I'm creating a blog site and I got stuck in this phase where I want to allow authors to delete their own posts, they can already see the delete button below each of their posts. In the DB table I have an author, content and ID of the article. Now I need to get the specific ID of the article that they want to delete, but I have no idea how to do this, the delete button is the same for every article, so I can't use that for help. I have this code to get articles from my DB and the button click code ready. For better imagination here is an image of the site -
... previous code
<?php }
$articles->ArticlesConn();
$result = mysql_query("SELECT * FROM articles_table");
while($row = mysql_fetch_array($result)){ // loop to generate content
?>
<div class="container"> // responsive stuff
<div class="row"> // responsive stuff
<div class="twelve columns"> // responsive stuff
<?php
echo "<h3>" . $row['Title'] . "</h3>
<p>" . $row['Content'] . "</p>"; ?>
</div>
</div>
<div class="row">
<div class="eight columns">
<address><?php echo "Author - " . $row['Author']; ?> </address><br><br><br> /// nick of the author below each article
</div>
<div class="four columns">
<?php
if ($row['Author'] == $_SESSION["username"]) // show delete button if the logged user is an author of generated article
{ ?>
<input type="button" name="delete" value="Delete article"/>
<?php } ?>
</div>
</div>
</div>
<?php
}
?>
To solve your problem, you should add a form to wrap your input.
This form will call the page itself. In this form there is a hidden input with the value of the article id. So when you submit the form, you can get the article id via $_POST['name of the hidden input'].
I will show you the code :
<?php }
if (isset($_POST['article-id'])) {
// prevent SQL injection
$articleId = mysql_real_escape_string($_POST['article-id']);
$res = mysql_query('DELETE FROM articles_tab WHERE id='.$articleId);
if (!$res) {
die(mysql_error());
}
}
$articles->ArticlesConn();
$result = mysql_query("SELECT * FROM articles_table");
while($row = mysql_fetch_array($result)){ // loop to generate content
?>
<div class="container"> // responsive stuff
<div class="row"> // responsive stuff
<div class="twelve columns"> // responsive stuff
<?php
echo "<h3>" . $row['Title'] . "</h3>
<p>" . $row['Content'] . "</p>"; ?>
</div>
</div>
<div class="row">
<div class="eight columns">
<address><?php echo "Author - " . $row['Author']; ?> </address><br><br><br> /// nick of the author below each article
</div>
<div class="four columns">
<?php
if ($row['Author'] == $_SESSION["username"]) // show delete button if the logged user is an author of generated article
{ ?>
<form method="post">
<input type="hidden" name="article-id" value="<?php echo $row['ID'] ?>"/>
<input type="submit" value="Delete article"/>
</form>
<?php } ?>
</div>
</div>
</div>
<?php
}
But you should use mysqli or PDO instead of the old mysql extension, look at this : http://php.net/manual/en/function.mysql-query.php
Related
I am trying to create a simple cart system for my online shop. In order to store add the items the user selects to the cart, I have created an add to cart button under my items. My goal is that when this button is pressed the uid that is saved in my database, of the item selected is saved on a current session. However, when I press this button, for some reason it is always the id of the third item (cabuid 3) that gets saved onto the session, regardless of which item I add to cart.
