Recently I moved my codeigniter website to a new server (goddady). Before this everything was working great with no problems. But now I started to get strange problems with post data, whenever I try to insert data that contains relative paths with dots (../../) and try to submit the form, I get an empty $_POST array. The strange thing is that this happens only with certain forms, not all of them. What could cause such problem?
Here is the form that causes problem:
<?php
if(isset($posts2) && count($posts2) == 1){
$posts2 = $posts2[0];
echo form_open_multipart('professors/update_biography/', array("id" => "professors_edit"));
echo form_hidden('posts2[id]', $posts2->id);
if(isset($user) && count($user) == 1){
$user = $user[0];
echo form_hidden('user[id]', $user->id);
echo form_hidden('user[role]', "Professor");
}
?>
<table class="admin_table">
<tr>
<th>
Биографија
</th>
<td>
<textarea name='posts2[biography]'><?php echo $posts2->biography; ?></textarea>
</td>
</tr>
<tr>
<th>
Биографија EN
</th>
<td>
<textarea name='posts2[biography_en]'><?php echo $posts2->biography_en; ?></textarea>
</td>
</tr>
<tr>
<th>
Cv
</th>
<td>
<p class="old">CV</p>
<input type="file" name='cv' id="pdf"></input>
</td>
</tr>
<tr>
<td> </td>
<td>
<input type='submit' name='submit' value='Зачувај' />
</td>
</tr>
</table>
<?php
echo form_close();
?>
<div class="redButton" style="float:left; width: 150px;">
<?php
if(!isset($prof[0]->id)){ //da ne go prikazuva za profesor
echo anchor('professors/', 'Назад до професори');
}
?>
</div>
<?php
}
?>
Related
I can't seem to delete row in database by id in php
I think the the id is not passed to the $_POST['delete']
however, the popup "Your data is deleted" is displayed, but the data is not deleted.
So I'm not sure where is the error in this code.
I also try to delete the data by its id
for example: Delete book where no='4';
and the code seems to run fine because the data is deleted in the database.
<html>
<script>
function confirmDelete() {
return confirm('Are you sure?');
}
</script>
<!DOCTYPE html>
<head>
<form action="test.php" method="POST">
<br><br><br>
<table bordercolor="#FFCC66" align="center" bgcolor="#FFFFFF">
<tr>
<th>No</th>
<th>Title</th>
<th>Author</th>
<th>Year</th>
<th>Donor's Name</th>
<th>Call Number</th>
<th>Date Received</th>
<th>Handled By</th>
<th></th>
<th></th>
</tr>
<?php
include ('config.php');
$view=mysqli_query($conn,"SELECT * FROM book");
?>
<?php while($v=mysqli_fetch_array($view)){ ?>
<tr>
<td>
<?php echo $v["no"];?>
</td>
<td>
<?php echo $v["title"];?>
</td>
<td>
<?php echo $v["author"];?>
</td>
<td>
<?php echo $v["year"];?>
</td>
<td>
<?php echo $v["donorname"];?>
</td>
<td>
<?php echo $v["callnum"];?>
</td>
<td>
<?php echo $v["datereceived"];?>
</td>
<td>
<?php echo $v["handledby"];?>
</td>
<td><input type="submit" name="delete" value="Delete" onclick="return confirmDelete('Are you sure?');" /></td>
</tr>
<?php
} ?>
</tr>
</table>
<br><br>
</form>
</body>
</html>
<?php
if(isset($_POST['delete']))
{
include('config.php');
$no =$v["no"];
$d=mysqli_query($conn,"DELETE FROM `book` WHERE no='$no'");
if ($d)
{
echo "<script type='text/javascript'> alert('Your data is deleted!'); </script>";
echo"<meta http-equiv='Refresh' content='0' >";
}
else
{
echo "<script type='text/javascript'> alert('Your data cannot delete!'); </script>";
}
mysqli_close($conn);
}
?>
Change the submit element to
<td>
<input type="submit" name="delete" value="<?php echo $v['no'];?>" onclick="return confirmDelete('Are you sure?');" />
</td>
and
$no = $_POST["delete"];
Another solution si to add a hidden input with your value.
<td>
<?php echo $v["no"];?>
<input type="hidden" value="<?php echo $v["no"];?>" />
</td>
In your php you will find the value in $_POST['no']
This solution is better to pass multiple arguments in POST like a captcha or a confirmation (checkbox).
logic is not correct, while you press the delete button, all the data will be passed along with submitting because your tag is outside of the loop.
As my opinion, you should use ajax like functionality here, or follow this method.
