I am needing help with my small script.
You see, when I press $_POST['accept_req'] it doesn't select the $req_user I want ($row['username']). It either selects the row above or the row below it, I have no idea what to do.
$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'");
while ($row = mysql_fetch_array($requests, MYSQL_ASSOC)){
$req_user = mysql_real_escape_string($row['username']);
if(isset($_POST['accept_req'])){
$query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed.");
$result = mysql_query($query);
mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' ");
header("Location: ". $_SERVER['REQUEST_URI']);
exit;
}
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";
}
I am aware that mysql_* is deprecated, please ignore that.
You can do it this way.
$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'");
while ($row = mysql_fetch_array($requests, MYSQL_ASSOC))
{
$req_user =$row['username'];
}
if(isset($_POST['accept_req']) and isset($req_user))
{
$query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed.");
$result = mysql_query($query);
mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' ");
header("Location: ". $_SERVER['REQUEST_URI']);
exit;
}
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";
or this way :
if(isset($_POST['accept_req']))
{
$requests = mysql_query("SELECT * FROM `party_requests` WHERE party_id = '$get_party_id'");
while ($row = mysql_fetch_array($requests, MYSQL_ASSOC))
{
$req_user =$row['username'];
}
$query = mysql_query("INSERT INTO party_members (`party_id`, `username`) VALUES ('".$get_party_id."', '".$req_user."')") or die("Could not be completed.");
$result = mysql_query($query);
mysql_query("DELETE FROM party_requests WHERE party_id = '$get_party_id' AND username = '$req_user' ");
header("Location: ". $_SERVER['REQUEST_URI']);
exit;
}
if(mysql_num_rows($requests)){ //If there isn't any results it outputs "No requests"
echo "<p>", $req_user, "<form action='' method='post'>", "<input type='submit' name='accept_req' value='Accept'/>", "</form>" ,"</p>";
}else{
echo "No requests";
}
The select statement is outside the
if(isset($_POST['accept_req'])){...}
so the code is retrieving the wrong id. You need to put it inside the if statement if i'm understanding what you are trying to do
Related
I am trying to delete row from table.
Table name is username of user (which user logged in )
delete page is here
require('db.php');
if(isset($_POST["deletebtn"])){
$x = $_SESSION['username'];
$id=$_POST["statusid"];
$row=$conn->query("select id from $x where id='$id'");
if ($conn->query($row) === TRUE) {
$sql = "delete from $x where id ='$id'";
// echo 'success';
header( "Refresh:3; url=admin2.php", true, 303);
}else{
echo "not";
}
}
and here is my content code
$sql = "SELECT id,date,status FROM $x order by id DESC;";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$id = $row['id'];
echo "<div class='border'> ";
echo "";
echo "<form action='deletepage.php?action=$id'>";
echo "<input type='hidden' name='statusid' value='$id' >";
echo "<p> " . $row["status"] ."</p><br>";
echo "<input type='submit' value='delete' class='btn1 pull-right' name='deletebtn'> ";
echo "<a class=' btn1 pull-right' href='#'>edit </a>";
echo "<small> " . $row["date"]. "</small><br>";
echo "</form>";
echo "</div>";
}
} else {............}
You are not executing query on the sql
$sql = "delete from $x where id ='$id'";
Execute it like
$del= $conn->query($sql);
After the query
You forgot to execute query
require'db.php';
if(isset($_POST["deletebtn"])){
$x = $_SESSION['username'];
$id=$_POST["statusid"];
$row="select id from $x where id='$id'"; //<---remove query execution from here
if ($conn->query($row) === TRUE) {
$sql = "delete from $x where id ='$id'";
$conn->query($sql); //<-------- Add this line
// echo 'success';
header( "Refresh:3; url=admin2.php", true, 303);
}else{
echo "not";
}
}
There are several problems with your code.
there is no query execute for delete query.(which you may be solved later)
in your while loop you put $conn->query ($row) which is wrong. $row is not a query... It is the result set return from previous query.
and lastly $conn->query does not return true in SELECT, SHOW, DESCRIBE or EXPLAIN query. Check php manual
Change this
$sql = "delete from $x where id ='$id
To$sql = "delete from $table where id ='$sessionid'
Hi I am trying to do a Registration that the users will put their name password and their answers to some questions and then an admin will manually answer to it if it's accepted.I did the system that loads their name password and answers in the database,and I also ran the things that will show the answers to the admin,but I can't figure a way to change a value just for one user not for all of them,I will leave you my codes and everything over here.