Here is my database
index.php file
<form style="border:1px solid #ccc" method="POST" enctype="multipart/form-data">
<?php
if (isset($_POST['add'])){
print_r($_POST['product_id']);
}
include __DIR__.'../includes/dbh.includes.php';
$sql = "SELECT * FROM boots";
$gotResults = mysqli_query($connection,$sql);
if($gotResults) {
if(mysqli_num_rows($gotResults)>0) {
while($row = mysqli_fetch_array($gotResults)){
?>
<div class="row">
<div class="column">
<div class="card">
<img src="images/<?php echo $row['image']?>" style="width:100%">
<div class="container">
<h2>
<?php echo $row['cabname']; ?> </h2>
<p><?php echo $row['cabdescription']; ?></p>
<p><?php echo $row['cabprice']; ?> € </p>
<p><button type="submit" class="button" name="add">Add to cart</button></p>
<input type='hidden' name='product_id' value="<?php echo $row['cabuid']; ?>">
</div>
</div>
</div>
<?php
}
}
}
?>
dbh.includes.php
<?php
$serverName = "localhost";
$dbUsername ="root";
$dbPassword ="";
$dbName = "webvacser";
$connection = mysqli_connect($serverName, $dbUsername, $dbPassword, $dbName);
if (!$connection) {
die("Connection failed: " . mysqli_connect_error());
}
?>
I would make `n` forms, one per iteration of the loop
<?php
include __DIR__.'../includes/dbh.includes.php';
$sql = "SELECT * FROM boots";
$gotResults = mysqli_query($connection,$sql);
if($gotResults) {
if(mysqli_num_rows($gotResults)>0) {
while($row = mysqli_fetch_array($gotResults)){
?>
<div class="row">
<div class="column">
<div class="card">
<img src="images/<?php echo $row['image']?>" style="width:100%">
<div class="container">
<h2> <?php echo $row['cabname']; ?> </h2>
<p><?php echo $row['cabdescription']; ?></p>
<p><?php echo $row['cabprice']; ?> € </p>
<form style="border:1px solid #ccc" method="POST" enctype="multipart/form-data">
<p><button type="submit" class="button" name="add">Add to cart</button></p>
<input type='hidden' name='product_id' value="<?php echo $row['cabuid']; ?>">
</form>
</div>
</div>
</div>
<?php
}
}
}
?>
Now the 3 forms are unique and when you press the button inside any one of them the correct data from the associated hidden input will be sent to the receiving script
I'm trying to build a webpage with simple status posts. I've created foreach loop to query the database and load all the posts:
<?php
$user_id = Check::isLoggedIn();
$dbstories = DB::query('SELECT * FROM stories WHERE user_id=:user_id ORDER BY story_time DESC', array(':user_id'=>$user_id));
$post_story = "";
foreach($dbstories as $story) {
?>
<div>
<article>
<div>
<a href="profile.php">
<?php
// to pull user first name
$user_first = DB::query('SELECT user_first FROM users WHERE user_id=:user_id', array(':user_id'=>$user_id))[0]['user_first'];
echo $user_first;
?>
</a>
<div>
<time>
<?php
// to pull post datetime
$post_time = $story['story_time'];
echo '<time class="timeago" datetime="' . $post_time . '"></time>';
?>
</time>
</div>
</div>
</div>
<?php
// to pull post contents
$post_story = $story['story_body'];
if (strlen($post_story) <= 25) {
echo '<h3>' . $post_story . '</h3>';
} else {
echo '<p>' . $post_story . '</p>';
}
?>
<div>
<div>
<a href="#">
<svg class="thunder-icon"><use xlink:href="icons/icons.svg#thunder-icon"></use></svg>
<span>
<?php
// to pull number of likes
$post_likes = $story['story_likes'];
echo $post_likes;
?>
</span>
</a>
<!-- the same for comments and shares number goes here -->
</div>
</div>
<div>
<!-- This form over here should pull the story_id which is the post ID from the database like the other queries up there and post it next to the url then that will allow me to use it in isset($_GET['story_id']) and trigger a query to increment likes -->
<form action="stories.php?post_id=<?php $post_id = $story['story_id']; echo $post_id; ?>" method="post" id="like_story">
<a href="#" class="btn btn-control" id="post_like">
<svg class="like-post-icon"><use xlink:href="icons/icons.svg#thunder-icon"></use></svg>
</a>
</form>
<!-- the same for comment and share goes here -->
</div>
</article>
</div>
<?php
}
?>
*Please read the comments within the code
Everything works fine but, I still cant get each post's ID linked to the like button (like_story). It only access the most recent post's ID.
Any workaround to reference the post ID (story_id)?
please help. I am building a website where people can upload their projects. I designed it in such a way that one person can have multiple projects. I am fairly new to php and I know I posted way too much code but I need help
I have been able to make the project titles for each user show dynamically when they login in. The problem I have is how do I make each link load up the page with the full project details. Right now it only shows the first project details no matter what title is clicked. Below is the profile page.
