php get id to delete record - php

PHP beginner on line:).
I have two files (viewKands.php-listing records and izbrisi.php-for deleting records from database. I try to delete record from db(upisi). But no luck.
Here is the code...Where is my mistake?
viewKands.php:
$kon = mysqli_connect("localhost", "root", "", "upisi");
$kon->set_charset("utf8");
if (mysqli_connect_error()) {
echo "Greska pri konekcija so baza: " . mysql_error();
}
$sqlView = "SELECT idPrijava,brPrijava,jazik,struka,profil,imeKand,tatIme,"
. "prezKand from tblprijava ";
$result = mysqli_query($kon, $sqlView);
$rBr = 1;
while ($rowV = $result->fetch_assoc()) {
$id = $rowV["idPrijava"];
echo "<tr><td>" . $rBr . "</td><td>" . $rowV["brPrijava"] . "</td><td>" . $rowV["jazik"] . "</td><td>" . $rowV["struka"] .
"</td><td>" . $rowV["profil"] . "</td><td>" . $rowV["imeKand"] . " " . $rowV["tatIme"] . " " . $rowV["prezKand"] .
"</td><td><a href='uredi.php'>Уреди</a></td>" . " <td><a href='izbrisi.php?id=$id'>X</a></td>" . "</td></tr>";
$rBr++;
}
And izbrisi.php (for deleting records)
$delkon = mysqli_connect("localhost", "root","","upisi");
$delkon->set_charset("utf8");
if (isset($_GET["idPrijava"]) != "") {
$delete = $_GET["idPrijava"];
$dqry = "DELETE FROM tblprijava WHERE idPrijava='$delete'";
$delete = mysqli_query($delkon, $dqry);
if ($delkon->query($dqry) === TRUE) {
header("Location:viewKands.php");
} else {
echo mysqli_error($delete);
}
} else {
echo "ID error";
}
$delkon->close();


Change code to izbrisi.php
$delkon = mysqli_connect("localhost", "root","","upisi");
$delkon->set_charset("utf8");
if (isset($_GET["id"]) != "") {
$delete = $_GET["id"];
$dqry = "DELETE FROM tblprijava WHERE idPrijava='$delete'";
$delete = mysqli_query($delkon, $dqry);
if ($delkon->query($dqry) === TRUE) {
header("Location:viewKands.php");
} else {
echo mysqli_error($delete);
}
} else {
echo "ID error";
}
$delkon->close();

Related

how do I make this page work it just redirects to homepage

I am making e-commerce site and add to basket script not doing anything
I expect it to insert data into shopping basket from products page that is working perfectly fine. Please have a look and help me figure it out.. it is not giving any syntax error or parse error it just dont do anything and when I click buy it just redirect me to homepage
<?php
error_reporting(E_ALL);
session_start();
require("db.php");
require("functions.php");
$validid = pf_validate_number($_GET['id'], "redirect", $config_basedir);
$prodsql = "SELECT * FROM products WHERE id = " . $_GET['id'] . ";";
$prodres = mysqli_query($prodsql);
$numrows = mysqli_num_rows($prodres);
$prodrow = mysqli_fetch_assoc($prodres);
if($numrows == 0)
{
header("Location: " . $config_basedir);
} else {
if($_POST['submit'])
{
if($_SESSION['SESS_ORDERNUM'])
{
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES("
. $_SESSION['SESS_ORDERNUM'] . ", "
. $_GET['id'] . ", "
. $_POST['amountBox'] . ")";
mysqli_query($itemsql);
} else {
if($_SESSION['SESS_LOGGEDIN'])
{
$sql = "INSERT INTO orders(customer_id, registered, date) VALUES("
. $_SESSION['SESS_USERID'] . ", 1, NOW())";
mysqli_query($sql);
session_register("SESS_ORDERNUM");
$_SESSION['SESS_ORDERNUM'] = mysqli_insert_id();
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES("
. $_SESSION['SESS_ORDERNUM']
. ", " . $_GET['id'] . ", "
. $_POST['amountBox'] . ")";
mysqli_query($itemsql);
} else {
$sql = "INSERT INTO orders(registered, date, session) VALUES("
. "0, NOW(), '" . session_id() . "')";
mysqli_query($sql);
session_register("SESS_ORDERNUM");
$_SESSION['SESS_ORDERNUM'] = mysqli_insert_id();
$itemsql = "INSERT INTO orderitems(order_id, product_id, quantity) VALUES("
. $_SESSION['SESS_ORDERNUM'] . ", " . $_GET['id'] . ", "
. $_POST['amountBox'] . ")";
mysqli_query($itemsql);
}
}
$totalprice = $prodrow['price'] * $_POST['amountBox'] ;
$updsql = "UPDATE orders SET total = total + "
. $totalprice . " WHERE id = "
. $_SESSION['SESS_ORDERNUM'] . ";";
mysqli_query($updres);
header("Location: " . $config_basedir . "showcart.php");
} else {
require("header.php");
echo "<form action='addtobasket.php?id="
. $_GET['id'] . "' method='POST'>";
echo "<table cellpadding='10'>";
echo "<tr>";
if(empty($prodrow['image']))
{
echo "<td><img src='./productimages/dummy.jpg' width='50' alt='"
. $prodrow['name'] . "'></td>";
} else {
echo "<td><img src='./productimages/" . $prodrow['image']
. "' width='50' alt='" . $prodrow['name']
. "'></td>";
}
echo "<td>" . $prodrow['name'] . "</td>";
echo "<td>Select Quantity <select name='amountBox'>";
for($i=1;$i<=100;$i++)
{
echo "<option>" . $i . "</option>";
}
echo "</select></td>";
echo "<td><strong>£"
. sprintf('%.2f', $prodrow['price'])
. "</strong></td>";
echo "<td><input type='submit' name='submit' value='Add to basket'></td>";
echo "</tr>";
echo "</table>";
echo "</form>";
}
}
require("footer.php");
error_reporting(E_ALL);
?>

