I'm stuck in the delete function, I wonder why my delete button is not functioning, and I already edited my code.
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$semester = ($_POST["semester"]);
$level = ($_POST["level"]);
}
?>
Here is the form method:
<form method="post" action="<?php echo($_SERVER["PHP_SELF"]);?>" enctype="multipart/form-data">
Here is to display the data in table form, and SELECT * is functioning
$sql = mysqli_query ($connection, "SELECT * FROM subject");
echo " <table>
<th>Semester</th>
<th>Level</th>
</tr>";
while($record = mysqli_fetch_assoc ($sql)){
echo "<tr>";
echo "<td>" . $record['semester'] . "</td>";
echo "<td>" . $record['level'] . "</td>";
echo "<td>" . "<input type=submit name=delete value=Delete>" . "</td>";
echo "</tr>";
}
This is the delete button code
if (isset($_POST['delete']))
{
$delete = mysqli_query ($connection, "DELETE FROM subject WHERE semester = '($_POST[semester])'");
}
Try this :
while($record = mysqli_fetch_assoc ($sql)){
echo "<tr>";
echo '<form action="mypage.php" method="post">';
echo "<td>" . $record['semester'] . "</td>";
echo "<td>" . $record['level'] . "</td>";
echo "<td>" . $record['course'] . "</td>";
echo "<td>" . $record['subject'] . "</td>";
echo "<td>" . $record['section'] . "</td>";
// And add field form hidden
echo '<input type="hidden" name="semester" value="'.$record['semester'].'">';
echo "<td>" . '<input type="submit" name="delete" value="Delete">' . "</td>";
echo "</form>";
echo "</tr>";
}
if (isset($_POST['delete']) && isset($_POST['semester']))
{
$stmt = $connection->prepare('DELETE FROM subject WHERE semester = ?');
// if $_POST['semester'] is integer else see http://php.net/manual/en/mysqli-stmt.bind-param.php
$stmt->bind_param('i', $_POST['semester']);
$stmt->execute();
}
Related
I have a table, displayied with an echo, where, for each row I'd like to have a button to change a "status" field (I want to update just one field). I am trying to insert a form button into my echo but I don't get anything.
This is my echo code:
while($row = mysql_fetch_array( $result )) {
echo "<tr>";
echo '<td>' . $row['id'] . '</td>';
echo '<td>' . $row['fullname'] . '</td>';
echo '<td>' . $row['message'] . '</td>';
echo '<td>' . $row['country'] . '</td>';
echo '<td>' . $row['email'] . '</td>';
echo '<td>' . $row['website'] . '</td>';
echo '<td>' . $row['date'] . '</td>';
echo "<td>" . $row['status'] . " </td>";
echo "<form action='updatestatus.php' method='post'>";
echo "<input type='hidden' value='".$row['id']."' name='id' />";
echo "<input type='hidden' value='".$row['status']."' name='status' />";
echo "<td><input type='submit' name='submit' value='Submit'></td>";
echo "</form>";
echo '<td>Edit</td>';
echo '<td>Delete</td>';
echo "</tr>";
}
updatestatus.php
// check if the form has been submitted.
if (isset($_POST['submit'])) {
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id'])) {
// get form data, making sure it is valid
$id = $_POST['id'];
$status = $_POST['status'];
if ($status == 0) {
$status == 1;
mysql_query("UPDATE personalguestbook SET status='$status' WHERE id='$id'")
or die(mysql_error());
} else {
$status == 0;
mysql_query("UPDATE personalguestbook SET status='$status' WHERE id='$id'")
or die(mysql_error());
}
header("Location: view.php");
}
}
So, if my status field is = 0, I want to change it = 1 and update into my database, and vice versa.
Thanks for your attention
Your form isn't sending anything to updatestatus.php, you can add the data to POST in a hidden form like so:
echo "<form action='updatestatus.php' method='post'>";
echo "<input type='hidden' value='".$row['id']."' name='id' />";
echo "<input type='hidden' value='".$row['status']."' name='status' />";
echo "<td><input type='submit' name='submit' value='Submit'></td>";
echo "</form>";
This is the simple fix to your code above, there are still some security flaws and efficiency methods others have mentioned in the comments.
