I have a problem with deleting from mySQL table. I'm using drop down list to select which name (id) I need to delete. Please help.
<h1>Delete product</h1>
<form method="post" action = "Delete.php">
<div class="Delete">
<select>
<?php
require('connect.php');
$query = mysql_query("SELECT name FROM `products`");
$id = mysql_query("SELECT id FROM `products`");
while($row=mysql_fetch_array($query)){
echo "<option value='". $row = $_POST['id']."'>".$row['name'].'</option>';
}
?>
</select>
<input type="submit" name="" value="Delete">
</form>
</div>
And this is script. It makes error on line 10 - if(isset($_POST['id'])){
<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
require('connect.php');
$id = mysql_query("SELECT id FROM `products`");
if(isset($_POST['id'])){
$id = mysql_real_escape_string($_POST['id']);
$query2 = "DELETE FROM `products` WHERE id = '$id'";
$result=mysql_query($query2);
if($result){
header("Location: tools.php");
exit;
}
else{
echo"ERROR";
}
}
else{
echo"Bad ID";
}
}
?>
Try something like this
//Give select a name so delete.php can hook into it
<select name="product_id">
<?php
require('connect.php');
//Merge your 2 queries into one
$query = mysql_query("SELECT id, name FROM products");
//Fix value fetching in your while loop
while($row=mysql_fetch_array($query)){
echo "<option value='". $row['id']."'>".$row['name'].'</option>';
}
?>
</select>
Then in your submit script
<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
require('connect.php');
//Look for select name
if(isset($_POST['product_id'])){
//Get ID from select value
$id = mysql_real_escape_string($_POST['product_id']);
$query = "DELETE FROM products WHERE id = '$id'";
$result = mysql_query($query);
if($result){
header("Location: tools.php");
exit;
}
else{
echo"ERROR";
}
}
else{
echo"Bad ID";
}
}
?>
I havnt tested this but with minor tweaking if any, it should now work for you.
What i have done
Given your a name so it can be picked up by delete.php
Merged your product name, id fetch queries into 1 query
Killed off that $row = $_POST['id'] statement :S
In delete.php checked for the select name (given in bullet 2)
Clean up id depeneding on selected value
Ran delete query
Hope this helps
Related
EDIT: IGNORE ANY SQL INJECTIONS OR VULNERABLE CODE STATEMENTS :D
(School Project).
I wish to create a insert form on my webpage where I can select an artist from a table, including a song from a table and combine them for an insert into a combined foreign key table.
I have managed to do selects and insert with only individual artist and song drop-downs on my web-page, but would wish for combining the two ID's from each table to combine them to a many to many relative table. But when I press the submit button nothing happens, and I'm a beginner and don't know if I'm missing any important bits of actually Posting the information.
For troubleshooting I have tried my code, and tested it. I see if I remove my code theres no problem, so the problem persists on the syntax I believe, as the first dropdown shows, alongside the second dropdown and submit button, but the problem is within the actual processing and SQL query part, where it never goes to the DB..
The problem:
As you can see below I have a the text Song Name appear with a drop-down menu in the bottom left corner including the Artist Name with a submit button. But my problem persists as the select and then insert from the two drop downs into the combined table does not work, it does not actually submit, I want it to post into the DB what can I do. But somethings off? I would appreciate any questions or help, this community is so amazing and wonderful to operate in!