there are two redirects that makes your user return to your home page
first:
$validid = pf_validate_number($_GET['id'], "redirect", $config_basedir);
make sure $_GET['id] has valid value
second:
$prodsql = "SELECT * FROM products WHERE id = " . $_GET['id'] . ";";
$numrows = mysqli_num_rows($prodres);
// ...
if($numrows == 0)
{
header("Location: " . $config_basedir);
}
check your query in this line:
$prodsql = "SELECT * FROM products WHERE id = " . $_GET['id'] . ";";
make sure it returns not an empty results ( $numrows == 0 )
Test it first on your DBMS front-end

Im having problems with nested forms

Hello im having some problems with my forms. It says "Saw a form start tag, but there was already an active form element. Nested forms are not allowed." but when im looking in my code the forms are not even nested in my code can i have some help.
$sql8 = 'SELECT läggtill.serier, läggtill.id, läggtill.id2, läggtill.säsonger, läggtill.betyg, kategorier.kategori from läggtill inner join'
. ' kategorier on läggtill.kategorier=kategorier.id order by läggtill.serier';
$resultat8 = $mysqli->query($sql8);
$antal8 = $resultat8->num_rows;
while ($rad8 = $resultat8->fetch_assoc()) {
echo "<li>" .$rad8['serier'] .', ' .$rad8['säsonger'] .' Säsonger, ' .$rad8['kategori'] .'<br>'.
'Betyg: ' .$rad8['betyg'] .'/10 </li>' .'<br>';
$id = $rad8['id'];
?>
<?php
echo '<form action="alla.php" method="POST">
<button name=' .$id .'>Ta bort</button>
</form>'
?>
<?php
if (isset($_POST[$id])) {
$sql9 = "Delete from läggtill where id=" . $id . " LIMIT 1";
if ($resultat9 === $mysqli->query($sql9)) {
header('location: alla.php');
} else {
echo "det misslyckades.";
}
echo "asdasd";
}
$id2 = $rad8['id2'];
echo "<div class=" . 'Update' . '>'
?>
<?php
echo "<form action='alla.php' method='POST'>
<label for='serier'>Serie: </label>
<input type='text' name='serier' id='serier'><br>";
$sql14 = 'SELECT * FROM kategorier';
$resultat14 = $mysqli->query($sql14);
$antal14 = $resultat14->num_rows;
if ($antal14 == 0) {
echo 'Inget funnet';
} else {
$sql15 = 'SELECT kategori, id FROM kategorier';
$resultat15 = $mysqli->query($sql15);
$antal15 = $resultat15->num_rows;
if ($antal15 == 0) {
echo 'Inget kategori funnen';
} else {
echo 'Kategori: <select name =kategorier>';
while ($rad15 = $resultat15->fetch_assoc()) {
echo '<option value='. $rad15['id'] . '>' . $rad15['kategori'] . '</option><br>';
}
echo '</select>';
}
}
echo '<br><button name= . $id2' . '>Uppdatera</button>';
if (isset($_POST[$id2])) {
$kategorier = $_POST['kategorier'];
$betyg = $_POST['betyg'];
$serier = $_POST['serier'];
$säsonger = $_POST['säsonger'];
if(strlen($kategorier) && strlen($säsonger) && strlen($serier) && strlen($betyg)) {
$sql12 = '"UPDATE läggtill SET kategorier="" . $kategorier . "", säsonger="" . $säsonger . "", serier="" . $serier . "","
. " betyg="" . $betyg . "" WHERE id2="" . $id2 . "";';
if($resultat9 == $mysqli->query($sql12)) {
header('location: alla.php');
} else {
echo 'Det misslyckades';
}
}
}
}
echo "</form>";
echo "</div>";`**enter code here**`

