I was programming something and I faced the problem. I was wondering where is the problem, because my code stop working after mysql_query("UPDATE ...") part. Here is the code, I hope someone will help me.
<?php include("/includes/template/header.php"); ?>
<section>
<form action="" method="post">
<input type="post" name="ime" placeholder="Ime"><br>
<input type="post" name="prezime" placeholder="Prezime"><br>
<input type="post" name="broj" placeholder="Broj telefona"><br>
<input type="post" name="adresa" placeholder="Adresa"><br>
<input type="submit" name="submit" value="Trazi">
</form>
<?php
include("includes/config.php");
if(isset($_POST['submit']))
{
if(!empty($_POST['ime']) && !empty($_POST['prezime']))
{
$trazeno_ime = $_POST['ime'];
$trazeno_prezime = $_POST['prezime'];
$query = "SELECT id, broj_telefona, adresa FROM korisnici WHERE ime = '$trazeno_ime' AND prezime='$trazeno_prezime'";
if ($query_run = mysql_query($query))
{
if(mysql_num_rows($query_run)!=NULL)
{
$query_row = mysql_fetch_assoc($query_run);
$id = $query_row["id"];
$brojtel = $query_row["broj_telefona"];
$adresa = $query_row["adresa"];
echo "<form action=\"\" method=\"post\">";
echo "<input type=\"post\" name=\"ime1\" value=\"$trazeno_ime\"><br></br>";
echo "<input type=\"post\" name=\"prezime1\" value=\"$trazeno_prezime\"><br></br>";
echo "<input type=\"post\" name=\"broj1\" value=\"$brojtel\"><br></br>";
echo "<input type=\"post\" name=\"adresa1\" value=\"$adresa\"><br></br>";
echo "<input type=\"submit\" name=\"submit1\" value=\"Promijeni\">";
echo "</form>";
if(isset($_POST['submit1']))
{
if(!empty($_POST['ime1']) && !empty($_POST['prezime1']) && !empty($_POST['broj1']) && !empty($_POST['broj1']) && !empty($_POST['adresa']))
{
$novoime = $_POST['ime1'];
$novoprezime = $_POST['prezime1'];
$novobroj = $_POST['broj1'];
$novoadresa = $_POST['adresa1'];
mysql_query("UPDATE korisnici SET ime='$novoime', prezime='$novoprezime', broj_telefona='$novobroj', adresa='$novoadresa' WHERE id=$id") or die(mysql_error());
echo "Uspješno promijenjeni podaci";
}
else
{
echo "Morate unijeti sva polja";
}
}
else
{
echo "Glupost";
}
}
else
{
echo "Nema korisnika u bazi";
}
}
else
{
echo "Hahu";
}
}
else
{
echo "Unesi podatke";
}
}
?>
</section>
</div>
</body>
You need to add quotes to your id statement see below.
"UPDATE korisnici SET ime='$novoime', prezime='$novoprezime', broj_telefona='$novobroj', adresa='$novoadresa' WHERE id='$id'"
Related
I don't really know how to explain my question, but I am in need. Of how to display warning before update into database.
example:
<?php
#Get id and yes before update waring code
if (isset($_GET["acept"])) {
$acept = $_GET["acept"];
} else {
$acept = " ";
}
if ($acept == "update") {
if (isset($_GET["yes"]) & $_GET["yes"] == true) {
$id = (int)$_GET["id"];
$query = mysqli_query($conn, "update users set balance='$redut' where id='$id'");
if ($query) {
echo " Successfull";
} else {
echo "retry";
}
exit();
}
$id = (int)$_GET["id"];
echo "<div class='topnav'>System Warning</div><div class='msg'>Are You Sure ?</div><div class='gap'></div><div class='button'><a href='?acept=update&yes=true&id=$idd'><font color='red'>Yes</font></a> | <a href='user.php'>No</a></div>";
}
here is my full code where I am trying to display the warning before updating into database
<?php
include_once 'init.php';
$error = false;
// check if form is submitted
if (isset($_POST['book'])) {
$book = mysqli_real_escape_string($conn, $_POST['book']);
$action = mysqli_real_escape_string($conn, $_POST['action']);
if (strlen($book) < 6) {
$error = true;
$book_error = "booking code must be alist 6 in digit";
}
if (!is_numeric($book)) {
$error = true;
$book_error = "Incorrect booking code";
}
if (empty($_POST["action"])) {
$error = true;
$action_error = "pick your action and try again";
}
if (!$error) {
if (preg_match('/(check)/i', $action)) {
echo "6mameja";
}
if (preg_match('/(comfirm)/i', $action)) {
if (isset($_SESSION["user_name"]) && (trim($_SESSION["user_name"]) != "")) {
$username = $_SESSION["user_name"];
$result = mysqli_query($conn, "select * from users where username='$username'");