Database
PHP
<form method='POST'>
<?php
include('connect_mysql.php');
if(isset($_POST["mangetilmange"])) {
$song_id = $_POST["song_id"];
$artist_id = $_POST["artist_id"];
$sql ="INSERT INTO artist_has_song (song_id, artist_id) VALUES
('$song_id', '$artist_id')";
if($conn->query($sql)) {
echo "Completed";
} else {
echo "Blablalbablablablablablablabl $sql
($conn->error.";
}
}
?>
Song Name
<?php
$sql = "SELECT * FROM song";
$resultat = $conn->query($sql);
echo "<select name='song_id'>";
while ($rad = $resultat->fetch_assoc()) {
$song_id = $rad["song_id"];
$songname = $rad["songname"];
echo "<option value='$song_id'>$songname</option>";
}
echo "</select>";
?>
Artist Name
<?php
$sql = "SELECT * FROM artist";
$resultat = $conn->query($sql);
echo "<select name='artist_id'>";
while ($rad = $resultat->fetch_assoc()) {
$artist_id = $rad["artist_id"];
$artistname = $rad["artistname"];
echo "<option value='$artist_id'>$artistname</option>";
}
echo "</select>";
?>
</form>
<input type="submit" name="mangetilmange" value ="Submit">
change you code to this:
<form method='POST'>
<?php
include('connect_mysql.php');
if(isset($_POST["mangetilmange"])) {
$song_id = $_POST["song_id"];
$artist_id = $_POST["artist_id"];
$sql ="INSERT INTO artist_has_song (song_id, artist_id) VALUES
('$song_id', '$artist_id')";
if($conn->query($sql)) {
echo "Completed";
} else {
echo "Blablalbablablablablablablabl";
}
}
?>
Song Name
<?php
$sql = "SELECT * FROM song";
$resultat = $conn->query($sql);
echo "<select name='song_id'>";
while ($rad = $resultat->fetch_assoc()) {
$song_id = $rad["song_id"];
$songname = $rad["songname"];
echo "<option value='$song_id'>$songname</option>";
}
echo "</select>";
?>
Artist Name
<?php
$sql = "SELECT * FROM artist";
$resultat = $conn->query($sql);
echo "<select name='artist_id'>";
while ($rad = $resultat->fetch_assoc()) {
$artist_id = $rad["artist_id"];
$artistname = $rad["artistname"];
echo "<option value='$artist_id'>$artistname</option>";
}
echo "</select>";
?>
<input type="submit" name="mangetilmange" value ="Submit">
</form>
I have been looking for a solution for this for a while but they all pertain to html tables. I have a simple form and have manually added values into the database using phpMyAdmin. I have a drop down menu at the top and whenever the admin selects a particular name from the drop down menu and presses the 'Display the fields' button, I want all the respective fields to be filled in with the values after which the admin can make changes onto any particular field and update. How can I get those values to be filled? I have tried multiple codes but keep getting errors such as undefined index, undefined variable etc. Can someone help me with that?
<!doctype html>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "db_dealer_track";
$conn = new mysqli($servername, $username, $password, $dbname);
if($conn->connect_error){
die("Connection failed". $conn->connect_error);
}
if(isset($_POST['id1'])){
$sql = "SELECT * FROM tbl_dealer_info ";
$sql .= "WHERE $account_name = 'account_name' ";
$result = mysqli_query($conn, $sql);
while($row = mysqli_fetch_array($result)){
?>
<html>
<head>
<title>iMobile </title>
</head>
<body bgcolor = "#D6DFE3">
<center><b><h2>Please enter the following information: </h2></b></center>
<form action = "dealer_track.php" method = "post">
<strong><center> <u>Fields marked with an asterisk(*) are required.</u><br><br>
Name of the dealer:* // This is where the admin selects the user they would like to update
<?php
$sql = "SELECT account_name FROM tbl_dealer_info ";
$result = mysqli_query($conn, $sql);
echo "<select name = 'account_name' id = 'id'>";
echo "<option value = ''>";
while($row = mysqli_fetch_array($result)){
echo "<option value = '" .$row['account_name'] . "'>" . $row['account_name'] . "</option>";
}
echo "</select>";
?>
<br><br>
<input type = submit id = "id1" name = "id1" value = "Display the fields" /><br>
</center>
<hr>
<br><br>
</form>
<form action = "dealer_track.php" method = "post">
Email:*<br>
<input type = "email" name = "email" id = "id3" value = "<?php echo $row['email']?>" Required /><br><br>
RSM:*<br>
<?php
$sql = "SELECT rsm_val FROM tbl_rsm_drop_down ";
$result = mysqli_query($conn, $sql);
echo "<select name = 'rsm_val'>";
echo "<option value = ''></option>";
while($row = mysqli_fetch_array($result)){
echo "<option value = '" .$row['rsm_val'] . "'>" . $row['rsm_val'] . "</option>";
}
echo "</select>";
?>
<br><br>
**// My radio buttons aren't getting checked though**
iPhone Boost Approved:
<input type = "radio" name = "boost_app" <?php if(isset($boost_app)&& $boost_app =="Yes")?> value = "Yes" />Yes
<input type = "radio" name = "boost_app" <?php if(isset($boost_app)&& $boost_app =="No")?> value = "No" />No<br><br>
</form>
<?php
}} // While loop and if loop at the start
?>
</body>
</html>
I'm taking a wild guess here, so I'm assuming you want to select a user from a dropdown (That could be a bad idea if many people are in said database), but you would want to make a simple HTML form and name it somethign you will remember. Under the form put this?