check have updated few things, hope it will work out
<?php
$sql8 = 'SELECT läggtill.serier, läggtill.id, läggtill.id2, läggtill.säsonger, läggtill.betyg, kategorier.kategori from läggtill inner join'
. ' kategorier on läggtill.kategorier=kategorier.id order by läggtill.serier';
$resultat8 = $mysqli->query($sql8);
$antal8 = $resultat8->num_rows;
while ($rad8 = $resultat8->fetch_assoc()) {
echo "<li>" . $rad8['serier'] . ', ' . $rad8['säsonger'] . ' Säsonger, ' . $rad8['kategori'] . '<br>' .
'Betyg: ' . $rad8['betyg'] . '/10 </li>' . '<br>';
$id = $rad8['id'];
?>
<?php
echo '<form action="alla.php" method="POST">
<button name=' . $id . '>Ta bort</button>
</form>'
?>
<?php
if (isset($_POST[$id])) {
$sql9 = "Delete from läggtill where id=" . $id . " LIMIT 1";
if ($resultat9 === $mysqli->query($sql9)) {
header('location: alla.php');
} else {
echo "det misslyckades.";
}
echo "asdasd";
}
$id2 = $rad8['id2'];
echo "<div class=" . 'Update' . '>'
?>
<?php
echo "<form action='alla.php' method='POST'>
<label for='serier'>Serie: </label>
<input type='text' name='serier' id='serier'><br>";
$sql14 = 'SELECT * FROM kategorier';
$resultat14 = $mysqli->query($sql14);
$antal14 = $resultat14->num_rows;
if ($antal14 == 0) {
echo 'Inget funnet';
} else {
$sql15 = 'SELECT kategori, id FROM kategorier';
$resultat15 = $mysqli->query($sql15);
$antal15 = $resultat15->num_rows;
if ($antal15 == 0) {
echo 'Inget kategori funnen';
} else {
echo 'Kategori: <select name =kategorier>';
while ($rad15 = $resultat15->fetch_assoc()) {
echo '<option value=' . $rad15['id'] . '>' . $rad15['kategori'] . '</option><br>';
}
echo '</select>';
}
}
echo '<br><button name= . $id2' . '>Uppdatera</button></form>';
if (isset($_POST[$id2])) {
$kategorier = $_POST['kategorier'];
$betyg = $_POST['betyg'];
$serier = $_POST['serier'];
$säsonger = $_POST['säsonger'];
if (strlen($kategorier) && strlen($säsonger) && strlen($serier) && strlen($betyg)) {
$sql12 = '"UPDATE läggtill SET kategorier="" . $kategorier . "", säsonger="" . $säsonger . "", serier="" . $serier . "","
. " betyg="" . $betyg . "" WHERE id2="" . $id2 . "";';
if ($resultat9 == $mysqli->query($sql12)) {
header('location: alla.php');
} else {
echo 'Det misslyckades';
}
}
}
}
echo "</div>";

Warning: Invalid argument supplied for foreach() in /path/time/processing/time/viewpunlist.php on line 54

