Update and insert category and moderator - php

I have file category.php where i have:
Category name / Moderator
Economy / uername1
Math / username2
Biology / username1
Every category i can update and add new category with username who can moderate some category.
I have problem with categorie.php because when i click update on label Category name in input write me Economy and username1 when i click on update some other category like Math in input writes me again Economy and username1.
Second problem i have is when i want to add a new category with moderator. After i click submit doesn't insert in my mysql database name of added category with moderator.
<?PHP
session_start();
if(!isset($_SESSION["type_id"])){
header("Location:index.php");
exit();
}
else if($_SESSION["type_id"]!=0)
{
header("Location:index.php");
exit();
}
include_once("meni.php"); ?>
<div class="mid-right"><?php
$dbc=mysql_connect("localhost","2013","013");
if (!$dbc)
{
echo 'Error!'.mysql_error();
exit();}
$db=mysql_select_db("2013_db",$dbc);
$category = $category_id = $name = $user_id = "";
$id = 0;
if(isset($_POST['username'])) {
if (isset($_POST['type_id'])) {
$type_id = $_POST['type_id'];
} else {
$type_id = 2;
}
$id = $_POST['new'];
if ($id == 0) {
$name = $_POST['name'];
$user_id = $_POST['user_id'];
$category_id = $_POST['category_id'];
$sql = "INSERT INTO category (category_id, name, user_id) VALUES ($category_id, '$name', '$user_id');";
}
$result=mysql_query($sql);
mysql_close($db);
header("Location: category.php");
}
if(isset($_POST['category_id']) && isset($_POST['name']) && isset($_POST['moderator']) && $_SESSION['type_id'] == 0) {
$name = $_POST['name'];
$user_id = $_POST['moderator'];
$category_id = $_POST['category_id'];
$sql = "UPDATE category SET name = '$name', user_id = $user_id WHERE category_id = $category_id";
$result=mysql_query($sql);
mysql_close($db);
header("Location: category.php");
}
if(isset($_GET['categories'])) {
$kategorija_id = $_GET['categories'];
if ($id==2) {
$id = $_SESSION["category_id"];
}
$dbc=mysql_connect("localhost","2013","2013");
if (!$dbc)
{
echo 'Error!'.mysql_error();
exit();}
$db=mysql_select_db("2013_db",$dbc);
$sql = "SELECT k.category_id, k.name, ko.username FROM category k, user ko WHERE k.user_id = ko.user_id AND ko.type_id = 1";
$result=mysql_query($sql);
list($category_id, $name, $user_id) = mysql_fetch_array($result);
} else {
$name = "";
}
?>
<form method="POST" action="categorie.php">
<div>
<input type="hidden" name="category_id" value="<?php echo $category_id ?>"/>
<input type="hidden" name="new" value="<?php echo $id?>"/>
<table>
<tr>
<td><label for="name">Category name:</label></td>
<td><input type="text" name="name" id="name" value="<?php echo $name ?>"/></td>
</tr>
<tr>
<td><label for="moderator">Moderator:</label></td>
<td><select name="moderator">
<?php
$sql2 = "SELECT user_id, username FROM user WHERE type_id = 1 ";
$rs2 = mysql_query($sql2);
while(list($user_id, $username) = mysql_fetch_array($rs2)){
?>
<option value="<?php echo $user_id ?>"><?php echo $username ?></option><?php } ?>
</select></td>
<tr>
<tr>
<td colspan="2"><input type="submit" value="Send" id="submit"/></td>
</tr>
</table>
</div>
</form>
<?php
mysql_close($dbc);
?>
</div>
</div><?php include("footer.php"); ?>
</body>
</html>

