if (isset($_POST['cancel'])) {
print("<script>location.href = 'task_led.php'</script>");
}
else if (isset($_POST['assign'])) {
$atask = $_POST['task'];
$table_task = $_POST['hid_task'];
$key = $_REQUEST['key'];
include 'sql.php';
$SQL = " ALTER TABLE $table_task ADD $atask VARCHAR(255) NOT NULL";
mysql_query($SQL);
$SQL = "UPDATE info SET individ_task = '$atask' WHERE username = '$key'";
mysql_query($SQL);
$SQL = "INSERT INTO $table_task (`username`, $atask) VALUES ('$key', 'pending')";
mysql_query($SQL);
$SQL = "UPDATE info SET task_status_indi = 'pending' WHERE username = '$key'";
mysql_query($SQL);
mysql_close($db_handle);
print("<script>location.href = 'task_led.php'</script>");
}
else{
$namekey = $_REQUEST['key'];
$user = $_SESSION['username'];
include 'sql.php';
$SQL = "SELECT * FROM info WHERE username = '$user'";
$result = mysql_query($SQL);
while ($db_field = mysql_fetch_assoc($result)) {
$grp = $db_field['groups'];//telephone_tech
$tsk = $db_field['group_task'];//resolve_telephone
}
print("<div style='top:167; left:380; position:absolute; z-index:1;'>");
print("<table border = '0' width = '370' bgcolor = 'white'>");
print("<tr><td>$tsk</td></tr>");
print("</table>");
print("</div>");
$SQL = "SELECT * FROM task_list WHERE taskname = '$tsk'";
$result = mysql_query($SQL);
while ($db_field = mysql_fetch_assoc($result)) {
$dsc = $db_field['ds'];
}
print("<div style='top:200; left:250; position:absolute; z-index:1;'>");
print("<font face='Broadway' size = '4'>Description:</font>");
print("</div>");
print("<div style='top:197; left:380; position:absolute; z-index:1;'>");
print("<table border = '0' width = '370' bgcolor = 'white'>");
print("<tr><td>$dsc</td></tr>");
print("</table>");
print("</div>");
print("<div style='top:270; left:350; position:absolute; z-index:1;'>");
print("<form name='add_form' method='post' action='add_task_led.php'>");
print("<table border = '0' >");
print("<tr><td><b>Name:</b></td>");
print("<td><input name = 'uname' type = 'text' readonly = 'true' value = $namekey></td>");
print("</tr>");
print("<tr><td><b>Task:</b></td>");
print("<td><input name = 'task' type = 'text' value = ''></td>");
print("<input name = 'hid_task' type = 'hidden' value = $tsk>");
print("</tr>");
print("<tr>");
print("<td align = 'right'><input name = 'reset' type = 'reset' value = 'reset'></td>");
print("<td><input name = 'cancel' type = 'submit' value = 'cancel'>");
print("<input name = 'assign' type = 'submit' value = 'ASSIGN'></td>");
print("</tr>");
print("</table>");
print("</form>");
print("</div>");
mysql_close($db_handle);
}
I need help with this one it is supposed to get the key from URL like nbproject/add_task_led.php?key=Marija to put it in $key variable and it doesn't seem to work. When I put the name directly in this example Marija instead of $key it changes the DB. Am I doing something wrong?
For testing purposes
Can you setup a test table with the following code that I concluded as being successful.
Be sure to change these variables to fit your own, or create them as shown:
$table_task = "table_task"; // table name
$atask = "a_task"; // column name
$db_selected = mysql_select_db('db_name', $db); // db_name is your DB
HTML/PHP/SQL (form action is set to self)
<?php
if (!empty($_REQUEST['key'])) {
$key = $_REQUEST['key'];
echo "key: ". $key. "\n";
$db = mysql_connect("host","username", "password");
$db_selected = mysql_select_db('db_name', $db);
if (!$db_selected) {
die ('Can\'t use it : ' . mysql_error());
}
$table_task = "table_task";
$atask = "a_task";
$SQL = "INSERT INTO $table_task (`username`, $atask) VALUES ('$key', 'pending')";
mysql_query($SQL,$db);
// Used for my own testing purposes that you can comment out
// $SQL = "UPDATE $table_task SET a_task = 'pending_test' WHERE username = '$key'";
// mysql_query($SQL,$db);
}
?>
<!DOCTYPE html>
<html>
<head>
<body>
<form action="" method="get">
User: <input type="text" name="key" /><br />
<input type="submit" value="Send" />
</form>
</body>
</html>
Related
I am really struggling with how I get /?pollid=test inserted into my url when the page loads. Right now I have to type it and then the feature will work. /?pollid=test is calling the column and values from my sql table. can i hard code it in?
