Php inside html to create drop box list - php

i want to do a drop box list which can show a list of value took from the database.
i have code these but i dont know why it wont show the drop box list.
I have save the file as .php
<html>
<head>
<style>
body{
background-color: #666699;
}
</style>
</head>
<body>
<h1 style="text-align:center;">Society/club System</h1>
<h2 style="text-align:center;">Student</h2>
<div class="box">
<ul id="button">
<?php
$db_handle = mysql_connect("localhost","root","");
$db_found = mysql_select_db("sdp", $db_handle);
$sql='SELECT title FROM club order by title';
$query= mysql_query($sql);
echo '<select name="club name">';
while ($row=mysql_fetch_array($query)) {
echo'<option value="'.$row['title'].'">'.$row['title'].'</option>';
}
echo'</select>';
?>
</ul>
</div>
<div style="text-align:right;"><li>Log out</li></div>
</body>
</html>

Related

i am trying to learn php and following a tutorial from youtube $_SESSION is driving me crazy ..i tried everything to make it work

i have declared a session_start() function in the start of both the pages but still the variable is not passing on to the session variable please help
this is where i have included my login.php
<?php
include("template/header.php");
include("template/content.php");
include("template/footer.php");
include("login.php");
?>
this my login.php file where i have passed $email variable to SESSION
<?php
session_start();
include("includes/connection.php");
if(isset($_POST['login'])){
$email= mysqli_real_escape_string($con,$_POST['email']);
$pass= mysqli_real_escape_string($con,$_POST['pass']);
$select_user = "select * from users where user_email= '$email' AND
user_pass='$pass' AND status='verified'";
$query = mysqli_query($con,$select_user);
$check_user= mysqli_num_rows($query);
if($check_user===1){
$_SESSION['usermail']=$email;
echo "<script>window.open('home.php','_self')</script>";
} else {
echo "<script>alert('incorrect details try again')</script>";
}
}
?>
and this is where i have tried to access the session variable but it says undefined:usermail but i dont understand i am giving the session_start() at the beginning and have checked that $email is successfully getting its value from the database then why this is not working
<?php
session_start();
include("includes/connection.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Welcome User!</title>
<link rel="stylesheet" href="styles/home_style.css" media="all"/>
</head>
<body>
<!--container starts-->
<div class="container">
<!--header wrapper starts here-->
<div id="head_wrap">
<!--header starts-->
<div id="header">
<ul id="menu">
<li>Home</li>
<li>Members</li>
<strong>Topics:</strong>
<?php
$get_topics = "select * from topics";
$run_topics= mysqli_query($con,$get_topics);
while($row=mysqli_fetch_array($run_topics)){
$topic_id = $row['topic_id'];
$topic_title = $row['topic_name'];
echo "<li><a href='topic.php?
topic=$topic_id'>$topic_title</a></li>";
}
?>
</ul>
<form method="get" action="results.php" id="form1">
<input type="text" name="user_query" placeholder="search a
topic"/>
<input type="submit" name="search" value="search"/>
</form>
</div><!--header ends-->
</div><!--head wrap ends-->
<!--content area starts-->
<div class="content">
<!--user timeline starts here-->
<div id="user_timeline">
<div id="user_details">
<?php
$user=$_SESSION['usermail'];
var_dump($_SESSION);
$get_user="select * from users where user_email='$user'";
$run_user= mysqli_query($con,$get_user);
$row=mysqli_fetch_array($run_user);
$user_id= $row['user_id'];
$user_name= $row['user_name'];
$user_country= $row['user_country'];
$user_image= $row['user_image'];
$register_date= $row['user_reg_date'];
$last_login= $row['user_last_login'];
$user_posts="select * from posts where user_id='$user_id'";
$run_posts = mysqli_query($con,$user_posts);
$posts =mysqli_num_rows($run_posts);
//getting the number of unread messages
$sel_msg = "select * from messages where receiver='$user_id' AND
status='unread' ORDER by 1 DESC";
$run_msg = mysqli_query($con,$sel_msg);
$count_msg = mysqli_num_rows($run_msg);
echo "
<center>
<img src='users/default.png' width='200' height='200'?>
</center>
<dev id='user_mention'>
<p><strong>Country:</strong>$user_country</p>
<p><strong>Last Login:</strong>$last_login</p>
<p><strong>Member Since:</strong>$register_date</p>
<p><a href='my_messages.php?inbox&u_id=$user_id'>Messages
($count_msg)</a></p>
<p><a href='edit_profile.php?u_id=$user_id'>Edit my account</a>
</p>
<p><a href='logout.php'>Logout</a></p>
</div>
";
?>
</div><!--user details ends here-->
</div><!--user timeline ends here-->
</div><!--content area ends-->
</div><!--container ends-->
</body>
</html>

