I know the problem, But I cannot seem to fix it, and I was hoping someone on here could steer me in the right direction, What I want to do is check to see if a user has already submitted a correct answer to a question before checking it against the answers database and inserting it into the database, Simply to stop the same question being answered multiple times, I am a rookie with MYSQLi and not great at it, still learning it.
What I currently have so far is :
$mysqli = new mysqli($host,$username,$password,$database);
if($mysqli -> connect_error)die($mysqli->connect_error);
$questionID = $_POST['id'];
$userAnswer = $_POST['answer'];
$userAnswer = strtolower(trim($userAnswer));
$questionValue = $_POST['qValue'];
$teamName = $_SESSION['user_email'];
$user_id = "SELECT t.teamID,t.questionGroupID FROM team as t WHERE t.teamName ='$teamName'";
$result2 = $mysqli->query($user_id);
if ($result2->num_rows > 0) {
// output data of each row
while($row = $result2->fetch_assoc()) {
$userID = $row["teamID"];
}
}
$query = "SELECT answers FROM answers WHERE questionID=?";
$statement = $mysqli->prepare($query);
$statement ->bind_param('i', $questionID);
$statement->execute();
$statement->bind_result($answer);
//checking the database to see if the current question is there from the current user/teamName
if ($result = mysqli_query($mysqli, "SELECT * FROM submissions where teamID='$teamName' and questionID='$questionID'")) {
/* determine number of rows result set */
$row_cnt = mysqli_num_rows($result);
/* close result set */
mysqli_free_result($result);
}
/* close connection */
mysqli_close($mysqli);
//checking to see if it returns a result
if(($row_cnt)= 0){
while ($statement->fetch()) {
if ($answer != $userAnswer) {
echo '<br><br><div class="alert alert-danger"><h5>
<strong>Sorry!</strong> the answer is incorrect! Please Try again!.</h5>
</div>';
"<h3>Sorry the answer is incorrect! Please Try again!</h3><br>";
//return to previous Page
echo 'Return to Question ';
$statement->free_result();
$sql = "INSERT INTO `submissions`(`submissionsID`, `teamID`, `questionID`, `answer`,`qValue`,`status`,`timestamp`) VALUES (null,'$teamName','$questionID','$userAnswer','0','Wrong',NOW())";
if (mysqli_query($mysqli, $sql)) {
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
} else {
echo '<br><br><div class="alert alert-success"><h5>
<strong>Success!</strong> Correct Answer, Good Luck with the Next </h5>
</div>';
echo "<a href='questionList.php' class='btn btn-success btn-block'>Continue with other questions! </a>";
$statement->free_result();
//MySqli Insert Query
$sql = "INSERT INTO `submissions`(`submissionsID`, `teamID`, `questionID`, `answer`,`qValue`,`status`,`timestamp`) VALUES (null,'$teamName','$questionID','$userAnswer','$questionValue','Correct',NOW())";
if (mysqli_query($mysqli, $sql)) {
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
}
}
}else{
echo '<br><br><div class="alert alert-warning"><h5>
<strong>Already Answered!</strong> Good Luck with the Next </h5>
</div>';
echo "<a href='questionList.php' class='btn btn-warning btn-block'>Continue with other questions! </a>";
}
I have tested it most ways, What I need to do is run a check to see if the current logged in user has already answered the questionID correctly, I am using a num_rows to see if its greater than 0, If it is greater than 0, they have answered it.
So my question is, Am I approaching it correctly, and what approach should I take?
It's a good approach. Try using
$row_cnt = $result->num_rows;
rather than
$row_cnt = mysqli_numrows($result);
also don't forget that $row_cnt will equal -1 in the event of any form of query error so you should check for that before assuming all values that arn't 0 are valid.
I would suggest you to see natural language processing (NLP) techniques. If your answer is uni-gram (one word). This approach is ok. If you are dealing with n-grams of size more than 1,ie long sentences or paragraphs Then your approach will not work well. Answers can be written in different ways. So i would suggest some semantic methods like LSA(Latent Semantic Analysis) or simple vector representation models.
I can't think of any other methods to solve this problem.Try NLP methods. Will give you awesome results.
I took a different approach to trying to get it to work and finally got it working, Just wanted to post my solution and thank everyone for helping.