Related

How to show comments on specific posts

I have an application that where users can post announcements and comment on posts. My problem is that whenever a comment is posted, It shows up on every announcement post. How can I post comments so that they show up on that specific post?
I have 2 database tables: "announcement: id, name, announcementTitle, announcement, image" and "comment: id, post_id, name, comment" with foreign key attached to comment.
Here is my home.php where the announcements and comments are echoed
<div class="container">
<div class="mx-auto">
<?php
if (isset($_SESSION['username'])) {
echo'
<h1 style="text-decoration:underline">Post an announcement</h1>
<form method="post" action="announcement.php" enctype="multipart/form-data">
<input type="text" name="announcementTitle" placeholder="Enter Subject"><br>
<textarea name="announcementBox" rows="5" cols="40" placeholder="Enter Announcement"></textarea><br>
<input type="file" name="image" accept="image/jpeg">
<button name="announcement">Submit</button>
</form>';
}
$query = "SELECT * FROM announcement ORDER BY id DESC";
$result = mysqli_query($con,$query);
while ($row = mysqli_fetch_array($result)) {
echo '<div class="row" style="color:black;background-color:white;border-radius:5px;padding:10px;margin-top:10px;margin-bottom:70px">';
echo '<div class="column" style="width:100%;border:5px">';
if (isset($_SESSION['username'])) {
echo '<form method="post" action="announcement.php">';
echo "Posted by " .$row["name"]. " click X to delete:";
echo '<input type="hidden" name="postID" value="'.$row['id'].'">';
echo '<button name="delete" style="float:right">X</button>';
echo '</form>';
}
echo $row['announcementTitle'].'<br>';
echo $row['announcement'].'<br>';
echo '<img width="20%" src="data:image;base64,'.$row['image'].'"alt="Image" style="padding-top:10px">';
echo'
<form method="post" action="comment.php">
<textarea name="commentbox" rows="2" cols="50" placeholder="Leave a Comment"></textarea><br>
<button name="comment">Submit</button>
</form>';
echo "Comments:<p><p>";
echo " <p>";
$find_comment = "SELECT * FROM comment ORDER BY id DESC";
$res = mysqli_query($con,$find_comment);
while ($row = mysqli_fetch_array($res)) {
echo '<input type="hidden" name="postID" value="'.$row['post_id'].'">';
$comment_name = $row['name'];
$comment = $row['comment'];
echo "$comment_name: $comment<p>";
}
if(isset($_GET['error'])) {
echo "<p>100 Character Limit";
}
echo '</div></div>';
}
?>
</div>
</div>
Here is comment.php where comments are put in the database
<?php
session_start();
$con = mysqli_connect('localhost', 'root', 'Arv5n321');
mysqli_select_db($con, 'userregistration');
$namee = '';
$comment = '';
$comment_length = strlen($comment);
if($comment_length > 100) {
header("location: home.php?error=1");
}else {
$que = "SELECT * FROM announcement";
$res = mysqli_query($con,$que);
while ($row = mysqli_fetch_array($res)) {
$post_id = $row['id'];
}
$namee = $_SESSION['username'];
$comment = $_POST['commentbox'];
$query = "INSERT INTO comment(post_id,name,comment) VALUES('$post_id','$namee','$comment')";
$result = mysqli_query($con, $query);
if ($result) {
header("location:home.php?success=submitted");
} else {
header("location:home.php?error=couldnotsubmit");
}
}
?>
Here is announcement.php where announcements are put in the database
<?php
session_start();
//$con = mysqli_connect('freedb.tech', 'freedbtech_arvindra', 'Arv5n321', 'freedbtech_remote') or die(mysqli_error($con));
$con = mysqli_connect('localhost', 'root', 'Arv5n321', 'userregistration') or die(mysqli_error($con));
if (isset($_POST['announcement'])) {
$image = $_FILES['image']['tmp_name'];
$name = $_FILES['image']['name'];
$image = base64_encode(file_get_contents(addslashes($image)));
date_default_timezone_set("America/New_York");
$title = $_POST['announcementTitle']." (<b>".date("m/d/Y")." ".date("h:i:sa")."</b>)";
$paragraph = $_POST['announcementBox'];
if (empty($paragraph)||empty($title)) {
header('location:home.php?error=fillintheblanks');
}else{
$nam = $_SESSION['username'];
$query = "insert into announcement(name,announcementTitle,announcement,image) values('$nam','$title','$paragraph','$image')";
$result = mysqli_query($con, $query);
if ($result) {
header("location:home.php?success=submitted");
} else {
header("location:home.php?error=couldnotsubmit");
}
}
}else if (isset($_POST['delete'])){
$query = "delete from announcement where id='".$_POST['postID']."';";
$result = mysqli_query($con,$query);
if ($result) {
header('location:home.php?success=deleted');
} else {
header('location:home.php?error=couldnotdelete');
}
}
else {
header('location:home.php');
}
I am a little new to PHP so any help is good.