Check this PHP code
while($row = mysql_fetch_array( $result )) {
echo "<tr>";
echo '<td>' . $row['id'] . '</td>';
echo '<td>' . $row['fullname'] . '</td>';
echo '<td>' . $row['message'] . '</td>';
echo '<td>' . $row['country'] . '</td>';
echo '<td>' . $row['email'] . '</td>';
echo '<td>' . $row['website'] . '</td>';
echo '<td>' . $row['date'] . '</td>';
echo "<td>" . $row['status'] . " </td>";
echo "<td>";
echo "<form action='updatestatus.php' method='post'>";
echo "<input type='hidden' value='".$row['id']."' name='id' />";
echo "<input type='hidden' value='".$row['status']."' name='status' />";
echo "<td><input type='submit' name='submit' value='Submit'></td>";
echo "</form>";
echo "</td>";
echo '<td>Edit</td>';
echo '<td>Delete</td>';
echo "</tr>";
}
updatestatus.php
// check if the form has been submitted.
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
$status = $_POST['status'];
if ($status == 0){
$status == 1;
mysql_query("UPDATE personalguestbook SET status='".$status."' WHERE id='".$id."'")
or die(mysql_error());
} else {
$status == 0;
mysql_query("UPDATE personalguestbook SET status='".$status."' WHERE id='$id'")
or die(mysql_error());
}
header("Location: view.php");
}
}
I cannot seem to get the value from my dropdown box which is using JQuery linked up to my database, into an SQL statement?
Where is the error?
Thanks
Here is my PHP:
<form action="" method="post">
<p class="timetable-p">Room code:
<select id="combobox" name="combobox">
<form action="" method="post"><?php
echo '<option class="option">Type/Select a room</option>';
while ($row = $res->fetchRow()) {
$code = $row['roomcode'];
$titles[] = $row['park'];
echo '<option class="option" name="codedrop">'.$code.'</option>';
}
?>
<input type="submit" value="subm" name="subm">
</form>
<?php
if( isset( $_POST['subm'] ) )
{
$codedropOption= $_POST['codedrop'];
$resql = "SELECT * FROM 'ROOMS' WHERE 'roomCode' LIKE '$codedrop%'";
$res1 = mysql_query($resql);
echo "<table>";
while($row = mysql_fetch_array($res1)){
echo "<tr><td>" . $row['roomCode'] . "</td>";
echo "<td>" . $row['Style'] . "</td><td>" . $row['dataProjector'] . "</td>";
echo "<td>" . $row['Whiteboard'] . "</td><td>" . $row['OHP'] . "</td>";
echo "<td>" . $row['wheelchairAccess'] . "</td>";
echo "<td>" . $row['lectureCapture'] . "</td>";
echo "<td><input type='radio' name='radioSelect' value= '". $row['roomCode']."'></td>";
}
echo "</table>";
}
?>
</form>
1) Remove name="codedrop" from <option> Like
echo '<option class="option">'.$code.'</option>';
N.B.: Only <select> bears the name attribute, not <option>.
2) Remove first <form>, it's of no use. And even, nested <form> are not allowed.
3) Change
$codedropOption= $_POST['codedrop'];
To
$codedropOption= $_POST['combobox'];
to not get
Undefined index: codedrop
4) Change
$resql = "SELECT * FROM 'ROOMS' WHERE 'roomCode' LIKE '$codedrop%'";
To
$resql = "SELECT * FROM ROOMS WHERE roomCode LIKE '$codedrop%'";
Use backtick in place of single quotes '.
5) Change
$resql = "SELECT * FROM 'ROOMS' WHERE 'roomCode' LIKE '$codedrop%'";
To
$resql = "SELECT * FROM ROOMS WHERE roomCode LIKE '$codedropOption%'";
Updated Code
<form action="" method="post">
<p class="timetable-p">Room code:
<select id="combobox" name="combobox">
<?php
echo '<option class="option">Type/Select a room</option>';
while ($row = $res->fetchRow()) {
$code = $row['roomcode'];
$titles[] = $row['park'];
echo '<option class="option">'.$code.'</option>';
}?>
</select>
<input type="submit" value="subm" name="subm">
</form>
<?php
if( isset( $_POST['subm'] ) )
{
$codedropOption= $_POST['combobox'];
$resql = "SELECT * FROM ROOMS WHERE roomCode LIKE '$codedropOption%'";
$res1 = mysql_query($resql);
echo "<table>";
while($row = mysql_fetch_array($res1)){
echo "<tr><td>" . $row['roomCode'] . "</td>";
echo "<td>" . $row['Style'] . "</td><td>" . $row['dataProjector'] . "</td>";
echo "<td>" . $row['Whiteboard'] . "</td><td>" . $row['OHP'] . "</td>";
echo "<td>" . $row['wheelchairAccess'] . "</td>";
echo "<td>" . $row['lectureCapture'] . "</td>";
echo "<td><input type='radio' name='radioSelect' value= '". $row['roomCode']."'></td>";
}
echo "</table>";
}
?>
I am trying to send the same email only to selected users. I am printing values from table and want to select specific users to send an email.