<?php session_start(); ?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<!-- Bootstrap Core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<!-- Custom CSS -->
<link href="css/modern-business.css" rel="stylesheet">
<!-- Custom Fonts -->
<link href="font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Navigation -->
<?php include_once('navigation.php');
// establishing the MySQLi connection
require_once('connection-test.php');
$mysqli = new mysqli($host,$username,$password,$database);
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$questionID = $_POST['id'];
$userAnswer = $_POST['answer'];
$userAnswer = strtolower(trim($userAnswer));
$questionValue = $_POST['qValue'];
$teamName = $_SESSION['user_email'];
$user_id = "SELECT t.teamID,t.questionGroupID FROM team as t WHERE t.teamName ='$teamName'";
$result2 = $mysqli->query($user_id);
if ($result2->num_rows > 0) {
// output data of each row
while($row = $result2->fetch_assoc()) {
$userID = $row["teamID"];
}
}
$query = "SELECT answers FROM answers WHERE questionID=?";
$statement = $mysqli->prepare($query);
$statement ->bind_param('i', $questionID);
$statement->execute();
$statement->bind_result($answer);
$statement->store_result();
?>
<div class="container">
<!-- Page Content -->
<hr>
<?php
if ($result4 = $mysqli->query("SELECT * FROM submissions where teamID='$teamName' and questionID='$questionID'"))
{
// display records if there are records to display
if ($result4->num_rows > 0)
{
echo '<br><br><div class="alert alert-warning"><h5>
<strong>Already Answered!</strong> Good Luck with the Next </h5>
</div>';
echo "<a href='questionList.php' class='btn btn-warning btn-block'>Continue with other questions! </a>";
}
// if there are no records in the database, display an alert message
else
{
while ($statement->fetch()) {
if ($answer != $userAnswer) {
echo '<br><br><div class="alert alert-danger"><h5>
<strong>Sorry!</strong> the answer is incorrect! Please Try again!.</h5>
</div>';
"<h3>Sorry the answer is incorrect! Please Try again!</h3><br>";
//return to previous Page
echo 'Return to Question ';
$statement->free_result();
$sql = "INSERT INTO `submissions`(`submissionsID`, `teamID`, `questionID`, `answer`,`qValue`,`status`,`timestamp`) VALUES (null,'$teamName','$questionID','$userAnswer','0','Wrong',NOW())";
if (mysqli_query($mysqli, $sql)) {
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
} else {
echo '<br><br><div class="alert alert-success"><h5>
<strong>Success!</strong> Correct Answer, Good Luck with the Next </h5>
</div>';
echo "<a href='questionList.php' class='btn btn-success btn-block'>Continue with other questions! </a>";
$statement->free_result();
//MySqli Insert Query
$sql = "INSERT INTO `submissions`(`submissionsID`, `teamID`, `questionID`, `answer`,`qValue`,`status`,`timestamp`) VALUES (null,'$teamName','$questionID','$userAnswer','$questionValue','Correct',NOW())";
if (mysqli_query($mysqli, $sql)) {
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($mysqli);
}
}
}
}
}
// show an error if there is an issue with the database query
else
{
echo "<strong>Error:</strong>" . $mysqli->error;
}
?>
<?php include_once('footer.php'); ?>
</div>
<!-- /.container -->
<!-- jQuery -->
<script src="js/jquery.js"></script>
<!-- Bootstrap Core JavaScript -->
<script src="js/bootstrap.min.js"></script>
</body>
</html>
Related
I have the following code and need some customizations. I need a line break after each mysql record and the capability for the webpage to load at the very bottom. Can this be possible? Thanks in advance. CODE:
<html>
<head>
<meta content="text/html; charset=ISO-8859-1" http-equiv="content-type">
<title> Food Orders </title>
<link rel="stylesheet" type ="text/css" href="default.css">
</head>
<body>
<?php
$server_name = "localhost";
$user_name = "root";
$password = "mysqlpW";
$database_name = "menuDB12";
$connection = new mysqli($server_name, $user_name, $password, $database_name);
if ($connection->connect_error) {
die("Connection Error: " . $connection->connect_error);
}
$attributes "SELECT tablenumber, food FROM clients";
$results = $connection->query($attributes);
if ($results->num_rows > 0) {
while ($rows = $results->fetch_assoc()) {
echo "Table Number: " . $rows["tablenumber"]. " Food Item: " . $rows ["food"].