<?php if(isset($login_projectTittle)){
echo "Click to see your projects";
?>
<br><br><br><br><br>
<?php
$query = "SELECT * FROM fullprojectdetails WHERE user_id=$login_id";
if ($result=mysqli_query($connection,$query)){
if($count = mysqli_num_rows($result)){
/* because of the mysqli_fetch_object function the variables have to be $rowe->title (as an object) */
while($rowe = mysqli_fetch_object($result)){
?>
<?php $_SESSION['projectstuff'] = $rowe ->projecttitle; ?>
<?php $_SESSION['projectIdNew'] = $rowe ->projectid; ?>
<?php echo $rowe ->projecttitle; ?>
<br>
<?php
}
/* mysqli_free_result frees p the result in the variable ths allowing for a new one each time */
mysqli_free_result($result);
}
}
}
else {echo "";}
?>
I used POST to send the data to the database.
The page that should load up the full project details is the project page. Contents to be displayed on this page are drawn from the session code which is included in the project page and displayed below
<?php
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
require('databaseConnect.php');
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// Selecting Database
require('databaseSelect.php');
session_start();// Starting Session
// Storing Session
$user_check=$_SESSION['login_user'];
// SQL Query To Fetch Complete Information Of User (MYSQL Inner Join used here) took hours to learn
$ses_sql=mysqli_query($connection, "select user.user_emailaddress, user.user_fullname, user.user_id, fullprojectdetails.fileToUpload, fullprojectdetails.projecttitle,
fullprojectdetails.projectcreated, fullprojectdetails.projectcategory, fullprojectdetails.projectcountry, fullprojectdetails.projectdetails,
fullprojectdetails.fundTime, fullprojectdetails.fundinggoal, fullprojectdetails.fileToUpload2, fullprojectdetails.name, fullprojectdetails.biography,
fullprojectdetails.yourlocation, fullprojectdetails.website, fullprojectdetails.fileToUpload3, fullprojectdetails.projectdetails2, fullprojectdetails.accountName, fullprojectdetails.bankName, fullprojectdetails.accountType,
fullprojectdetails.accountNo,fullprojectdetails.user_id, fullprojectdetails.projectid from user inner join fullprojectdetails on user.user_id=fullprojectdetails.user_id where user.user_emailaddress='$user_check'");
//saving variables to be used in every page with session_new included
$row = mysqli_fetch_assoc($ses_sql);
$login_session =$row['user_emailaddress'];
$login_fullname =$row['user_fullname'];
$login_id =$row['user_id'];
$login_projectTittle = $row['projecttitle'];
$login_projectLocation = $row['yourlocation'];
$login_projectCategory = $row['projectcategory'];
$login_projectFundGoal = $row['fundinggoal'];
$login_projectSummary = $row['projectdetails'];
$login_projectWebsite = $row['website'];
$login_projectVideo = $row['fileToUpload3'];
$login_Pic = $row['fileToUpload2'];
$login_projectID = $row['projectid'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectPic = $row['fileToUpload'];
$login_projectFullDet = $row['projectdetails2'];
if(!isset($login_session)){
mysqli_close($connection); // Closing Connection
header('Location: login.php'); // Redirecting To Home Page
}
?>
Below is the project page code
<?php
include('session_new.php');
/*echo $_SESSION['projectstuff'];
if (isset($_POST['profile_btn'])){*/
/* if (isset ($_SESSION['projectstuff'])){
$ses_sql=mysqli_query($connection, "select * from fullproject where projecttitle='{$_SESSION['projectstuff']}");*/
?>
<!DOCTYPE html>
<html>
<body>
<!--require for the nav var-->
<?php require 'logged-in-nav-bar.php';?>
<div id= "upperbodyproject">
<div id= "projectheader">
<h2> <?php echo $login_projectTittle; ?><h2>
</div>
<!-- video and funder div-->
<div id = "vidFundCont">
<div id = "video">
<video width='100%' height='100%' controls> <source src="<?php echo $login_projectVideo ?>" type='video/mp4'>Your browser does not support the video tag.</source></video>
</div>
<div id = "funders">
