Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
hye guys..is there anything wrong with my if else statement..i tried input username that already existed in the database,and it work..also same if i left the textbox epmty..but if a tried enter a valid name,it does not read the else statement..can someone help me..i cant find where is the problem
<?php
include 'connect.php';
$username = ($_POST['txtUsername']);
$statement = $mysqli->prepare("SELECT companyUsername FROM tblpartner WHERE companyUsername=?");
$statement->bind_param("s", $username);
$statement->execute();
$statement->bind_result($username);
if ( $statement->fetch()) {
echo '<span class="error"> taken</span>';
} else if(empty($username)) {
echo '<span class="error"> Cannot be empty</span>';
} else
echo '<span class="success"> available.</span>';
?>
I think you're doing it mostly right but just got confused because you bind both the input name and the output result to $username.
You want the username input to be checked for the "empty" condition, and the username output to be checked for NULL to signal that the name is available, if I'm understanding what you want correctly...
So:
$username = ($_POST['txtUsername']);
if (empty($username) || ($username == '')) {
echo '<span class="error"> Cannot be empty</span>';
} else {
$statement = $mysqli->prepare("SELECT companyUsername FROM tblpartner WHERE companyUsername=?");
$statement->bind_param("s", $username);
$statement->execute();
$statement->bind_result($username);
if ( $statement->fetch()) {
echo '<span class="error"> taken</span>';
} else {
echo '<span class="success"> available.</span>';
}
?>
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I want to update a row on a table and it is not updating.
This is my html and php code :
<?php
if ($_GET) {
if (isset($_GET['id'])) {
$id = preg_replace('#[^0-9]#', '', $_GET['id']);
echo $id;
$query = "SELECT * FROM posts WHERE id='{$id}'";
$result = mysqli_query($connect, $query);
$rows = mysqli_fetch_assoc($result);
} elseif (empty($_GET['id'])) {
header("location: manage_posts.php");
}
}
?>
<form action="modify_post.php?id=<?php echo $id; ?>" method="post">
<h3>Post Title <?php //echo $id; ?></h3>
<input name="title" value="<?php echo $rows['title'];?>" type="text" placeholder="Title here ..." id="title" required>
<h3>Post Content</h3>
<textarea name="content" required placeholder="Title here ..." style="resize: none"><?php echo $rows['content'];?></textarea>
<br/>
<input type="submit" value="Update" id="submit"/>
</form>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($_POST['title'] != "" || $_POST['content'] != "") {
$id = preg_replace('#[^0-9]#', '', $_GET['id']);
$sql = "UPDATE posts SET title='{$_POST['title']}', content='{$_POST['content']}' WHERE id='{$id}'";
$update_result = mysqli_query($connect, $sql);
if (isset($result)) {
echo "<h2>Update successfully, redirecting back ...</h2>";
} else {
echo "Record hasn't been Updated" . mysqli_errno($result);
}
header("location: manage_posts.php");
} else {
echo "<h3>Please fill all fields</h3>";
}
}
?>
This is all what I could came up with !
I don't know where is the problem coming from ?
a) avoid sql injections e.g. with prepared statements + parameters
b) add more error handling and parameter checking.
<?php
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
echo 'wrong method';
}
else if ( !isset($_POST['title'], $_POST['content']) ) {
echo 'missing POST parameters';
}
else if ( !isset($_GET['id']) ) {
echo 'missing GET parameter';
}
else if ($_POST['title'] == "" || $_POST['content'] == "") {
echo '<h3>Please fill all fields</h3>';
}
else {
$stmt = $connect->prepare('UPDATE posts SET title=?, content=? WHERE id=?');
if ( !$stmt ) {
trigger_error('prepare failed', E_USER_ERROR);
}
else if ( !$stmt->bind_param('sss', $_POST['title'], $_POST['content'], $_GET['id']) ) {
trigger_error('bind_param failed', E_USER_ERROR);
}
else if ( !$stmt->execute() ) {
trigger_error('execute failed', E_USER_ERROR);
}
else {
echo '# of updated rows: ', $stmt->affected_rows();
}
}
see also
http://docs.php.net/mysqli.error-list
http://docs.php.net/mysqli-stmt.error-list
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
I am looking for PHP script that capable of imports my 3 column data into my table which has 5 fields.
Is this possible?
I think you need something like this
$file = fopen("airport 123.csv","r ");
$i = 0;
while(!feof($file))
{
$file_data = fgetcsv($file);
//print_r($file_data);
$select = "select count(*) from airport_pricing";
$result = mysql_num_rows($select);
if($result>0)
{
echo $sql = "UPDATE airport_pricing SET pickup ='$file_data[0]',dropoff='$file_data[1]', price='$file_data[2]' ";
}
else{
echo $sql = "INSERT INTO airport_pricing values(NUll,'$file_data[0]','$file_data[1]','$file_data[2]',1)";
}
$query = mysql_query($sql);
if(!$query)
{
$error = "Record is not inserted !";
}
else
{
$error = "Record is inserted Successfully !";
}
echo "<br />";
}
fclose($file);
echo $error;
?>
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have php file where i need to check if variables are not empty and then update the table.Everything works fine except alert.