<form name="unos" action="mail-proizvodi.php" method="post">
<?
echo "<table border='5'>
<tr>
<th> </th>
<th>ID</th>
<th>NAZIV</th>
<th>ADRESA</th>
<th>DRZAVA</th>
<th>GRAD</th>
<th>EMAIL</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo '<td><input type="checkbox" name="email[]" value="' . $row['ID'] . '"></td>';
echo "<td>" . $row['ID'] . "</td>";
echo "<td>" . $row['NAZIV'] . "</td>";
echo "<td>" . $row['ADRESA'] . "</td>";
echo "<td>" . $row['DRZAVA'] . "</td>";
echo "<td>" . $row['GRAD'] . "</td>";
echo "<td>" . $row['EMAIL'] . "</td>";
echo "</tr>";
}
echo "</table>";
?>
<input type="submit" name="submit" value="submit">
</form>
my mail-proizvodi.php code
$mail=$_POST['email'];
echo "Dzenad catic";
$query= "SELECT `EMAIL` FROM `clanovi` WHERE ID='$mail[0]'";
if(sizeof($mail)>1)
{
for($i=1; $i<sizeof($mail); $i++)
{
$query.=" OR ID = '$mail[$i]' ";
}
}
$result=mysqli_query($con,$query);
while(FALSE!==($row=mysqli_fetch_row($result))) {
$bccfields[] = $row['EMAIL'];
}
echo sprintf("<a href=mailto:test#test.ba?bcc=%s />\n",
urlencode(implode(',',$bccfields)));
echo "Send" ;
Post I am receiving is an array. And when I do var_dump($mail) I get
array
0 => string '20' (length=2)
1 => string '30' (length=2)
Any help or advice is appreciated. Thanks in advance.
I am posting solution for the problem I had in case someone else face similar mistake.
$mail=$_POST['email'];
$query= "SELECT `EMAIL` FROM `clanovi` WHERE ID ='$mail[0]'";
if(sizeof($mail)>1)
{
for($i=1; $i<sizeof($mail); $i++)
{
$query.=" OR ID = '$mail[$i]' ";
}
}
$result=mysql_query($query);
if (!$result) {
echo "Could not successfully run query ($query) from DB: " . mysql_error();
exit;
}
if (mysql_num_rows($result) == 0) {
echo "No rows found, nothing to print so am exiting";
exit;
}
while(FALSE!==($row=mysql_fetch_assoc($result))) {
$bccfields[] = $row['EMAIL'];
}
echo sprintf("<a href=mailto:prodaja#alternativa.ba?bcc=%s />\n",
urlencode(implode(',',$bccfields)));
echo "Send" ;
mysql_free_result($result);
I am having problem in getting values from db. Iam new in php
I am using checkboxes to get values from database. Only checked values should be printed.
<form method="POST" action="gradoviexport.php" id="searchform">
<div id="GRADOVI BIH">
<h3>GRADOVI BOSNE I HERCEGOVINE</h3><hr/>
<input type="checkbox" name="gradovi[]" value="sarajevo"> Sarajevo
<input type="checkbox" name="gradovi[]" value="banovici"> Banovići
<input type="checkbox" name="gradovi[]" value="banjaluka"> Banja Luka
<input type="checkbox" name="gradovi[]" value="bihac"> Bihać
<input type="checkbox" name="gradovi[]" value="bileca"> Bileća
</div>
<div id="snimi">
<input type="submit" name="submit" value="EXPORT">
</div>
</form>
If Sarajevo is checked I want to print values from database. It does not have to be only one value checked If all values are checked it should print all values.