<?php while($v=mysqli_fetch_array($view)){ ?>
<form action="test.php" method="POST">
<tr>
<td>
<?php echo $v["no"];?>
<input type="hidden" value="<?php echo $v["no"];?>" name="no" >
</td>
<td><input type="submit" name="delete" value="Delete" onclick="return confirmDelete('Are you sure?');" /></td>
</tr>
</form>
<?php } ?>
and in your post call use $no = $_POST['no']; instead of $no =$v["no"];
I'm just building a simple todo-list. I built the checkboxes, which save as cookies so when next time users can see the checkboxes checked.
A part of my code:
//this code is in a table which shows checkboxes in each row.
//tasks is the query which selects all from the database
<form action="index.php" method="POST" id="checksubmit" name="checksubmit">
<?php
$i = 1;
while ($row = mysqli_fetch_array($tasks)) { ?>
<tr>
<td class="tick"><div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="check<?php echo $row['id'];?>" name="arraycheck[]" value="<?php echo $row['id'];?>"
<?php
if ((((isset($_POST['arraycheck'])) && (in_array($row['id'], $_POST['arraycheck'])))) || (isset($_COOKIE[$row['id']]))) {
if (!isset($_COOKIE[$row['id']])) {
setcookie ($row['id'],"checked='checked'",time()+3600000);
}
}
if ((isset($_POST['button-submit'])) && (!in_array($row['id'], $_POST['arraycheck']))) {
setcookie ($row['id'],"",time()-3600);
}
echo $_COOKIE[$row['id']];
?>>
<label class="custom-control-label" for="check<?php echo $row['id'];?>"></label>
</div>
</td>
</tr>
<?php
$i++;
}
?>
The code work just fine! Checkboxes are saved by cookies.
BUT THE PROBLEM: Only the first four rows worked, from the fifth row, everything didn't worked. What a weird error!
There are some problems with your code:
The setcookie() calls won't work at all and will fail with a "headers already sent" warning. This is the main reason why your code is not working.
Your are using tr without having a table. If you have a table outside of the form I think this is not valid.
At least in the code you posted the form is not closed.
This line produces a "undefined offset" warning if the cookie is not set:
echo $_COOKIE[$row['id']];
You should also indent your code because then you can see mistakes better.
And if not already done add this to the beginning to see errors and warnings:
error_reporting(E_ALL | E_NOTICE);
The full code:
<table class="table">
<thead class="thead-dark">
<tr>
<th>STT</th>
<th>Lời nhắc</th>
<th style="width: 50px;">Xong?</th>
<th style="width: 50px;">Ảnh</th>
</tr>
</thead>
<tbody>
<form action="index.php" method="POST" id="checksubmit" name="checksubmit">
<?php $i = 1; while ($row = mysqli_fetch_array($tasks)) { ?>
<tr>
<td> <?php echo $i; ?> </td>
<td class="task"> <?php if(isset($_COOKIE[$row['id']])) {echo '<span style="color:gray;"><strike>';} echo $row['task']; if(isset($_COOKIE[$row['id']])) {echo '</strike></span>';} ?> </td>
<td class="tick"><div class="custom-control custom-checkbox">
<input type="checkbox" class="custom-control-input" id="check<?php echo $row['id'];?>" name="arraycheck[]" value="<?php echo $row['id'];?>"
<?php
if((((isset($_POST['arraycheck'])) && (in_array($row['id'], $_POST['arraycheck'])))) || (isset($_COOKIE[$row['id']]))) {
if(!isset($_COOKIE[$row['id']])) {
setcookie ($row['id'],"checked='checked'",time()+3600000); }
}
if ((isset($_POST['button-submit'])) && (!in_array($row['id'], $_POST['arraycheck']))) {
setcookie ($row['id'],"",time()-3600);
}
echo $_COOKIE[$row['id']];
?>>
<label class="custom-control-label" for="check<?php echo $row['id'];?>"></label>
</div></td>
<td><?php if (!empty($row['image'])) { ?> <i class="fas fa-image"></i> <?php } ?></td>
</tr>
<?php $i++; } ?>
<tr>
<td></td>
<td></td>
<td></td>
<td><input type="submit" value="Lưu" class="btn btn-primary" name="button-submit">
</form></td>
</tr>
</tbody>
</table>
I want my php file to fill textboxes with information from the database according to the selected value of a select box tag. And every time the selection changes the textboxes should be re-filled accordingly.
The problem is that when I call a javascript method which contains php code the page is reloaded and some initial values collected by $_POST[] when the page was loaded for the first time are lost.
I want to find a way such that those initial values collected by $_post[] are conserved even after the page re-executes the php. How can I solve this problem.