"<br>";
}
} else {
echo "No Results";
}
$connection->close();
?>
</body>
</html>
if i understood right, you want to display your database results at the end of the page, for that you can try this
$table = ''; if ($results->num_rows > 0) {
while ($rows = $results->fetch_assoc()) {
$table .= "Table Number: " . $rows["tablenumber"]. " Food Item: " . $rows ["food"].
"<br>";
}
} else {
$table = "No Results";
}
and at the end of your page or where you want it to be displayed simply add
<?php echo $table; ?>
You write about line breaks in the original question, but in the comments you specify page breaks (for printing).
Also, I understand you want the content to be displayed at the bottom of the printed page.
If my understanding is correct (and it would help if you edited the question to be more precise), I'd suggest consulting the following:
Page breaks for printing on php page
It helped me some time ago when I was creating a web-based document for printing.
Just use echo "<br>"; for a new line.
And i would recommend ajax for refreshing
https://www.w3schools.com/xml/ajax_intro.asp
Q.) Which Function Substitutes htmlspecialchars() For Arrays?
I'm working on a small app for adding tables to a db, printing them via html and allowing for these tables to be deleted via a hidden form button.
I only receive error for ?addjoke.
Error is on line #19 of HTML File. I marked line 19 with comment tags above and below.
I also attached PHP Controller below HTML code block for reference. The $jokes array lies below "// ***** Display DB ***** //."
I just changed selecting just one table to two tables and I had to change my mysqli_fetch_array code from just calling the joketext table (for just printing the rows) to joketext AND id (id for deleting joketext - the functionality that caused this problem to arise.)
So this code:
while ($row = mysqli_fetch_array($result))
{
$jokes[] = array('id' => $row['id'], 'text' => $row['joketext']); // Changed from just $row['joketext'] to now both tables.
}
has forced me to change:
<p><li><?php echo htmlspecialchars($joke, ENT_QUOTES, 'UTF-8'); ?> -
to:
<p><li><?php echo htmlspecialchars($joke['text'], ENT_QUOTES, 'UTF-8'); ?> -
Which I understand is in fact an array because there's no other way to call both without it right? I'm a newbie so I don't understand why htmlspecialchars() can only be used with strings...what am I missing?
HTML File
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>List of Jokes</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
<link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Slabo+27px">
</head>
<body>
<div id="mainContainer">
<div id="contentContainer">
<div class="headerItem">Here are all the jokes in the database:</div>
<div id="addJoke">+ Add Joke</div>
<ol>
<?php foreach ($jokes as $joke): ?>
// ***** LINE***** 19 //
<form action="?deletejoke" method="post">
// ***** LINE***** 19 //
<p><li><?php echo htmlspecialchars($joke['text'], ENT_QUOTES, 'UTF-8'); ?> -
<input type="hidden" name="id" value="<?php echo $joke['id']; ?>">
<input type="submit" value="Delete"></li></p>
</form>
<?php endforeach; ?>
</ol>
</div>
<div id="footer">
<p>IDJB Home - Add Joke to IDJB - Sitemap</p>
<p>© <?php echo date("Y") ?> Internet Joke Database</p>
</div>
</div>
</body>
</html>
PHP Controller File
<?php
// ***** MagicQuoteFix ***** //
if (get_magic_quotes_gpc())
{
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
// ***** Begin Connection Info ***** //
$connection = mysqli_connect('localhost', 'ijdbuser', 'ijdbpw');
if (!$connection)
{
$error = 'Unable to connect to the database server.';
include 'error.html.php';
exit();
}
if (!mysqli_set_charset($connection, 'utf8'))
{
$output = 'Unable to set database connection encoding.';
include 'output.html.php';
exit();
}
if (!mysqli_select_db($connection, 'ijdb'))
{
$error = 'Unable to locate the joke database.';
include 'error.html.php';
exit();
}
// ***** Display DB ***** //
$result = mysqli_query($connection, 'SELECT id, joketext FROM joke');
if (!$result)
{
$error = 'Error fetching jokes: ' . mysqli_error($connection);
include 'error.html.php';
exit();
}
while ($row = mysqli_fetch_array($result))
{
$jokes[] = array('id' => $row['id'], 'text' => $row['joketext']);
}
if (isset($_GET['addjoke'])) {}
else
{
include 'jokes.html.php';
}
//
// ***** Begin Add/Remove DB Options ***** //
if (isset($_GET['addjoke']))
{
include 'form.html.php';
exit();
}
if (isset($_GET['deletejoke']))
{
$id = mysqli_real_escape_string($connection, $_POST['id']);
$sql = "DELETE FROM joke WHERE id='$id'";
if (!mysqli_query($connection, $sql))
{
$error = 'Error deleting joke: ' . mysqli_error($connection);
include 'error.html.php';
exit();
}
//header('Location: .');
exit();
}
if (isset($_POST['joketext']))
{
$joketext = mysqli_real_escape_string($connection, $_POST['joketext']);
$sql = 'INSERT INTO joke SET
joketext="' . $_POST['joketext'] . '",
jokedate=CURDATE()';
if (!mysqli_query($connection, $sql))
{
$error = 'Error adding submitted joke: ' . mysqli_error($connection);
include 'error.html.php';
exit();
}
header('Location: .');
exit();
}
?>
I realize some of my code is old or depreciated. I started learning from an older book and I figure I'll just finish it for context with older apps before moving to more advanced OOP programming.