<?php
if(isset($_POST['formnamehere'])) {
$sql = "SELECT * FROM (table name) WHERE accountname=" . $accountname;
$result = $conn->query($sql);
$row = $result->fetch_assoc();
echo $row['accountname'];
//put other things here, etc.
}
?>
Granted this code is not meant to be used exactly. but to give you a general idea.
You code is a bit messy but here is what you need to do generally.
First query for the unique record:
$sqlQuery = "SELECT id, firstname, lastname FROM Table Where id = '$id'";
Then run the query:
$result = $connection->query($sqlQuery ); //nb: $connection is your connection variable
Then check if any result found:
if ($result->num_rows > 0) { ........ }
If any records found then put the fetched data in variables like this
while($row = $result->fetch_assoc()) {
$firstname = $row["firstname"];
$lastname = $row["lastname"];
//and so on....
}
// You can display these variables any how you want in here, eg:
echo "<h2>$firstname</h2>";
or
<input type="text" id="firstname" name="firstname" value="<?php echo $firstname ?>" />
//nb: you must close the php tag before using html and re open it after
if "if ($result->num_rows > 0) {...} is false, just use an else {...} to display a message
You can run a query with your active connection to fetch your respective information from the table you want, along with a search clause for where the name is equal to a given value.
Query:
$result = mysqli_query($con, "SELECT `data` FROM `table` WHERE `name` = '$name';");
You can then display your data on your front end by outputting the result.
<?php
if($row = mysqli_fetch_array($result)) {
echo $row["data"];
}
?>
I have rows showing products and their stockings.
I can pull out records from the database but somehow I am stuck at the editing part. When I click on edit I don't know how to pass the id so I can use the id to select what is needed to be selected in the table.
I have something like stock.php which shows all item_name and stock
<?php
$sql = "SELECT * FROM inventory";
$result = mysqli_query($mysqli,$sql);
//make sure database queries
if (!$result) {
echo "DB Error, could not query the database\n";
echo 'MySQL Error: ' . mysql_error();
exit;
}
if ($result->num_rows > 0) {
echo "<table><tr><td>Name</td>
<td>Stock</td>
</tr>";
// output data of each row
while($row = $result->fetch_assoc()) {
$id = $row['id'];
echo "<tr>
<td>".$row["item_name"]."</td>
<td>".$row["stock"]."</td>
<td>
<form action='edit.php' method='POST'>
<input type='hidden' name='$id' value='$id'/>
<input type='submit' name='edit' value='edit' />
</form>
</td>
</tr>";
}
echo "</table>";
} else {
echo "0 results";
}
?>
in my edit.php I have something like this which is giving me error because the $id is not passed
include_once "init.php";
if ($_SERVER['REQUEST_METHOD']=='POST') {
// query the table by matching up the int id
$sql = "SELECT * FROM inventory WHERE id = '$id'";
}
I want to pull out the data again in a new page and then having input box again to let users update stock # or even the product name and others if necessary.
There is an error in your input declaration. HTML items can't have names that start with special characters (like the $). You should be setting the variable-based names this way:
<input type='hidden' name='".$id."' value='".$id."'/>
Also in your edit.php, your SQL statement has a bug.
$sql = "SELECT * FROM inventory WHERE id = '$id'";
should be:
$sql = "SELECT * FROM inventory WHERE id = ".intval($id);
You need to do the following updates:
stock.php
<input type='hidden' name='id' value='$id'/>
edit.php
$sql = "SELECT * FROM inventory WHERE id = '".$_POST["id"]."'";
you are passing the current id value as the post var name, the var's name should be "id"
I have created a page where it lets users to edit their information which is stored in the database. However i can't get the WHERE clause to work it just keeps coming up with entry not found. Any help would be great thanks.!