Here is my admin.viewapplications.php code
(Here,it shows everything fine,but I can't figure a way that the button to act just for one id not for all)
<?php
//include(__DIR__ . "/signup.php");
include("../resources/config.php");
//$name = $_POST['Name'];
//$mg = $_POST['MG'];
//$pg = $_POST['PG'];
//$rk = $_POST['RK'];
$sql = "SELECT id, name, tutorial, MG, PG, RK FROM rp_users WHERE tutorial = 2";
//$tutorial = "SELECT tutorial FROM rp_users";
$result = mysql_query($sql);
//$result2 = mysql_query($tutorial);
//$value = mysql_fetch_object($result2)
/*if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}*/
//if($value > 1)
//
while($row = mysql_fetch_array($result))
{
//$tutorial = row["tutorial"];
//f($tutorial == 2)
//}
$id = $row["id"];
$name = $row["name"];
$mg = $row["MG"];
$pg = $row["PG"];
$rk = $row["RK"];
echo "ID: " . $id."<br> <br>";
echo "Nume: " . $name."<br> <br>";
echo "MG: " . $mg."<br> <br>";
echo "PG: " . $pg."<br> <br>";
echo "RK: " . $rk."<br> <br>";
echo '<form action="./?p=applicationaccept" method="POST">';
echo '<input type="submit" name="accept" value="Accepta">';
echo '</form><br>';
echo '<form action="./?p=applicationdeny" method="POST">';
echo '<input type="submit" name="deny" value="Respinge">';
echo '</form><br> <br> <br>';
}
//}
//
?>
And here is my applicationaccept.php
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $id;
$sql = "UPDATE rp_users SET tutorial=0";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
/*while($row = mysql_fetch_array($result))
{
}*/
?>
I think what you want to do is a simple UPDATE to your MySQL database..
but make sure you format the PHP code you're using otherwise it'll give you an ERROR!
Also you have to use 'mysqli' now in PHP!
<?php
$someID = '1';
$sql = "UPDATE `rp_users` SET `tutorial`= '0' WHERE `id` = $someID";
$result = mysqli_query($link, $sql);
if($result)
{
echo "Success";
}
else
{
echo ("Error");
}
?>
BTW I forgot to mntion the '$link' is the connection to your database!
As of my understanding of your question if your form action is applicationaccept.php and you are trying to update for one user in applicationaccept.php file, try this:
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $_POST["id"]; // pass id as parameter in form
$sql = "UPDATE rp_users SET tutorial=0";// change this line to following line
$sql = "UPDATE rp_users SET tutorial=0 where id=$iduser";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
?>
Be aware your code is vulnerable
Code will not display topics from database. I just get a blank pages.
Any solutions?
The pages loads but it will not display any thing. They want me to add more context but it breaks it so here you go.
<?php
//Database stuff.
include_once("connect.php");
if ($conn->connect_error) {
trigger_error('Database connection failed: ' . $conn->connect_error, E_USER_ERROR);
}else{
mysqli_select_db($conn,"2159928_db");
}
$tid = '';
$cid = $_GET['cid'];
$tid = $_GET['tid'];
$sql = "SELECT * FROM topics WHERE category_id='".$cid."' AND id='".$tid."' LIMIT 1";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) == 1){
echo "<table width ='75%'>";
if (isset($_SESSION['uid'])) {
//echo "<form action ='post_reply.php?cid=".$cid." &tid =".$tid. "' method = 'post'>
//<input type = 'submit' name = 'submit' value = 'Reply'/>";
//echo "<tr><td colspan ='2'><center><input type='submit' value='Reply' onClick = 'window.open = 'post_reply.php?cid=".$cid." &tid =".$tid."' />";
echo "<tr><td colspan ='2'><center><input type='submit' value='Reply' onClick='window.open(\"post_reply.php?cid=$cid&tid=$tid\")' />";
} else {
echo "<tr><td colspan = '2'><p><center> Please login to reply to topics.</p></td></tr>";
}
//Trying to display this. Doesn't even display border box.