}
if ($row = mysqli_fetch_array($result)) {
$idd = $row["id"];
$username = $row["username"];
$id = $row["id"];
$username = $row["username"];
$ip = $row["ip"];
$ban = $row["validated"];
$balance = $row["balance"];
$sql = "SELECT `item_name` , `quantity` FROM `books` WHERE `book`='$book'";
$query = mysqli_query($conn, $sql);
while ($rows = mysqli_fetch_assoc($query)) {
$da = $rows["item_name"];
$qty = $rows["quantity"];
$sqll = mysqli_query($conn, "SELECT * FROM promo WHERE code='$da' LIMIT 1");
while ($prow = mysqli_fetch_array($sqll)) {
$pid = $prow["id"];
$price = $prow["price"];
$count = 0;
$count = $qty * $price;
$show = $count + $show;
}
}
if ($show < $balance) {
echo "you cant buy here";
exit();
} elseif ($show > $balance) {
$redut = $balance - $show;
#display the warning before updating into daase if (isset($_GET["acept"])) {
$acept = $_GET["acept"];
} else {
$acept = " ";
}
if ($acept == "update") {
if (isset($_GET["yes"]) & $_GET["yes"] == true) {
$id = (int)$_GET["id"];
$query = mysqli_query($conn, "update users set balance='$redut' where id='$id'");
if ($query) {
echo " Successfull";
} else {
echo mysql_error();
}
exit();
}
$idd = (int)$_GET["id"];
echo "<div class='topnav'>System Warning</div><div class='msg'>Are You Sure ?</div><div class='gap'></div><div class='button'><a href='?acept=update&yes=true&id=$idd'><font color='red'>Yes</font></a> | <a href='user.php'>No</a></div>";
}
}
} else {
$errormsg = "Error in registering...Please try again later!";
}
}
}
}
?>
<form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="booking">
<fieldset>
<legend>Check Booking</legend>
<div class="form-group">
<label for="name">Username</label>
<input type="text" name="book" placeholder="Enter Username" required value="<?php if($error) echo $book; ?>" class="form-control" />
<span class="text-danger"><?php if (isset($book_error)) echo $book_error; ?></span>
</div>
<input type="submit" name="booking" value="Sign Up" class="btn btn-primary" />
<table><input type="radio" name="action" value="comfirm" <?php if(isset($_POST['action']) && $_POST['action']=="comfirm") { ?>checked<?php } ?>>
<input type="radio" name="action" value="check" <?php if(isset($_POST['action']) && $_POST['action']=="check") { ?>checked<?php } ?>> Check booking <span class="text-danger"><?php if (isset($action_error)) echo $action_error; ?></span>
</div></table>
I don't really know where am wrong with the code, but the expected warning before update do not display and the database is not updated. big thanks in advance.
if (isset($_GET["yes"]) & $_GET["yes"] == true) {
change this to
if (isset($_GET["yes"]) && $_GET["yes"] == 'true') {
servers take the GET method as a string. not boolean
I don't really get what kind of warning you are trying to display. If it is for a user you can use the print or echo function. It is possible to echo a block of html so:
echo '<div class=”warning-msg”><p>MY WARNING</p></div>'
will display the block. Only thing is the warning may not be in de correct place or time.
Or in js
echo ‘<script type="text/javascript">’
echo ‘alert(“message successfully sent”)’
echo ’</script>’
If the waring is for jou personal use the build in php error handeling handeling.
Here is a snippet for a query function using php.
Use:
$query = query("SELECT ... (SQL)", $variable);
I have tried to make a ToDo list for a user. In the code below, wish adding button works fine and calls 'add_wish()' function but 'delete'/'update' button doesn't call relevant function. Rather call a file ''. Tried searching forums for hours. Why this is happening and how can I call relevent functions using this approch of extracting data from database. My code:
<body>
<?php
global $id, $adatabase;
include 'connect_to_database.php';
$adatabase = new database('localhost','root','');
function delete_wish($post_id) {
echo 'BLAH BLAH BLAH';
if(!empty($new_todo)) {
global $id,$adatabase;
$query = "DELTE FROM todolist WHERE post_id = '".$post_id."''";
if ($query_run = mysqli_query($adatabase->mysqli_link,$query)) {
get_user_todos($id);