Thanks for helping me learn.
I'm a newbie so I don't understand why htmlspecialchars() can only be used with strings...what am I missing?
You have to iterate through the array and escape the strings in it:
foreach($arr as &$v)
$v = htmlspecialchars($v);
Now you have each value in the array escaped.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I'm new to PHP so please have patience and explain it to me like I'm 5.
I have a page where it shows the content of a table from SQL, but whenever I update with php I have for force update my browser to make it display the new content of the table. I got the same problem as this guy but I didn't understand his solution:
Php won't update to show new sql content
This is my PHP code for updating the table:
<!-- html dok -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
</body>
</html>
<?php
$server = "localhost";
$brugernavn = "";
$kode = "";
$db = "";
mysql_connect($server , $brugernavn , $kode) or die(mysql_error());
echo "Forbundet til mysql server<br/>";
mysql_select_db($db)or die(mysql_error());
echo "Forbundet til databasen<br/><br/>";
$data = mysql_query("SELECT * FROM nyheder" ) or die(mysql_error());
while ($info = mysql_fetch_array($data))
{
echo "Nyhed: " . $info['nyhed']. "<br/><br/>";
}
// Update tabel
if (isset($_POST['update'])) {
$nyhed = $_POST['nyhed'];
$tabeldata = "UPDATE nyheder SET nyhed = '$nyhed' WHERE ID ='1'";
$resultat = mysql_query($tabeldata);
if($resultat) {
echo "Din nyhed blev opdateret" . "<a href=get.php>Videre</a>";
}
else {
echo "FEJL";
}
}
else {
echo "Ingen nyheder er blevet opdateret";
}
mysql_close();
?>
and this is my code for displaying the table content:
<!DOCTYPE html>
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<?php
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT nyhed FROM nyheder WHERE ID='1'";
$result = $conn->query($sql);
$link_address = 'form.php';
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo $row["nyhed"] . "<br><br>";
echo "<a href='$link_address'>Opdater</a>";
}
} else {
echo "0 results";
}
$conn->close();
?>
</body>
</html>
Thank you so much in advance! :)
If you want to use Php won't update to show new sql content's answer change below
if($resultat) {
echo "Din nyhed blev opdateret" . "<a href=get.php>Videre</a>";
}
to
if($resultat) {
echo "Din nyhed blev opdateret" . "Videre";
}
this will add current time to get.php as query string (will looks like get.php?time=1417626725) and every time you click the link browser sees get.php as new url and fetch the page again without load it from cache (if it's cached)
Getting an error of
"Error: 1
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1"
Please help guys, Many thanks in advance.