<?php
$pollid = $_GET['pollid'];
$connect = mysqli_connect('localhost','root','','poll');
$query = "SELECT * FROM polls WHERE pollid = '$pollid'";
$q = mysqli_query($connect, $query);
while($row = mysqli_fetch_array($q)){
$id = $row[0];
$title = $row[1];
$pollid = $row[2];
$ipaddress = $row[3];
echo "<h1>$title</h1>";
?>
<table>
<form action="" method="POST">
<?php
$questions = "SELECT * FROM questions WHERE pollid = '$pollid'";
$q2 = mysqli_query($connect, $questions);
while($r = mysqli_fetch_array($q2)){
$question = $r[1];
$votes = $r[2];
$newvotes = $votes +1;
$ip = $_SERVER['REMOTE_ADDR'];
$newipaddress = $ipaddress."$ip,";
if (isset($_POST['vote'])) {
$polloption = $_POST['polloption'];
if ($polloption == "") {
die("You did select an option.");
} else {
$ipaddresse = explode(",", $ipaddress);
if (in_array($ip, $ipaddresse)) {
die("You have already Voted");
}else{
mysqli_query($connect, "UPDATE questions SET
votes='$newvotes' WHERE pollid='$pollid' AND question='$polloption'");
//store ip address of the user so can only vote once
mysqli_query($connect, "UPDATE polls SET
ipaddress='$newipaddress' WHERE pollid ='$pollid'");
die("You votes successfully!");
}
}
}
echo '<tr><td>'.$question.'</td><td><input type="radio"
name="polloption" value="'.$question.'" />'.$votes.'votes</td></tr>';
}
}
?>
<tr><td><input type="submit" name="vote" value="Vote"/></td></tr>
</from>
</table>
<div> </div>
I need to know How to not make item duplicate and add quantity from showitem.php to quantity
but I made update to table in sql but nothing happen to the table I don't know why ?
This is addtocart.php
<?php
session_start();
function addtocart($id,$qty){
if (isset($id)){
//connect to database
$mysqli = mysqli_connect("localhost", "root", "", "e-com");
//create safe values for use
$safe_sel_item_id = mysqli_real_escape_string($mysqli,
$id);
$safe_sel_item_qty = mysqli_real_escape_string($mysqli,$qty);
//validate item and get title and price
$get_iteminfo_sql = "SELECT itemname FROM items WHERE itemid = '".$safe_sel_item_id."'";
$get_iteminfo_res = mysqli_query($mysqli, $get_iteminfo_sql)
or die(mysqli_error($mysqli));
if (mysqli_num_rows($get_iteminfo_res) < 1) {
//free result
mysqli_free_result($get_iteminfo_res);
//close connection to MySQL
mysqli_close($mysqli);
//invalid id, send away
header("Location: seestore.php");
exit;
} else {
//get info
while ($item_info = mysqli_fetch_array($get_iteminfo_res)) {
$item_title = stripslashes($item_info['itemname']);
}
//free result
mysqli_free_result($get_iteminfo_res);
$sql = "select sel_item_qty from shooppertrack where sel_item_id = '" .
