Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
Answer always "terjadi kesalahan saat mengirim komen!". Can anyone help me?
$message = mysql_real_escape_string(bbcode_to_html($message));
if (mysql_query('insert into topics (id_parent, id, id_user, title, message, id_author, timestamp, timestamp_user) select "' . $dn1['id_parent'] . '", "' . $id . '", max(id_user)+1, "", "' . $message . '", "' . $_SESSION['userid'] . '", "' . time() . '", "' . time() . '" from topics where id="' . $id . '"') and mysql_query('update topics set timestamp_user="' . time() . '" where id="' . $id . '" and id_user=1')){
?><header class="major">
Komen sukses! Kembali ke Topik!
</header>
<?php
}else{
echo 'Terjadi kesalahan saat mengirim komen!';
}
Edited:
Try just adding this code:
<?php
$message = mysql_real_escape_string(bbcode_to_html($message));
$sqlquery1 = 'insert into topics (id_parent, id, id_user, title, message, id_author, timestamp, timestamp_user) select "' . $dn1['id_parent'] . '", "' . $id . '", max(id_user)+1, "", "' . $message . '", "' . $_SESSION['userid'] . '", "' . time() . '", "' . time() . '" from topics where id="' . $id . '"';
$sqlquery2 = 'update topics set timestamp_user="' . time() . '" where id="' . $id . '" and id_user=1';
$result1 = mysql_query($sqlquery1) or die(mysql_error() . ": Full Query was: " . $sqlquery1);
$result2 = mysql_query($sqlquery2) or die(mysql_error() . ": Full Query was: " . $sqlquery2);
if ( $result1 and $result2){
?><header class="major">
Komen sukses! Kembali ke Topik!
</header>
<?php
}else{
echo 'Terjadi kesalahan saat mengirim komen!';
}
?>
This will now also show you the query you tried to execute. This will help if you want further questions answered well.
Related
Hey Guys I am trying to pass data to my model, but for some reason I keep getting an "undefined customitem_id" in my model file. I am testing to see if it will even send to the model so:
the code is as follows. My controller file from customer.php file
$data['customitem_id']= 19;
if(isset($this->request->post['customitem_id'])) {
$this->request->post['customitem_id'];
}
My code from:
public function editCustomer($customer_id, $data) {
if (!isset($data['custom_field'])) {
$data['custom_field'] = array();
}
$this->db->query("UPDATE " . DB_PREFIX . "customer SET customer_group_id = '" . (int)$data['customer_group_id'] . "', sales_representative = '" . $this->db->escape($data['username']) . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(isset($data['custom_field']) ? serialize($data['custom_field']) : '') . "', newsletter = '" . (int)$data['newsletter'] . "', status = '" . (int)$data['status'] . "', approved = '" . (int)$data['approved'] . "', safe = '" . (int)$data['safe'] . "' WHERE customer_id = '" . (int)$customer_id . "'");
$this->db->query("UPDATE " . DB_PREFIX . "custom_item SET customer_id = '" . (int)$customer_id . "' WHERE customitem_id = '" . (int)$customitem_id . "'");
it keeps giving me an undefined variable in the model file. How would I go about making sure it sends the data?
Thanks for your help.
Looks like you're passing an array $data to your editCustomer($customer_id, $data) right?
Try changing this from:
$this->db->query("UPDATE " . DB_PREFIX . "custom_item SET customer_id = '" . (int)$customer_id . "' WHERE customitem_id = '" . (int)$customitem_id . "'")
to
$this->db->query("UPDATE " . DB_PREFIX . "custom_item SET customer_id = '" . (int)$customer_id . "' WHERE customitem_id = '" . (int)$data['customitem_id'] . "'")
note that I changed (int)$customitem_id to (int)$data['customitem_id']
You're using variable $customitem_id in your model but in your controller it is $data['customitem_id']. You likely just need to change $customitem_id to $data['customitem_id'] in your model.
Here is my code, it works and no errors pop up and the correct data for the variables are there.
When it's all done it shows Done for the last echo.
However, when I go into heidisql to view the database table, nothing has changed, even when I run the query in heidisql, still same results.