SQL Update Query doesnt' Update when using Dropdown list

I have 2 tables: product (id, name, quantity, c_id) and product_category (cat_id, cat_name).
I have the option to update the existing products. When I change the name and the quantity it works just fine, but when I try to change the product category the c_id doesn't change to the new one.
The code from the update page (update.php):
<?php
include 'database.php';
$id = $_POST['productId'];
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT * FROM product where id = ?";
$q = $pdo->prepare($sql);
$q->execute(array($id));
$data = $q->fetch(PDO::FETCH_ASSOC);
$name = $data['name'];
$quantity = $data['quantity'];
Database::disconnect();
?>
<form id="updateFrom" action="update2.php" method="POST">
<table border="1" cellpadding="10">
<tr align='center'>
<td>Name</th>
<td><input name="name" type="text" value="<?php echo $name;?>"/></td>
</tr>
<tr align='center'>
<td>Quantity</th>
<td><input name="quantity" type="text" value="<?php echo $quantity;?>"/></td>
</tr>
<tr align='center'>
<?php $cat = $pdo->query("SELECT c_name, CATEGORY_ID FROM product_category");
?>
//Here the user selects the new category from the dropdown list
<td>Category</th>
<td>
<select name="c_id">
<?php
while ($rows = $cat->fetch(PDO::FETCH_ASSOC))
{
$cat_name = $rows['c_name'];
$cat_id = $rows['CATEGORY_ID'];
echo"<option value='$cat_id'>$cat_name</option>";
}
?>
</select>
</td>
</tr>
</table>
<input type="hidden" id="productId" name="productId" value="<?php echo $id;?>"/>
<button type="submit">update</button>
</form>
</body>
The code which makes the update (update2.php):
<?php
require 'database.php';
$id = null;
if ( !empty($_POST)) {
$id = $_POST['productId'];
$name = $_POST['name'];
$quantity = $_POST['quantity'];
// update data
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "UPDATE product set name = ?, quantity = ? WHERE id = ?";
$q = $pdo->prepare($sql);
$q->execute(array($name,$quantity,$id));
Database::disconnect();
header("Location: index.php");
}
?>

You need to set the c_id column from $_POST['c_id'].
if ( !empty($_POST)) {
$id = $_POST['productId'];
$name = $_POST['name'];
$quantity = $_POST['quantity'];
$category = $_POST['c_id'];
// update data
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "UPDATE product set name = ?, quantity = ?, c_id = ? WHERE id = ?";
$q = $pdo->prepare($sql);
$q->execute(array($name,$quantity,$category,$id));
Database::disconnect();
header("Location: index.php");
}
I also suggest that you have the existing category selected by default in the dropdown.
while ($rows = $cat->fetch(PDO::FETCH_ASSOC))
{
$cat_name = $rows['c_name'];
$cat_id = $rows['CATEGORY_ID'];
$selected = $cat_id == $data['c_id'] ? "selected" : "";
echo "<option value='$cat_id' $selected>$cat_name</option>";
}

