Adding Confirmation box - php

I'm trying to add an "confirmation box" that says "Are you sure you want to update/delete question?" when I click on my "update" and/or "delete" buttons.
I've already tried adding
onclick="return confirm('Are you sure you want to logout?');"
<input type="submit" value="Add Question" onclick="return confirm('Are you sure you want to update/delete question?');">
I provided my two php files. Might not need the whole files but I hope you can understand my issue and help the best that y'all can. thank you.
File: questions_menu.php
<?php
$username = "root";
$password = "";
$hostname = "localhost";
$database = "basketball_database";
$table = "question_bank";
$con = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MYsql");
//echo "Connected to mysql<br>";
mysql_select_db("$database")
or die("Could not select Basketball_database");
//echo "Connected to database";
//update when update button pressed
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE $table SET question_description='$_POST[description]', option_a='$_POST[option1]', option_b='$_POST[option2]', option_c='$_POST[option3]', answer='$_POST[dropdown]', question_id='$_POST[questionID]' WHERE question_id='$_POST[hidden]'";
mysql_query($UpdateQuery, $con);
};//end of if statement
//delete when delete button pressed
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM $table WHERE question_id='$_POST[hidden]'";
mysql_query($DeleteQuery, $con);
};//end of if statement
$mysql = "SELECT * FROM $table";
$mydata = mysql_query($mysql,$con);
//create table
echo "<table border=1
<tr>
<th>Question ID</th>
<th>Question Description</th>
<th>Option 1</th>
<th>Option 2</th>
<th>Option 3</th>
<th>Answer</th>
<th>Picture</th>
<th>Video</th>
</tr>";
//insert data into rows
while($records = mysql_fetch_array($mydata)){
echo "<form action=questions_menu.php method=post>";
echo "<tr>";
echo "<td>"."<input type=text name=questionID size=10 value=".$records['question_id']." </td>";
echo "<td>"."<textarea name=description rows=2 cols=25>".$records['question_description']."</textarea>"."</td>";
echo "<td>"."<input type=text name=option1 size=18 value=".$records['option_a']." </td>";
echo "<td>"."<input type=text name=option2 size=15 value=".$records['option_b']." </td>";
echo "<td>"."<input type=text name=option3 size= 15 value=".$records['option_c']." </td>";
echo "<td>"."<input type=text name=answer size=15 value=".$records['answer']." </td>";
echo "<td>"."<input type=hidden name=hidden value=".$records['question_id']." </td>";
//update button
echo "<td>"."<input type=submit name=update value=Update onclick=return confirm(Are you sure you want to update/delete question?)"." </td>";
//delete button
echo "<td>"."<input type=submit name=delete value=Delete onclick=return confirm(Are you sure you want to update/delete question?)"." </td>";
echo "</tr>";
echo "</form>";//end form
} echo "</table>";
mysql_close();
?> <!-- End of php code-->


You need to close input tag at following line:
echo "<td>"."<input type=submit name=update value=Update onclick='return confirm(\"Are you sure you want to update/delete question?\")'>"." </td>";
---------------------------------------------------------------------------------------------------------------------------------------^
And you need to use put confirm code in single quotes as shown above. And also note the escape sequence used for message text.

Related

Being able to delete data from the click of a button on a page which also deletes the data from the database

I have multiple text boxes within a table on my web page which is populated from a form on my website users fill out. I have the feature of being able to delete each row as well as edit each row of data displayed on my website. The problem I'm having with it is only the last row of the table can be edited/deleted. For example, When I click the delete button on the first row of the table, it deletes the last row for some reason and not the first row. Also, it's the same with the update/edit button, only the last row can be modified and not anything above the last row of the table on my website.
More information:
form_id is the primary key within my database.
My code:
<?php
$con = #mysql_connect("localhost","root","");
if (!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("formsystem", $con);
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE form SET form_name='$_POST[name]', form_description='$_POST[description]' WHERE form_id='$_POST[hidden]'";
mysql_query($UpdateQuery, $con);
};
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM form WHERE form_id='$_POST[hidden]'";
mysql_query($DeleteQuery, $con);
};
$sql = "SELECT * FROM form";
$myData = mysql_query($sql,$con);
echo "<table>
<tr>
<th>Title</th>
<th>Description</th>
<th></th>
<th></th>
<th></th>
</tr>";
while($record = mysql_fetch_array($myData)){
echo "<form action=findGroup.php method=post>";
echo "<tr>";
echo "<td>" ."<input type=text name=name value='" . $record['form_name'] . "'/> </td>";
echo "<td>" ."<input type=text name=description value='" . $record['form_description'] . "'/> </td>";
echo "<td>" ."<input type=hidden name=hidden value='" . $record['form_id'] . "'/></td>";
echo "<td>" ."<input type=submit name=update value='update" . "'/> </td>";
echo "<td>" ."<input type=submit name=delete value='delete" . "'/> </td>";
echo "</tr>";
}
echo "</table>";
?>