<p> <strong> 20 </strong> <br> <br><span>funders </span> </p> <br> <br> <br>
<p> </p><br>
<p> <span>funded of N<?php echo $login_projectFundGoal ; ?> </span><p><br> <br> <br>
<p><strong> 15 </strong> <br> <span> <br> days left </span></p><br> <br> <br>
<button id = "projectPageButton"> Fund This Project </button>
</div>
<div id = "clearer"></div>
</div>
<!-- location and project condition -->
<div id = "location">
<p> Location: <?php echo $login_projectLocation ; ?> Category:<?php echo $login_projectCategory ; ?> </p>
</div>
<div id ="projectconditions">
<p> This project will only be funded if N<?php echo $login_projectFundGoal ; ?> is funded before the project deadline</p>
</div>
<div id = "clearer"> </div>
<!--project summary and profile -->
<div id = "nutshell">
<p><?php echo $login_projectSummary ; ?> </p> <br> <br>
<span>Share:</span>                            
             
             
</div>
<div id = "projProfile">
<div id = "projProfileTop">
<img src="<?php echo $login_Pic ; ?>" width = "50%" height = "100%">
</div>
<div id ="projProfileBottom">
<br>
<p id = "profileNameStyle"> Name: <?php echo $login_fullname; ?> </p> <br>
<p> Website: <?php echo $login_projectWebsite ; ?> </p> <br>
<p> Email: <?php echo $login_session; ?> </p>
</div>
</div>
<div id = "clearer"> </div>
<!-- about and reward title -->
<div id = "aboutProjH">
<h2> About This Project </h2>
</div>
<div id = "rewardH">
<h2> Rewards For Supporting This Project</h2>
</div>
<div id = "clearer"> </div>
<!--project pic and dynamic rewards-->
<div id = "projPic">
<img src="<?php echo $login_projectPic;?>" width = "100%" height = "100%">
</div>
<div id = "rewardDet">
<br>
<span><?php echo $login_projectFullDet; ?> </span>
</div>
<div id = "clearer"> </div>
<div id = "clearer"> </div>
<!-- project details and empty divs -->
<?php
// code to select content form database and display dynamically in a div
$query = "SELECT * FROM reward WHERE user_id=$login_id";
if ($result=mysqli_query($connection,$query)){
if($count = mysqli_num_rows($result)){
/* because of the mysqli_fetch_object function the variables have to be $rowe->title (as an object) */
while($rowe = mysqli_fetch_object($result)){
?>
<div id = "projDet">
<p> <h2><?php echo "N".$rowe->pledgeAmount. " " . "or more"; ?></h2></p> <br>
<p><span> <br><?php echo $rowe ->title; ?></span></p> <br>
<p> <span><?php echo $rowe ->description; ?></span></p> <br>
<p> <span>Estimated Delivery Time: <br> <?php echo $rowe ->deliverytime . " ". $rowe ->deliveryyear; ?></span></p> <br>
<p> <span><?php echo $rowe ->shippingdetails; ?></p></span> <br>
<p> <span>Number of Rewards Available: <br><?php echo $rowe ->reward1No; ?></span></p>
</div>
<!--<div id = "bsideProjDet">
</div> -->
<div id = "clearer"> </div>
<?php
}
/* mysqli_free_result frees p the result in the variable ths allowing for a new one each time */
mysqli_free_result($result);
}
}
/* display dynamic form */
/*$s_sql=mysqli_query($connection, "SELECT * FROM reward WHERE user_id=$login_id");
$rowe = mysqli_fetch_assoc($s_sql);
?>
<?php echo $rowe['title']; ?><br><br>
<?php echo $rowe['pledgeAmount']; ?><br><br>
<?php echo $rowe['description']; ?><br><br>
<?php echo $rowe['deliverytime']; ?><br><br>
<?php echo $rowe['deliveryyear']; ?><br><br>
<?php echo $rowe['shippingdetails']; ?><br><br>
<?php echo $rowe['reward1No']; ?><br><br> */
?>
<div id = "reportProj">
<button id = "projectPageButton"> Report This Project To Gbedion</button>
</div>
<!--<div id = "bsideReportProj"> </div>-->
<div id = "clearer"> </div>
<!-- </div> -->
</div>
<?php
/*}
}
else {
echo "Select a project";
}*/
?>
<!-- page footer-->
<?php require 'logged-in-footer.php';?>
</body>
</html>
The project Id is the primary key and user id is the foreign key in fullprojectdetails table. If more database details are needed please let me know. Had to abandon this project for a month because of this problem.