<?php
mysql_connect('localhost', 'root', 'password') or die(mysql_error());
mysql_select_db("peopletank") or die(mysql_error());
$query = mysql_query("SELECT * FROM users WHERE id='$id'")
or die(mysql_error());
if(mysql_num_rows($query)>=1){
while($row = mysql_fetch_array($query)) {
$id = $row['id'];
$firstname= $row['firstname'];
$secondname= $row['secondname'];
}
?>
<form action="update.php" method="post">
<input type="hidden" name="ID" value="<?php echo $id;?>">
Value1: <input type="text" name="value1" value="<?php echo $firstname;?>">
<br>
Value2: <input type="text" name="value2" value="<?php echo $secondname?>">
<input type="Submit" value="Change">
</form>
<?php
}else{
echo 'No entry found. Go back';
}
?>
Try this :
$query = mysql_query("SELECT * FROM users WHERE id='".$id."'");
Make sure your $id is populated correctly. Try checking the value first if the query still didn't showed up like this :
echo 'The id is : '.$id;
$query = mysql_query("SELECT * FROM users WHERE id='".$id."'");
If the $id is populated correctly but still return no result then run the query manually in your mysql database, probably there is no result for specified $id
And while populating data, no need to fetch $id while you just have same $id ini this query.
while($row = mysql_fetch_array($query)) {
$id = $row['id']; /* << Remove this */
$firstname= $row['firstname'];
$secondname= $row['secondname'];
}
I aint 100% sure if its one of these things:
1) Try ending the statements with ;
2) Numbers dont have to be between ''
3) Try putting names of columns between ``
4) use LIMIT 1 where you can (makes things faster but not important)
5) Always try to use a selecter (faster)
<?
if ( $query = mysql_query("SELECT `firstname`,`secondname` FROM `users` WHERE (`id` = $id) LIMIT 1;"))
{
if ($r = mysql_fetch_assoc($query))
{
$firstname = $r['firstname'];
$secondname = $r['secondname'];
}
}
?>
I am trying to create two dropdown menus, that will enable a selected user to be added to a selected team and submitted.
There are 3 tables users, teams and teammembers. Teammembers has 2 columns for the ID's of users and teams.
I have created some code, that selects the names and id's for both teams and users in the dropdown menu. The first problem I am encountering is only the names are showing and not the id's within the dropdown box.
Secondly, when submitting the form data is inputted into the teammembers table but both as 0 and 0 rather than the users id and team id submitted.
Does anyone know where i've gone wrong?
// cpanel-addplayer.php
<link href="default.css" rel="stylesheet" type="text/css" />
<form method="post" action="cpanel_addplayerprocessing.php">
<?
session_start();
include('../utils/dbc.php');
error_reporting(-1);
echo 'Players';
$sql = "SELECT ID, user_name FROM users";
$result = mysql_query($sql);
echo "<select name='user_name'>";
while ($row = mysql_fetch_array($result)) {
echo'<option value="'.$row['ID'].'">'.$row['user_name'].'</option>';
}
echo "</select>";
?>
<?php
echo 'Teams';
$sql = "SELECT ID, name FROM teams";
$result = mysql_query($sql);
echo "<select name='teams'>";
while ($row = mysql_fetch_array($result)) {
echo "<option value='" . $row['ID'] ."'>" . $row['name'] ."</option>";
$teamid = $row['ID'];
}
echo "</select>";
?>
<input type="submit" name="submit" value="Submit">
</form>
// cpanel-addplayerprocessing.php
<?php
error_reporting(-1);
session_start();
include('../utils/dbc.php');
// escape variables for security
a
$sql="INSERT INTO teammembers (userid, teamid)
VALUES ('$userid', '$teamid')";
$result = mysql_query($sql);
if($result){
header('Location: ../thankyou.php');
}
else {
echo "ERROR";
}
mysql_close();
?>
Thanks for your help!
Use PHP concatanation to generate the SQL query
$sql="INSERT INTO teammembers (userid, teamid) VALUES ('".$userid."', '".$teamid."')";
and also print the sql before execute it and try to run the printed SQL directly in phpMyAdmin.
echo $sql;
exit;
Also check the table columns if there is space after or before the column names.