Update
Enclose the form element properly:
<?php
$con = #mysql_connect("localhost","root","");
if (!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("formsystem", $con);
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE form SET form_name='".$_POST['name']."', form_description='".$_POST['description']."' WHERE form_id='".$_POST['hidden']."';";
mysql_query($UpdateQuery, $con);
};
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM form WHERE form_id='".$_POST['hidden']."';";
mysql_query($DeleteQuery, $con);
};
$sql = "SELECT * FROM form";
$myData = mysql_query($sql,$con);
echo "<table>
<tr>
<th>Title</th>
<th>Description</th>
<th></th>
<th></th>
<th></th>
</tr>";
while($record = mysql_fetch_array($myData)){
echo "<form action=findGroup.php method=post>";
echo "<tr>";
echo "<td>" ."<input type=text name=name value='" . $record['form_name'] . "'/> </td>";
echo "<td>" ."<input type=text name=description value='" . $record['form_description'] . "'/> </td>";
echo "<td>" ."<input type=hidden name=hidden value='" . $record['form_id'] . "'/></td>";
echo "<td>" ."<input type=submit name=update value='update" . "'/> </td>";
echo "<td>" ."<input type=submit name=delete value='delete" . "'/> </td>";
echo "</tr>"
echo "</form>";
}
echo "</table>";
?>
And for security issue, it's better to wrap variable using mysqli_real_escape_string, for example:
"DELETE FROM form WHERE form_id='".mysqli_real_escape_string($_POST['hidden'])."';";
But this is another question, here is the thread.

First off, check these potential issues:
You are connecting as root. Not recommended. You should connect as a MySQL user with M.A.D rights on that table (modify, add, delete).
Have you checked the MySQL & system/PHP logs to see if any errors are being reported? Then you can adjust your code based on those errors.
Have you attempted to run the delete statement manually to confirm that it deletes the desired row?
In your code, have you tried using the $sql = DELETE... syntax on your delete statement?

I cant figure out whats wrong on my update code

This is the code that im using to display the data.(registos.php)
<?php
$con = mysqli_connect('localhost','root','');
if (!$con)
{
die('Could not connect: ' . mysqli_error());
}
mysqli_select_db($con,'databaseteste');
$result =mysqli_query($con,("SELECT * FROM `formando2`"));
if (!$result) {
printf("Error: %s\n", mysqli_error($con));
exit();
}
echo "<table class=mainmenu border='1' width=100% >
<p><caption><h1>Registos</h1></caption></p>
<tr>
<th>Primeiro Nome</th>
<th>Ultimo Nome</th>
<th>Numero C.C</th>
<th>Numero contribuinte</th>
<th>Email</th>
<th>Morada</th>
<th>Código postal</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr><form action=update.php method=post>";
echo "<td><input type=text name=pname value='".$row['PrimeiroNome']."'></td>";
echo "<td><input type=text name=sname value='".$row['UltimoNome']."'></td>";
echo "<td><input type=text name=bi value='".$row['NumeroBI']."'></td>";
echo "<td><input type=text name=contri value='".$row['NumeroContribuinte']."'></td>";
echo "<td><input type=text name=email value='".$row['Email']."'></td>";
echo "<td><input type=text name=morada value='".$row['Morada']."'></td>";
echo "<td><input type=text name=cpostal value='".$row['CodigoPostal']."'></td>";
echo "<td><input type=hidden name=id value='".$row['idformando2']."'></td>";
echo "<td><input type=submit></td>";
echo "</tr>";
}
echo "</table>";
?>
This is the code that's giving me the problem i guess, in the update code.(update.php)
<?php
$con = mysqli_connect('localhost','root','');
if (!$con){die('Could not connect: ' . mysqli_error());}
mysqli_select_db($con,'databaseteste');
$update ="update `formando2`
set PrimeiroNome='$_POST[pname]',
UltimoNome='$_POST[sname]',
NumeroBI='$_POST[bi]',
NumeroContribuinte='$_POST[contri]',
Email='$_POST[email]',
Morada='$_POST[morada]',
CodigoPostal='$_POST[cpostal]'
where idformando2='$_POST[id]'";
if(mysqli_query($con,$update)){
header("refresh:1; url=registos.php");}
else{
printf("Error: %s\n", mysqli_error($con));
}
?>
When i submit it redirect's me to the update.php page then to the registos.php again, but the data still is the same.Registo Screen
Post update