} else 'Failed to add new wish.Please try again later!';
}
}
function update_wish($post_id) {
echo 'OKA';
}
function get_user_todos($user_id) {
global $id, $adatabase;
$id= $user_id;
echo $user_id;
$query = "SELECT todo,post_id FROM todolist WHERE user_id = '".$user_id."'";
if ($query_run = mysqli_query($adatabase->mysqli_link,$query)) {
?>
<div id="todo_list">
<table border="10" cellpadding="10">
<?php
while($query_data = $query_run->fetch_row()) {
echo '<tr>';
echo '<td>'.$query_data[0].'</td>';
echo "<td> <form method='post' action=\"<?php update_wish(".$query_data[1].");?>\"> <input type='submit' value='update'> </form> </td>";
echo "<td> <form method='post' action=\"<?php delete_wish(".$query_data[1].");?>\"> <input type='submit' value='delete'> </form> </td>";
echo '</tr>';
}
?>
</table>
</div>
<?php
}
}
function add_wish() {
global $id;
if(isset($_POST['new_todo'])) {
$new_todo = $_POST['new_todo'];
if(!empty($new_todo)) {
global $id,$adatabase;
$query = "INSERT INTO todolist (todo,user_id) VALUE ('".mysqli_real_escape_string($adatabase->mysqli_link,$new_todo)."','".$id."')";
if ($query_run = mysqli_query($adatabase->mysqli_link,$query)) {
get_user_todos($id);
} else 'Failed to add new wish.Please try again later!';
}
}
}
session_start();
if(isset($_SESSION['user_id'])) {
get_user_todos($_SESSION['user_id']);
?>
<form method="post" action=" <?php add_wish(); ?>">
<textarea rows="4" cols="8" name="new_todo"></textarea>
<input type="submit">
</form>
<?php
}else
header('Location: login.php');
?>
</body>
I have written a page that displays a load of data from MySQL database and all works perfect EXCEPT that when i click the Home link (the title of the page) it logs out and i need to log back in, im probably missing something stupid or not doing something i need, code below
<?php
session_start();
?><title>Vend365 Monitor (Beta test)</title>
<h1><u>Vend 365 online monitor (Beta test)<p></p></u></h3>
<?php
require_once ("V365Connect.php");
//Following if 'update' is clicked
if (isset($_POST['lastseen'])){?><p>
<style>
table, th, td {
border: 1px solid black;
border-collapse: collapse;
}
th, td {
padding: 1px;
text-align: left;
}
</style>
<h1>Vend 'Last Seen' times: Page loaded at <?php echo date("d/m/Y G:i:s"); ?></h1>
<?php
$result1 = mysql_query("SELECT distinct customer FROM vends order by customer") or die(mysql_error());
while($row = mysql_fetch_assoc($result1))
{ echo '<table><th>';
?><font size = "5">Customer - '<?php echo $row[customer];?>'</font><?php
echo '</th>';
$result2 = mysql_query("SELECT * FROM vends where customer ='".$row[customer]."'") or die(mysql_error());
while($row1 = mysql_fetch_assoc($result2))
{
echo '<tr><td>';
?>Machine <b>'<?php echo $row1[machine];?>'</b> last seen online at <b>'<?php echo $row1[lastseen];?>'</b> running version <b>'<?php echo $row1[myversion];?>'</b><?php
$today = date("d/m/Y G:i:s");
$lastseentime = $row1[lastseen];
$diff = $today-$lastseentime;
if ($diff == "1"){
?><b> <font color = "red"> -- Last seen online yesterday</font></b> <?php ;}
if ($diff > "1"){
?> <b><font color = "red"> -- Last seen online BEFORE yesterday</font></b> <?php ;}
echo '</td></tr><p>' ;
}
}?></table>
<?php
}else{
if (isset($_POST['update'])){
if ($_POST['checkbox']=='checked'){
$isalive = 1;
} else {
$isalive = 0;
}
if ($_POST['checkbox1']=='checked'){
$hb800 = 1;
} else {
$hb800 = 0;
}
if ($_POST['checkbox2']=='checked'){
$hb1100 = 1;
} else {
$hb1100 = 0;
}
if ($_POST['checkbox3']=='checked'){
$hb1400 = 1;
} else {
$hb1400 = 0;
}
if ($_POST['checkbox4']=='checked'){
$hb1700 = 1;
} else {
$hb1700 = 0;
}
if ($_POST['checkbox5']=='checked'){
$gcmreboot = 1;
} else {
$gcmreboot = 0;
}
if ($_POST['checkbox6']=='checked'){
$emailreboot = 1;
} else {
$emailreboot = 0;
}
if ($_POST['checkbox7']=='checked'){
$hbgcm = 1;
} else {
$hbgcm = 0;
}
if ($_POST['checkbox8']=='checked'){
$hbemail = 1;
} else {
$hbemail = 0;
}
if ($_POST['checkbox9']=='checked'){
$edigcm = 1;
} else {
$edigcm = 0;
}
if ($_POST['checkbox10']=='checked'){
$ediemail = 1;
} else {
$ediemail = 0;
}
if ($_POST['checkbox11']=='checked'){