php - for loop takes only the first value from mysql result

In this code I'm trying to create as many modal boxes as the rows of my query result. This works! Then I want to fill these modal boxes with as many checkboxes as the number $row['seats_no'] from database. Here we have a problem..in every modal box it creates the same amount of checkboxes as the first one. What I mean is that the $row['seats_no'] has the number from the first row in every row.
<?php
session_start();
if(!isset($_SESSION['name']) && !isset($_SESSION['email']) && !isset($_SESSION['id']) && !isset($_SESSION['cash'])){
header("location: Start.php");
}
$name=trim($_SESSION['name']);
$email=trim($_SESSION['email']);
$dbc = mysqli_connect("localhost","root","","my_db");
// Check connection
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
mysqli_query($dbc,"SET NAMES 'utf8'");
mysqli_query($dbc,"SET CHARACTER SET 'utf8'");
if (isset($_POST['buy']) && isset($_POST['consert_id'])){
$q = "SELECT ticket_id, section, cost, seats_no FROM tickets INNER JOIN concert ON tickets.consert_id=concert.concert_id WHERE concert.concert_id=".$_POST['consert_id'];
//ticket_id, concert_id, section, cost, seats_no, concert_id,concert_name, date, place, category, description
$r = mysqli_query($dbc,$q);
$num= mysqli_num_rows($r);
$q1 = "SELECT * FROM concert WHERE concert_id=".$_POST['consert_id'];
$r1 = mysqli_query($dbc,$q1);
$first = mysqli_fetch_assoc($r1)
?>
<!DOCTYPE html>
<html>
<title>Seats</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link type="text/css" rel="stylesheet" href="seats_style.css">
<body>
<div style="z-index:1;position:fixed;">
<ul>
<li>E-Viva</li>
<li>Ανανεωση υπολοιπου</li>
</ul>
</div>
<div class="background">
<div class="transbox">
<div class="w3-container">
<img src="https://s3-us-west-2.amazonaws.com/s.cdpn.io/199011/concert.png">
<h1><?=$first['concert_name']?></h1>
<div style="left:0;"><?=$first['date']?></div>
<div style="right:0;"><?=$first['place']?></div>
<p><?=$first['description']?></p>
<?php
while ($row = mysqli_fetch_array($r)) {
?>
<div style="margin-left:5em;padding:5px;"><?=$row['section']?></div>
<div style="margin-left:5em;padding:5px;">Τιμή <?=$row['cost']?>€</div>
<div style="margin-left:5em;padding:5px;"><button onclick="document.getElementById('id01').style.display='block'" class="w3-button w3-black">Κράτηση</button></div>
<div id="id01" class="w3-modal" background="black">
<div class="w3-modal-content">
<div class="w3-container">
<span onclick="document.getElementById('id01').style.display='none'" class="w3-button w3-display-topright">×</span>
<p><h2>Διαλεξε τις θεσεις που θες</h2></p>
<form action="buy.php" method="post">
<table>
<?php
$num=0;
for($j=1; $j<=10; $j++){
echo "<tr>";
for($i=1; $i<= $row['seats_no']/10; $i++){
$num++;
echo "<td><input class='seat' type=\"checkbox\" name=\"s[]\" id=\"".$num."\" value=\"".$num."\"><label for=\"".$num."\">".$num."</label><input type='hidden' name='ticket_id' value='".$row['ticket_id']."'><input type='hidden' name='cost' value='".$row['cost']."'></td>";
}
echo "</tr>";
}
echo "</table><input class=\"ok\" type=\"submit\" name=\"ok\" value=\"Κράτηση\"></form></div></div></div><br>";
}
}
mysqli_free_result($r1);
mysqli_free_result($r);
mysqli_close($dbc);
?>
</div>
</div>
</div>
</body>
</html>
here are the results i get from executing my query at phpMyAdmin
Here are the buttons I create to open the modals
And here is the modal from the last button i clicked that in the database shows it should be 60 checkboxes but it shows 180

