I'm doing a database project for university and I'm having a problem in here.
I receive from a previous page an id as $_POST['ids'] and in the form I send that same value in a hidden field so it can do a sort of a cicle.
But when I click the submit button I got a lot of errors on $service_info and no information is loaded on the page. I tried do var_dump() everything and I just can't find what is the problem in here.
<?php
//error_reporting();
require 'core/init.php';
require 'db/connect.php';
require 'functions/security.php';
?>
<html>
<head>
<title>Make a reservation</title>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/common.css">
</head>
<body>
<?php require 'parts/header.php'; ?>
<hr>
<?php
$query = "SELECT * FROM service WHERE id=" . $_POST['ids'];
if ($result = $db->query($query)) {
if ($result->num_rows) {
$service_info = $result->fetch_object();
$result->close();
}
}
$query = "SELECT name FROM tour WHERE id =" . $service_info->idtour;
if ($result = $db->query($query)) {
if ($result->num_rows) {
$tour_name = $result->fetch_object();
$result->close();
}
}
$query = "SELECT SUM(nrseats) AS res_seats FROM reservation_service WHERE idservice =" . $service_info->id;
$nr_reservations_info = $db->query($query);
$nr_reservations = $nr_reservations_info->fetch_row();
$nr_reservations_info->close();
$count = $service_info->nrseats - $nr_reservations[0];
if($count === 0){
echo "<script>alert('There are no more places available for this tour. You are being redirected for the main page!')</script>";
echo "<script>window.open('index.php','_self')</script>";
}
else{
$count = $service_info->nrseats;
}
?>
<form action="" method="POST">
<div class="registering">
<table>
<tbody>
<tr>
<td>
<label for="tname">Related tour</label>
</td>
<td>
<label for="splace"><br>Service name</label>
</td><p><br></p>
</tr>
<tr>
<td>
<input type="text" readonly="" name="tour" id="tour" required="" autofocus="" value="<?php echo $tour_name->name ?>">
</td>
<td>
<input type="text" readonly="" name="name" id="name" required="" value="<?php echo $service_info->name ?>">
</td>
</tr>
<tr>
<td>
<label for="sprice"><br>Price (€)</label>
</td>
<td>
<label for="sdescription"><br>Description</label>
</td>
</tr>
<tr>
<td>
<input type="number" name="price" id="price" readonly="" required="" value="<?php echo $service_info->price ?>">
</td>
<td>
<input type="text" name="description" id="description" required="" readonly="" value="<?php echo $service_info->description ?>">
</td>
</tr>
<tr>
<td>
<label for="sseats"><br>Seats left</label>
</td>
<td>
<label for="snreservations"><br>Number of reservations (people)</label>
</td>
</tr>
</tr>
<tr>
<td>
<input type="number" name="nrseats" id="nrseats" required="" value="<?php echo $count ?>" readonly="">
</td>
<td>
<input type="number" name="nrreservations" id="nrreservations" required="" value="1">
</td>
<td>
<input type="hidden" name="ids" required="" value="<?php $service_info->id ?>">
</td>
</tr>
</tr>
<tr>
<td colspan="2">
<label for="next"><br></label>
<input type="submit" value="Next">
</td>
</tr>
</tbody>
</table>
</div>
</form>
</body>
</html>
<?php
if (!empty($_POST)) {
if (isset($_POST['name'], $_POST['ids'], $_POST['tour'], $_POST['price'], $_POST['description'], $_POST['nrseats'], $_POST['nrreservations'])) {
$_POST = array_map("trim", $_POST);
$name = $_POST['name'];
$tour = $_POST['tour'];
$price = $_POST['price'];
$description = $_POST['description'];
$nrseats = $_POST['nrseats'];
$nrreservations = $_POST['nrreservations'];
$ids = $_POST['ids'];
if (!empty($name) && !empty($ids) && !empty($tour) && !empty($price) && !empty($description) && !empty($nrseats) && !empty($nrreservations)) {
$query = "SELECT id FROM customer WHERE email='" . $_SESSION['user_email'] . "'";
if ($result = $db->query($query)) {
$id_user = $result->fetch_object();
$result->close();
}
$query = "SELECT id FROM reservation WHERE idtour={$service_info->idtour} AND idcustomer={$id_user->id}";
if ($result = $db->query($query)) {
if ($result->num_rows) {
$id_reservation = $result->fetch_object();
$result->close();
}
}