Counter increasing in refresh and in reload in php

I have set a counter in php code to increment the id value in mysql on every next click but when I refresh or reload the page the value is increasing automatically is there any solution for this problem or any other substitute.
<?php
$db = mysqli_connect('localhost','root','root','rahul');
$questions ="";
$msg2 ="";
$o1 ="" ;
$o2 ="" ;
$o3 ="" ;
$o4 ="" ;
$disable = "";
$disable2 = "";
session_start();
if(empty($_SESSION['count']))
$_SESSION['count'] = 0;
if(isset($_POST['sub1'])){
$ans = $_POST['ans'];
$email = "rahul#gmail.com";
$order = $_SESSION['count']+1;
echo $order;
$_SESSION['count'] = $order;
$sql = (" SELECT * FROM qna WHERE id = $order ");
$query = mysqli_query($db, $sql);
$row=mysqli_fetch_array($query, MYSQLI_ASSOC);
$questions = $row['questions'];
$o1 = $row['o1'];
$o2 = $row['o2'];
$o3 = $row['o3'];
$o4 = $row['o4'];
$disable="";
if($_SESSION['count']>5)
{
$disable = "disabled";
}
$disable2 = "";
if($_SESSION['count']<=1)
{
$disable2 = "disabled";
}
//$sql2 = "INSERT INTO result (id, answer, email) VALUES ('', '$ans', '$email') ".mysqli_error();
/*
$sql3 = mysqli_query($db, "INSERT INTO result (answer, email) VALUES ('$ans', '$email')");
if(mysqli_affected_rows($sql3)== true)
{
echo "inserted";
}
else
{
echo "not inserted";
}
*/
echo $ans. $email;
}
$sql4 = mysqli_query("select * from result");
$row = mysqli_fetch_array($db, $sql4);
// while()
echo $row['id'];
for($i=1;$i<=5;$i++)
{
}
?>
<?php
if(isset($_POST['sub2'])){
$result2 = $_SESSION['count']-1;
$_SESSION['count'] = $result2;
$sql = (" SELECT * FROM qna WHERE id = $result2 ");
$query = mysqli_query($db, $sql);
$row=mysqli_fetch_array($query, MYSQLI_ASSOC);
$questions = $row['questions'];
$o1 = $row['o1'];
$o2 = $row['o2'];
$o3 = $row['o3'];
$o4 = $row['o4'];
if($_SESSION['count']<=1){
$disable2 = "disabled";
}
}
session_write_close();
?>
<?php
if(isset($_POST['start'])){
$order = $_SESSION['count']+1;
echo $order;
$_SESSION['count'] = $order;
$sql = (" SELECT * FROM qna WHERE id = 1 ");
$query = mysqli_query($db, $sql);
$row = mysqli_fetch_array($query, MYSQLI_ASSOC);
$questions = $row['questions'];
$o1 = $row['o1'];
$o2 = $row['o2'];
$o3 = $row['o3'];
$o4 = $row['o4'];
$disable="";
if($_SESSION['count']>=5)
{
$disable = "disabled";
}
$disable2 = "";
if($_SESSION['count']<=1){
$disable2 = "disabled";
}
session_write_close();
}
?>
<center><br><br><br>
<form method="post">
<input type="submit" name="start" value="start">
</form>
Log out
<form action="" method="post" >
<table border="1" height="300px" width="500px">
<tr>
<th colspan="2"><?php echo $questions; ?></th>
</tr>
<tr>
<td><input type="radio" name="ans" id="ans" value="<?php echo $o1; ?>"><?php echo $o1; ?></td>
<td><input type="radio" name="ans" value="<?php echo $o2; ?>"><?php echo $o2; ?></td>
</tr>
<tr>
<td><input type="radio" name="ans" value="<?php echo $o3; ?>"><?php echo $o3; ?></td>
<td><input type="radio" name="ans" value="<?php echo $o4; ?>"><?php echo $o4; ?></td>
</tr>
<tr colspan="2">
<td><center><input type="submit" name="sub1" value="next" <?php echo $disable ?>> </td>
<td><center><input type="submit" name="sub2" value="previous" <?php echo $disable2 ?>>
<input type="submit" name="submit3" value="submit" > </td>
</tr>
</form>
</table>
<?php
if(isset($_POST['submit3']))
{
$ans = $_POST['ans'];
$email = "dummy";
//$sql2 = "INSERT INTO result (id, answer, email) VALUES ('', '$ans', '$email') ".mysqli_error();
$sql3 = mysqli_query($db, "INSERT INTO result (answer, email) VALUES ('$ans', '$email')");
if(mysqli_affected_rows($sql3)== true)
{
echo "inserted";
}
else
{
echo "not inserted";
}
echo $ans. $email;
}
?>