You aren't closing your form tag.
You need
echo "</form></tr>";
instead of
echo "</tr>";
in registos.php
Since this loop can obviously render multiple forms to the page, you might have an issue with nested forms, or just invalid HTML, causing confusion when you post back.

I think you have not put name of the input box in single quotes or double quotes of all fields
it should be
echo "";

How to display NULL or N/A in empty table data

Empty spaces in phpMyAdmin seems to print out part of the closing table data tag </td> in my php file. I want to either leave the space blank or have something such as N/A to represent it being empty.
Here is my table display of the users in my php file.
Here is my users table in phpMyAdmin.
Here is my file causing the problem.
<?php
mysql_connect('localhost','root','');
mysql_select_db('project');
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE users SET id='$_POST[id]', username='$_POST[username]', password='$_POST[password]', first_name='$_POST[first_name]', last_name='$_POST[last_name]', email='$_POST[email]'
WHERE id='$_POST[hidden]'";
mysql_query($UpdateQuery, mysql_connect('localhost','root',''));
};
if (isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM users WHERE id='$_POST[hidden]'";
mysql_query($DeleteQuery, mysql_connect('localhost','root',''));
};
if (isset($_POST['add'])){
$AddQuery = "INSERT INTO users (id, username) VALUES ('$_POST[uid]','$_POST[uusername]','$_POST[upassword]','$_POST[ufirst_name]','$_POST[ulast_name]','$_POST[uemail]')";
mysql_query($AddQuery, mysql_connect('localhost','root',''));
};
$sql = "SELECT * FROM users";
$records = mysql_query($sql);
//session_start();
//if(!isset($_SESSION["id"])){
// header("location:main.html");
//} else {
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Table Display (Allows instructor to add students, delete, and update id and names)
</title>
<link rel="stylesheet" href="main.css">
</head>
<body>
<table width="25%" border="1" cellpadding="1" cellspacing="1" align="center">
<tr>
<th>ID</th>
<th>Username</th>
<th>Password</th>
<th>First Name</th>
<th>Last Name</th>
<th>Email</th>
<th></th>
<th></th>
<th></th>
</tr>
<?php
while ($users = mysql_fetch_assoc($records)) {
echo "<form action=displayusers.php method=post>";
echo "<tr>";
echo "<td>"."<input type=text name=id value=".$users['id']." </td>";
echo "<td>"."<input type=text name=username value=".$users['username']." </td>";
echo "<td>"."<input type=text name=password value=".$users['password']." </td>";
echo "<td>"."<input type=text name=first_name value=".$users['first_name']." </td>";
echo "<td>"."<input type=text name=last_name value=".$users['last_name']." </td>";
echo "<td>"."<input type=text name=email value=".$users['email']." </td>";
echo "<td>"."<input type=hidden name=hidden value=".$users['id']." </td>";
echo "<td>"."<input type=submit name=update value=Update"." </td>";
echo "<td>"."<input type=submit name=delete value=Delete"." </td>";
echo "</tr>";
echo "</form>";
}//end while
echo "<form action=displayusers.php method=post>";
echo "<tr>";
echo "<td><input type=text name=uid></td>";
echo "<td><input type=text name=uusername></td>";
echo "<td><input type=text name=upassword></td>";
echo "<td><input type=text name=ufirst_name></td>";
echo "<td><input type=text name=ulast_name></td>";
echo "<td><input type=text name=uemail></td>";
echo "<td>"."<input type=submit name=add value=Add"." </td>";
echo "<td>";
echo "<td>";
echo "</form>";
?>
</table>
</body>
</html>
<?php
//} // end else statement
?>
Another question: How can I exclude the ServerAdmin in the displayed table in my php file. I am logged in as a teacher and shouldn't be allowed to change the ServerAdmin's information.
Thanks!