$query = "SELECT * FROM reservation_service WHERE idservice=" . $service_info->id;
if ($result = $db->query($query)) {
if ($result->num_rows) {
$reservation_service_exists = $result->fetch_object();
if ($nrreservations < 1) {
echo "<script>alert('Your must make a reservation for, at least, one person!')</script>";
echo "<script>window.open('new_reservation_service.php','_self')</script>";
} else if ($count - $nrreservations < 0) {
echo "<script>alert('You can not make the reservation because there are only " . $count . " seats available in this tour!')</script>";
echo "<script>window.open('new_reservation_service.php','_self')</script>";
} else if ($result->num_rows) {
$query = "SELECT * FROM reservation WHERE idcustomer= '" . $id_user->id . "' AND idtour= '" . $service_info->idtour . "'";
if ($result = $db->query($query)) {
if ($result->num_rows) {
$reservation_exists = $result->fetch_object();
$result->close();
if ($reservation_exists->idcustomer === $id_user->id) {
if ($reservation_exists->id === $reservation_service_exists->idreservation) {
echo "<script>alert('You already made a reservation for this service. Please see your reservation panel!')</script>";
echo "<script>window.open('reservations.php','_self')</script>";
}
}
}
}
}
}else {
$query = "INSERT INTO reservation_service (idreservation, idservice, date, nrseats) VALUES (?, ?, NOW(), ?)";
$insert = $db->prepare($query);
$insert->bind_param('iii', $id_reservation->id, $service_info->id, $nrreservations);
$insert->execute();
echo "<script>alert('You successfully made a reservation! You are being redirected to your reservations page')</script>";
echo "<script>window.open('reservations.php','_self')</script>";
}
}
}
}
}
?>
change inside your form this input hidden you created:
<input type="hidden" name="ids" required="" value="<?php $service_info->id ?>">
to
<input type="hidden" name="ids" required="" value="<?php echo $service_info->id ?>">
If you don't echoing this value, $_POST['ids'] won't be get any value passed from form.
Related
I am making a book management system.I have a return button ,with that button user can return books.
Here is my release-books.php:
<?php
$sql_select = "SELECT * FROM carti ORDER BY titlu";
$rezultat = mysqli_query($conn, $sql_select);
if (mysqli_num_rows($rezultat) > 0) {
while ($row = mysqli_fetch_assoc($rezultat)) {
$disabled = $row['stoc'] > 0 ? "" : "disabled"; ?>
<tr><td><input type="submit" name="id" value="<?php echo $row['idCarte']; ?>" <?php echo $disabled; ?> formaction="imprumutare.php"></input></td>
<td><input type="submit" name="returnare" value="<?php echo $row['idCarte']; ?>" formaction="returnare_carte.php"></input>
</td>
<td><input type="text" name="nume" value="<?php echo $row['titlu']; ?>" ></input></td>
<td><input type="text" name="" value="<?php echo $row['autor']; ?>"></input></td>
<td><input type="text" name="" value="<?php echo $row['editura']; ?>"></input></td>
<td><input type="text" name="" value="<?php echo $row['categorie']; ?>"></input></td>
<td><input type="text" name="" value="<?php echo $row['data_adaugarii']; ?>"></input></td>
<td><input type="text" name="" value="<?php echo $row['stoc']; ?>"></input></td>
</tr>
<?php
}
}
?>
And here is my borrowing.php
include('conexiune.php');
//sfarsit if
//Imprumutare
if (isset($_POST['id'])) {
$identificator = $_POST['id'];
$carte_nume = $_POST['nume'];
$current_date = date('y:m:d');
$current_date_plus_14days = date('y:m:d', strtotime("+14 days"));
$nume_carte = $_POST['nume'];
$insert_in_imprumuturi = "INSERT INTO imprumuturi(idc,nume_carte,data,termen_returnare,carti_imprumutate) VALUES('$identificator','$carte_nume','$current_date','$current_date_plus_14days','1')";
mysqli_query($conn, $insert_in_imprumuturi) or die(mysqli_error($conn));
$sql_rezervare = "UPDATE carti SET stoc=stoc-1 WHERE iDCarte='$identificator' ";
if (mysqli_query($conn, $sql_rezervare)) {
header('Refresh:0,url=emitere_carti.php');
} else {
die(mysqli_error($conn));
}
}
But I do not know how to disable the return button when the returned books volume is equal or greater that the originial volume
Can somone help me?