$reportgcm = 1;
} else {
$reportgcm = 0;
}
if ($_POST['checkbox12']=='checked'){
$reportemail = 1;
} else {
$reportemail = 0;
}
if ($_POST['checkbox13']=='checked'){
$pingmailgcm = 1;
} else {
$pingmailgcm = 0;
}
if ($_POST['checkbox14']=='checked'){
$pingmailemail = 1;
} else {
$pingmailemail = 0;
}
if ($_POST['checkbox15']=='checked'){
$internetgcm = 1;
} else {
$internetgcm = 0;
}
if ($_POST['checkbox16']=='checked'){
$internetemail= 1;
} else {
$internetemail = 0;
}
if ($_POST['checkbox17']=='checked'){
$sqlgcm = 1;
} else {
$sqlgcm = 0;
}
if ($_POST['checkbox18']=='checked'){
$sqlemail = 1;
} else {
$sqlemail = 0;
}
if ($_POST['checkbox19']=='checked'){
$backupgcm = 1;
} else {
$backupgcm = 0;
}
if ($_POST['checkbox20']=='checked'){
$backupemail = 1;
} else {
$backupemail = 0;
}
$sqlupdate = "update vends set isalive='".$isalive."',customer='".$_POST['customer']."',machine='".$_POST['machine']."',mailserver='".$_POST['smtp']."',emails='".$_POST['emails']."',gcm='".$_POST['gcm']."',hb800='".$hb800."',hb1100='".$hb1100."',hb1400='".$hb1400."',hb1700='".$hb1700."',sqlserver='".$_POST['sqlserver']."',sqlport='".$_POST['sqlport']."',sqlinstance='".$_POST['sqlinstance']."',sqldatabase='".$_POST['sqldatabase']."',sqlname='".$_POST['sqlname']."',sqlpassword='".$_POST['sqlpassword']."',rebootgcm='".$gcmreboot."',rebootemail='".$emailreboot."',hbgcm='".$hbgcm."',hbemail='".$hbemail."',edigcm='".$edigcm."',ediemail='".$ediemail."',reportgcm='".$reportgcm."',reportemail='".$reportemail."',mailpinggcm='".$pingmailgcm."',mailpingemail='".$pingmailemail."',internetgcm='".$internetgcm."',internetemail='".$internetemail."',sqlgcm='".$sqlgcm."',sqlemail='".$sqlemail."',backupgcm='".$backupgcm."',backupemail='".$backupemail."',lastseen='".$lastseen."' where mac='".$_SESSION['mac']."'";
mysql_query($sqlupdate) or die(mysql_error());?><h1>
--->Customer - <font color = blue><?php echo $_SESSION['customer'];?></font>
<br />
--->Machine - <font color = blue><?php echo $_SESSION['machine'];?></font>
<p>
<?php
echo "Request sent";
}
else
{
//First load screen to select customer when correct details are entered
if (!isset($_POST['update'])){
if (!isset($_POST['customer'])){
if (!isset($_POST['machine'])){
if (isset($_POST['submit'])){
$result = mysql_query("SELECT * FROM users where user='".$_POST['user']."' and pass='".$_POST['pass']."'") or die(mysql_error());
$count = mysql_num_rows($result);
if ($count == 1){
?><p><p> <table style="border:1px solid black;"><tr><td><h1>Welcome '<?php echo $_POST['user'];?>'</td></tr></table><?php
$_SESSION['customer'];
$_SESSION['machine'];
$_SESSION['mac'];
if (!isset($_POST['customer'])) {
if (!isset($_POST['machine'])) {
echo "<h1><form action ='' method='post'>";
echo "Please Select Your Customer<br />";
$result1 = mysql_query("SELECT distinct customer FROM vends order by customer") or die(mysql_error());
echo "<select name='customer'>";
while($row = mysql_fetch_assoc($result1))
{
echo "<option value = '".$row[customer]."'>".$row[customer]."</option>";
}
echo "</select>";
echo "<input type='submit' value='Go'>";
echo "</form>";
echo "";
echo "Show all 'Last Seen' times";
?>
<form method='post'>
<input type='submit' value='Show Last Seen Status' name ='lastseen' />
</form>
<?php
}
}}else {
// If wrong details entered
echo "Sorry, wrong username or password, please go back and try again";
}
} else {
// Following is first time load screen
?>
<!DOCTYPE HTML> <html>
<head>
<link rel="stylesheet" type="text/css" href="style-sign.css">
</head><h1>
<title>Vend 365 Monitor</title>
<body id="body-color">
<div id="Sign-In">
<fieldset style="width:30%">
<legend>LOG-IN HERE</legend>
<form method="POST"> User <br><input type="text" style="font-size: 30px;" name="user" size="20"><br> Password <br><input type="password" style="font-size: 30px;" name="pass" size="20"><br>
<input id="button" type="submit" style="font-size: 30px; "name="submit" value="Log-In"> </form> </fieldset>
</div>
</body>
</html>
<?php
}}}
} else {
}
?>
<?php
// Select a vending machine
if (!isset($_POST['submit'])){