<script type="text/javascript">
function displaymessagespatient()
{
<?php
function docmsg()
{
$title = $_POST["title"];
$conn=mysqli_connect("localhost","root","","askthedoctor");
$sql1="select patient_text from messages where title='".$title."';";
$sql2="select doctor_text from messages where title='".$title."';";
$result1=mysqli_query($conn,$sql1);
$result2=mysqli_query($conn,$sql2);
$row1=mysqli_fetch_array($result1);
$row2=mysqli_fetch_array($result2);
return $row1[0];
}
function patmsg()
{
$title = $_POST["title"];
$conn=mysqli_connect("localhost","root","","askthedoctor");
$sql1="select patient_text from messages where title='".$title."';";
$sql2="select doctor_text from messages where title='".$title."';";
$result1=mysqli_query($conn,$sql1);
$result2=mysqli_query($conn,$sql2);
$row1=mysqli_fetch_array($result1);
$row2=mysqli_fetch_array($result2);
return $row2[0];
}
?>
document.getElementById("answer").innerHTML=docmsg();
document.getElementById("question").innerHTML=patmsg();
}
</script>
</head>
<body>
<?php
if( isset($_POST['username']))
{
$username=$_POST["username"];
$password=$_POST["password"];
$password=md5($password);
$conn=mysqli_connect("localhost","root","","askthedoctor");
$sql="select password from login where username='".$username."';";
$result=mysqli_query($conn,$sql);
$row=mysqli_fetch_array($result);
if($row[0]!=$password)
{
echo "The username or password that you entered are incorrect!";
echo "<br/>";
echo "Go back to login";
die();
}
$sql1="select userprivileges from login where username='".$username."';";
$sql2="select image_path from registration1 where id=(select id from login where username='".$username."');";
$result1=mysqli_query($conn,$sql1);
$result2=mysqli_query($conn,$sql2);
$row1=mysqli_fetch_array($result1);
$row2=mysqli_fetch_array($result2);
$imagepath=$row2[0];
}
if($row1[0]==2)
{
?>
<form id="patient" method="POST" enctype="multipart/form-data" action="login.php" >
<div id="header" class="class_header">
Sign Out
</div>
<div id="body" >
<br/>
<table class="table">
<tr>
<td><font color="white" ><h1 color="white" style="font-size:200%;" align="center">Welcome <?php echo $username;?></h1></font></td>
<td> <div id="box"><image height="65px" width="65px" src="<?php echo $imagepath; ?>"></div></td>
<tr>
</table>
</div>
<div id="separator" ></div>
<div id="separator" ></div>
<div id="bodyy" style="height: 60%; width: 60%;" class="div">
<br/><br/><br/>
<fieldset id="registration">
<table class="table">
<tr>
<th>Messages</th>
<?php
$sql="select title from messages where paitient_id=(select id from login where username='".$username."');";
$result=mysqli_query($conn,$sql);
while($row=mysqli_fetch_array($result))
{
?>
<th>Problem Description</th>
<th>Doctor's Answer</th>
<th></th>
</tr>
<tr>
<td><select name="title">
<?php echo "<option value=\"mesazhi1\">".$row[0]."</option>";}?>
</select>
</td>
<td><textarea rows="4" col="50" id ="question" readonly> </textarea></td>
<td><textarea rows="4" col="50" id ="answer" readonly> </textarea></td>
</tr>
<tr>
<td></td>
</tr>
<tr>
<td><input type="submit" name="openmessage" value="Display Selected Message" onClick="displaymessagespatient()"></td>
<td><input type="button" name="btnSubmit" value="Ask a new question" ></td>
</tr>
</table>
</fieldset>
</div>
</div>
</form>
<?php } ?>
</body>
I am new to PHP(loving it already)
I have a form that looks up a table that sends 'golf hole' info back and allows a golfer to input their score of the hole. Problem I have is that I can present the first hole by looking up the hole_detail table but then cant figure out how loop through the table for hole 2, 3.....18 when the form is submitted. I have searched stackoverflow but cant find anything that specific about it. I have tried an if statement, if (isset($_POST['Submit'])) to try increment the $hole_id. Am I completely going about it the wrong way? Thanks in advance.