Check If your books volume is equal or greater than original volume, if it is. Use PHP echo to disable the Return Button.
<button type="submit" name="return"
<?php
if($returned_books_volume >= $original_books_volume){
echo 'disabled';
}
?>
>Return</button>
code:
<script>
$(document).ready(function(){
$(".menu").click(function(){
ids = $('.menu:checked').map(function() {
return this.id;
}).get().join(',');
console.log(ids);
$("#ids").val(ids);
});
});
</script>
<?php
if(isset($_POST['submit']))
{
$adminid = $_POST['admin'];
$menuids = explode(",", $_POST['ids']);
foreach ($menuids as $idd)
{
$sql = "update menu set admin_id = concat(admin_id,'$adminid',',') where id = '$idd'";
$result = mysqli_query($link,$sql);
}
if($result == true)
{
$msg .= "<p style='color:green'>successfull</p>";
}
else
{
$msg .= "<p style='color:red'>error!</p>";
}
}
?>
<form method="post">
<select name="admin" id="admin">
<option value="">---Select Admin---</option>
<?php
$sql = "select * from admin";
$result = mysqli_query($link,$sql);
while ($row = mysqli_fetch_array($result))
{
?>
<option value="<?php echo $row['id']; ?>"><?php echo $row['firstname']?></option>
<?php
}
?>
</select>
<table>
<tr>
<th>Share</th>
<th>Menu Name</th>
</tr>
<?php
$query = "select * from menu";
$results = mysqli_query($link,$query);
while ($fetch = mysqli_fetch_array($results))
{
?>
<tr>
<td>
<input type="checkbox" class="menu" id="<?php echo $fetch['id']; ?>" name="menuid" />
</td>
<td>
<?php echo $fetch['menu_name']; ?>
</td>
</tr>
<?php
}
?>
</table>
<input type="text" name="ids" id="ids" value=""/>
<input type="submit" name="submit" id="submit" />
</form>
In this code I am update a table having name menu in database. Now, I want to check only those checkbox where admin_id like ,1, or ,2, which is update by query. How can I fix this issue ?please please help.
Thank You
while ($fetch = mysqli_fetch_array($results))
{
?>
<tr>
<td>
<input type="checkbox" class="menu" value="<?php if($fetch['id']==1 or
$fetch['id']==2 ) { echo "checked";} else{} ?>" name="menuid" />
</td>
<td>
<?php echo $fetch['menu_name']; ?>
</td>
</tr>
<?php
}
?>
Whether using the delete or update function, only the last row is updated/deleted. It doesn't matter what field I update/delete, only the last row is passed. I'm unable to find the issue other than the fact that a unique ID is not being passed. I'm new to PDO, so I'm not too familiar with debugging. Any help is appreciated.
<form action="" id="form" method="post">
<?php
function UserForm($customers = array())
{
ob_start(); ?>
<?php
$id = $customers['id'];
?>
<tr>
<td><input type="text" name="name" value="<?php echo $customers['name']; ?>"></td>
<td><input type="text" id="email" name="email" value="<?php echo $customers['email']; ?>"></td>
<td><input type="text" id="phone" name="phone" value="<?php echo $customers['phone']; ?>"></td>
<td><input type="text" id="address" name="address" value="<?php echo $customers['address']; ?>"></td>
<td><input type="text" id="proudct" name="product" value="<?php echo $customers['product']; ?>"></td>
<td><input type="text" id="firmware" name="firmware" value="<?php echo $customers['firmware']; ?>"></td>
<td><input type="text" id="datepicker" class="datepicker" name="purchase_date" value="<?php echo $customers['purchase_date']; ?>"></td>
<td align="center">
<input type="hidden" name="id" value="<?php echo $id; ?>">
<input type="submit" value="<?php echo $id; ?>" name="delete" value="X" onclick="return confirm('WARNING! \n\nAre you sure you want to DELETE?')" >
</td>
</tr>
<tr>
<td colspan="8">
<input type="hidden" name="id_update" value="<?php echo $id; ?>" />