when you are reloading a web-page, you are reloading its POST (and also GET) data as well if it's there. if you are submitting a form then the target page contains POST data in its header. so if you reload this page it's like you would have clicked the button again.
since you are already using a session there is a workaround:
add a hidden field with a micro-timestamp in your form. this micro-timestamp will be different every time your page gets loaded (per user) - but this "new" timestamp only get's posted when you use the button. when you just refresh the page, you are reloading with the old timestamp.
so you just need to save compare the last timestamp (saved in a session variable) with the currently posted timestamp. if they are equal - the page just got refreshed - if they are not equal, then you got a new timestamp which was sent by your form:
<?php
session_start();
if(!isset($_SESSION["timestamp"]))
$_SESSION["timestamp"] = 0;
if(!isset($_POST["timestamp"]))
$_POST["timestamp"] = 0;
// previous timestamp - saved in session variable:
$prev_ts = $_SESSION["timestamp"];
// currently posted timestamp:
$post_ts = $_POST["timestamp"];
if($prev_ts != $post_ts)
{
// code to increase your counter goes here.
$feedback = "button pressed";
}
else
{
// do nothing when the page just got refreshed
$feedback = "refreshed";
}
$_SESSION["timestamp"] = $post_ts;
?>
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<?php echo $feedback; ?>
<form action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="POST">
<input type="hidden" name="timestamp" value="<?php echo microtime(); ?>">
<input type="submit" name="go" value="count">
</form>
</body>
</html>

Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, string given

When I click on search button without entering any text in textbox it gives me "Warning: mysqli_fetch_assoc() expects parameter 1 to be mysqli_result, string given" this error, how can I sort out this issue,here is my code any help will be appreciated
<?php
$title ="Manage Page";
include "includes/home_page_header.php";
?>
<?php
$error_array = array();
$count =1;
$firstName = $lastName = $email = $status =$res_users = $checkbox ="";
if(isset($_POST['Search']))
{
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$email = $_POST['email'];
$status = $_POST['status'];
if($firstName !="")
{
$sql_users ="SELECT * FROM `users` WHERE `firstName` LIKE '$firstName'";
}
else if($lastName !="")
{
$sql_users ="SELECT * FROM `users` WHERE `lastName` LIKE '$lastName'";
}
else if($email !="")
{
$sql_users ="SELECT * FROM `users` WHERE `email` LIKE '$email'";
}
else if($firstName !="" && $lastName !="")
{
$sql_users ="SELECT * FROM `users` WHERE `firstName` LIKE '$firstName' AND `lastName` LIKE '$lastName'";
}
else
{
$sql_users = "SELECT * FROM `users`";
}
if(isset($_GET['user_id']))
{
$user_id = $_GET['user_id'];
$sql_users = "DELETE from `users` WHERE user_id=".$user_id;
if ($link->query($sql_users) == TRUE)
{
$error ="Record deleted successfully";
array_push($error_array,$error);
}
if ($link->query($sql_users) == FALSE)
{
$error = "Your Abort Delete operation";
array_push($error_array,$error);
}
}
if($status == "Active")
{
$sql_users= "SELECT * FROM `users` WHERE `status` LIKE 'Active'";
$res_users = mysqli_query($link,$sql_users);
if($res_users && mysqli_num_rows($res_users) > 0)
{
while($log_row_users = mysqli_fetch_assoc($res_users))
{
$status = $log_row_users["status"];
}
}
}
if($status == "Inactive")
{
$sql_users= "SELECT * FROM `users` WHERE `status` LIKE 'Inactive'";
$res_users = mysqli_query($link,$sql_users);
if($res_users && mysqli_num_rows($res_users) > 0)
{
while($log_row_users = mysqli_fetch_assoc($res_users))
{
$status = $log_row_users["status"];
}
}
}
$res_users = mysqli_query($link ,$sql_users);
}
if(isset($_POST['delete_all']))
{
}
?>
<script>
$(document).ready(function()
{
$(".delete_button").on('click',function()
{
var result =confirm("Are you sure you want to delete ?");
if(result)
{
return true;
}
else
{
return false;
}
});
});
//function wantTodelete(user_id)
//{
// return confirm("Are you sure you want to delete ?");
//}
$(document).ready(function()
{
$("#checkAll").change(function () {
$("input:checkbox").prop('checked', $(this).prop("checked"));
});
});
</script>
<table border="1px" class="manage_table">
<form name="listingForm" action="" method="post">
<tr>
<?php
if($error_array !=0)
{
foreach($error_array as $value)
{
echo "<tr style='color:green;'><td></td><td> ". $value. "</td></tr>";
}
}
?>
</tr>
<tr>
<td></td>
<td><input type="text" name="firstName"></td>
<td><input type="text" name="lastName"></td>
<td><input type="text" name="email"></td>
<td>
<select name="status">
<option>Select Status </option>
<option value="Active" <?php echo $status;?>>Active </option>
<option value="Inactive" <?php echo $status;?>>Inactive </option>
</select>
</td>
<td><input style="width:135px" type="submit" name="Search" value="Search"></td>
<td><input type="submit" id="delete_all" name="delete_all" value="Delete All" onclick="return deleteAll();" /></td>
</tr>
<tr>
<th>Sr.No</th>
<th>First Name</th>
<th>Last Name</th>
<th>Email</th>
<th>Status</th>
<th>Action</th>
<th><input type="checkbox" id="checkAll" name="check_all[]"/></th>
</tr>
<?php
if($log_row_users = mysqli_fetch_assoc($res_users))
{
$user_id = $log_row_users['user_id'];
$firstName = $log_row_users['firstName'];
$lastName = $log_row_users['lastName'];
$email = $log_row_users['email'];
$status = $log_row_users['status'];
?>
<tr>
<td><?php echo $count++ ;?></td>
<td><?php echo $firstName;?></td>
<td><?php echo $lastName ;?></td>
<td><?php echo $email ;?></td>
<td>
<?php
if($status == "Active")
{
echo "<b style='color:#3CF'>".$status."</b>";
}
if($status == "Inactive")
{
echo "<b style='color:#F00'>".$status."</b>";
};
?>
</td>
<td>
<a style="margin-left:25px" href="http://localhost/sample/home_page_edit.php?user_id=<?php echo $user_id;?>" onclick="redirectMe();" name="redirect" id="redirect"><img src="images/pencil.png" /></a>
<a style="margin-left:35px" href="http://localhost/sample/home_page_manage.php?user_id=<?php echo $user_id;?>" name="delete_button" class="delete_button" ><img src="images/delete.png" /></a>
</td>
<th>
<input name="checkbox[]" type="checkbox" id="checkbox[]" class="checkbox">
</th>
</tr>
</form>
<?php
}
?>
</table>
<?php
include "includes/home_page_footer.php";
?>