$safe_sel_item_id . "'";
$res = mysqli_query($mysqli, $sql);
while ($res_info = mysqli_fetch_array($get_iteminfo_res)){
$update_qty = $res['sel_item_qty'];
}
// does quantity exist?
if (mysqli_num_rows($res) > 0 ) {
// get sel_item_qty, add 1, run update query
"UPDATE shooppertrack SET sel_item_qty = sel_item_qty + $update_qty
WHERE sel_item_id = '" .$safe_sel_item_id . "'" ;
} else {
//add info to cart table
$addtocart_sql = "INSERT INTO shooppertrack
(session_id, sel_item_id, sel_item_qty,
date_added)
VALUES ('".$_COOKIE['PHPSESSID']."',
'".$safe_sel_item_id."',
'".$safe_sel_item_qty."',
now())";
$addtocart_res = mysqli_query($mysqli, $addtocart_sql)
or die(mysqli_error($mysqli));
}
//close connection to MySQL
mysqli_close($mysqli);
//redirect to showcart page
header("Location: showcart.php");
exit;
}
} else {
//send them somewhere else
header("Location: seestore.php");
exit;
}
}
addtocart($_POST['sel_item_id'],$_POST['sel_item_qty']);
?>
This is showitem.php
<?php
function show($x){
//connect to database
$mysqli = mysqli_connect("localhost", "root", "", "e-com");
$display_block = "<h1>My Store - Item Detail</h1>";
//create safe values for use
$safe_item_id = mysqli_real_escape_string($mysqli, $x);
//validate item
$get_item_sql = "SELECT c.cat_id , c.cat_name, si.itemid, si.itemname,
si.price, si.descripition, si.photo FROM items
AS si LEFT JOIN categories AS c on c.cat_id = si.cat_id
WHERE si.itemid = '".$safe_item_id."'";
$get_item_res = mysqli_query($mysqli, $get_item_sql)
or die(mysqli_error($mysqli));
if (mysqli_num_rows($get_item_res) < 1) {
//invalid item
$display_block .= "<p><em>Invalid item selection.</em></p>";
} else {
//valid item, get info
while ($item_info = mysqli_fetch_array($get_item_res)) {
$cat_id = $item_info['cat_id'];
$cat_title = strtoupper(stripslashes($item_info['cat_name']));
$item_title = stripslashes($item_info['itemname']);
$item_price = $item_info['price'];
$item_desc = stripslashes($item_info['descripition']);
$item_image = $item_info['photo'];
}
//make breadcrumb trail & display of item
$display_block .= <<<END_OF_TEXT
<p><em>You are viewing:</em><br/>
<strong>$cat_title > $item_title</strong></p>
<div style="float: left;"><img src="$item_image" alt="$item_title" /></div>
<div style="float: left; padding-left: 12px">
<p><strong>Description:</strong><br/>$item_desc</p>
<p><strong>Price:</strong> \$$item_price</p>
<form method="POST" action="addtocart.php">
END_OF_TEXT;
//free result
mysqli_free_result($get_item_res);
$display_block .= "
<p><label for=\"sel_item_qty\">Select Quantity:</label>
<select id=\"sel_item_qty\" name=\"sel_item_qty\">";
for($i=1; $i<11; $i++) {
$display_block .= "<option value=\"".$i."\">".$i."</option>";
}
$display_block .=<<<ENDOFTEXT
</select><p>
<input type="hidden" name="sel_item_id" value="$_GET[itemid]" />
<button type="submit" name="submit" value="submit">Add to Cart</button>
</form>
</div>
ENDOFTEXT;
}
return $display_block;
//close connection to MySQL
mysqli_close($mysqli);
}
?>
You need to query your cart for that item and session before inserting. If it exists, you should update the quantity instead.
$sql = 'select sel_item_qty from shooppertrack where sel_item_id = ' .
$safe_sel_item_id . ' and session_id = ' $_COOKIE['PHPSESSID'];
$res = mysqli_query($mysqli, $sql);
// does quantity exist?