Code:
<?php
include('head.php');
if(isset($_POST['submit']))
{
$userid = trim($_POST['userid']);
$email = trim($_POST['email']);
$mobile = trim($_POST['mobile']);
$sql = mysqli_query($conn,"INSERT INTO forgot(userid,email,mobile)VALUES ('$userid','$email','$mobile')");
if (mysqli_query($conn,$sql))
{
echo "We will Contact you Soon.<br>";
}
else
{
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>******</title>
<link href="forum-styles.css" rel="stylesheet" type="text/css">
</head>
<style type="text/css">
.txtField {
padding: 5px;
border:#fedc4d 1px solid;
border-radius:4px;
}
</style>
<body background="img/gold-and-money.jpg">
<form action="" method="post" class="basic-grey">
<h1>****** Forgot Password
<span>Please let us know your UserId, We will reset password and inform you.</span> </h1>
<label>
<span>User Id :</span>
<input type="text" name="userid" required />
</label>
<label>
<span>Mobile N. :</span>
<input type="text" name="mobile" required/>
</label>
<label>
<span>Email Id :</span>
<input type="text" name="email" required/>
</label>
<label>
<div align="right"><span> </span>
<input type="submit" class="button" value="Submit" name="submit"/>
</div>
</label>
</form>
</body>
</html>
$sql = mysqli_query($conn,"INSERT INTO forgot(userid,email,mobile)VALUES ('$userid','$email','$mobile')");
if (mysqli_query($conn,$sql))
{
echo "We will Contact you Soon.<br>";
}
You've got two calls here to mysqli_query. The first time, you're making the query and assigning the return value to $sql; the second time, you're running $sql as a query.
To fix the immediate problem, do something along the lines of:
$sql = "INSERT INTO forgot(userid,email,mobile)VALUES ('$userid','$email','$mobile')";
if (mysqli_query($conn,$sql))
{
echo "We will Contact you Soon.<br>";
}
You're assigning your query to a string, and then using that in your query. This makes debugging things easier, as you can now output your generated query to check what you're producing.
However
You're also passing user-generated data directly into an SQL query, without escaping it. This is very bad - at best, you're going to have a problem if some of the data contains apostrophes. At worst, your database will get hacked. One solution here is to use escaping, as Fred suggested, using mysqli_real_escape_string:
$userid = mysqli_real_escape_string($conn, $_POST['userid']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$mobile = mysqli_real_escape_string($conn, $_POST['mobile']);
I'd suggest also looking at using bound parameters and a prepared statement instead, for added extra security.
Use prepared statements, or PDO with prepared statements, they're much safer.
#andrewsi answered correct: "You're running your query twice. The first time, you're assigning the result to $sql; the second time, you're trying to run that result as a query."
#andrewsi, you r running your query twice and your your query contains variables which you have make them as literals. so code would be like this:
$sql ="INSERT INTO forgot(userid,email,mobile)VALUES ($userid,$email,$mobile)";
if (mysqli_query($conn,$sql))
{
echo "We will Contact you Soon.<br>";
}
else
{
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
I hope this will help you.
Here is a basic example. Check where you have a turn. Always keep follow the standard way of coding.
<?php
$mysqli = new mysqli("localhost", "my_user", "my_password", "world");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$mysqli->query("CREATE TABLE myCity LIKE City");
$query = "INSERT INTO myCity VALUES (NULL, 'Stuttgart', 'DEU', 'Stuttgart', 617000)";
$mysqli->query($query);
printf ("New Record has id %d.\n", $mysqli->insert_id);
/* drop table */
$mysqli->query("DROP TABLE myCity");
/* close connection */
$mysqli->close();
?>
Ankit, their are few things to take care of while coding the queries, instead of explaining them, I will try to rewrite the query:
$query = sprintf("INSERT INTO forgot('userid','email','mobile')
VALUES ('%s', '%s', '%s')"
, mysqli_real_escape_string( $con, $_POST['userid'] )
, mysqli_real_escape_string( $con, $_POST['email'] )
, mysqli_real_escape_string( $con, $_POST['mobile'] ));
if (mysqli_query($dbConnection, $query)) {
echo "Successfully inserted" . mysqli_affected_rows($conn) . " row";
} else {
echo "Error occurred: " . mysqli_error($dbConnection);
}
if in case, userid is the integer, convert the userid to int as follows before creating the $query:
$userid = (int)$_POST['userid'];
$sql = "INSERT INTO forgot(userid,email,mobile)VALUES ('$userid','$email','$mobile')";
if (mysqli_query($conn,$sql))
{
echo "We will Contact you Soon.<br>";
}
else
{
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
It will work.