while ($row = mysqli_fetch_assoc($result)) {
$sql2 = "SELECT * FROM posts WHERE category_id='".$cid."' AND topic_id='".$tid. "'";
$result2 = mysqli_query($conn, $sql2);
while ($row2 = mysqli_fetch_assoc($result2)){
echo "<tr><td valign ='top' style = 'border: 5px solid #ffffff;'><div style = 'min-height: 125px;'>".$row['topic_title']."<br/>
by ".$row2['post_username']. " - " .$row2['post_date']. "<hr/>".$row2['post_content']."</div></td>";
}
//This part not relevant.
$old_views = $row['topic_views'];
$new_views = $old_views + 1;
$sql3 = "UPDATE topics SET topic_views='".$new_views."' WHERE category_id='".$cid."' AND id ='".$tid."' LIMIT 1";
$result3 = mysqli_query($conn, $sql3);
}
echo "</table>";
} else {
echo "<p>This topic does not exist.</p>";
}
?>
Try echo-ing out your $sql to see if the query is correct.
If query is correct. Try var_dump to see if there are any results.
I'm doing a table where the user can introduce the number of the products he want to buy and submit them pressing the submission button. I build the content of the table using a sql query (SELECT) setting the name of the input(text) like in the code below. My problem is that, probably, the form doesn't submit nothing because, if a check the variable $_REQUEST with isset(), it return FALSE. Someone can help me? Thanks!
$con=mysqli_connect("localhost","uPower","","info");
if (mysqli_connect_errno())
printf("<p>Error!!: %s<p>\n", mysqli_connect_error());
else{
$query = "SELECT * FROM product";
$result = mysqli_query ($con, $query);
echo "<form name=\"buy\" action=\"confirm.php\" method=\"POST\" onSubmit=\"return checkInputQty(qty.value) \">";
echo"<table>";
echo"<tr><th>Product name</th><th>Price</th><th>Available</th><th>Qty</th></tr>";
while ($row = mysqli_fetch_assoc($result)){
$pid = $row["pid"];
$name = $row["name"];
$qty = $row["qty"];
$price = ($row['price'])/100;
echo"<tr><th>$name</th><th>".number_format($price,2,',', '')." €</th><th>$qty</th><th><input type=\"text\" id=".$pid." name=".$name."></th></tr>";
}
echo"</table>";
echo "<p><input type=\"submit\" value=\"BUY\" class=\"button\" ><input type=\"button\" onclick=\"clearText()\" value=\"DELETE\" class=\"button\"></p>";
echo "</form>";
mysqli_free_result($result);
mysqli_close($con);
there is the part of confirm.php. It is a function in head that i called from the body of the page. It does a summary of what the user selected to buy. The control with if(isset($_REQUEST)) is false, so the page is blank....