if (isset($_POST['customer'])) {
$example = $_POST['customer'];
$_SESSION['customer'] = $example;
$result2 = mysql_query("SELECT * FROM vends where customer='".$example."'") or die(mysql_error());
?><h1>
<font color = black>--->Customer - <font color = blue><?php
echo $_SESSION['customer'];?><p></font></font><?php
echo "<form action ='' method='post'>";
echo "Please Select Your Machine<br />";
echo "<select name='machine'>";
while($row = mysql_fetch_assoc($result2))
{
echo "<option value = '".$row[machine]."'>".$row[machine]."</option>";
}
echo "</select>";
echo "<input type='submit' value='Go'>";
echo "</form>";
}}
// show all customer/machine info
if (isset($_POST['machine'])) {
$example1 = $_POST['machine'];
$_SESSION['machine'] = $example1;?>
<h1><font color = black>--->Customer - <font color = blue><?php
echo $_SESSION['customer'];?><br /></font></font><br /><font color = black>--->Machine - <font color = blue><?php
echo $_SESSION['machine']; ?><p><?php
$result3 = mysql_query("SELECT * FROM vends where customer='".$_SESSION['customer']."' and machine ='".$_SESSION['machine']."'") or die(mysql_error());
while ($rows = mysql_fetch_assoc($result3))
{
$tag1 = $rows['hb800'];
$checkedstatus1 = '';
if($tag1 == '1')
{
$checkedstatus1 = 'checked';
} else {
$checkedstatus1 = 'unchecked';
}?><font color = black><form method='post'>
0800 Heartbeat check - <input type='checkbox' value='checked' name='checkbox1' <?php echo $checkedstatus1; ?> />
<br /><?php
$tag2 = $rows['hb1100'];
$checkedstatus2 = '';
if($tag2 == '1')
{
$checkedstatus2 = 'checked';
} else {
$checkedstatus2 = 'unchecked';
}?>
1100 Heartbeat check- <input type='checkbox' value='checked' name='checkbox2' <?php echo $checkedstatus2; ?> />
<br />
<?php $tag3 = $rows['hb1400'];
$checkedstatus3 = '';
if($tag3 == '1')
{
$checkedstatus3 = 'checked';
} else {
$checkedstatus3 = 'unchecked';
}?>
1400 Heartbeat check - <input type='checkbox' value='checked' name='checkbox3' <?php echo $checkedstatus3; ?> />
<br />
<?php
$tag4 = $rows['hb1700'];
$checkedstatus4 = '';
if($tag4 == '1')
{
$checkedstatus4 = 'checked';
} else {
$checkedstatus4 = 'unchecked';
}?>
1700 Heartbeat check - <input type='checkbox' value='checked' name='checkbox4' <?php echo $checkedstatus4; ?> /><br />
<?php
$tag5 = $rows['rebootgcm'];
$checkedstatus5 = '';
if($tag5 == '1')
{
$checkedstatus5 = 'checked';
} else {
$checkedstatus5 = 'unchecked';
}?>
Send GCM when rebooted - <input type='checkbox' value='checked' name='checkbox5' <?php echo $checkedstatus5; ?> /><br />
<?php
$tag6 = $rows['rebootemail'];
$checkedstatus6 = '';
if($tag6 == '1')
{
$checkedstatus6 = 'checked';
} else {
$checkedstatus6 = 'unchecked';
}?>
Send email when rebooted - <input type='checkbox' value='checked' name='checkbox6' <?php echo $checkedstatus6; ?> /><br />
<?php
$tag7 = $rows['hbgcm'];
$checkedstatus7 = '';
if($tag7 == '1')
{
$checkedstatus7 = 'checked';
} else {
$checkedstatus7 = 'unchecked';
}?>
Heartbeat check GCM - <input type='checkbox' value='checked' name='checkbox7' <?php echo $checkedstatus7; ?> /><br />
<?php
$tag8 = $rows['hbemail'];
$checkedstatus8 = '';
if($tag8 == '1')
{
$checkedstatus8 = 'checked';
} else {
$checkedstatus8 = 'unchecked';
}?>
Heartbeat check Email - <input type='checkbox' value='checked' name='checkbox8' <?php echo $checkedstatus8; ?> /><br />
<?php
$tag9 = $rows['edigcm'];
$checkedstatus9 = '';
if($tag9 == '1')
{
$checkedstatus9 = 'checked';
} else {
$checkedstatus9 = 'unchecked';
}?>
EDI fail check GCM - <input type='checkbox' value='checked' name='checkbox9' <?php echo $checkedstatus9; ?> /><br />
<?php
$tag10 = $rows['ediemail'];
$checkedstatus10 = '';
if($tag10 == '1')
{
$checkedstatus10 = 'checked';
} else {
$checkedstatus10 = 'unchecked';
}?>
EDI fail check Email - <input type='checkbox' value='checked' name='checkbox10' <?php echo $checkedstatus10; ?> /><br />
<?php
$tag11 = $rows['reportgcm'];
$checkedstatus11 = '';
if($tag11 == '1')
{
$checkedstatus11 = 'checked';
} else {
$checkedstatus11 = 'unchecked';
}?>
Report fail GCM - <input type='checkbox' value='checked' name='checkbox11' <?php echo $checkedstatus11; ?> /><br />