// Make connection to database
$connection = mysqli_connect($host,$user,$pass,$dbnm);
// Make query
$myQuery = "
UPDATE Ekhaya_Inventory SET
ekhaya_inventory_stock_item = '" . $stockItemPost . "',
ekhaya_inventory_stock_left = '" . $stockLeftPost . "',
ekhaya_inventory_stock_out = '" . $stockOutPost . "',
ekhaya_inventory_stock_minimum = '" . $stockMinimumPost . "',
ekhaya_inventory_stock_price_per_item = '" . $stockPricePIPost . "',
ekhaya_inventory_value_of_stock_left = '" . $stockValueOfStockLeftPost . "'
WHERE
ekhaya_inventory_stock_code = '" . $stockCodePost . "'
AND
ekhaya_inventory_stock_code = '" . $stockLocationPost . "'
";
mysqli_query($connection,$myQuery)or die("Error: ".mysqli_error($connection));
mysqli_close($connection)or die("Error: ".mysqli_error($connection));
echo "<br>Done";
WHERE
ekhaya_inventory_stock_code = '" . $stockCodePost . "'
AND
ekhaya_inventory_stock_code = '" . $stockLocationPost . "'
it is wrong because one field can`t contain two different values in the same time
am doing an online admission system as my project.
Am having issues with the on duplicate query..
this is my php script.
$save="INSERT INTO student_reg (Reg_number,username,password,surname,fname,mname,sex,address,city,state,country,
Email,Prog_code,dept_code)
VALUES('".$_SESSION['random']."','".$_SESSION['uname']."','".$_SESSION['password']."','".$_SESSION['sname']."',
'".$_SESSION['fname']."','".$_SESSION['mname']."','".$_SESSION['sex']."',
'".$_SESSION['address']."','".$_SESSION['city']."','".$_SESSION['state']."','".$_SESSION['country']."',
'".$_SESSION['email']."','".$_SESSION['progcode']."','".$_SESSION['deptcode']."')
ON DUPLICATE KEY UPDATE
username= '" . $_POST['username'] . "',password = '" . $_POST['password'] . "',
surname='" . $_POST['surname'] . "',fname = '" . $_POST['fname'] . "',mname = '" . $_POST['mname'] . "',
sex = '" . $_POST['sex'] . "',address= '" . $_POST['address'] . "',
city= '" . $_POST['city'] . "',state= '" . $_POST['state'] . "',country = '" . $_POST['country'] . "',
Email = '" . $_POST['email'] . "',Prog_code = '" . $_SESSION['progcode'] . "',dept_code = '".$_SESSION['deptcode']."'
";
$result=mysql_query($save)or die(mysql_error());
if($save==TRUE){
echo"save";
}
else{
echo "not saved";
}
The s_session(random) is used to automatically assign
Reg_numbers to students after their form has been saved and the value is stored in a unique field in d database called reg_number.
When I execute the query,the insert option works perfectly
but the update doesn't work rather,it kips inserting a new record over and over again into the database once the submit button is click..
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I am doing an OpenCart modification to an order total. This is the snippet of the code:
<?php
foreach ($data['totals'] as $total) {
if (
$this->db->escape($total['code'])=="sub_total" ||
$this->db->escape($total['title'])="Sub-Total"
) {
$this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . (float)$data['total'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
} else {
$this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . $_SESSION['GCFinalOrderTotalIncludingDelivery'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
}
}
?>
This is the pseudo code. Can an IF/Else be nested inside the foreach statement?
<?php
foreach ($d['totals'] as $total) {
if ($query=="x" || $query=="y") {
a();
} else {
b();
}
}
?>
Sure they can.
And it is quite hard to use 30 characters to say that.
Sure, it can. Not clear what is your problem, but suppose you have a typo in this line:
$this->db->escape($total['title']) = "Sub-Total"
which should be like this:
$this->db->escape($total['title']) == "Sub-Total"
I think you know by now that: "Yes, they can!". However: if your loop isn't that big, you might want to rethink what the actual difference is between the two branches. Take your pseudo-code example, for instance: if the branch is decided on depending on a value that is not derived from the variables provided by the loop itself, you're better of moving the branch:
foreach($someArr as $k=>$v)
{
if ($someOtherVar === true)
{
echo 'The value is '.$v;
}
else
{
echo 'The key is '.$k;
}
}
Can (and should) be written as:
$str = 'The '.($someOtherVar === true ? 'value' : 'key').' is ';
foreach($someArr as $k=>$v)
{
echo $str.$v;
}
Yes you can do this. It is pretty commonly done too. Make sure you use == when testing though; you have = as your test.
In OpenCart the file you're trying to edit I assume is the Order Model?