Κατερίνα,
Try to change the while ($row = mysqli_fetch_array($r)) {...} with a foreach loop,
like as foreach( mysqli_fetch_array($r) as $row ) {....}
Just a thought.
Also, you close one bracket too soon, remove one before the first mysqli_free_result($r1) and close it after the closing html tag </html> at the end of the file.
Also, as #tadman said, do some research and use parameterized queries. Your code it's very prone to MySQL Injections and you will face several problems. As far as i can see that page has to do with payments, or pre-payment.
Anyways, i hope i helped you.
Καλή επιτυχία ;)

Unknown issue with $_SERVER["REQUEST_METHOD"] returning false when it should be true

Hey there stackoverflow users, i have come upon a very confusing problem that I cant seem to move past. I am creating a forum type web page and am currently working on the comments section. I have a form that uses the post method to send your comment as well as a hidden input to store the threads ID. I will post the entire php file below just to make sure nothing is left out.
<?php
session_start();
parse_str($_SERVER['QUERY_STRING'], $link);
$threadID = $link['ID'];
require("config.php");
$connection = mysqli_connect($host, $user, $password, $database);
$error = mysqli_connect_error();
if($error != null) {
$output = "<p>Unable to connect to database!</p>";
exit($output);
} else {
//Get Thread Data
$query = "SELECT username, title, content FROM threads, users WHERE threads.ID = $threadID AND users.ID = threads.makerID;";
$results = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($results);
//Get Comment Data
$query = "SELECT username, comment FROM comments, users WHERE threadID = $threadID AND users.ID = comments.makerID;";
$results = mysqli_query($connection, $query);
$row = mysqli_fetch_assoc($results);
}
?>
<!DOCTYPE html>
<html>
<head lang="en">
<title>BodyweightMate</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="../css/styling.css"/>
</head>
<body>
<!--Top masthead-->
<header class="masthead" id="top">
<h1 class="masthead-title"> Welcome To BodyweightMate </h1>
</header>
<!--Navigation bar-->
<nav class="navbar">
<table class="navbar-table">
<tr>
<!--Logo-->
<td>
<a class="navbar-brand" href="main.php">
<img src="../images/logo.jpg" alt="BodyweightMate" height="30" width="30">
</a>
</td>
<!--Login/Profile-->
<?php if(isset($_SESSION['login_user'])) {
echo"<td><a class=\"navbar-profile\" href=\"profile.php\"> Profile </a></td>";
echo"<td><a class=\"navbar-logout\" href=\"logout.php\"> Logout </a></td>";
} else {
echo"<td><a class=\"navbar-login\" href=\"login.php\"> Login </a></td>";
}?>
</tr>
</table>
</nav>
<!--Main portion-->
<section class="content-section">
<article>
<h3><?php echo $row['username']. ": " .$row['title']; ?></h3>
<p><?php echo $row['content']; ?></p>
<br>
<h3>Comments</h3>
<p>Some annoying user: Gr8 B8 M8</p>
<p>Annoying users friend: I R8 8/8</p>
</article>
<div>
<!--If logged in, ability to comment-->
<?php if(isset($_SESSION['login_user'])): ?>
<form role="comment-form" method="POST" action="processcomment.php" id="mainForm">
<input type="hidden" value="$threadID" name="threadID">
<div class="form-group">
<label for="comment">Comment </label> <br>
<textarea class="comment-text" name="comment" rows="2" maxlength="255"></textarea>
</div> <br>
<input type="Submit" class="btn-newcomment" value="Submit Comment" name="submit">
</form>
<?php endif ?>
</div>
</section>
<!--Right portion-->
<aside class="content-aside">
<div>
<!--If logged in, be able to create a thread-->
<?php
if(isset($_SESSION['login_user'])) {
echo"<form method=\"post\" action=\"makethread.php\">";
echo"<input type=\"submit\" class=\"btn-newthread\" value=\"Create New Thread\" name=\"submit\">";
echo"</form>";
}
?>
</div>
<!--Info-->
<div>
<p> GOING TO NEED A SEARCH FUNCTION HERE
This is the cool little aside section. It will always be there to provide you with some very nice little details, helpful links, maybe a list of moderators? who knows! The uses are endless when you have a beautiful little aside like this one! Here are a few very useful bodyweight fitness links to get us started :D </p>
</div>
<br>
<div>
<ul class="content-aside-links">
<li>
Reddit's Bodyweightfitness Forum
</li>
<li>
Reddit's Bodyweightfitness RR
</li>
<li>
Antranik's Bodyweightfitness Routine
</li>
</ul>
</div>
<div></div>
</aside>
<!--Footer -->
<footer class="footer">
<div>
<p> Use of this site constitutes acceptance of our User Agreement © 2017 BodyweightMate inc. All rights reserved. </p>
</div>
</footer>
</body>
</html>
The error is occurring under the main portion where i check if a user is logged in, and if they are add a short form consisting of a message, a text area, and a submit button. This form sends the information to the following php file.
<?php
session_start();
if(!isset($_SESSION['login_user'])) { header("location: main.php"); }
?>
<!DOCTYPE html>
<html>
<body>
<?php
require("config.php");
$connection = mysqli_connect($host, $user, $password, $database);
$error = mysqli_connect_error();
if($error != null) {
$output = "<p>Unable to connect to database!</p>";
exit($output);
} else {
//Validation
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$comment = $_POST['comment'];
$threadID = $_POST['threadID'];
$user = $_SESSION['login_user'];
} else {
//Redirect back to register
echo"<p>Form must use post or input was bypassed.</p>";
echo" Return to home page. ";
mysqli_close($connection);
exit();
}
There is no issue with connecting to the database, and I don't believe the remainder of the code is necessary to help me with this error since that one if statement of checking if the form is using post is failing and the else statement is always called. Why is this? i have rewritten the form multiple times ensuring that its properly structured and using post yet it fails every time!