<?php
$tag12 = $rows['reportemail'];
$checkedstatus12 = '';
if($tag12 == '1')
{
$checkedstatus12 = 'checked';
} else {
$checkedstatus12 = 'unchecked';
}?>
Report fail Email - <input type='checkbox' value='checked' name='checkbox12' <?php echo $checkedstatus12; ?> /><br />
<?php
$gcm = $rows[gcm];
$tag13 = $rows['mailpinggcm'];
$checkedstatus13 = '';
if($tag13 == '1')
{
$checkedstatus13 = 'checked';
} else {
$checkedstatus13 = 'unchecked';
}?>
Ping email server GCM - <input type='checkbox' value='checked' name='checkbox13' <?php echo $checkedstatus13; ?> /><br />
<?php
$tag14 = $rows['mailpingemail'];
$checkedstatus14 = '';
if($tag14 == '1')
{
$checkedstatus14 = 'checked';
} else {
$checkedstatus14 = 'unchecked';
}?>
Ping email server Email - <input type='checkbox' value='checked' name='checkbox14' <?php echo $checkedstatus14; ?> /><br />
<?php
$tag15 = $rows['internetgcm'];
$checkedstatus15 = '';
if($tag15 == '1')
{
$checkedstatus15 = 'checked';
} else {
$checkedstatus15 = 'unchecked';
}?>
Ping internet fail GCM - <input type='checkbox' value='checked' name='checkbox15' <?php echo $checkedstatus15; ?> /><br />
<?php
$tag16 = $rows['internetemail'];
$checkedstatus16 = '';
if($tag16 == '1')
{
$checkedstatus16 = 'checked';
} else {
$checkedstatus16 = 'unchecked';
}?>
Ping internet fail email - <input type='checkbox' value='checked' name='checkbox16' <?php echo $checkedstatus16; ?> /><br />
<?php
$tag17 = $rows['sqlgcm'];
$checkedstatus17 = '';
if($tag17 == '1')
{
$checkedstatus17 = 'checked';
} else {
$checkedstatus17 = 'unchecked';
}?>
Failed SQL ping GCM - <input type='checkbox' value='checked' name='checkbox17' <?php echo $checkedstatus17; ?> /><br />
<?php
$tag18 = $rows['sqlemail'];
$checkedstatus18 = '';
if($tag18 == '1')
{
$checkedstatus18 = 'checked';
} else {
$checkedstatus18 = 'unchecked';
}?>
Failed SQL ping email - <input type='checkbox' value='checked' name='checkbox18' <?php echo $checkedstatus18; ?> /><br />
<?php
$tag19 = $rows['backupgcm'];
$checkedstatus19 = '';
if($tag19 == '1')
{
$checkedstatus19 = 'checked';
} else {
$checkedstatus19 = 'unchecked';
}?>
Backup fail GCM - <input type='checkbox' value='checked' name='checkbox19' <?php echo $checkedstatus19; ?> /><br />
<?php
$tag20 = $rows['backupemail'];
$checkedstatus20 = '';
if($tag20 == '1')
{
$checkedstatus20 = 'checked';
} else {
$checkedstatus20 = 'unchecked';
}?>
Backp fail email - <input type='checkbox' value='checked' name='checkbox20' <?php echo $checkedstatus20; ?> /><br />
<u><b><p>Details</b></u><p>
<?php $_SESSION['mac'] = $rows[mac]; ?>
Mac address - '<?php echo $_SESSION['mac']; ?>'<br />
Customer name - '<?php echo $rows[customer]; ?>'<br />
Machine name - '<?php echo $rows[machine]; ?>'<br />
Current version - '<?php echo $rows[myversion]; ?>'<br />
GCM app code - <input type='text' value='<?php echo $gcm; ?>' size=150 rows=4 name='gcm' />......<br />
SMTP server - '<?php echo $rows[mailserver]; ?>'<br />
Email addresses (seperate by commas) - '<?php echo $rows[emails]; ?>'<br /><p>
<u><b>SQL Credentials</b></u><p>
SQL server - '<?php echo $rows[sqlserver]; ?>'<br />
SQL Port - '<?php echo $rows[sqlport]; ?>'<br />
SQL Instance - '<?php echo $rows[sqlinstance] ?>'<br />
SQL Database - '<?php echo $rows[sqldatabase]; ?>'<br />
SQL User name - '<?php echo $rows[sqlname]; ?>'<br />
SQL Password - '<?php echo $rows[sqlpassword]; ?>' <br /><p>
<p>
<u><b>Alive status</u></b><p>
Last seen online - '<?php echo $rows[lastseen]; ?>'<br />
<?php
$tag = $rows['isalive'];
$checkedstatus = '';
if($tag == '1')
{
$checkedstatus = 'checked';
} else {
$checkedstatus = 'unchecked';
}?>
Request 'IsAlive' status - <input type='checkbox' value='checked' name='checkbox' <?php echo $checkedstatus; ?> /> - This will send a GCM and Email if alive.<p>
<input type='submit' value='Update account details' name ='update' /><p>
</form><p>
<?php
}}}}
?>
I am using checkboxes to query the database and I am struggling with this one, I am new to MySQL and PHP so sorry if this is simple!
Here is my code that I have...
