I've a page index.php where I added a search form that's connected with the database. So that When users search any word, result would show up from database. Once results generated on the page I want users to export the result into a .doc file.
I want only the query results into the .doc file but for some reasons I'm getting a blank .doc file.
Here are my codes:
searchform:
<form id="searchform" method="post">
<input type="text" name="searchit" id="searchit" class="txt" />
<input type="submit" value="Search" id="button" class="button" />
</form>
Query:
<?php
include("database.php");
$term = strip_tags(substr($_POST['searchit'],0, 100));
$term = $mysqli->real_escape_string($term);
if($term=="") {
echo "<div class='error'>Enter Something to search</div>";
exit();
}
termcheck($term, $mysqli);
function termcheck($term, $mysqli){
$qry="Select * from pogel where title = '$term'";
if($result = $mysqli->query($qry)){
$num_rows = $result->num_rows;
if($num_rows > 0) {
while($row = $result->fetch_assoc())
{
echo "Stem : ".$row['title']."<br>";
}
}
}
}
?>
Seems like you just don't have this key in your POST.
You may try this if no such element comes to script:
$searchit = filter_input(INPUT_POST, 'searchit');
if(!$searchit) {
echo "<div class='error'>Enter Something to search</div>";
exit();
}
$term = strip_tags(substr($searchit,0, 100));
$term = $mysqli->real_escape_string($term);
Try this to generate doc file:
<?php
include("database.php");
$term = strip_tags(substr($_POST['searchit'],0, 100));
$term = $mysqli->real_escape_string($term);
if($term=="") {
echo "<div class='error'>Enter Something to search</div>";
exit();
}
$output = termcheck($term, $mysqli);
function termcheck($term, $mysqli){
$qry = "Select * from pogel where title = '$term'";
$result = '';
if($result = $mysqli->query($qry)){
$num_rows = $result->num_rows;
if($num_rows > 0) {
while($row = $result->fetch_assoc()) {
$result .= "Stem : ".$row['title']."<br>";
}
}
}
return $result;
}
ob_flush();
header("Content-type: application/vnd.ms-word");
header("Content-Disposition: attachment;Filename=document_name.doc");
echo $output;
//ob_flush_clean() might be useful here, but not sure
?>
Related
<input type="text" name="question" required class="form-control" placeholder="Question" value=<?php
$emid = $_GET['key1'];
$sql = "SELECT * FROM posses_ques WHERE id = '$emid'";
$result = mysqli_query($connection, $sql);
if (mysqli_num_rows($result) > 0){
while ($row = mysqli_fetch_assoc($result)) {
echo $row['ques'];
}
} else {
echo "No Data Available";
}
?>
>
A tidier solution and one that does not allow SQL Injection Attack might be something like this
<?php
$sql = "SELECT * FROM posses_ques WHERE id = ?";
$stmt = $connection->prepare($sql);
$stmt->bind_param('i', $_GET['key1']):
$stmt->execute();
$result = $stmt->get_result();
$x = 0;
if ( $result->num_rows > 0 ){
while ($row = $result->fetch_assoc()) {
echo '<input type="text" name="question' . $x . '" value="' . $row['ques']. ' required class="form-control" placeholder="Question" ';
$x++;
}
} else {
echo "No Data Available";
}
Note also the unique name attribute. These need to be unique or you wont see all of them in the data returned to the scripts from a form
I am in the process of building a institute review system and i just completed inserting reviews to the database. However i am in a fix as to how to display to the user all the reviews related to the particular institute.
Below is my code to retrieve review information along with the name of the person who has left the review:
$get_review_query = "SELECT * FROM reviews WHERE institute_id = {$id}";
$result = mysqli_query($connection, $get_review_query);
if(!$result) {
die("Database query failed.");
}
$count = mysqli_num_rows($result);
if($count == 0) {
$output = "There're no reviews for this institute.";
} else {
while($row = mysqli_fetch_assoc($result)) {
$review_contents = $row['content'];
$institute_id = $row['institute_id'];
$student_id = $row['student_id'];
$date = $row['created_on'];
$query_student_name = "SELECT f_name, l_name FROM students
WHERE student_id = {$student_id}";
$result1 = mysqli_query($connection, $query_student_name);
if(!$result1) {
die("Database query failed.");
} else {
$row1 = mysqli_fetch_assoc($result1);
$student_f_name = $row1['f_name'];
$student_l_name = $row1['l_name'];
}
}
}
Now i want to display the reviews somewhere down the page:
<!-- display reviews -->
<fieldset>
<legend>Reviews for <?php echo $name; ?></legend>
<br>
<?php
foreach($row as $value) {
?>
<legend><?php echo $student_f_name . " ". $student_l_name; ?> said:</legend>
<div id = "items" class="">
<?php echo $review_contents; ?>
</div>
<br>
<div>
<?php echo $date; ?>
</div>
<?php } ?>
</fieldset>
The above foreach loop doesn't work. It probably creates an infinite loop. I have tried using a for loop with $count as the maximum counter but that doesn't work either. Please suggest a for loop that prints all the reviews from the database.
