I'm trying to update a table given user input. Once the user hits submit on the form, I want the WHERE portion of my query to reflect the zip code entered by the user. Here is what I have so far, but it doesn't work. Any help would be greatly appreciated!
<form id="user-location" method="post" action="#">
<input id="addressInput" name="addressInput" type="text">
<input id="submit" onclick="searchLocations()" value="GO" type="button">
</form>
<?php
$con=mysqli_connect("localhost","######","######","######");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM Prospects WHERE zip = 'echo $_POST['addressInput']'");
echo "<table width='540' cellpadding='0' border='0' cellspacing='0'>
<tr>
<th>Under 4</th>
<th>5 - 9</th>
<th>10 - 14</th>
<th>15 - 17</th>
<th>18 - 20</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['cy_pop_04'] . "</td>";
echo "<td>" . $row['cy_pop_59'] . "</td>";
echo "<td>" . $row['cy_pop_1014'] . "</td>";
echo "<td>" . $row['cy_pop_1517'] . "</td>";
echo "<td>" . $row['cy_pop_1820'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
Change <input id="submit" onclick="searchLocations()" value="GO" type="button"> to <input id="submit" value="GO" type="submit" name="submit"> then use a conditional statement.
I.e.: if(isset($_POST['submit']))
Here is a prepared statement method.
The way you're doing it now (or intended to use), will leave you open to SQL injection.
<?php
$con=mysqli_connect("localhost","######","######","######");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if(isset($_POST['submit'])){
$zip = $_POST['addressInput'];
if($query = $con->prepare("SELECT * FROM Prospects WHERE zip=?")){
$query->bind_param("s", $zip);
$query->execute();
}
echo "<table width='540' cellpadding='0' border='0' cellspacing='0'>
<tr>
<th>Under 4</th>
<th>5 - 9</th>
<th>10 - 14</th>
<th>15 - 17</th>
<th>18 - 20</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['cy_pop_04'] . "</td>";
echo "<td>" . $row['cy_pop_59'] . "</td>";
echo "<td>" . $row['cy_pop_1014'] . "</td>";
echo "<td>" . $row['cy_pop_1517'] . "</td>";
echo "<td>" . $row['cy_pop_1820'] . "</td>";
echo "</tr>";
}
echo "</table>";
} // closing brace for if(isset($_POST['submit']))
mysqli_close($con);
?>
Footnotes:
Do not do or use this:
WHERE zip = 'echo $_POST['addressInput']'
^^^^ ^ ^
It's always better using prepared statements when using mysqli_* functions.
Here is a tutorial on using prepared statements.
Related
When I run the code in localhost server it works properly but when we run the same code in our live server (Godaddy linux shared server) it gives sql connection failed error.
The database is quite big and in our local server the query takes approximately 2 minutes to return data, so in shared godaddy server it must take more time.
<?php
$conn = mysqli_connect("localhost","root","","doreme_eshop");
// $mysqli = new mysqli("localhost", "root", "", "doreme_eshop");
// if ($mysqli->connect_errno) {
// echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
// }
if(isset($_POST['submit'])){
$style=$_REQUEST['style_no'];
$result = mysqli_query($conn,"CALL style_report('".$style."')") or die("Query Failed: " . mysqli_error($conn));
//var_dump($result->fetch_assoc());
echo "<table border='1'>
<tr>
<th>total_set</th>
<th>style_no</th>
<th>size_id</th>
<th>size_description</th>
<th>Company_name</th>
<th>generate_no</th>
<th>order_Date</th>
<th>product_id</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['total_set'] . "</td>";
echo "<td>" . $row['style_no'] . "</td>";
echo "<td>" . $row['size_id'] . "</td>";
echo "<td>" . $row['size_description'] . "</td>";
echo "<td>" . $row['Company_name'] . "</td>";
echo "<td>" . $row['generate_no'] . "</td>";
echo "<td>" . $row['order_Date'] . "</td>";
echo "<td>" . $row['product_id'] . "</td>";
echo "</tr>";
}
echo "</table>";
}
?>
<html>
<head></head>
<body>
<form role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
<select name="style_no" >
<option value="">STYLE NO</option>
<?php
$style_result = mysqli_query($conn,"CALL get_all_style_no()") or die("Query Failed: " . mysqli_error($conn));
$row1 = mysqli_num_rows($style_result);
while ($row1 = mysqli_fetch_array($style_result)){
echo "<option value='". $row1['style_no'] ."'>" .$row1['style_no'] ."</option>" ;
}
?>
</select>
<input type="submit" value="Submit" name="submit"/>
</form>
</body>
</html>
You need to set time out on connection, secondly u can set the config file to be separated and require_once.
Try check if the DB has mysqli library,... just open connection only then close and check error
I'm stuck in the delete function, I wonder why my delete button is not functioning, and I already edited my code.