<input type="checkbox" name="season2005" value="2005" <?php if(isset($_POST['season2005'])) echo "checked='checked'"; ?> > 2005-06
<input type="checkbox" name="season2006" value="2006" <?php if(isset($_POST['season2006'])) echo "checked='checked'"; ?> > 2006-07
<input type="checkbox" name="season2007" value="2007" <?php if(isset($_POST['season2007'])) echo "checked='checked'"; ?> > 2007-08
<input type="checkbox" name="season2008" value="2008" <?php if(isset($_POST['season2008'])) echo "checked='checked'"; ?> > 2008-09
<input type="checkbox" name="season2009" value="2009" <?php if(isset($_POST['season2009'])) echo "checked='checked'"; ?> > 2009-10
<input type="checkbox" name="season2010" value="2010" <?php if(isset($_POST['season2010'])) echo "checked='checked'"; ?> > 2010-11
<input type="checkbox" name="season2011" value="2011" <?php if(isset($_POST['season2011'])) echo "checked='checked'"; ?> > 2011-12
<input type="checkbox" name="season2012" value="2012" <?php if(isset($_POST['season2012'])) echo "checked='checked'"; ?> > 2012-13
<input type="checkbox" name="season2013" value="2013" <?php if(isset($_POST['season2013'])) echo "checked='checked'"; ?> > 2013-14
if (#$_POST['season2005'] == ""){ $season2005 = "0000"; } else { $season2005 = "2005"; }
if (#$_POST['season2006'] == ""){ $season2006 = "0000"; } else { $season2006 = "2006"; }
if (#$_POST['season2007'] == ""){ $season2007 = "0000"; } else { $season2007 = "2007"; }
if (#$_POST['season2008'] == ""){ $season2008 = "0000"; } else { $season2008 = "2008"; }
if (#$_POST['season2009'] == ""){ $season2009 = "0000"; } else { $season2009 = "2009"; }
if (#$_POST['season2010'] == ""){ $season2010 = "0000"; } else { $season2010 = "2010"; }
if (#$_POST['season2011'] == ""){ $season2011 = "0000"; } else { $season2011 = "2011"; }
if (#$_POST['season2012'] == ""){ $season2012 = "0000"; } else { $season2012 = "2012"; }
if (#$_POST['season2013'] == ""){ $season2013 = "0000"; } else { $season2013 = "2013"; }
$seasons = array($season2005,$season2006,$season2007,$season2008,$season2009,$season2010,$season2011,$season2012,$season2013);
$seasonpick = implode(",",$seasons);;
$matcharrays = array("AND season in ($seasonpick)");
At the moment all of the data is being queried to the database, so if nothing is selected them then part of query from this is "AND season in (0000,0000,0000,0000) etc
How would I go about only getting those selected into the array and if none are selected then the array would be blank.
Hope you understand what I mean!
Here is a working form with some checkboxes that will allow you to test and get the sql you intended.
<?php
$dateArr=array();
if(isset($_POST['season']))
{
$dateArr=array_unique($_POST['season']);
$dateSearch=implode(",", $dateArr);
$sql=".... and season in (".$dateSearch.")";
echo $sql;
}
?>
<html>
<form action="?" method="post">
<?php
for($i=0;$i<10;$i++)
{
echo "<input type=\"checkbox\" name=\"season[]\" value=\"".($i+2005)."\"> ".($i+2005);
}
?>
<input type="submit">
</form>
Output when 2009, 2010 and 2011 selected:
.... and season in (2009,2010,2011)
Okay, so how it works:
Checkboxes are best used when they all have the same name ending in a []. This makes it a nice array on it's own.
If post data is set, we then quickly throw an array unique over it (good habit for the most part in these types of queries) so that there are no duplicate values.
Then simply implode it into a string and pop it into the SQL query.
Edit: Added functionality to re-check checkboxes when submitted.
<?php
$dateArr=array();
if(isset($_POST['season']))
{
$dateArr=array_unique($_POST['season']);
$dateSearch=implode(",", $dateArr);
$sql=".... and season in (".$dateSearch.")";
echo $sql;
}
?>
<html>
<form action="?" method="post">
<?php
for($i=0;$i<10;$i++)
{
$chk="";
if(!empty($_POST['season']))
{
if(in_array($i+2005, $_POST['season']))
{
$chk=" checked=\"checked\" ";
}
}
echo "<input type=\"checkbox\" name=\"season[]\" ".$chk." value=\"".($i+2005)."\"> ".($i+2005);
}
?>
<input type="submit">
</form>
Edit 2: Just add quotes in the right places :)
<?php
$dateArr=array();
if(isset($_POST['season']))
{
$dateArr=array_unique($_POST['season']);
$dateSearch=implode("', '", $dateArr);
$sql=".... and season in ('".$dateSearch."')";
echo $sql;
}
?>
<html>
<form action="?" method="post">
<?php
for($i=0;$i<10;$i++)
{
$chk="";
if(!empty($_POST['season']))
{
if(in_array(($i+2005)."i", $_POST['season']))
{
$chk=" checked=\"checked\" ";
}
}
echo "<input type=\"checkbox\" name=\"season[]\" ".$chk." value=\"".(($i+2005)."i")."\"> ".($i+2005)."i";
}
?>
<input type="submit">
</form>
Edit 3: I feel like this is starting to really answer much more than one question :)
You can simply check the textbox to make sure it isn't empty and then append to a SQL string:
$sql="";
if(!empty($_POST['text1']))
{
$sql.=" and ftgf>= ".$_POST['text1']." ";
}
Having said that, I would strongly suggest that you NEVER allow the user to enter in parts of the actual SQL you will run - unless it is a closed/secure environment, which means NOT an ope website.
