookone = B.bookid
WHERE R.bookone='".$sTitle."'";
d) Instead of outputting the data after if($row = mysql_fetch_array($rs)){, use a while-statement instead, something like
while ($row = mysql_fetch_array($rs)) {
// Write the data of the book
// Insert your echos here
}
e) Question:
Is there a specific reason table books is INNER JOINed, but not used in a condition?