<input type="submit" name="update" value="Update <?php echo $id; ?>" />
</td>
</tr>
<?php
$data = ob_get_contents();
ob_end_clean();
return $data;
} ?>
<?php
$pdo = new PDO("mysql:host=localhost;dbname=project", $username, $password, array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
//$query = $pdo->prepare("SELECT * FROM customers ORDER BY purchase_date ASC");
if (isset($_POST['desc'])){
$sort = "desc";
$query = $pdo->prepare("SELECT * FROM customers ORDER BY purchase_date DESC");
}
else {
$sort = "asc";
$query = $pdo->prepare("SELECT * FROM customers ORDER BY purchase_date ASC");
}
$query->execute();
?>
<table class="table table-striped table-bordered table-responsive">
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Phone</th>
<th>Address</th>
<th>Product</th>
<th>Firmware Version</th>
<th align="center">
Purchase Date
<?php
if ($sort == "asc") {
echo '<input type="hidden" value="Desc" name="desc" id="sort">';
echo '<a name="desc" href="javascript: submitform()">Desc</a>';
}
else {
echo '<input type="hidden" value="Asc" name="asc" id="sort">';
echo '<a name="asc" href="javascript: submitform()">Asc</a>';
}
?>
</th>
<th>Delete</th>
</tr>
</thead>
<?php
while($customers = $query->fetch(PDO::FETCH_ASSOC)){
echo UserForm($customers);
} //end of while
// Delete customer
if(isset($_POST['delete'])) {
try{
$id = $_POST['id'];
$query = $pdo->prepare("delete from customers where id = :id");
$query->bindParam(':id', $id);
$query->execute(array(':id' => $id));
echo "Customer successfully deleted." . $_POST['id'];
echo '<META http-equiv="refresh" content="1;URL=view_edit.php">';
}catch(PDOException $e){
echo "Failed to delete the MySQL database table ... :".$e->getMessage();
} //end of try
} //end of isset delete
// Edit customer
if(isset($_POST['update'])) {
try {
$name = $_POST['name'];
$id = $_POST['id'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$product = $_POST['product'];
$firmware = $_POST['firmware'];
$purchase_date = $_POST['purchase_date'];
$query = $pdo->prepare("UPDATE customers SET name = '$name', email = '$email', phone = '$phone', address = '$address', product = '$product', firmware = '$firmware', purchase_date = '$purchase_date' where id = '$id'");
$query -> execute( array(
':name' => $name,
':email' => $email,
':phone' => $phone,
':address' => $address,
':product' => $product,
':firmware' => $firmware,
':purchase_date' => $purchase_date
));
echo "Customer succesfully updated" . $id;
echo '<META http-equiv="refresh" content="1;URL=view_edit.php">';
}catch(PDOException $e){
echo "Error! Failed to update customers :".$e->getMessage();
}//end of try
} //end of isset update
?>
To debug your code, try using print_r($_POST); exit(); immediately after your if(isset($_POST['delete/update'])) { to see what's being passed in the array when you post.
I'm a bit of a noob myself, but I suspect the problem here could be you haven't defined where your form starts and ends, so you're submitting the whole table. Try adding a form for each of your records, with a form name the same as your customer id.
<form name="formname<?php echo $id; ?>"> ... your input fields and submit button... </form>, then when you submit, you'll only be submitting that particular form and the data it contains.
I hope that helps!
$query = $pdo->prepare("delete from customers where id = :id"
I bet this ID is unique..
Resolved the issue. Moved the <form> tag above the beginning of the table row.
I have a simple form on my page and I want to make sure every field is filled before inserting the values into the database. The problem is the condition never met, even if every field is filled I still get "Something is missing"...