<?php
include_once("php_includes/check_login_status.php");
if($user_ok != true){
header("location: login.php");
exit();
}
?>
<?php
$id = "SELECT id FROM users WHERE username='$log_username'";
if(isset($_POST["signupbtn"])) {
if ($log_username) {
/// getting data from submitted form into local variables
$x = preg_replace('#[^a-z 0-9]#i', '', $_POST['xbox']);
$p = preg_replace('#[^a-z 0-9]#i', '', $_POST['psn']);
$s = preg_replace('#[^a-z 0-9]#i', '', $_POST['steam']);
$ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
// DUPLICATE DATA CHECKS FOR GAMER PROFILES
$sqli = "SELECT username FROM player WHERE xbox='$x' LIMIT 1";
$query = mysqli_query($db_conx, $sqli);
$x_check = mysqli_num_rows($query);
// -------------------------------------------
if ($x_check > 0){
echo "Xbox Gamer-Tag already linked to a user on this website";
exit();
} else if (is_numeric($x[0])) {
echo 'Xbox Gamer-Tag cannot begin with a number';
exit();
}
$sqli = "SELECT username FROM player WHERE psn='$p' LIMIT 1";
$query = mysqli_query($db_conx, $sqli);
$p_check = mysqli_num_rows($query);
// -------------------------------------------
if ($p_check > 0){
echo "PSN User already linked to a user on this website";
exit();
} else if (is_numeric($p[0])) {
echo 'PSN User cannot begin with a number';
exit();
}
$sqli = "SELECT username FROM player WHERE steam='$s' LIMIT 1";
$query = mysqli_query($db_conx, $sqli);
$s_check = mysqli_num_rows($query);
// FORM DATA ERROR HANDLING
if ($s_check > 0){
echo "Steam account already linked to a user on this website";
exit();
} else if (is_numeric($s[0])) {
echo 'Steam account cannot begin with a number';
exit();
} else { $sqli = "INSERT INTO player (id, username, xbox, psn, steam, ip, created, lastupdated, notecheck)
VALUES ('$id','$log_username','$x','$p','$s','$ip',NOW(),NOW(),NOW())";
$query = mysqli_query($db_conx, $sqli);
}
echo "Gamer Profiles Updated";
exit();
if (!file_exists("p_player/$log_username")) {
mkdir("p_player/$log_username", 0755);
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Sign Up</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="templates/default/style/style.css">
<style type="text/css">
#profiles{
margin-top:24px;
}
#profiles > div {
margin-top: 12px;
}
#profiles > input,select {
width: 200px;
padding: 3px;
background: #F3F9DD;
}
#profiles {
font-size:18px;
padding: 12px;
}
</style>
<script src="js/main.js"></script>
<script src="js/ajax.js"></script>
</head>
<body>
<?php include_once("templates/default/template_pageTop.php"); ?>
<div id="pageMiddle">
<h3>Gamer Profiles</h3>
<form action="player.php" method="POST" name="profiles">
<div>Xbox Gamer-tag: <input type="text" name="xbox"></div>
<div>PSN User: <input type="text" name="psn"></div>
<div>Steam User: <input type="text" name="steam"></div>
<input type="submit" name="signupbtn">
</form>
</div>
<?php include_once("templates/default/template_pageBottom.php"); ?>
</body>
</html>
The $log_username variable comes from the top php script and every thing is fine with it as I can echo the variable and comes back with the logged user on this page.
so basicaly nothing is being written to my database on submitting the button and I am really stumped with it tbh. I am using the MySQLi extension within php 5 as I have been following a tutorial on things and have came to the end of the tutorial and now I am by myself. I was going to included a shot of my database below to prove that the names on the database is fine but with the fact that my rep is 9 I can't add one to make your lives easier as you need to b 10.
have I got a } in the wrong place or labeling something MySQL when it should be MySQLi.
When I submit the form the mkdir is made in the folder and I get sent to the page with the echo "Gamer Profiles Updated"
Thank you to anyone who tries to solve this problem out I have.
I have been trying to do this for hours tbh and from what i have done everything checks fine and it should be working in theory but it just doesn't work. Thank you once again for looking at this and I look forward to your responses.
Change:
$id = "SELECT id FROM users WHERE username='$log_username'";
to:
$result = mysqli_query($db_conx, "SELECT id FROM users WHERE username='$log_username'") or die(mysqli_error($db_conx));
$row = mysqli_fetch_assoc($result) or die ("$log_username not found");
$id = $row['id'];