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$semester = ($_POST["semester"]);
$level = ($_POST["level"]);
}
?>
Here is the form method:
<form method="post" action="<?php echo($_SERVER["PHP_SELF"]);?>" enctype="multipart/form-data">
Here is to display the data in table form, and SELECT * is functioning
$sql = mysqli_query ($connection, "SELECT * FROM subject");
echo " <table>
<th>Semester</th>
<th>Level</th>
</tr>";
while($record = mysqli_fetch_assoc ($sql)){
echo "<tr>";
echo "<td>" . $record['semester'] . "</td>";
echo "<td>" . $record['level'] . "</td>";
echo "<td>" . "<input type=submit name=delete value=Delete>" . "</td>";
echo "</tr>";
}
This is the delete button code
if (isset($_POST['delete']))
{
$delete = mysqli_query ($connection, "DELETE FROM subject WHERE semester = '($_POST[semester])'");
}
Try this :
while($record = mysqli_fetch_assoc ($sql)){
echo "<tr>";
echo '<form action="mypage.php" method="post">';
echo "<td>" . $record['semester'] . "</td>";
echo "<td>" . $record['level'] . "</td>";
echo "<td>" . $record['course'] . "</td>";
echo "<td>" . $record['subject'] . "</td>";
echo "<td>" . $record['section'] . "</td>";
// And add field form hidden
echo '<input type="hidden" name="semester" value="'.$record['semester'].'">';
echo "<td>" . '<input type="submit" name="delete" value="Delete">' . "</td>";
echo "</form>";
echo "</tr>";
}
if (isset($_POST['delete']) && isset($_POST['semester']))
{
$stmt = $connection->prepare('DELETE FROM subject WHERE semester = ?');
// if $_POST['semester'] is integer else see http://php.net/manual/en/mysqli-stmt.bind-param.php
$stmt->bind_param('i', $_POST['semester']);
$stmt->execute();
}
I have displayed a table of my data from the data base with check boxes to the left. I want to find a way to link the check boxes to the question number (ID). when I hit submit I want the selected id's to be echoed. pretty much I want someone to be able to select the questions they want and then display them.
<?php
$con=mysqli_connect("####","####","#####","###");
$result = mysqli_query($con,"SELECT * FROM q_and_a ");
echo "<table border='1'>
<tr>
<th>Add</th>
<th>#</th>
<th>Question</th>
<th>A</th>
<th>B</th>
<th>C</th>
<th>D</th>
<th>Answer</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo '<td><input type="checkbox" name="questions[]" value="$id"></td>';
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['question'] . "</td>";
echo "<td>" . $row['choiceA'] . "</td>";
echo "<td>" . $row['choiceB'] . "</td>";
echo "<td>" . $row['choiceC'] . "</td>";
echo "<td>" . $row['choiceD'] . "</td>";
echo "<td>" . $row['answer'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
submit button
<form method="POST" action="makeTest.php">
<input type="submit" name="make" value="Make Test">
</form>
Make some edits to your code then it will work.
1. Change your query by adding fields not * (to ensure performance and display order)
$result = mysqli_query($con,"SELECT id,question,choiceA,choiceB,choiceC,choiceD,answer FROM q_and_a ");
then before while block open form tag(HTML)
<?php
//above codes will be there as you show before
echo '<form method="POST" action="makeTest.php">';
while($row = mysqli_fetch_array($result)){
{ $id=$row['id']; // initialize your id here, so as to pass it in checkbox too
// then continue with your code
}
?>
<input type="submit" name="make" value="Make Test">
</form>
in maketest.php yo can hande ckeckbox using foreach, see below
foreach($_POST['questions'] as $questions){
//do your job
}
I am having problem in getting values from db. Iam new in php
I am using checkboxes to get values from database. Only checked values should be printed.
<form method="POST" action="gradoviexport.php" id="searchform">
<div id="GRADOVI BIH">
<h3>GRADOVI BOSNE I HERCEGOVINE</h3><hr/>
<input type="checkbox" name="gradovi[]" value="sarajevo"> Sarajevo
<input type="checkbox" name="gradovi[]" value="banovici"> Banovići
<input type="checkbox" name="gradovi[]" value="banjaluka"> Banja Luka
<input type="checkbox" name="gradovi[]" value="bihac"> Bihać
<input type="checkbox" name="gradovi[]" value="bileca"> Bileća
</div>
<div id="snimi">
<input type="submit" name="submit" value="EXPORT">
</div>
</form>
If Sarajevo is checked I want to print values from database. It does not have to be only one value checked If all values are checked it should print all values.