Search:
<form method="post" action="<?php echo $_SERVER[" PHP_SELF "]?>">
<input placeholder="e-mail address" type="text" name="email_search">
<input type="submit" name="search" value="Go">
<?php if (isset($_POST[ "search"])) { $email_search=m ysql_real_escape_string($_POST[ "email_search"]); $check=m ysql_query( "SELECT * FROM torzsvendegek WHERE email = '$email_search'"); $s=m ysql_fetch_array($check); }?>
<form method="post" action="<?php echo $_SERVER[" PHP_SELF "]?>">
<table width="440" border="0" style="text-align:right;">
<tr>
<td>E-mail:</td>
<td>
<input type="text" name="email" value="<?php echo $email_search;?>" disabled>
</td>
</tr>
<tr>
<td>Név:</td>
<td>
<input type="text" name="nev" value="<?php echo $s['nev'];?>">
</td>
</tr>
<tr>
<td>Mikor:</td>
<td>
<input type="text" name="mikor">
</td>
</tr>
<tr>
<td>Éjszakák száma:</td>
<td>
<input type="text" name="ejszakak">
</td>
</tr>
<tr>
<td>Nemzetisége:</td>
<td align="left">
<select name="nyelv">
<option value="magyar" <?php if($s[ 'nyelv']=="magyar" ) echo "selected=\"selected\ ""; ?>>Magyar</option>
<option value="nemet" <?php if($s[ 'nyelv']=="nemet" ) echo "selected=\"selected\ ""; ?>>Német</option>
<option value="lengyel" <?php if($s[ 'nyelv']=="lengyel" ) echo "selected=\"selected\ ""; ?>>Lengyel</option>
<option value="roman" <?php if($s[ 'nyelv']=="roman" ) echo "selected=\"selected\ ""; ?>>Román</option>
<option value="szlovak" <?php if($s[ 'nyelv']=="szlovak" ) echo "selected=\"selected\ ""; ?>>Szlovák</option>
<option value="egyeb" <?php if($s[ 'nyelv']=="egyeb" ) echo "selected=\"selected\ ""; ?>>Egyéb</option>
</select>
</td>
</tr>
<tr>
<td>Megjegyzés:</td>
<td>
<textarea name="megjegyzes">
<?php echo htmlspecialchars($s[ 'megjegyzes']);?>
</textarea>
</td>
</tr>
</table>
<br>
<table width="440">
<tr>
<td>
<input type="submit" name="submit_add" value="Hozzáad">
</td>
</tr>
</table>
</form>
<?php if (isset($_POST[ "submit_add"]) && !empty($_POST[ "nev"]) && !empty($_POST[ "email"]) && !empty($_POST[ "mikor"]) && !empty($_POST[ "ejszakak"])){ $nev=m ysql_real_escape_string($_POST[ "nev"]); $email=m ysql_real_escape_string($_POST[ "email"]); $mikor=m ysql_real_escape_string($_POST[ "mikor"]); $ejszakak=m ysql_real_escape_string($_POST[ "ejszakak"]); $nyelv=m ysql_real_escape_string($_POST[ "nyelv"]); $megjegyzes=m ysql_real_escape_string($_POST[ "megjegyzes"]); $check2=m ysql_query( "SELECT * FROM torzsvendegek WHERE email = '$email'"); $br="<br>" ; if (mysql_num_rows($check2)> 0) { $adatok = mysql_fetch_array($check2); $osszesen = ($adatok['ejszakak'] + $ejszakak); mysql_query("UPDATE torzsvendegek SET nev = '".$nev."', mikor = '".$adatok['mikor']."".$mikor."".$br."', ejszakak = '".$osszesen."', nyelv = '".$nyelv."', megjegyzes = '".$adatok['megjegyzes']."".$megjegyzes."".$br."' WHERE email = '".$email."'"); echo "
<br>".$email." Updated"; } else { mysql_query("INSERT INTO torzsvendegek (id, nev, email, mikor, ejszakak, nyelv, megjegyzes) VALUES (NULL, '$nev', '$email', '".$mikor."".$br."', '$ejszakak', '$nyelv', '".$megjegyzes."')"); echo "
<br>".$email." Added"; } } else { echo "Something is missing"; } ?>
You made 2 mistakes in your code:
1) You didn't close the first form (missing </form>)
2) You disabled the E-mail input field which resulted in always empty
Here's the updated (though deprecated and insecure!!!) code:
<?php
if(isset($_POST["search"])){
$email_search = mysql_real_escape_string($_POST["email_search"]);
$check = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email_search'");
$s = mysql_fetch_array($check);
}
if(isset($_POST["submit_add"]) && !empty($_POST["nev"]) && !empty($_POST["email"]) && !empty($_POST["mikor"]) && !empty($_POST["ejszakak"])){
$nev = mysql_real_escape_string($_POST["nev"]);
$email = mysql_real_escape_string($_POST["email"]);
$mikor = mysql_real_escape_string($_POST["mikor"]);
$ejszakak = mysql_real_escape_string($_POST["ejszakak"]);
$nyelv = mysql_real_escape_string($_POST["nyelv"]);
$megjegyzes = mysql_real_escape_string($_POST["megjegyzes"]);
$check2 = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email'");