if (mysqli_num_rows($res) > 0 ) {
// get sel_item_qty, add 1, run update query
} else {
// run your insert query
}
Try this
//add info to cart table
$sql = "Select session_id, sel_item_id from shooppertrack where session_id = $sid and sel_item_id = $si_id";
$res = mysqli_query($mysqli, $sql);
if(mysqli_num_rows($res) == 1)
{
// update with qty +1;
}else{
$addtocart_sql = "INSERT INTO shooppertrack
(session_id, sel_item_id, sel_item_qty,
date_added)
VALUES ('".$_COOKIE['PHPSESSID']."',
'".$safe_sel_item_id."',
'".$safe_sel_item_qty."',
now())";
$addtocart_res = mysqli_query($mysqli, $addtocart_sql)
or die(mysqli_error($mysqli));
}
I'm trying to create a voting system for artists played on my radio station. I'm using the source code from: http://dl.howcode.org/download/97ff383c7d4dc9939c65c9e6fab2a5dc
The problem I have found is that the votes update using the number from the first row in the database no matter which option is selected, thus if for instance the first row has 3 votes in and the user tries to vote on someone with 0 votes, it will change the votes for the correct artist to 4 instead of 1... I hope that makes sense?
The code I have is:
[EDIT] I have changed the queries to fetch assoc to make it easier to understand.
<?php
$voteID = $_GET['voteID'];
$connect = mysqli_connect('xxx', 'xxx', 'xxx', 'xxx');
$query = "SELECT * FROM listenervotes WHERE voteID='$voteID'" ;
$q = mysqli_query($connect, $query);
while($row = mysqli_fetch_assoc($q)){
$id = $row["id"];
$voteTitle = $row["voteTitle"];
$voteID = $row["voteID"];
$ipaddress = $row["ipAddress"];
echo "<h3>$voteTitle</h3>";
?>
<table>
<form action="" method="POST">
<?php
$artists = "SELECT * FROM artists WHERE voteID='$voteID'" ;
$q2 = mysqli_query($connect, $artists);
while($r = mysqli_fetch_assoc($q2)){
$artist = $r["artistName"];
$votes = $r["votes"];
$genre = $r["genre"];
$ip = $_SERVER['REMOTE_ADDR'];
$newIpAddress = $ipaddress."$ip, ";
$newVotes = $votes + 1;
if (isset($_POST['vote'])) {
$voteOption = $_POST['voteOption'];
if ($voteOption == ""){
die("You haven't selected anyone!");
}else{
$ipaddressE = explode(",", $ipaddress);
if(in_array($ip, $ipaddressE)){
die("You have already voted!");
}else{
mysqli_query($connect, "UPDATE artists SET votes='$newVotes' WHERE voteID='$voteID' AND artistName='$voteOption'");
mysqli_query($connect, "UPDATE listenervotes SET ipaddress='$newIpAddress' WHERE voteID='$voteID'");
die('You voted successfully!<br><tr><td>'.$artist.'</td><td>'.$genre.'</td><td>'.$votes.' Votes</td></tr>');
}
}
}
echo '<tr><td>'.$artist.'</td><td>'.$genre.'</td><td><input type="radio" name="voteOption" value="'.$artist.'"</td></tr>';
}
}
?>
I could be missing something obvious, in my mind I'm thinking that I somehow need to iterate through the rows before setting the new value, if so, how and where?
It looks like you are always looping over all rows and updating the relevant row with the first value found. Adding a check on the ID should do:
<?php
$voteID = $_GET['voteID'];
$connect = mysqli_connect('xxx', 'xxx', 'xxx', 'xxx');
$query = "SELECT * FROM listenervotes WHERE voteID='$voteID'" ;
$q = mysqli_query($connect, $query);
while($row = mysqli_fetch_assoc($q)){
$id = $row["id"];
$voteTitle = $row["voteTitle"];
$voteID = $row["voteID"];
$ipaddress = $row["ipAddress"];
echo "<h3>$voteTitle</h3>";
?>
<table>
<form action="" method="POST">
<?php
$artists = "SELECT * FROM artists WHERE voteID='$voteID'" ;
$q2 = mysqli_query($connect, $artists);
while($r = mysqli_fetch_assoc($q2)){
$artist = $r["artistName"];
$votes = $r["votes"];
$genre = $r["genre"];
$ip = $_SERVER['REMOTE_ADDR'];
$newIpAddress = $ipaddress."$ip, ";
$newVotes = $votes + 1;
if (isset($_POST['vote'])) {
$voteOption = $_POST['voteOption'];
if ($voteOption == ""){
die("You haven't selected anyone!");
}else{
$ipaddressE = explode(",", $ipaddress);
if(in_array($ip, $ipaddressE)){
die("You have already voted!");
}elseif ($voteOption === $artist) { // Don't run UPDATE when we're on the wrong row.