<?php
function checkInputQty(){
$con=mysqli_connect("localhost","uPower","","info");
if (mysqli_connect_errno())
echo "error DB";
else{
$query = "SELECT * FROM product";
$result = mysqli_query ($con, $query);
while($row = mysqli_fetch_assoc($result)){
$nome = $row["name"];
if(isset($_REQUEST["$name"])){
$qty = trim($_REQUEST['$row["name"]']);
if($qty>0 && $qty<=$row["qty"]){
$new_qty = $row["qty"]-$qty;
$query2 = "UPDATE product SET qty = '$new_qty' WHERE qty = '".$row["qty"]."' ";
$result2 = mysqli_query ($con, $query2);
if($result){
echo "<table>";
echo "<tr><th>Name</th><th></th><th>Price</th></tr>";
do_content($row["name"],$qty,$row["price"]/100);
echo "</table>";
}
else
echo "Error!";
}
}e
}
mysqli_free_result($result);
}
mysqli_close($con);
}
?>
<?php
function do_content($name,$to_buy,$price){
echo "<tr><th>$name</th><th>$to_buy</th><th>$price</th></tr>";
}
?>
My first page to delete queries selected by user query.php which is working absolutely fine:
<form method=post action="delete.php">
List of queries<br/>
<?php
$ebits = ini_get('error_reporting');
error_reporting($ebits ^ E_NOTICE);
mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("testdb") or die(mysql_error());
echo "<br />";
$query = "select * from queries ";
$result = mysql_query($query) or die(mysql_error());
$count=mysql_num_rows($result);
while($row = mysql_fetch_array($result))
{
print "<input type='checkbox' name='Query[]' value=\"".$row['queryId']."\"> ";
echo " ". $row['name']." ". $row["address"]." ". $row["contactNo"]."
". $row["query"];
echo "<br />";
}
?>
<input type="submit" value="Delete" name="Delete">
<br/>
</form>
I've tried with following codes for second page delete.php but nothing seems to work.
Code1:
<?php
if($_POST['Delete'])
{
if(count($_POST['checkbox']) > 0) {
foreach($_POST['checkbox'] as $checkbox)
{
$del_id=$checkbox;
$sql = "DELETE * FROM queries WHERE `queryId`= '$del_id'";
$result = mysql_query($sql);
mysql_error();
}
echo "Selected Rows deleted";
} else {
$NEW="Nothing to Delete";
}
}
?>
Code2:
<?php
if(($_POST['Delete']))
{
$count=array();
$count=$_POST['checkbox'];
for($i=0;$i<count($count);$i++){
$del_id = $checkbox[$i];
$sql = "DELETE FROM queries WHERE queryId='$del_id' ";
$result = mysql_query($sql);
}
$NEW="Selected records Deleted";
}
var_dump($_POST['checkbox']);
var_dump($count);
?>
Your checkbox names are "Query", but you're accessing it as $_POST['checkbox']. This should be $_POST['Query'] instead.
EDIT checking from your updated code:
if($_POST['Delete']) {
if(count($_POST['Query']) > 0) {
foreach($_POST['Query'] as $checkbox) {
$del_id=$checkbox;
$sql = "DELETE * FROM queries WHERE queryId= '$del_id'";
$result = mysql_query($sql);
mysql_error();
}
echo "Selected Rows deleted";
}
else {
$NEW="Nothing to Delete";
}
}
Instead of this:
$del_id=$checkbox;
do this:
// if queryId is numeric
$del_id=intval($checkbox);
This makes sure that the value you're working with is numeric, instead of potential malicious input from your user. I'm going under the assumption that queryId is numeric. If it's not, then you need to do this:
// if queryId is not numeric:
$del_id = mysql_real_escape_string($checkbox);
Your DELETE syntax is incorrect:
$sql = "DELETE * FROM queries WHERE queryId= '$del_id'";
You want just DELETE FROM. Also if the value for queryId is numeric, you don't need the quotes around it:
$sql = "DELETE FROM `queries` WHERE `queryId` = $del_id";
Finally, your MySQL error call doesn't do anything useful as is:
mysql_error();
Here's how you should do this, along with the rest of the code:
if($_POST['Delete']) {
if(count($_POST['Query']) > 0) {
foreach($_POST['Query'] as $checkbox) {
$del_id= intval($checkbox);
$sql = "DELETE FROM `queries` WHERE `queryId` = $del_id";
$result = mysql_query($sql);
if(!$result) {
echo "There was an error in the query: " . mysql_error();
}
}
echo "Selected Rows deleted";
}
else {
$NEW="Nothing to Delete";
}
}