I am trying to get this php code to run. I have made it output the table, however, I am getting this error:
Warning: Invalid argument supplied for foreach() in /path/time/processing/time/viewpunlist.php on line 54
I have been able to use the $row to get the values of it before and even reassigned it later to make sure that it wasn't only executing in WHILE. I have no clue what is going on there. Line 54 is the line:
foreach ( $row as $each)
Here is the file that I am using it in. Any help is appreciated on
a) how to make this file better and
b) getting the whole foreach statement working.
Thank you in advance!
<head>
<title>View My Punches</title>
<body bgcolor="#9966FF">
<link rel="icon" type="image/ico" href="http://example.com/time/favicon.ico"/>
</head>
<?php
error_reporting(E_ALL); ini_set('display_errors', 1);
define('DB_NAME', 'name');
define('DB_USER', 'user');
define('DB_PASSWORD', 'pass');
define('DB_HOST', 'host');
$link = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if ($link->connect_errno > 0){
die('Could not connect: ' .connect_error());
}
$userid_value = $_POST['userid'];
$table = "tc_".$userid_value;
$checkusersql = "SELECT * FROM tc_users WHERE userid = '$userid_value'";
$usercheck = $link->query($checkusersql);
$punchessql = "SELECT * FROM $table ORDER BY id";
$result = $link->query($punchessql);
$unixtime = time() + 60*60;
$time_value = date("h:i:s A", $unixtime);
$date_value = date("m/d/Y", $unixtime);
if ($usercheck->num_rows == 0) {
echo "Sorry, " . $userid_value . " is not a valid user ID. Please try again.";
}else {
echo "Punch Report for " . $userid_value . " | Generated at " . $time_value . " on " . $date_value;
echo "<p></p>";
if ($result->num_rows == 0) {
echo "<p></p>";
echo "No punches were found for " . $userid_value . ".";
}else{
echo "<table border=1>";
echo "<tr><th>Punch ID</th><th>Time</th><th>Punch Type</th><th>Group</th><th>Department</th><th>Notes</th></tr>";
while ($row = $result->fetch_array())
{
echo "<tr><td>" . $row['id'] . "</td><td>" . $row['time'] . "</td><td>" . $row['punchtype'] . "</td><td>" . $row['groupname'] . "</td><td>" . $row['dept'] . "</td><td>" . $row['notes'] . "</td>";
}
echo "</table>";
}
}
$differs = array();
$inout = array();
$inarray = array();
$outarray = array();
$current = array('in'=>$inarray,'out'=>$outarray,'length'=>'');
foreach ( $row as $each)
{
if ( $each['punchtype'] == 'in' )
{
if ( empty($current['in']) )
{ $current['in'] = $each; }
}
else if ( $each['punchtype'] == 'out' )
{
if ( empty($current['out']) )
{ $current['out'] = $each; }
}
if (( !empty($current['in']) && !empty($current['out'])))
{
$in = new DateTime($current['in']);
$out = new DateTime($current['out']);
$current['length'] = $in->diff($out);
$inout[] = $current;
$stamp = $inout['length'];
$stampformat = $stamp->format('%s');
$stampint = intval($stampformat);
$stampintval = $stampint/3600;
echo $stampintval;
}
}
?>
&nbsp
&nbsp
<form method="GET" action="http://example.com/time/panel.php">
<input type="submit" value="Go Home">
</form>

You need to check if the argument passed through foreach is an array.
This can be done by using the function is_array()
if (is_array($variable)) {
foreach ($variable as $item) {
}
}

Unless I am missing something, which I do a lot, it seems to me that you've already iterated through your SQL results here,
if ($usercheck->num_rows == 0) {
echo "Sorry, " . $userid_value . " is not a valid user ID. Please try again.";
}else {
echo "Punch Report for " . $userid_value . " | Generated at " . $time_value . " on " . $date_value;
echo "<p></p>";
if ($result->num_rows == 0) {
echo "<p></p>";
echo "No punches were found for " . $userid_value . ".";
}else{
echo "<table border=1>";
echo "<tr><th>Punch ID</th><th>Time</th><th>Punch Type</th><th>Group</th><th>Department</th><th>Notes</th></tr>";
while ($row = $result->fetch_array())
{
echo "<tr><td>" . $row['id'] . "</td><td>" . $row['time'] . "</td><td>" . $row['punchtype'] . "</td><td>" . $row['groupname'] . "</td><td>" . $row['dept'] . "</td><td>" . $row['notes'] . "</td>";
}
echo "</table>";
}
}
which means that the data is no longer available because you are not using a prepared statement in order to reuse it. You should be able to run another query for the foreach.
$punchessql = "SELECT * FROM $table ORDER BY id";
$result = $link->query($punchessql);
$row = $result->fetch_array();
foreach ( $row as $each) {
//your existing code.
}