mysqli_query($connect, "UPDATE artists SET votes='$newVotes' WHERE voteID='$voteID' AND artistName='$voteOption'");
mysqli_query($connect, "UPDATE listenervotes SET ipaddress='$newIpAddress' WHERE voteID='$voteID'");
die('You voted successfully!<br><tr><td>'.$artist.'</td><td>'.$genre.'</td><td>'.$votes.' Votes</td></tr>');
}
}
}
echo '<tr><td>'.$artist.'</td><td>'.$genre.'</td><td><input type="radio" name="voteOption" value="'.$artist.'"</td></tr>';
}
}
?>
Hi Can you help me i have check box name='calibrate', now i want this if Checkbox is checked then update calibrated = 'yes' and if Checkbox is not checked then update calibrated = 'no'.
because the problem here is even i have 'Update machine_and_equipments set calibtrated = '$yah' where id = '$id' it cannot update in database.
<?php
$res = mysql_query("select * from machine_and_equipments where id = '$id'");
$row = mysql_fetch_array($res);
$cal = $row['21'];
$d1 = $row['6'];
if($cal == "yes"){
$checkthis = "<td >Need to Calibrate?: <input type='checkbox' name='calibrate' onclick='OnChangeCheckbox(this), enable_text(this.checked)' id='myCheckbox' checked/><label id='val'><?php echo $yah; ?></label> ";
}
if($cal == "no"){
$checkthis = "<td >Need to Calibrate?: <input type='checkbox' name='calibrate' onclick='OnChangeCheckbox(this), enable_text(this.checked)' id='myCheckbox' /> ";
}
if((isset($_POST['calibrate']))== "yes"){
$yah = "yes";
$id = $_POST['id'];
$sql = "update machine_and_equipments set calibtrated = '$yah' where id = '$id'";
$res = mysql_query($sql) or die("could not be update". mysq_error());
}
if((isset($_POST['calibrate']))== "no"){
$yah = "no";
$id = $_POST['id'];
$sql = "update machine_and_equipments set calibtrated = '$yah' where id = '$id'";
$res = mysql_query($sql) or die("could not be update". mysq_error());
}
?>
Thanks in advance.
Try this code. I am not able to comment so i am writing this on answer. If it wont work let me know.
if(isset($_POST['id'])) {
if((isset($_POST['calibrate']))){
$yah = "yes";
} else {
$yah = "no";
}
$id = $_POST['id'];
$sql = "update machine_and_equipments set calibtrated = '$yah' where id = '$id'";
$res = mysql_query($sql) or die("could not be update". mysq_error());
}
I need help with this code, i need it to add an array in Gangs
under members and seperate them with -
I need every member in the Gang to be listed under Members and separated with -
so i can explode them below.
This is the line that adds the members to gangs but its without - and i think it erases members that are already there.
$result = mysql_query("UPDATE Gangs SET members='".$name."'WHERE name='".mysql_real_escape_string($_POST['gang_name'])."'")
or die(mysql_error());
full code
if(isset($_POST['creategang'])){
if(empty($_POST['gang_name'])){
echo "Enter a Gang Name.";
} else {
if (strlen($_POST['gang_name']) > "20"){
echo "The username may not consist out of more then 20 characters.";
}else{
if (ereg('[^A-Za-z0-9]', $_POST['gang_name'])) {
echo "Invalid Name only A-Z,a-z and 0-9 is allowed.";
}else{
$sql = "SELECT name FROM Gangs WHERE name='".mysql_real_escape_string($_POST['gang_name'])."'";
$query = mysql_query($sql) or die(mysql_error());
$m_count = mysql_num_rows($query);
if($m_count >= "1"){
echo 'This name has already been used.!';
}else{
$sql = "INSERT INTO Gangs SET name = '".$_POST['gang_name']."' , owner= '$name'";
$res = mysql_query($sql);
$result = mysql_query("UPDATE users SET gang='".mysql_real_escape_string($_POST['gang_name'])."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'")
or die(mysql_error());
$result = mysql_query("UPDATE Gangs SET members='".$name."'WHERE name='".mysql_real_escape_string($_POST['gang_name'])."'")