Try this one it will help you
if(isset($_REQUEST['Search']))
{
$q = "SELECT * FROM users WHERE user_id!='' ";
$firstName = $_REQUEST['firstName'];
$lastName = $_REQUEST['lastName'];
$email = $_REQUEST['email'];
$status = $_REQUEST['status'];
$temp='';
if(!empty($firstName))
{
$temp.=" AND ";
$temp.="firstName LIKE '%$firstName%'";
}
if(!empty($lastName))
{
$temp.=" AND ";
$temp.="lastName LIKE '%$lastName%'";
}
if(!empty($email))
{
$temp.=" AND ";
$temp.="email LIKE '%$email%'";
}
if(!empty($status))
{
$temp.=" AND ";
$temp.="status LIKE '$status'";
}
$qry = $q. $temp. " order by user_id ASC";
}
else
{
$qry = "SELECT * FROM users order by user_id DESC";
}

At start of your script you init $res_users with an empty string ("").
If $_POST['Search'] is not set, you never execute $res_users = mysqli_query( ... );, so $res_users still remains an empty string when you call
if($log_row_users = mysqli_fetch_assoc($res_users))
I suggest you to normalize your code performing all operations concerning queries before HTML output. Otherwise you can repeat the $_POST check:
if(isset($_POST['Search']) && $log_row_users = mysqli_fetch_assoc($res_users))