Display list by most recent item first

I have an old CMS and i need to edit the code so that it displays the most recent items first as apose to the oldest first. The code below is from the file that i beleive needs editing. Any help most appreciated...
<?
require("inc/config.php");
if ($cms->mrow['usrlvl'] < $cms->ulid) {
header("Location: " . $cms->folder . "/home");
exit();
}
if (isset($_GET['dm'])) {
if ($_GET['dm'] == "a") {
$cms->dmsg = $cms->mrow['singular_title'] . " Added Successfully";
} else if ($_GET['dm'] == "u") {
$cms->dmsg = $cms->mrow['singular_title'] . " Updated Successfully";
} else if ($_GET['dm'] == "d") {
$cms->dmsg = $cms->mrow['singular_title'] . " Deleted Successfully";
} else if ($_GET['dm'] == "bd") {
$cms->dmsg = $_GET['t'] . " "; if ($_GET['t'] > 1) { $cms->dmsg .= $cms->mrow['title']; } else { $cms->dmsg .= $cms->mrow['singular_title']; } $cms->dmsg .= " deleted Successfully";
}
}
require("inc/header.php");
echo "<h1>" . $cms->mrow['title'] . "</h1>";
// Add button
if ($cms->user['ulid'] <= $cms->mrow['usrlvladd'] && ($cms->mrow['allowadd'] || $cms->user['ulid'] == 1)) echo "<span>Add " . $cms->mrow['singular_title'] . "</span>";
// Bulk button
if ($cms->user['ulid'] <= $cms->mrow['usrlvladd'] && $cms->mrow['allowbulkadd']) echo "<span>Add Multiple " . $cms->mrow['title'] . "</span>";
if (!empty($cms->dmsg)) echo "\n<div id=\"dmsg\"><h3><span>" . $cms->dmsg . "</span></h3></div>";
// Set Order BY based on previously saved session or Module Default
if (isset($_SESSION['module' . $cms->mid]['orderby'])) {
$cms->orderby = $_SESSION['module' . $cms->mid]['orderby'];
} else if ($cms->mrow['orderby'] > 0) { // Get order based on field in module table (default)
$fres = mysql_query("SELECT name FROM `" . $cms->prefix . "field_" . $cms->tbl . " WHERE fid=" . $cms->mrow['orderby']);
$cms->orderby = mysql_result($fres,0);
} else if ($cms->mrow['allowposition']) { // Order by ID otherwise
$cms->orderby = "position";
} else { // Order by ID otherwise
$cms->orderby = $cms->idname;
}
// Set Order By Direction based on previously saved session or Module Default
if (!empty($_SESSION['module' . $cms->mid]['direction'])) { // Set Order By first based on session if set
$cms->direction = $_SESSION['module' . $cms->mid]['direction'];
} else { // Order by ID otherwise
$cms->direction = $cms->mrow['direction'];
}
// List Filter Bar
if ($cms->mrow['allowsearch'] == 1 || $cms->mrow['allownpp'] == 1) $cms->listSearch();
// Set Current page based on previously saved session
if (isset($_SESSION['module' . $cms->mid]['pg']) && is_numeric($_SESSION['module' . $cms->mid]['pg'])) {
$cms->pg = $_SESSION['module' . $cms->mid]['pg'];
} else {
$cms->pg = 1;
}
// Generate ajax request to load content into div
echo "<script type=\"text/javascript\">\n";
echo "$(document).ready(function(){\n";
if (isset($_GET['upid'])) { $upid = $_GET['upid']; } else { $upid = 0; } // Update Record ID
echo "
document.pg = " . $cms->pg . ";
document.order = '" . $cms->orderby . "';
document.direction = '" . $cms->direction . "';
showModuleList('" . $cms->mrow['tablename'] . "',document.pg,document.order,document.direction,false," . $upid . ");
});
</script>\n";
// Ajax target div
echo "<div id=\"list\"></div>";
require("inc/footer.php");
?>

drropdownlist values are not shown from the database on fom load

<?php
require_once("../../db_connect/db_connect.php");
$decoded = json_decode($_GET['json']);
$ias = $decoded->{'ias'};
$ian = $decoded->{'ian'};
$select = "select iacode,ianame from isdsmot_ia_creation";
$res = mysql_query($select);
while ($row = mysql_fetch_array($res)) {
$ias = $row['iacode'];
$ian = $row['ianame'];
$ia=$ias."|".$ian;
echo "<OPTION value = \"" . $row[0] . "|" . $row[1] . "\">" . $ia . "</OPTION>";
}
$result=$ia;
if ($result) {
echo "Successful" . mysql_error();
} else {
echo "Unsuccess" . mysql_error();
}
?>

Will this help you : add around your
<?php
require_once("../../db_connect/db_connect.php");
$decoded = json_decode($_GET['json']);
$ias = $decoded->{'ias'};
$ian = $decoded->{'ian'};
$select = "select iacode,ianame from isdsmot_ia_creation";
$res = mysql_query($select);
echo '<select name="myDropDown">';
while ($row = mysql_fetch_array($res)) {
$ias = $row['iacode'];
$ian = $row['ianame'];
$ia=$ias."|".$ian;
echo "<OPTION value = \"" . $row[0] . "|" . $row[1] . "\">" . $ia . "</OPTION>";
}
echo '</select>';
$result=$ia;
if ($result) {
echo "Successful" . mysql_error();
} else {
echo "Unsuccess" . mysql_error();
}
?>

Categories