Updating a MySQLi database using php and HTML5 forms

On my website i have an admin page where i want to be able to update information in the database, using a form.
This is the code im using to enter information and update what is in my database:
adminform.php
<html>
<head>
<link rel="stylesheet" href="assets/css/main.css" />
</head>
<body>
<header id="header">
<h1>SafeTNet</h1>
<nav id="nav">
<ul>
<li>Admin Page Only</li>
<li></li>
<li>Logout </li>
</ul>
</nav>
</header>
<h1> Select a member </h1>
<br />
<select name="members" onchange="showUser(this.value)">
<option value="">Select a member email</option>
<?php
$query = "SELECT * FROM members";
$mysqli = new mysqli('localhost','root','root','SafeTNetD');
$result = $mysqli->query($query);
while($row = $result->fetch_assoc())
echo '<option value="'.$row["email"].'">'.$row["email"].'</option>';
?>
</select>
<div id="signup">
<h2>Update Your Member Information</h2>
<form method="post" action="admin1.php">
<table>
<tr>
<td>Email</td>
<td><input type="text" name="email" required="required"></td>
</tr>
<tr>
</tr>
<tr>
<td>City </td>
<td><input type="text" name="city"></td>
</tr>
<tr>
</tr>
<tr>
</table>
<br><br>
<div id="buttons">
<input type="submit">
</div>
</body>
</html>
admin1.php
<html>
<head>
<title>Admin</title>
<link rel="stylesheet" href="assets/css/main.css" />
</head>
<body>
<header id="header">
<h1>SafeTNet</h1>
<nav id="nav">
<ul>
<li>Admin Page Only</li>
<li></li>
<li>Logout</li>
</ul>
</nav>
</header>
<br />
<?php
$query = "SELECT * FROM members";
$mysqli = new mysqli('localhost','root','root','SafeTNetD');
$result = $mysqli->query($query);
while($row = $result->fetch_assoc())
echo '<option value="'.$row["email"].'">'.$row["email"].'</option>';
?>
</select>
<br />
<?php
$q=$row["email"];
$mysqli = new mysqli('localhost','root','root','members');
$sql = "SELECT * FROM members WHERE email='".$q."'";
if(array_key_exists('_submit_check', $_POST))
{
$email = $_POST['email'];
$city = $_POST['city'];
$sql = "UPDATE members SET city = '$city' WHERE email = '$q'";
if($mysqli->query($sql) === TRUE)
{
echo 'Record updated successfully<br />';
}
else
{
echo $sql.'<br />' . $mysqli->error;
}
$mysqli->close();
}
?>
<br><br><br>
<footer id="footer">
<img src="logo.jpg" height="50px">
<ul class="copyright">
<li>© SafeTNet. All rights reserved.</li><li> 2016</li>
</ul>
</footer>
</body>
</html>
I can get the form to run but cant get the information to change in the database or echo to the screen.
Thank you in advance.