Insert the below code
$seasons = array($season2005,$season2006,$season2007,$season2008,$season2009,$season2010,$season2011,$season2012,$season2013);
//start
$seasons2 = array();
foreach ($seasons as $season)
{
if($season!=="0000")
{
array_push($seasons2,$season);
}
}
$seasonpick = implode(",",$seasons2);
//end
I am working on a "forgotten username" system I'm using two forms in two different pages so the code goes as follows:-
recover_page.php:
<form action="security.php" method="post" enctype="multipart/form-data">
Please Enter your email address:<br>
<input type="text" name="email" value="<?php $_POST['email']?>">
<input type="submit" value="submit">
</form>
its php code:
<?php
include "session.php";
include "database/db.php";
$mode_allowed = array('username','password');
if(isset($_GET['mode']) === false && in_array($_GET['mode'],$mode_allowed)===false){
header('location:index.php');
}
?>
now the second page (security.php):
<form action="security.php" method="POST" enctype="multipart/form-data">
<p> Answer this question <p>
<select type="text" selected="selected" name="security_question" value="<?php $security_question?>">
<option name="security_question" value="<?php $security_question =mysql_query("SELECT `security_question` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' ");
$array = mysql_fetch_array($security_question);
echo $array[0];
?>">
<?php $security_question =mysql_query("SELECT `security_question` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' ");
$array = mysql_fetch_array($security_question);echo $array[0]; ?>
</option> </select> <br>
<input type="text" name="answer"/> <br>
<input type="submit" value="submit">
</form>
its php code :
// code to check if the email exists in the database or no
<?php
include "session.php";
include "database/db.php";
$mode_allowed = array('username','password');
if(isset($_POST['email']) === true && empty($_POST['email']) === false){
if(email_exists($_POST['email']) === false){
echo "Sorry, we can't find this email";
exit();
}
}
?>
//code to search for the answer in the database and compare it with the answer that the user has entered in the field "answer"
<?php
echo "<input type='hidden' name='email' value=' '".$_SESSION['email']."' '>";
if(isset($_POST['answer'])){
$answer = $_POST['answer'];
if(!empty($answer)){
$sql = mysql_query("SELECT `username` FROM `users` WHERE `email` ='".mysql_real_escape_string($_SESSION['email'])."' AND `answer`='".mysql_real_escape_string($answer)."'");
if(mysql_num_rows($sql) == 1){
header('location:last.php?success');
}else {
echo "Wrong answer";
}
}else{
echo "<script type='text/javascript'>alert('you must answer this question');</script>";
}
}
?>
Now this works fine when i write the sql statment without the hidden input like this:-
$sql = mysql_query("SELECT `username` FROM `users` WHERE `answer`='".mysql_real_escape_string($answer)."'");
and also, i can echo out the $_SESSION['email']; and it will give me the right value of the hidden field. so why is the sql unable to get this value?!
Editing the code for you last script (putting the code and the html together), something like this:-
<?php
include "session.php";
include "database/db.php";
$Message = "";
$mode_allowed = array('username','password');
if(isset($_POST['email']) === true && empty($_POST['email']) === false)
{
if(email_exists($_POST['email']) === false)
{
echo "Sorry, we can't find this email";
exit();
}
}
if(isset($_POST['answer']))
{
$answer = $_POST['answer'];
if(!empty($answer))
{
$sql = mysql_query("SELECT `username` FROM `users` WHERE `email` ='".mysql_real_escape_string($_SESSION['email'])."' AND `answer`='".mysql_real_escape_string($answer)."'");
if(mysql_num_rows($sql) == 1)
{
header('location:last.php?success');
}
else
{
$Message = "Wrong answer";
}
}
else
{
echo "<script type='text/javascript'>alert('you must answer this question');</script>";
}
}
?>
<form action="security.php" method="POST" enctype="multipart/form-data">
<p> Answer this question </p>
<select type="text" selected="selected" name="security_question" value="<?php $security_question?>">
<option name="security_question" value="<?php $security_question =mysql_query("SELECT `security_question` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' ");
$array = mysql_fetch_array($security_question);
echo $array[0];
?>">
<?php $security_question =mysql_query("SELECT `security_question` FROM `users` WHERE `email`='".mysql_real_escape_string($_POST['email'])."' ");
$array = mysql_fetch_array($security_question);echo $array[0]; ?>
</option>
</select> <br>
<input type="text" name="answer"/> <br>
<input type='hidden' name='email' value='<?php $_POST['email']?>'>
<input type="submit" value="submit">
<?php if ($Message != '') echo "<br /> $Message";?>
</form>