/catalog/model/checkout/order.php
You have a problem with missing two == which was mentioned by FAngel but the problem lies with your float. The data attribute gets taken away in this function. Because the Data array is no longer inside that snippet. It relies on TOTAL:
So your line:
$this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . (float)$data['total'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
should be: (notice the NEW (float)$total['value'])
$this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
Which means it would be:
#######
// WAS (float)$data['value']
// NOW (float)$total['value']
#######
foreach ($data['totals'] as $total) {
if (
$this->db->escape($total['code'])=="sub_total" ||
$this->db->escape($total['title'])=="Sub-Total"
) {
$this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . (float)$total['value'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
} else {
$this->db->query("INSERT INTO " . DB_PREFIX . "order_total SET order_id = '" . (int)$order_id . "', code = '" . $this->db->escape($total['code']) . "', title = '" . $this->db->escape($total['title']) . "', text = '" . $this->db->escape($total['text']) . "', `value` = '" . $_SESSION['GCFinalOrderTotalIncludingDelivery'] . "', sort_order = '" . (int)$total['sort_order'] . "'");
}
}
Yes absolutely.Else what would have been the point in having a Programing Language.
I have a problem with INSERT SQL sentence. It just do nothing! (and not showing any error).
When I am printing $qry, it looks just fine.
what can be the problem?
This is the code:
<?php
include('conn.php');
$result=mysql_query("SET NAMES utf8 COLLATE utf8_general_ci",$mysql_link);
$result=mysql_query("SELECT * FROM users where userID=".$_SESSION['IDENT'],$mysql_link);
if (!$result)
{
echo "ERROR: error occured in MySQL query.";
}
else
{
if(mysql_num_rows($result)==1)
{
//This will be shown only to registered users.
while ($row=mysql_fetch_array($result))
{
if (($row['userRank']==100)||($row['userRank']==10))
{
$qry="INSERT INTO users (NickName, username, userpass, userEmail, userRank, userOOlamR, userPhone, userPhone2, userStr, userCity, userMikud, userOOlamID) VALUES ('" . $_POST['nname'] . "', '" . $_POST['username'] . "', '" . md5($_POST['userpass']) . "', '" . $_POST['email'] . "', 2, 1, '" . $_POST['cellphone1'] . "', '" . $_POST['cellphone2'] . "', '" . $_POST['street'] . "', '" . $_POST['city'] . "', " . $_POST['mikud'] . ", " . $_POST['oolam'] . ")";
$res=mysql_query($qry ,$mysql_link);
?><div align="center">
<table width="50%" height="20%" style="Border-Style:dotted;Border-Width:1px;Border-Color:a01220;background-color: rgba(190, 200, 230, 0.5);">
<td><div align="Center"><font face="Arial" size="2" color="Black"> SUCCESS!<br></div></td>
</table>
</div><div align="left">
<?php
echo $qry; ?>
</div><?php
}
Else
{
//SECURITY
}
}
}
}
include('cconn.php');
?>
The problem was I had another field in the table that I didn't treat in my INSERT statement at all.
In your query the mistake lines here..
$qry="INSERT INTO users (NickName, username, userpass, userEmail, userRank, userOOlamR, userPhone, userPhone2, userStr, userCity, userMikud, userOOlamID) VALUES ('" . $_POST['nname'] . "', '" . $_POST['username'] . "', '" . md5($_POST['userpass']) . "', '" . $_POST['email'] . "', 2, 1, '" . $_POST['cellphone1'] . "', '" . $_POST['cellphone2'] . "', '" . $_POST['street'] . "', '" . $_POST['city'] . "', " . $_POST['mikud'] . ", " . $_POST['oolam'] . ")";
use this
$nickname=mysql_real_escape_string($_POST['nname']);
$username=mysql_real_escape_string($_POST['username']);
$userpass=md5(mysql_real_escape_string($_POST['userpass']));
$useremail=mysql_real_escape_string($_POST['email']);
$userrank=2;
$useroolamR=1;
$userphone=mysql_real_escape_string($_POST['cellphone1']);
$userphone2=mysql_real_escape_string($_POST['cellphone2']);
$userstr=mysql_real_escape_string($_POST['street']);
$usercity=mysql_real_escape_string($_POST['city']);
$usermikud=$_POST['mikud'];
$useroolamid=$_POST['oolam'];
$qry="INSERT INTO users (NickName, username, userpass, userEmail, userRank, userOOlamR, userPhone, userPhone2, userStr, userCity, userMikud, userOOlamID) VALUES ('$nickname','$username','$userpass','$useremail', $userrank, $useroolamR,'$userphone','$userphone2','$userstr','$usercity',$usermikud,$useroolamid)";