$br = "<br>";
if (mysql_num_rows($check2) > 0){
$adatok = mysql_fetch_array($check2);
$osszesen = ($adatok['ejszakak'] + $ejszakak);
mysql_query("UPDATE torzsvendegek SET nev = '".$nev."', mikor = '".$adatok['mikor']."".$mikor."".$br."', ejszakak = '".$osszesen."', nyelv = '".$nyelv."', megjegyzes = '".$adatok['megjegyzes']."".$megjegyzes."".$br."' WHERE email = '".$email."'");
echo "<br>".$email." Updated";
} else {
mysql_query("INSERT INTO torzsvendegek (id, nev, email, mikor, ejszakak, nyelv, megjegyzes) VALUES (NULL, '$nev', '$email', '".$mikor."".$br."', '$ejszakak', '$nyelv', '".$megjegyzes."')");
echo "<br>".$email." Added";
}
} else {
echo "Something is missing";
}
?>
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
Search: <input placeholder="e-mail address" type="text" name="email_search">
<input type="submit" name="search" value="Go">
</form>
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<table width="440" border="0" style="text-align:right;">
<tr>
<td>E-mail:</td>
<td><input type="text" name="email" value="<?php echo $email_search;?>"></td>
</tr>
<tr>
<td>Név:</td>
<td><input type="text" name="nev" value="<?php echo $s['nev'];?>"></td>
</tr>
<tr>
<td>Mikor:</td>
<td><input type="text" name="mikor"></td>
</tr>
<tr>
<td>Éjszakák száma:</td>
<td><input type="text" name="ejszakak"></td>
</tr>
<tr>
<td>Nemzetisége:</td>
<td align="left">
<select name="nyelv">
<option value="magyar" <?php if($s['nyelv']=="magyar") echo "selected=\"selected\""; ?>>Magyar</option>
<option value="nemet" <?php if($s['nyelv']=="nemet") echo "selected=\"selected\""; ?>>Német</option>
<option value="lengyel" <?php if($s['nyelv']=="lengyel") echo "selected=\"selected\""; ?>>Lengyel</option>
<option value="roman" <?php if($s['nyelv']=="roman") echo "selected=\"selected\""; ?>>Román</option>
<option value="szlovak" <?php if($s['nyelv']=="szlovak") echo "selected=\"selected\""; ?>>Szlovák</option>
<option value="egyeb" <?php if($s['nyelv']=="egyeb") echo "selected=\"selected\""; ?>>Egyéb</option>
</select>
</td>
</tr>
<tr>
<td>Megjegyzés:</td>
<td><textarea name="megjegyzes"><?php echo htmlspecialchars($s['megjegyzes']);?></textarea></td>
</tr>
</table>
<br>
<table width="440">
<tr>
<td><input type="submit" name="submit_add" value="Hozzáad"></td>
</tr>
</table>
</form>
You need to close your search form tag to keep the two forms separated
Search:<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>"><input placeholder="e-mail address" type="text" name="email_search"><input type="submit" name="search" value="Go"></form>
and
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<table width="440" border="0" style="text-align:right;">
<tr><td>E-mail:</td><td><input type="text" name="email" value="<?php echo $email_search;?>" disabled></td></tr>
<tr><td>Név:</td><td><input type="text" name="nev" value="<?php echo $s['nev'];?>"></td></tr>
<tr><td>Mikor:</td><td><input type="text" name="mikor"></td></tr>
<tr><td>Éjszakák száma:</td><td><input type="text" name="ejszakak"></td></tr>
<tr><td>Nemzetisége:</td><td align="left"> <select name="nyelv">
<option value="magyar" <?php if($s['nyelv']=="magyar") echo "selected=\"selected\""; ?>>Magyar</option>
<option value="nemet" <?php if($s['nyelv']=="nemet") echo "selected=\"selected\""; ?>>Német</option>
<option value="lengyel" <?php if($s['nyelv']=="lengyel") echo "selected=\"selected\""; ?>>Lengyel</option>
<option value="roman" <?php if($s['nyelv']=="roman") echo "selected=\"selected\""; ?>>Román</option>
<option value="szlovak" <?php if($s['nyelv']=="szlovak") echo "selected=\"selected\""; ?>>Szlovák</option>
<option value="egyeb" <?php if($s['nyelv']=="egyeb") echo "selected=\"selected\""; ?>>Egyéb</option>
</select></td></tr>
<tr><td>Megjegyzés:</td><td><textarea name="megjegyzes"><?php echo htmlspecialchars($s['megjegyzes']);?></textarea></td></tr>
</table><br>
<table width="440"><tr><td><input type="submit" name="submit_add" value="Hozzáad"></td></tr></table>
</form>
You did not close your search form and you need to remove the disabled attribute from your email input field.