$con=mysqli_connect("$host","$username","$password", "$database");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
//connecting to db
$variable=$_POST['grad'];
foreach ($variable as $variablename)
{
$sql_select="SELECT * FROM `clanovi` WHERE `GRAD` = $variablename " ;
$queryRes = mysql_query($sql_select);
print"$sql_select";
}
echo "<table border='5'>
<tr>
<th>IME</th>
<th>PREZIME</th>
<th>FIRMA</th>
<th>ADRESA</th>
<th>TELEFON</th>
<th>FAX</th>
<th>MOBITEL</th>
<th>EMAIL </th>
<th>WEB_STRANICA </th>
<th>GRAD </th>
<th>KATEGORIJA </th>
</tr>";
while($row = mysqli_fetch_array($queryRes))
{
echo "<tr>";
echo "<td>" . $row['IME'] . "</td>";
echo "<td>" . $row['PREZIME'] . "</td>";
echo "<td>" . $row['FIRMA'] . "</td>";
echo "<td>" . $row['ADRESA'] . "</td>";
echo "<td>" . $row['TELEFON'] . "</td>";
echo "<td>" . $row['FAX'] . "</td>";
echo "<td>" . $row['MOBITEL'] . "</td>";
echo "<td>" . $row['EMAIL'] . "</td>";
echo "<td>" . $row['WEB_STRANICA'] . "</td>";
echo "<td>" . $row['GRAD'] . "</td>";
echo "<td>" . $row['KATEGORIJA'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
Assume you posted gradovi[] array values to submitted page.
Submit page:
$grad = array();
$grad = $_POST['gradovi']; //get array value
$grad = implode(',',$grad); //convert it into comma separated string
//Insert it into data base
Getting from database:
//fetch the gradovi field from the db like below
echo $row['gradovi']; // print all values
or
$grad = explode(',',$row['gradovi']);
foreach($grad as $check) {
echo $check; //print one by one
}
There is few errors in your code.
There is no escaping of the string from POST data. Use mysqli_real_escape_string
There is an error in your while loop. You redefining mysql query result.
Fixed code:
//connecting to db
$variable=$_POST['grad'];
foreach($variable as $key => $val) {
$variable[$key] = mysql_escape_string($val);
}
$sql_select="SELECT * FROM `clanovi` WHERE `GRAD` IN ('" . implode("','", $variable) . "')" ;
$queryRes = mysql_query($sql_select);
print"$sql_select";
//query to check if part id number exists in table ATTEND where service id = ...
$result2 = mysql_query("SELECT * FROM attend WHERE SIDno='$SIDno' and ServiceID='$id");
//if exists $ok = true;
if (mysql_num_rows($result2)>0) {
$ok == true;
}
echo "<tr bgcolor=$bgcolor>";
echo "<td><a name=$row1[0] id=$row1[0]>$row1[0]</td>";
echo "<td>" . $row1[1] . "</td>";
echo "<td>" . $row1[5] . "</td>";
echo "<td>" . $row1[2] . "</td>";
echo "<td>" . $row1[3] . "</td>";
echo "<td><input type='checkbox' name='checkbox[]' value=" . $row1[0];
if ($ok == true) {
echo 'disabled="disabled" checked="checked"';
}
echo "></td>";
echo "<input type='hidden' name='ServiceID' value=" . $id . ">";
echo "<input type='hidden' name='Year' value=" . $Year . ">";
echo "<input type='hidden' name='Stype' value='Recollection'>";
echo "</tr>";
}
}
echo "<tr>
<td colspan='5' align='right' bgcolor='#FFFFFF'><input name='SUBMIT1' type='submit' id='SUBMIT'value='SUBMIT'></td>
</tr>";
How can implement that on the next load if the value of the checkbox is already available in the database it will now be checked. but if it is not yet existing i can check it and save it to the database.
I'm guessing the problem lies in this line:
if (mysql_num_rows($result2)>0) {
$ok == true;
}
It should be:
if (mysql_num_rows($result2)>0) {
$ok = true;
}
In the first snippet you are just testing if $ok is equal to true, while in the second example an actual assignment to the variable is performed.
Remember:
= != ==