<?php
$con=mysql_connect("localhost","root","");
mysql_select_db("sg",$con);
error_reporting(0);
$result1=mysql_query("select DeclarationNo,DeclarantReferenceNo from sg_report where DeclarationNo='$dec' OR DeclarantReferenceNo='$dec'");
if(isset($_POST['myText'])){ $cn = $_POST['myText']; }
if(isset($_POST['myText1'])){ $dec = $_POST['myText1']; }
if(isset($_POST['tb3'])){ $rem = $_POST['tb3']; }
I want a alert box to come up when records are updated
if( !empty($dec) && !empty($rem) ){
$result=mysql_query("update sg_report set CreditNoteStatus='$cn',Remarks='$rem' where DeclarationNo='$dec' OR DeclarantReferenceNo='$dec'");
echo "<script type='text/javascript'>alert('Updated successfully!');</script>";
}
I want a alert box to come up if all values are not entered
if(empty($dec) || empty($rem) ) {
echo "<script type='text/javascript'>alert(\"Please enter all Values\");window.location=\"view3.php\";</script>";
}
?>
if(isset($_POST['myText']) && isset($_POST['myText1']) && isset($_POST['tb3']))
{
$result=mysql_query("update sg_report set CreditNoteStatus='$cn',Remarks='$rem' where DeclarationNo='$dec' OR DeclarantReferenceNo='$dec'");
if($result)
{
echo "<script type='text/javascript'>alert('Updated successfully!');</script>";
}
}
else
{
echo "<script type='text/javascript'>alert(\"Please enter all Values\");window.location=\"view3.php\";</script>";
}
Try this one
if(trim($_POST['myText'])!=''&&trim($_POST['myText1'])!=''&&trim($_POST['tb3'])!='')
{
$result=mysql_query("update sg_report set CreditNoteStatus='$cn',Remarks='$rem' where DeclarationNo='$dec' OR DeclarantReferenceNo='$dec'");
if($result)
{
echo "<script type='text/javascript'>alert('Updated successfully!');</script>";
}
}
else
{
echo "<script type='text/javascript'>alert(\"Please enter all Values\");window.location=\"view3.php\";</script>";
}
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 9 years ago.
Improve this question
I'm trying to extract this data into a while loop and its literally returning nothing at all, any ideas whats wrong?
Code:
<?php
if(isset($_GET['id'])){
require('include/db.php');
require('include/init.php');
if(isset($_GET['id']) && is_numeric($_GET['id'])){
$userid = $odb->real_escape_string($_GET['id']);
$result3 = $odb->prepare("SELECT * FROM users where ID = :id");
$result3->bindValue(":id", $userid);
$result3->execute();
while($row3 = $result3->fetch_array(MYSQLI_ASSOC)){
$username=$row['username'];
$email=$row['email'];
$rank=$row['rank'];
$membership=$row['membership'];
$expire=$row['expire'];
$status=$row['status'];
echo "
Username: ".$username."<br />
Email: ".$email."<br />
Rank: ".$rank."<br />
Membership: ".$membership."<br />
Expire: ".$expire."<br />
Status: ".$status."<br />
";
}
} else {
echo "You did not enter an ID!";
}
?>
If you need any information let me know!
Since you are using PDO, some functions have to be updated. Instead of mysql_escape_string(), you can just prepare and bind the value and PDO will escape everything. Also fetch_array() should be fetch() and MYSQLI_ASSOC should be PDO::FETCH_ASSOC.
<?php
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if($id) {
require('include/db.php');
require('include/init.php');
// Prepare && Binding will take care of escaping the string
$result = $odb->prepare("SELECT * FROM users where ID = :id");
$result->bindValue(":id", $id);
$result->execute();
while($row = $result->fetch(PDO::FETCH_ASSOC)) {
$username = $row['username'];
$email = $row['email'];
$rank = $row['rank'];
$membership = $row['membership'];
$expire = $row['expire'];
$status = $row['status'];
echo "
Username: ".$username."<br />
Email: ".$email."<br />
Rank: ".$rank."<br />
Membership: ".$membership."<br />
Expire: ".$expire."<br />
Status: ".$status."<br />
";
}
} else {
echo "You did not enter an ID!";
}
?>
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
<?php
if (isset($_POST["loginbtn"])){
$euser = $_POST["Emp_Username"];
$epassw = $_POST["Emp_Password"];
$check_user = mysql_query("select * from employee where Emp_Username = '".$euser."' and Emp_Password= '".$epassw."'");
if ($row=mysql_fetch_assoc($check_user)){
$_SESSION["loggedin"] = "true";
$_SESSION["eid"] = $row["Emp_ID"]; // keeps the member id in a session
header("location: profile.php"); // proceeds to the profile page
}else{
?>
<script type = "text/javascript">
alert("Invalid Username or Password");
</script>
<?php
}
}
?>
I think you need another if condition inside your block code:
if (isset($_POST["loginbtn"])) {
$euser = $_POST["Emp_Username"];
$epassw = $_POST["Emp_Password"];
$check_user = mysql_query("select * from employee where Emp_Username = '".$euser."' > and Emp_Password= '".$epassw."'");
if ($row=mysql_fetch_assoc($check_user)) {
$_SESSION["loggedin"] = "true";
$_SESSION["eid"] = $row["Emp_ID"]; // keeps the member id in a session
if (in_array($row["position"], array("CEO", "Manager", "...")) {
header("location: profile.php"); // proceeds to the profile page
}
}
}
else { ?> alert("Invalid Username or Password");