I re-wrote your code to help you will debugging. I commented out all the stuff related to the database so you can focus on the form fields only. Here is the code I re-wrote. I left comments so you can see what I did.
<?php
/******JUST TO MAKE DEBBUGGING EASIER***/
echo "<pre>"; // Start of the pre> tags
/**ANYTHING TO DO WITH THE DATABASE I HAVE COMMENTED OUT**/
if(isset($_POST["search"])){
$email_search = mysql_real_escape_string($_POST["email_search"]);
/**PRINT_R FOR DEBUGGING PURPOSES, REMOVE!!*/
print_r($email_search);
//$check = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email_search'");
//$s = mysql_fetch_array($check);
}
/***CHECK THE POST DATA, REMOVE FROM APPLICATION ONCE YOU HAVE DEBUGGED THE DATA**/
print_r($_POST);
/***I WILL STORE THE POST DATA IN VARIABLES BEFORE CHECKING**/
$nev = isset($_POST["nev"]) ? mysql_real_escape_string($_POST["nev"]) : null;
$email = isset($_POST["email"]) ? mysql_real_escape_string($_POST["email"]) : null;
$mikor = isset($_POST["mikor"]) ? mysql_real_escape_string($_POST["mikor"]) : null;
$ejszakak = isset($_POST["ejszakak"]) ? mysql_real_escape_string($_POST["ejszakak"]) : null;
$nyelv = isset($_POST["nyelv"]) ? mysql_real_escape_string($_POST["nyelv"]) : null;
$megjegyzes = isset($_POST["megjegyzes"]) ? mysql_real_escape_string($_POST["megjegyzes"]) : null;
if(isset($_POST["submit_add"]) && !is_null($nev) && !is_null($email) && !is_null($mikor) && !is_null($ejszakak)){
/*******
SINCE I ALREADY HAVE THEM, YOU NEED TO REMOVE THEM FROM THE CODE
$nev = mysql_real_escape_string($_POST["nev"]);
$email = mysql_real_escape_string($_POST["email"]);
$mikor = mysql_real_escape_string($_POST["mikor"]);
$ejszakak = mysql_real_escape_string($_POST["ejszakak"]);
$nyelv = mysql_real_escape_string($_POST["nyelv"]);
$megjegyzes = mysql_real_escape_string($_POST["megjegyzes"]);
******/
//$check2 = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email'");
$br = "<br>";
/*********
if (mysql_num_rows($check2) > 0) {
$adatok = mysql_fetch_array($check2);
$osszesen = ($adatok['ejszakak'] + $ejszakak);
mysql_query("UPDATE torzsvendegek SET nev = '".$nev."', mikor = '".$adatok['mikor']."".$mikor."".$br."', ejszakak = '".$osszesen."', nyelv = '".$nyelv."', megjegyzes = '".$adatok['megjegyzes']."".$megjegyzes."".$br."' WHERE email = '".$email."'");
echo "<br>".$email." Updated";
}else {
mysql_query("INSERT INTO torzsvendegek (id, nev, email, mikor, ejszakak, nyelv, megjegyzes) VALUES (NULL, '$nev', '$email', '".$mikor."".$br."', '$ejszakak', '$nyelv', '".$megjegyzes."')");
echo "<br>".$email." Added";
}
****/
}elseif (isset($_POST["submit_add"])) {
echo "Something is missing";
}
echo '</pre>';//end of pre
?>
Search:
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<input placeholder="e-mail address" type="text" name="email_search">
<input type="submit" name="search" value="Go">
</form>
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<table width="440" border="0" style="text-align:right;">
<tr>
<td>E-mail:</td>
<td><input type="text" name="email" value="<?php echo $email;?>" ></td>
</tr>
<tr>
<td>Név:</td>
<td><input type="text" name="nev" value="<?php echo $nev;?>"></td>
</tr>
<tr>
<td>Mikor:</td>
<td><input type="text" name="mikor" value="<?php echo $mikor;?>"></td>
</tr>
<tr>
<td>Éjszakák száma:</td>
<td><input type="text" name="ejszakak" value="<?php echo $ejszakak;?>"></td>
</tr>
<tr>
<td>Nemzetisége:</td>
<td align="left">
<select name="nyelv">
<option value="magyar" <?php if($nyelv=="magyar") echo "selected=\"selected\""; ?>>Magyar</option>
<option value="nemet" <?php if($nyelv=="nemet") echo "selected=\"selected\""; ?>>Német</option>
<option value="lengyel" <?php if($nyelv=="lengyel") echo "selected=\"selected\""; ?>>Lengyel</option>
<option value="roman" <?php if($nyelv=="roman") echo "selected=\"selected\""; ?>>Román</option>
<option value="szlovak" <?php if($nyelv=="szlovak") echo "selected=\"selected\""; ?>>Szlovák</option>
<option value="egyeb" <?php if($nyelv=="egyeb") echo "selected=\"selected\""; ?>>Egyéb</option>
</select>
</td>
</tr>
<tr>
<td>Megjegyzés:</td>
<td><textarea name="megjegyzes"><?php echo htmlspecialchars($megjegyzes);?></textarea>
</td>
</tr>
</table><br>
<table width="440">
<tr><td><input type="submit" name="submit_add" value="Hozzáad"></td></tr>
</table>
</form>
I have an update page where I check the title of the employee whether he is a doctor or a nurse. If the employee is a doctor/nurse an HTML form will be shown, if not a doctor/nurse, patient information will only be displayed and cannot be edited. But my code somehow skips the part where I wanted to display the form even if I am logged in as a doctor/nurse. Can you please help me with this....