if(array_key_exists('_submit_check', $_POST))
{
$email = $_POST['email'];
$city = $_POST['city'];
$sql = "UPDATE members SET city = '$city' WHERE email = '$q'";
if($mysqli->query($sql) === TRUE)
{
echo 'Record updated successfully<br />';
}
else
{
echo $sql.'<br />' . $mysqli->error;
}
$mysqli->close();
}
There is no element called '_submit_check' in your form. I guess you forgot the name attribute of your submit-button.
Your script is very vulnerable to SQL-Injection. You really should not simply throw the userinput into your query. You can use mysqli_real_escape_string() or Prepared Statements to protect your application.
To improve the readability of your code you could change the structure a little. In your admin1.php you should do the business logic before outputting any html. So you would first check if the form has been sent, then you do the database operation. The result of the check or the success/error-message of the database operation can be written into a variable until you output the content of your site.
This way everybody who starts reading the code immediately knows 'alright, this script is the target of some form and accesses the database for some write-operation'.

Table won't display and Sql won't run

For some reason my table I'm trying to create doesn't show up on my page. The page use to work perfectly and I can't figure out why its not working now.
My program only works when I set
$_SESSION['loginname']="jordan#yahoo.com";
or $_SESSION['loginname']="mary666#yahoo.com";
and so on.
I've already started a "$_Session" on my previous page with the name $_SESSION['loginname']; I've echoed out the Session over and over to see if it is passing right from one page to another and down the current page and it does.
Why isn't my $_SESSION allowing my MYSQL code to run the loop to display my data from my database? code provided below:
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>User Account</title>
<link rel="stylesheet" type="text/css" href="css/style.css" />
</head>
<body>
<div id="main">
<header>
<div id="welcome">
<h2>Prairie View A&M University</h2>
</div><!--close welcome-->
</header>
<nav>
<div id="menubar">
<ul id="nav">
<li>Home</li>
<li class="current">Account Info</li>
<li>Quiz</li>
&nbsp &nbsp &nbsp &nbsp &nbsp
<?php
if($_SESSION['loginname'])
echo $_SESSION['loginname'].", "."<a href='user-account.php'>Account</a>"." "."<a href='logout.php'>Logout</a>";
else
die("You must login");
?>
</ul>
</div><!--close menubar-->
</nav>
<div id="site_content">
<?php
$username = "root";
$password = "";
$hostname = "localhost";
$database = "basketball_database";
$table = "users";
$session_login = $_SESSION['loginname'];
$con = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MYsql");
// echo "Connected to mysql<br>";
mysql_select_db("$database")
or die("Could not select Basketball_database");
//echo "Connected to database";
$mysql = "SELECT * FROM $table WHERE login_name='$_SESSION[loginname]'";
$mydata = mysql_query($mysql,$con);
while($records = mysql_fetch_array($mydata)){
//create table
echo "<table border=1
<tr>
<th>User ID</th></tr>
<tr>
<th>Login Name</th></tr>
<tr>
<th>Password</th></tr>
<tr>
<th>Last Name</th></tr>
<tr>
<th>First Name</th></tr>
<tr>
<th>Account Type</th>
</tr>";
echo "<tr>";
echo "<td>".$records['user_ID']."</td>";
echo "<td>".$records['login_name']."</td>";
echo "<td>".$records['password']."</td>";
echo "<td>".$records['last_name']."</td>";
echo "<td>".$records['first_name']."</td>";
echo "<td>".$records['type']."</td>";
echo "</tr>";
} echo "</table>";
mysql_close();
?>
<div id="content">
<div class="content_item">
</div><!--close content_container-->
</div><!--close content_item-->
</div><!--close content-->
</div><!--close site_content-->
<footer>
Home | Photos | Videos | Schedule | Contact<br/><br/>
</footer>
</div><!--close main-->
<!-- javascript at the bottom for fast page loading -->
<script type="text/javascript" src="js/jquery.min.js"></script>
<script type="text/javascript" src="js/image_slide.js"></script>
</body>
</html>
I do realize that my table is going to look like this
User ID
Login Name
Password
Last Name
First Name
Account Type
1321 jordan#yahoo.com 21duncan oneal jordan athlete

Categories