First don't store the projectid and project title on a session variable, on the profile page, just create a normal variable and store them on that variable, then when you linking to project.php create a query strings, with the id of the project then with the title of the project, ie Dynamic Project Title I believe when you store the id's of the projects in a session, once you click on one project, the browser will always use that id no matter which project you click next, until you unset/destroy the sessions(logout).
there fore this on profile :
<?php $_SESSION['projectstuff'] = $rowe ->projecttitle;?>
<?php $_SESSION['projectIdNew'] = $rowe ->projectid; ?>
<?php echo $rowe ->projecttitle; ?>
should change to :
<?php $projectstuff = $rowe ->projecttitle; ?>
<?php $projectIdNew = $rowe ->projectid; ?>
<?php echo $rowe ->projecttitle; ?>
Then on projetc.php
you first check if the id isset and also the title, then do your queries
this is how you would do it
project.php
<?php
session_start();
//validate your sessions
if (isset($_GET['projectid']) && isset($_GET['projecttitle'])) {
$currentProjectID = urldecode(base64_decode($_GET['projectid']));
$projectTitle = $_GET['projecttitle'];
?>
<?php
require 'logged-in-nav-bar.php';
?>
<div id= "upperbodyproject">
<div id= "projectheader">
<h2> <?php echo $projectTitle; //from the query string ?></h2>
</div>
<!-- get the details of this project -->
<?php
$query = "SELECT * FROM fullprojectdetails WHERE projectid=$currentProjectID";
// Continue your staff then
?>
</div><!-- upperbodyproject -->
<?php
} else {
echo "could not find project id";
}
?>
Hope this will help point you to the correct direction, I would suggest that you look at mysqli prepared statements, and also at PDO prepared statements.
I'm currently working on a voting project, i have a form that is populated from the database and i managed to use loops to generate radio buttons. However the radio button can only select one answer out of the possible eight, i need it to select an answer in each and every question. i know the radio button names are the same and the need to be different, however its a loop so i dont know how to change the names. any help?
Here is the code
<?php $title="POLLS | Voting - Home";
require_once( "includes/session.php");
include( "includes/connection.php");
include( "includes/header.php");
$query="SELECT user_id FROM users WHERE user_id={$_SESSION['user_id']}" ;
$result=mysql_query($query,$connection);
$row=mysql_fetch_row($result);
$_SESSION[ 'user_id']=$row[0]; ?>
<body>
<div id="outerDiv">
<div id="header">
<div id="mainMenu"> </div>
<!-- mainMenu -->
</div>
<!-- header -->
<div id="midBanner"> </div>
<div id="content">
<div id="mainContent">
<p>Welcome,
<?php echo strtoupper($_SESSION[ 'username'])?>!</p>
<form action="votingpage.php" method="post">
<?php $query="SELECT question_id,question FROM questions " ; $result=mysql_query($query, $connection); ?>
<form>
<table class="Question Table">
<th></th>
<?php echo "<tr>"; echo "<tr>"; echo "<tr>"; ***strong text***$num_rows="" ; $counter=$num_rows; while($row=mysql_fetch_assoc($result)){ echo "<br />"; $counter +=1 ; echo "<br />"; echo $counter; echo $row[ 'question']; echo "<br />"; $query1="SELECT qstn_ans_id, possible_answer FROM qanswers WHERE question_id= " . $row[ 'question_id'] ; $result1=mysql_query($query1, $connection); while($row1=mysql_fetch_assoc($result1)){ echo "<input type='radio' name='possible_answer'".$row1[ 'qstn_ans_id']. " value='".$row1[ 'qstn_ans_id']. "'/> ".$row1[ 'possible_answer']; echo "<br />"; } } ?> </table>
</form>
</div>
<!-- mainContent -->
<p class="clear" /> </div>
<!-- content -->
</div>
<!-- outerDiv -->
<?php include( "includes/footer.php"); ?>
I've searched through similar questions but to no avail, so hopefully someone can help.