<?php
$a=$_SESSION['employeeID'];
$title="SELECT title FROM employee WHERE employeeID = '$a'";
if($title == 'nurse' OR $title == 'doctor')
{
echo '<form method="post" id="customForm" action="add_assessment.php">
<table>
<input type="hidden" name="res_id" value="' . $_GET['res_id'] . '" />
<tr>
<td><label for="name"><font style="color:white">Symptoms</font><font style="color:gray"></font></label>
<input id="name" name="symptoms" type="text" /></td>
<td><label for="name"><font style="color:white">Respiratory Rate</font></label>
<input id="name" name="respiratoryRate" type="text" /></td>
<td><label for="name"><font style="color:white">Temperature</font> <font style="color:gray"></font></label>
<input id="name" name="temperature" type="text" /></td>
</tr>
<tr>
<td><label for="name"><font style="color:white">Blood Pressure</font></label>
<input id="name" input name="bloodPressure" type="text" class="input2"/></td>
<td><label for="name"><font style="color:white">Pulse Rate</font></label>
<input id="name" input name="pulseRate" type="text" /></td>
</tr>
<tr>
<td><label for="name"><font style="color:white">Chief Complaint</font></label>
<input id="name" input name="complaint" type="text" class="input2"/></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input id="send" name="send" type="submit" value="Submit" /></td>
</tr>
</table>
</form>';
}
else
{
$host="localhost";
$username="root";
$password=""; // password
$db_name="rhu"; // Database name
$tbl_name="assessment"; // Table name
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");
$id = $_GET['res_id'];
$sql = mysql_query("SELECT * FROM assessment WHERE patientID='$id'");
while($row = mysql_fetch_array($sql))
{
echo "<p>ID: ".$id."</p>";
echo "<p>Assessment ID: ".$row['assessmentID']."</p>";
echo "<p>Symptoms: ".$row['symptoms']."</p>";
echo "<p>Respiratory Rate: ".$row['respiratoryRate']."</p>";
echo "<p>Temperature: ".$row['temperature']."</p>";
echo "<p>Blood Pressure: ".$row['bloodPressure']."</p>";
echo "<p>Pulse Rate: ".$row['pulseRate']."</p>";
echo "<p>Complaints: ".$row['complaint']."</p>";
echo "<p>Date: ".$row['date']."</p>";
echo "<br>";
}
}
?>
In its current state, you are simply assigning a string to the variable $title. You are literally saying that $title is the string "SELECT title FROM employee WHERE employeeID = '$a'"; therefore it is skipping the if($title == 'nurse' OR $title == 'doctor').
You are also not executing a MySQL query, try this first
$a=$_SESSION['employeeID'];
$sql = mysql_query("SELECT title FROM employee WHERE employeeID = '"$a"'");
while($row = mysql_fetch_array($sql)){
$title = $row['title'];
if($title == 'nurse' OR $title == 'doctor')
{
echo....
You should also note that mysql_* is deprecated and will be phased out of PHP as a solution in the future. To future-proof your code, consider using mysqli or PDO transactions.
You can try like this--
$sql = mysql_query("SELECT title FROM employee WHERE employeeID = '$a'");
while($row = mysql_fetch_array($sql)){
$title = $row['title'];
if($title == 'nurse' OR $title == 'doctor')
{
...continue you coding