or die(mysql_error());
echo 'Gang successfully created!';
}
}
}
}
}
?>
this is the code i will use to separate the array
$Gang_array = explode("-", $Gang_members);
Thanks for viewing my question and thanks in advance for helping me
new code to add to gang
<? include_once("connect.php"); ?>
<?
if(isset($_SESSION['user_id'])) {
// Login OK, update last active
$sql = "UPDATE users SET lastactive=NOW() WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'";
mysql_query($sql);
}else{
header("Location: index.php");
exit();
}
$sql = "SELECT * FROM users WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$id = htmlspecialchars($row->id);
$userip = htmlspecialchars($row->userip);
$name = htmlspecialchars($row->name);
$sitestate = htmlspecialchars($row->sitestate);
$password = htmlspecialchars($row->password);
$mail = htmlspecialchars($row->mail);
$money = htmlspecialchars($row->money);
$exp = htmlspecialchars($row->exp);
$rank = htmlspecialchars($row->rank);
$health = htmlspecialchars($row->health);
$points = htmlspecialchars($row->points);
$profile = htmlspecialchars($row->profile);
$gang = htmlspecialchars($row->gang);
?>
<?php
$sql = "SELECT * FROM Gangs WHERE name='".mysql_real_escape_string($_GET['name'])."'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$Gang_name = htmlspecialchars($row->name);
$Gang_owner = htmlspecialchars($row->owner);
$Gang_money = htmlspecialchars($row->money);
$Gang_exp = htmlspecialchars($row->exp);
$Gang_level = htmlspecialchars($row->level);
$Gang_members = htmlspecialchars($row->members);
$Gang_array = explode("-", $Gang_members);
$Gang_profile = htmlspecialchars($row->profile);
?>
<div id="content" class="profile">
<h2>Gang Profile</h2>
<form method="post" >
<input type="submit" name="Petition" id="Petition" value="Petition">
</form>
<center>
<h1><?php echo $Gang_name; ?></h1>
Owner: <?php echo $Gang_owner; ?><br>
Gang Cash: $<?php echo $Gang_money; ?><br>
Gang Exp: <?php echo $Gang_exp; ?><br>
Gang Level: <?php echo $Gang_level; ?><br>
Gang Members: <?php echo $Gang_array; ?><br>
</center><br>
<p>Gang Quote</p>
<div id="UserText">
<?php
$Gang_profile = htmlentities($Gang_profile);
$Gang_profile = nl2br($Gang_profile);
$Gang_profile = stripslashes($Gang_profile);
echo $Gang_profile; ?>
</div>
</div>
<?
if (isset($_POST['Petition'])) {
$result = mysql_query("SELECT members FROM Gangs
WHERE name='".$Gang_name."'");
if ($result) {
while($row = mysql_fetch_assoc($result)) {
$members = $row['members'];
}
}
if ($members != '') $members .= '-'.$name;
else $members = $name;
$result = mysql_query("UPDATE Gangs SET members='".$members."' WHERE name='".$Gang_name."'");
}
If I understand your question correctly. You can try this :
Get the members first :
$result = mysql_query("SELECT members FROM Gangs
WHERE name='".mysql_real_escape_string($_POST['gang_name'])."'");
if ($result) {
while($row = mysql_fetch_assoc($result)) {
$members = $row['members'];
}
}
Then add new member and do update :
//This is to check whether $name is already in the gangs
if (strpos($members,$name) !== false) {
if ($members != '') $members .= '-'.$name;
else $members = $name;
//Update to gangs
$result = mysql_query("UPDATE Gangs SET members='".$members."' WHERE name='".mysql_real_escape_string($_POST['gang_name'])."'");
}
else sprintf("%s is in the gangs already",$name);
Hope it helps.
Pseudo code, but this should probably work:
$result = mysql_query("UPDATE Gangs SET members = members + '-' + '".$name."'WHERE name='".mysql_real_escape_string($_POST['gang_name'])."'")
or die(mysql_error());