$con=mysqli_connect("$host","$username","$password", "$database");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
//connecting to db
$variable=$_POST['grad'];
foreach ($variable as $variablename)
{
$sql_select="SELECT * FROM `clanovi` WHERE `GRAD` = $variablename " ;
$queryRes = mysql_query($sql_select);
print"$sql_select";
}
echo "<table border='5'>
<tr>
<th>IME</th>
<th>PREZIME</th>
<th>FIRMA</th>
<th>ADRESA</th>
<th>TELEFON</th>
<th>FAX</th>
<th>MOBITEL</th>
<th>EMAIL </th>
<th>WEB_STRANICA </th>
<th>GRAD </th>
<th>KATEGORIJA </th>
</tr>";
while($row = mysqli_fetch_array($queryRes))
{
echo "<tr>";
echo "<td>" . $row['IME'] . "</td>";
echo "<td>" . $row['PREZIME'] . "</td>";
echo "<td>" . $row['FIRMA'] . "</td>";
echo "<td>" . $row['ADRESA'] . "</td>";
echo "<td>" . $row['TELEFON'] . "</td>";
echo "<td>" . $row['FAX'] . "</td>";
echo "<td>" . $row['MOBITEL'] . "</td>";
echo "<td>" . $row['EMAIL'] . "</td>";
echo "<td>" . $row['WEB_STRANICA'] . "</td>";
echo "<td>" . $row['GRAD'] . "</td>";
echo "<td>" . $row['KATEGORIJA'] . "</td>";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
Assume you posted gradovi[] array values to submitted page.
Submit page:
$grad = array();
$grad = $_POST['gradovi']; //get array value
$grad = implode(',',$grad); //convert it into comma separated string
//Insert it into data base
Getting from database:
//fetch the gradovi field from the db like below
echo $row['gradovi']; // print all values
or
$grad = explode(',',$row['gradovi']);
foreach($grad as $check) {
echo $check; //print one by one
}
There is few errors in your code.
There is no escaping of the string from POST data. Use mysqli_real_escape_string
There is an error in your while loop. You redefining mysql query result.
Fixed code:
//connecting to db
$variable=$_POST['grad'];
foreach($variable as $key => $val) {
$variable[$key] = mysql_escape_string($val);
}
$sql_select="SELECT * FROM `clanovi` WHERE `GRAD` IN ('" . implode("','", $variable) . "')" ;
$queryRes = mysql_query($sql_select);
print"$sql_select";
Right now I have a table that displays menu items and I want an Admin to be able to delete and edit a particular line item. My delete.php code works correctly if I have the id equal to a particular number, but I want the id to be equal to the id of whichever row the delete button is in. So my question is how do I get that id number? Because what I'm doing now is not correct.
Here is my delete.php file:
<?php
$con = mysql_connect("localhost", "root", "");
if(!$con)
{
die('Could not connect: ' .mysql_error());
}
mysql_select_db("bics_place", $con);
echo "mysql connected";
$myid = $_POST['id'];
$sql = "DELETE FROM menu WHERE id='$myid'";
echo "sql = $sql";
if(!mysql_query($sql, $con))
{
die('Error: ' .mysql_Error());
}
echo "1 record deleted";
header("location:admin_menu.php");
mysql_close($con);
?>
This is the table being made in admin_menu.php
$result = mysql_query("SELECT * FROM menu");
echo "<table border='1' id='menu'>
<form method='post' action='delete.php'>
<tr>
<th> Id </th>
<th> Type </th>
<th> Product Name </th>
<th> Price </th>
<th></th>
<th></th>
</tr>";
while($row = mysql_fetch_assoc($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['type'] . "</td>";
echo "<td>" . $row['productName'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . '<input type="submit" name="delete" value="Delete">' . "</td>";
echo "<td>" . '<input type="submit" name="edit" value="Edit">' . "</td>";
echo "</tr>";
}
echo "</form>";
echo "</table>";
Take on hidden field in your form.Then button onclick event set id into hidden field before submit.
<script>
function setId(idValue){
document.getElementById('myid').value=idValue;
}
</script>
echo "<table border='1' id='menu'>
<form method='post' action='delete.php'>
<input type="hidden" name="id" id="myid" value="" />
<tr>
<th> Id </th>
<th> Type </th>
<th> Product Name </th>
<th> Price </th>
<th></th>
<th></th>
</tr>";
while($row = mysql_fetch_assoc($result))
{
$myID = $row["id"];
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['type'] . "</td>";
echo "<td>" . $row['productName'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
echo "<td>" . '<input type="submit" name="delete" value="Delete" onClick="setId('.$myID.');">' . "</td>";
echo "<td>" . '<input type="submit" name="edit" value="Edit">' . "</td>";
echo "</tr>";
}
echo "</form>";
echo "</table>";
Add a hidden field - id in the form :
while($row = mysql_fetch_assoc($result)) {
//your <td>'s here
echo '<input type="hidden" name="id" value="{$row[id]}">';
// echoes for form submit
}
Note : mysql_* functions are deprecated. You should use mysqli_ functions instead. Read here