php: Using <form> tag to sum a new value to an existing value in php

I am creating a webpage that is similar to a points system. It consists of a table with name and points columns. The user inputs a number, which then adds that value to the existing number in the table. My question is how would I be able to add those two values and update the table(database)?
<?php
$con = mysql_connect("xxx, xxx, xxx);
if (!$con) {
die("can not connect:" . mysql_error());
}
mysql_select_db("points", $con);
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE coach_tbl set coachscore = coachscore + '$add' WHERE coach_score = '$_POST[hidden]'";
mysql_query($UpdateQuery, $con);
};
if (isset($_POST['submit'])){
$AddQuery = "INSERT INTO coach_tbl (coach_name, coach_score) VALUES('$_POST[name]', '$_POST[score]')";
mysql_query($AddQuery, $con);
};
$sql = "SELECT * FROM coach_tbl ORDER BY coach_score DESC";
echo "<table border=1>
<tr>
<th>NAME</th>
<th>Score</th>
</tr>";
$myData = mysql_query($sql, $con);
while($record = mysql_fetch_array($myData)) {
echo "<form action=index.php method=post>";
echo "<tr>";
echo "<td><input type=text name=coachname value='" . $record['coach_name'] . "'> </td>";
echo "<td><input type=text name=coachscore value='" . $record['coach_score'] . "'> </td>";
echo "<td><input type=hidden name=hidden value='" . $record['coach_score'] . "'> </td>";
echo "<td><input type=submit name=update value=update'" . "'> </td>";
echo "<td><input type=number min="1" max="10" name=add value=add'" . "'> </td>";
echo "</tr>";
echo "</form>";
}
echo "</table>";
mysql_close($con);
?>
If there are any questions I will gladly elaborate on anything. I am also fairly new to php.

Let's say you have an html form like so:
<form action="update.php" method="POST">
<input type="number" name="updateData" value=""/>
<input type="submit">
</form>
and an update.php:
<?php
//assuming you want 1-10 points max to be added each time
if( isset($_POST['updateData']) && $_POST['updateData'] >=1 && $_POST['updateData'] >=10){
//set to user inputed value
$insertData = $_POST['updateData'];
$sql = "UPDATE point_table SET points = points + $insertData WHERE id = 1";
//you will need to finish off the query by checking connecting with your database.
}
?>

how to update specific user ? update.php

Below is my update.php code. However, I am seeking for code to update specific user. For example
Search Id: ___________ [search]
If the user wants to search id details for id : 11
Then update.php will show open a page that can update that 11 details.
For my code, it is not specific.
Hope someone can help me please.
update.php
<center>
<h1><u>Library Database</u></h1>
</center>
<?php
$con = mysql_connect("localhost","root","");
if(!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("c_database",$con);
if(isset($_POST['update'])){
$UpdateQuery="UPDATE myaduan SET id='$_POST[id]', nama_pengadu='$_POST[nama_pengadu]' WHERE id='$_POST[hidden]'";
mysql_query($UpdateQuery,$con);
};
if(isset($_POST['delete'])){
$DeleteQuery="DELETE FROM myaduan WHERE id='$_POST[hidden]'";
mysql_query($DeleteQuery,$con);
};
$sql="SELECT * FROM myaduan";
$myEdit=mysql_query($sql,$con);
echo "<table style=border:1px solid silver cellpadding=5px cellspacing=0px align=center border=0>
<tr>
<td colspan=4 style=background:0066FF; color:#FFFFFF; fontsize: 20px>UPDATE RECORD</td></tr>
<tr>
<td>ISBN</td>
<td>Title</td>
</tr>";
while($record = mysql_fetch_array($myEdit)){
echo "<form action=update.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=text name=id value=".$record['id'] . " </td>";
echo "<td>" . "<input type=text name=nama_pengadu value=".$record['nama_pengadu']. " </td>";
echo "<td>". "<input type=hidden name=hidden value=".$record['id']. " </td>";
echo "<td>"."<input type=submit name=update value=update"." </td>";
echo "<td>"."<input type=submit name=delete value=delete"." </td>";
echo "</tr>";
echo"</form>";
}
echo"</table>";
mysql_close($con);
?>

First of all you should stop using mysql_connect . It was deprecated , instead use another one such as PDO.
You can run a query to display all your users then have tow links in front of each one like:
-User1 update *delete*
-User2 update *delete*
.
.
.
if u hit delete you post all your info to ur processing page and delete the user .If you hit update you load a form to another div using Jquery/ajax or you redirect to another page with your form on it and you update your user info .
This way you ll have a cleaner/user freindly area to do your thing .

Categories