try this
$get_review_query = "SELECT * FROM reviews WHERE institute_id = {$id}";
$result = mysqli_query($connection, $get_review_query);
if(!$result) {
die("Database query failed.");
}
$reviews = array();
$count = mysqli_num_rows($result);
if($count == 0) {
$output = "There're no reviews for this institute.";
} else {
while($row = mysqli_fetch_assoc($result)) {
$query_student_name = "SELECT f_name, l_name FROM students
WHERE student_id = {$student_id}";
$result1 = mysqli_query($connection, $query_student_name);
if(!$result1) {
die("Database query failed.");
} else {
$row1 = mysqli_fetch_assoc($result1);
$row['f_name'] = $row1['f_name'];
$row['l_name'] = $row1['l_name'];
}
$reviews[] = $row;
}
}
if( $reviews ){
?>
<fieldset>
<legend>Reviews for <?php echo $name; ?></legend>
<br>
<?php
foreach($reviews as $review) {
?>
<legend><?php echo $review['f_name'] . " ". $review['l_name']; ?> said:</legend>
<div id = "items" class="">
<?php echo $review['content']; ?>
</div>
<br>
<div>
<?php echo $review['created_on']; ?>
</div>
<?php } ?>
</fieldset>
<?php
}
I am currently trying to create a search menu, and display it's result in a form of table. I managed to get the search result only as a string, but unable to use it to display a full row in the table.
Here is my code :
- Creating the Form :
<form action = "profile.php" method = "post">
<input type="text" name="search" placeholder = "Search">
<input type="submit" value = "SEARCH"><br>
</form>
This is the php to get search result
if(isset($_POST['search']))
{
$searchq = $_POST['search'];
$searchq = preg_replace("#[^0-9a-z]#i","",$searchq);
$query = mysql_query("SELECT * FROM identity WHERE fullname LIKE '%$searchq%'") or die("Could not Find!");
$count = mysql_num_rows($query);
if($count == 0)
{
$output = 'There is no result';
}
else
{
while($row = mysql_fetch_array($query))
{
$fullname = $row['fullname'];
$output .= '<div> '.$fullname.' </div>';
$records = mysql_query("SELECT * FROM identitas_pengadu WHERE fullname='$output'");
}
}
}
This is the code I used to display the result in a database :
while($identity = mysql_fetch_assoc($records))
{
echo "<tr>";
echo "<td>".$identity['fullname']."</td>";
echo "<td>".$identity['nip']."</td>";
echo "<td>".$identity['email']."</td>";
echo "<td>".$identity['position']."</td>";
echo "<td>".$identity['status']."</td>";
echo "<td>EDIT</td>";
echo "</tr>";
}
It works fine if the value of $records does not use the WHERE function. Please help.
Thank You
So this is a quick question I have about my php page. I wont put the code up because it would turn into solving the syntax. I was looking for the reason this happens.
This being, I have a .php page and it loads and about half way down and there is a short bit of php code. And in it, it echos to add a few items to a database. But then none of the rest of the html page loads.
Its a php type file.
Actually here is the part within the html.
<select id="price_select" name="priceBox">
<?php
...
//connects to database in code not shown
$result=mysqli_query("SELECT * FROM $tablename")or die(mysql_error());
$count=0;
while($row=mysqli_fetch_array($result)) {
$price = $row['price'];
if($price != NULL){
($count = $count+1);
}
echo "$(\"#price_select\").append('<option>" . $price . "</option>');";
}
if($count==0) {
echo "$(\"#price_select\").append('<option>Out of Stock</option>');";
}
?>
</select>
You have error on the following line:
$result=mysqli_query("SELECT * FROM $tablename")or die(mysql_error());
You must have similar:
$result=mysqli_query($link,"SELECT * FROM $tablename")or die(mysqli_error($link));
You php code should be similar:
$result=mysqli_query($link,"SELECT * FROM $tablename")or die(mysqli_error($link));
$count=0;
while($row=mysqli_fetch_array($result)) {
$price = $row['price'];
if($price != NULL){
($count = $count+1);
echo "<option> $price </option>";
}
}
if ($count === 0)
{
echo "<option>Out of Stock</option>";
}
change your code like below.
$html = '';
while($row=mysqli_fetch_array($result)) {
$price = $row['price'];
if($price != NULL){
($count = $count+1);
}
$html .= '<option>" . $price . "</option>';
}
if($count==0) {
echo '<option>Out of Stock</option>';
} else {
echo $html;
}
Modify the code adding <script>-tag as follows:
<select id="price_select" name="priceBox">
<?php
...
//connects to database in code not shown
$result=mysqli_query("SELECT * FROM $tablename")or die(mysql_error());
$count=0;
while($row=mysqli_fetch_array($result)) {
$price = $row['price'];
if($price != NULL){
($count = $count+1);
}
echo "<script>$(\"#price_select\").append('<option>" . $price . "</option>');</script>";
}
if($count==0) {
echo "<script>$(\"#price_select\").append('<option>Out of Stock</option>');</script>";
}
?>
</select>
The users of my website can subscribe some of their animals for a competition.