<?php
include ('../scripts/dbconfig.php');
# get the most recent course name:
$get_course_name = mysql_query("SELECT course_name FROM comp ORDER BY PID DESC LIMIT 1");
$show_course_name = mysql_fetch_array($get_course_name);
if (isset($_POST['Submit'])) {
$hole_id =1;
else {
$hole_id = $hole_id + 1;
}
}
# get the hole yardage and SI from most recent selected golf course:
$get_course_detail = mysql_query("SELECT * FROM `course_detail` WHERE course_name = '". $show_course_name['course_name'] . "'");
$show_course_detail = mysql_fetch_array($get_course_detail);
$get_hole_detail = mysql_query("SELECT * FROM `course_detail`,`phoenix_hole` WHERE Course_ID = 6 AND hole_id = $hole_id");
$show_hole_detail = mysql_fetch_array($get_hole_detail);
?>
</head>
<body>
<table width="300" cellspacing="0" cellpadding="0">
<tr>
<td width="40"><?php echo $show_course_name['course_name'];?></td>
</tr>
<tr>
<td width="20">HOLE <?php echo $show_hole_detail['hole_id']?></td>
<td width="5"> PAR <?php echo $show_hole_detail['hole_par'];?></td>
</tr>
<tr>
<td width="20">Yards</td>
<td width="20">S.I</td>
</tr>
<tr>
<td bgcolor="yellow"><?php echo $show_hole_detail['yellow_yards'];?></td>
<td><?php echo $show_hole_detail['hole_si'];?></td>
</tr>
<tr>
<td border="1px" bgcolor="white"><?php echo $show_hole_detail['white_yards'];?></td>
<td><?php echo $show_hole_detail['hole_si'];?></td>
</tr>
<tr>
<td bgcolor="red"><?php echo $show_hole_detail['red_yards'];?></td>
<td><?php echo $show_hole_detail['hole_si'];?></td>
</tr>
</table>
</p>
<form id="game_form" name="game_form" method="post" action="game_form.php">
<table width="300" border="0" align="left" cellpadding="2" cellspacing="0">
<tr>
<td><b>Hole Shots</b></td>
<td><input name="hole_shots" type="text" class="textfield" id="hole_shots" maxlength="2" size="3" ></td>
<td><b>Putts</b></td>
<td><input name="putts" type="text" class="textfield" id="putts" maxlength="2" size="3"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Next Hole" align="center" /></td>
</tr>
</table>
</form>
</body>
</html>
Or you can use a hidden field that keeps the hole number and you can increment it from php.
$hole_id, in this scenario, will always be 1, because when a user clicks the Submit button, $_POST['Submit'] will always have a value. What you should do instead is have $_POST['Submit'] contain the value of $hole + 1. PHP is not going to "remember" what $hole_id was last time around; it's up to you to remind it. As soon as a request is sent to the browser--unless you're using sessions--PHP forgets everything about that request (HTTP is "stateless").
<?php
if (isset($_POST['Submit'])) {
$hole_id = (int)$_POST['Submit'];
} else {
$hole_id = 1;
}
# other code here
?>
You are on hole #<?php echo $hole_id; ?>.
<form>
<!-- form stuff here -->
<button type="submit" name="Submit" value="<?php echo $hole_id + 1; ?>">Next hole</button>
</form>
I'm trying to get the emails corresponding to the checkbox using the following codes. But, I'm not getting the correct checked emails in the new variable. Can anyone please check ??
<?php
include("connection.php");
$username=$_SESSION['username'];
$query=mysql_query("SELECT * FROM contacts WHERE username='$username'");
$num=mysql_num_rows($query);
$info=mysql_fetch_array($query);
$i=0;
$msg='';
?>
<table width="672" border="0">
<?php
$i=0;
while($info)
{
?>
<form action="compose.php" method="post">
<tr style="font-size:14px;">
<td width="21" bgcolor="#f2f2f2"> <input type="checkbox" name="add" onSelect="<?php $msg=$msg.$info['email'].", ";?>"/> </td>
<td width="229" bgcolor="#f2f2f2"> <?php echo $info['email']; ?> </td>
<td width="408" bgcolor="#f2f2f2"> <?php echo $info['name']; ?> </td>
</tr>
<?php
$info=mysql_fetch_array($query);
$i++;
}
$_SESSION['contacts']=$msg;
?>
<tr><td></td><td></td><td><br />
<input class="new-button" type="submit" value="Insert & Compose" name="submit" /></td>
</tr>
</form>
</table>
To get any value back for checkboxes they must have a value=. In your case you probably would want the value to be the according email address.
One problem with your code is using onSelect= instead of value=, and second you didn't print the actual value into the page. Rewrite it to:
<td width="21" bgcolor="#f2f2f2">
<input type="checkbox" name="add"
value="<?php print $info['email']; ?>"/> </td>
If you need the $msg variable to do something, assemble it after the output.
<input type="checkbox" name="add" value="<?php echo $msg.$info['email'];?>"/>
checkbox does not have onSelect event probobly you got value in mind and in PHP code you should echo and what .", " is for?