Fast querying with a more Object orientated method:
[...]
$sql_users= "SELECT * FROM `users` WHERE `status` LIKE 'Inactive'";
foreach($link->query($sql_users) as $row)
{
$status = $row["status"];
}
[...]
You can also use it as a boolean to check queries ran:
[...]
if($db->query($sql)): [...] endif;
[...]
I'd also suggest that you're checking that your result is not null before looping through its data:
[...]
$result = mysqli_query($link, $sql);
if($result != null): [...] endif;
[...]
Also, take a look at #fusion3k 's answer. Your infrastructure is causing you limitations. You'll need to re-evaluate how you're approaching this and also check how to prevent SQLi injections.
Edit: You could manage your data flow more simply using an Object-orientated approach (OOP).
class Handler
{
public function __construct( $args )
{
if(is_array( $args ))
{
switch($args['type'])
{
case "Insert":
break;
default:
break;
}
[...]
Then work with it like so:
new Handler(array(
'type' => $_POST[...]
[...] => [...]
));

Delete Query won't work on the first row using MySQL & PHP

When I was trying to delete first row of this table, it won't delete, rather it shows me error that kindly put details in text box which I have used while Adding New Category.
IMAGE : https://dl.dropboxusercontent.com/u/88831139/1.jpg
Except Row 1, query works on each row. If I click delete for ID 2, 3 or 4, all works fine, except for Row 1. It does not work with ID=1.
Kindly do suggest me what to do.
NOTE: I have used session to keep the values in variables.
I am not deleting row i just update the status of that to keep it in record here is Code :
to ADD CATEGORY :
if(isset($_POST['category']))
{ $cat = $_POST['category'];
$validate_category = "SELECT * FROM Category WHERE CategoryName ='$cat'";
$result = mysql_query($validate_category);
$count = mysql_num_rows($result);
if(empty($cat))
{
session_start();
$msg = 'kindly Put Details completely';
$_SESSION['status'] = $msg;
$_SESSION['color'] = 'red';
header("location:../category.php");
}
else if($count==1)
{
session_start();
$msg = 'Category Already Exist !!! Kindly Choose any Other Category';
$_SESSION['status'] = $msg;
$_SESSION['color'] = 'red';
header("location:../category.php");
}
else{
$query = "INSERT INTO Category(CategoryName) values ('$cat')";
mysql_query($query);
session_start();
$msg = 'New Category has been Created';
$_SESSION['status'] = $msg;
$_SESSION['color'] = 'green';
header("location:../category.php");
}}
CODE TO DELETE ROW :
$delete_id = mysql_real_escape_string($_POST["delete_id"]);
$del_cat = mysql_result(mysql_query("SELECT CategoryName FROM Category WHERE ID = ".$delete_id), 0); // 1 = row
mysql_query("UPDATE Category SET hidden = '1' WHERE ID =".$delete_id);
session_start();
$msg = "'$del_cat' Category has been Deleted";
$_SESSION['status'] = $msg;
$_SESSION['color'] = 'green';
header("location:../category.php");
HOME PAGE :
<?php
session_start();
if(!isset($_SESSION['UserEmail']))
{
header("location:../login.php");
}
else if($_SESSION['UserRole'] != 'Admin')
{
header("location:../login.php");
}
include "../_inc/config.php";
?>
<html>
<head>
<title>Add Category</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<?php include "_lib/menu.php"; ?>
<h2>Add Category</h2>
<form action="_lib/AddCategory.php" method="POST">
Category : <input type='text' name="category"/>
<input type="Submit" value="Submit" />
<?php
if (isset($_SESSION['status'])){
$msg = $_SESSION['status'];
echo $msg;
unset($_SESSION['status']);
}
?>
<table border='1'>
<tr>
<th>ID</th>
<th>Category</th>
</tr>
<?php
$query1 = "SELECT * from Category where hidden = '0'";
$result = mysql_query($query1);
$i = 1;
while($row = mysql_fetch_array($result)) : ?>
<tr>
<td> <?php echo $i; $i=$i+1; ?> </td>
<td> <?php echo $row['CategoryName']; ?> </td>
<td>
<form action="_lib/DeleteCategory.php" method="POST" >
<input type="hidden" name="delete_id" value="<?php echo $row['ID']; ?>" />
<input type="submit" value="Delete" />
</form>
</td>
</tr>
<?php endwhile; ?>
</table>
</form>
</body>
</html>

Categories