My code works perfectly but there is a big issue. When a user presses subscribe the page reloads but because the isset is after the echo of the button itself the page needs to be refreshed before the buttontext changes into "subscribed".
Change the order gives issues as you probably can see.
Who can help me out? I'm out of options myself. (I translated the variables etc.)
<form action="" method="post" name="frmSubscribe">
<?php
$Counter = 0;
$sql = "Select * from Animals where username='".$_SESSION['User']."' ";
$result = mysql_query($sql);
while($row=mysql_fetch_array($result)){
echo $row['Animalname'];
$Duiven[] = $row['AnimalID'];
$Username[] = $row['username'];
?>
<input type='submit' <?php echo "name= ".$Buttons[$Counter].""; ?> value='<?php
$sqlSubscribed = "SELECT * FROM Competitionresults WHERE AnimalID='".$Animals[$Counter]."'";
$resultSubscribed = mysql_query($sqlSubscribed);
if(mysql_num_rows($resultSubscribed) == 0){ echo "Subscribe";}
else {echo "deregister";}
?>'><br/><?php
$Teller++;
}
if (isset($_POST['btnSubscribe1'])){
$sqlCheck = "SELECT * FROM Competitionresults WHERE AnimalID='".$Animals[0]."'";
$resultCheck = mysql_query($sqlCheck);
if (mysql_num_rows($resultCheck) == 0){
$sql1 = "INSERT INTO Competitionresuls (AnimalID, username) VALUES ('".$Animals[0]."','".$Username[0]."')";
$result1 = mysql_query($sql1);
$row=mysql_fetch_array($result1);
?><?php
}
}
... and so on for the next animals.
You have to use output buffering I think. Put ob_start() at the beginning of your page, now output any placeholder instead of real input code:
[SUMBIT]
instead of:
<input type='submit' ....
At the end of page you get your buffered content:
$content = ob_get_clean()
And replace submit button with correct code:
$content = str_replace('[SUBMIT]', 'Your actual submit button code here...', $content);
And now output content:
echo $content;
quick fix can be javascript
echo '<span id="someid" >Subscribe</span>';
and when changing
echo "<script>document.getElementById('someid').innerHTML = 'Subscribed';</script>";
in future I STRONGLY suggest you to use PHP MVC Framework
You can use your post code above the page then loaded your page....
Please use like below code:
<?php
if (isset($_POST['btnSubscribe1'])){
$sqlCheck = "SELECT * FROM Competitionresults WHERE AnimalID='".$Animals[0]."'";
$resultCheck = mysql_query($sqlCheck);
if (mysql_num_rows($resultCheck) == 0){
$sql1 = "INSERT INTO Competitionresuls (AnimalID, username) VALUES ('".$Animals[0]."','".$Username[0]."')";
mysql_query($sql1);
header('Location: samefilename.php');
die;
}
}
?>
<form action="" method="post" name="frmSubscribe">
<?php
$Counter = 0;
$sql = "Select * from Animals where username='".$_SESSION['User']."' ";
$result = mysql_query($sql);
while($row=mysql_fetch_array($result)){
echo $row['Animalname'];
$Duiven[] = $row['AnimalID'];
$Username[] = $row['username'];
?>
<input type='submit' <?php echo "name= ".$Buttons[$Counter].""; ?> value='<?php
$sqlSubscribed = "SELECT * FROM Competitionresults WHERE AnimalID='".$Animals[$Counter]."'";
$resultSubscribed = mysql_query($sqlSubscribed);
if(mysql_num_rows($resultSubscribed) == 0){ echo "Subscribe";}
else {echo "deregister";}
?>'><br/><?php
$Teller++;
}
}
most easy solution move the isset up to the top. just so you know actions should always be the first things you handle after that you are gonna work on the view
<form action="" method="post" name="frmSubscribe">
<?php
if (isset($_POST['btnSubscribe1'])){
$sqlCheck = "SELECT * FROM Competitionresults WHERE AnimalID='".key($_GET)."'";
$resultCheck = mysql_query($sqlCheck);
if (mysql_num_rows($resultCheck) == 0){
$sql1 = "INSERT INTO Competitionresuls (AnimalID, username) VALUES ('".key($_GET)."','".$_SESSION['User']."')";
$result1 = mysql_query($sql1);
$row=mysql_fetch_array($result1);
}
}
$Counter = 0;
$sql = "Select * from Animals where username='".$_SESSION['User']."' ";
$result = mysql_query($sql);
while($row=mysql_fetch_array($result)){
echo $row['Animalname'];
$Duiven[] = $row['AnimalID'];
$Username[] = $row['username'];
?>
<input type='submit' <?php echo "name= ".$Buttons[$Counter].""; ?> value='<?php
$sqlSubscribed = "SELECT * FROM Competitionresults WHERE AnimalID='".$Animals[$Counter]."'";
$resultSubscribed = mysql_query($sqlSubscribed);
if(mysql_num_rows($resultSubscribed) == 0){ echo "Subscribe";}
else {echo "deregister";}
?>'><br/><?php
$Teller++;
}