I'm having an issue paginating the search results on a site I've built using the Zend Framework (1.12). I can retrieve the items and also the pagination is formed but when I click to go to the next page of pagination, all the search results are lost. The code appends ?page=2 e.t.c to the URL but the code then loses the searchitems.
I read in one question about possibly using sessions or Zend_Session in particular but I'm a little lost at present! Relatively new to PHP.
Firstly here is my search form - search-form.php (XHTML)
<?php
// Search Form
?>
<div id="search">
<h4 style="margin-bottom:20px;">Search</h4>
<form name="prodSearch" action="listing-search.php" method="post">
<input type="text" name="searchitems" id="searchitems" />
<input type="submit" name="search_items" id="search_items" value="Go" />
</form>
</div>
This is included in my other pages.
listing-search.php is then as follows
<?php
require_once('admin/scripts/library.php');
require_once('admin/scripts/db_definitions.php');
try {
?>
<!-- HTML Doc Type, Head removed e.t.c -->
<div id="listing-col-main">
<div id="all-cars">
<h4>Search Results</h4>
</div>
<!-- Listings -->
<?php
$query = $_POST['searchitems'];
$min_length = 3;
if (strlen($query) >= $min_length) {
$query = htmlspecialchars($query);
$query = mysql_real_escape_string($query);
$raw = searchItems($dbread, $query);
$paginator = Zend_Paginator::factory($raw);
if (isset($_GET['page'])) {
$paginator->setCurrentPageNumber($_GET['page']);
}
$paginator->setItemCountPerPage(8);
$paginator->setPageRange(3);
$count = $paginator->getTotalItemCount();
if ($count > 0) {
foreach ($paginator as $results) { // repeat all results ?>
<?php
$item_id = $results['item_id'];
$photos = getRelatedPhotos2($dbread, $item_id);
?>
<div class="product-listing">
<div class="product-listing-image">
<?php foreach ($photos as $photo) { //repeat ?>
<img src="image_upload/<?php echo $photo['filename']; ?>" width="75" alt="" />
<?php } ?>
</div>
<div class="product-listing-title">
<h4><?php echo $results['type_name']; ?> - <?php echo $results['item_make'] . ' ' . $results['item_model']; ?> </h4>
</div>
<div class="product-listing-details">
<p>YEAR: <?php echo $results['item_year']; ?> FUEL: <?php echo $results['item_fuel']; ?> TRANS: <?php echo $results['item_transmission']; ?> MILEAGE: <?php echo $results['item_mileage']; ?> </p>
</div>
<div class="product-listing-viewmore">More Info</div>
</div>
<?php } ?>
<!-- 8 products per page -->
<div id="product-listing-pagination">
<?php
$pages = $paginator->getPages('Elastic');
if (isset($pages->previous)) {
echo 'Prev';
}
foreach ($pages->pagesInRange as $page) {
if ($page != $pages->current) {
echo " <a href='" . $_SERVER['PHP_SELF'] . "?page={$page}'>$page</a>";
} else {
echo ' ' . $page;
}
}
if (isset($pages->next)) {
echo ' Next';
}
?>
</div>
<?php } else { ?>
<div id="noresults"> <?php echo "No results found for " . $query; ?> </div>
<?php }
} ?>
</div>
<div id="col-right">
<?php include("search-usedcars.php"); ?>
<!-- End of Main Search -->
<div id="latest-news">
<h3>Latest News</h3>
<?php include("latestnews.php"); ?>
</div>
</div>
<div class="clear"></div>
<div id="footer-bar"> Designed by </div>
</div>
</body>
</html>
<?php
} catch (Exception $e) {
echo $e->getMessage();
}
?>
It is because your query is passed in $_POST, when you click your nav links away you loose the data stored in $_POST and only keep what is in $_GET. Either change your search form method to $_GET and add &searchitems="'.$query.'" to both your nav links, or store the query in $_SESSION, or you can change your nav links to buttons wrapped in forms with method post and include hidden fields for searchitems and page. I would advise changing the search form method to get as it allows the bookmarking of searches and avoids complexity.