There is registration form in which country field is there.if user's country is not in drop down list. user can select other at that time display one textbox and user enter their country in textbox.after submit country by user .how to approve the requested country and publish in country drop down list in php.
config.php
<?php
$con=mysql_connect("localhost","root","");
if(!$con)
{
die("Could not connect".mysql_error());
}
mysql_select_db("RateMyProfessor",$con);
?>
Demo.php
<?php
include ("config.php");
$query = "select * from user_details where is_approved='0'";
$result=mysql_query($query);
$i = 1; //counter for the checkboxes so that each has a unique name
echo "<form action='process.php' method='post'>"; //form started here
echo "<table border='1'>
<tr>
<th>UserId</th>
<th>Email</th>
<th>Country </th>
<th>Update</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['UserId'] . "</td>";
echo "<td>" . $row['Email'] . "</td>";
echo "<td>" . $row['Country'] . "</td>";
echo "<td><input type='checkbox' name='check[$i]' value='".$row['UserId']."'/>";
echo "</tr>";
$i++;
}
echo "</table>";
echo "<input type='submit' name='approve' value='approve'/>";
echo "</form>";
mysql_close($con);
?>
process.php
<?php
include_once("config.php");
if(isset($_POST['approve']))
{
if(isset($_POST['check']))
{
foreach ($_POST['check'] as $value){
echo $value;
$sql = "update user_details set is_approved ='1' where UserId = '$value'";
mysql_query($sql) or die (mysql_error());
}
}
}
?>
when admin is approve country from admin side country is copy on country table.
You can insert a new record in country table at the time of approval
for e.g.
<?php
include_once("config.php");
if(isset($_POST['approve']))
{
if(isset($_POST['check']))
{
foreach ($_POST['check'] as $value){
echo $value;
$sql = "update user_details set is_approved ='1' where UserId = '$value'";
mysql_query($sql) or die (mysql_error());
$sql = "select other_country from user_details where UserId = '$value'";
$result = mysql_query($sql) or die (mysql_error());
if($Other_country_name = mysql_fetch_assoc($result))
{
$Other_country_name = $Other_country_name['other_country'];
}
$sql = "insert into country_table set name = '$Other_country_name'";
mysql_query($sql) or die (mysql_error());
}
}
}
?>
I have not implemented conditions. please do it by yourself
Related
I have two forms on a page. When I run the first, it works as intended, but the second, despite having different form id and all the elements being named, will not (it attempts to run the first form, I think, but with no elements being posted it will return no result).
The second form is in the "Roles" section.
Here is the code - any help is appreciated!
/***** Section: Rights *****/
echo '
<!-- div: Edit -->
<div id="dashboardPanelWrapper">
<div id="sectionArrow"></div>
<div id="dashboardPanelTitle">User rights and privileges</div>
<div id="dashboardPanelContent">';
echo "<div id='DV_simple_wrapper_wide'>";
echo "<table width='60%'><tr><th>Role</th><th>Staff</th><tr>";
$query = "SELECT DISTINCT rightName FROM ".$dbName.".rights WHERE siteLimit='gpvwc' AND rightName!='ADMIN' ORDER BY rightName ASC";
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
$role=$row[0];
echo "<tr><td>$role</td><td>";
// $query2= "SELECT userId FROM ".$dbName.".rights WHERE rightName='$role' AND siteLimit='gpvwc'";
$query2 = "SELECT CONCAT (u.firstName, ' ',u.lastName) AS username, r.head FROM ".$dbName.".rights r LEFT JOIN ".$dbName.".users u ON r.userId=u.id WHERE r.rightName='$role' AND r.siteLimit='gpvwc' ORDER BY r.head DESC, username ASC";
$result2 = mysql_query($query2);
while ($row = mysql_fetch_row($result2)) {
$name=$row[0];
$head=$row[1];
if ($head=='1') { $name="<b>$name, </b>"; }
if ($head=='0') { $name="$name, "; }
echo "$name";
}
echo "</td></tr>";
}
echo "</table>";
echo "<form id='1' action='' method='post'>";
$usersAsArray = $user->listUsers($banned=false);
echo '<div id="defButtonWrapperH">';
echo '<select id="DriverAppealEvent" class="defSelectV" style="min-width: 70px; margin-bottom: 10px;" onchange="submitTarget(this.value);">';
echo '<option value="0">--</option>';
foreach ($usersAsArray as $key => $value) {
echo '<option value="'.$key.'"';
if (isset($target) && $target == $key)
echo 'selected';
echo '>'.$value.'</option>';
}
echo '</select>';
echo '</div>';
echo '<p> </p>';
echo '<p> </p>';
$userToEdit = false;
if ($target) {
$userToEdit = $user->userToView($target);
// Check if any rights given for this user and update form if any
$query = "SELECT u.*, r.rightName, r.countryLimit, r.siteLimit, r.isActive, r.head FROM ".$dbName.".users u
LEFT JOIN ".$dbName.".rights r ON r.userId=u.id WHERE u.id=".$target;
$result = mysql_query($query);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
if ($row['rightName'] != '') {
$userToEdit['rights'][] = array(
'rightName' => $row['rightName'],
'rightCountryLimit' => $row['countryLimit'],
'rightSiteLimit' => $row['siteLimit'],
'rightIsActive' => $row['isActive'],
'rightHead' => $row['head']
);
}
}
mysql_free_result($result);
// If the user has rights then write a table with all them plus options to revoke
if (!empty($userToEdit['rights'])) {
drawUserRightsTable($userToEdit);
}
echo "</form>";
// Draw selector with rights here so we can add new rights to this user
$useradd=$userToEdit['id'];
echo "<form id='addadmin' action='$RKP/kernel/lib/php_lib/action/AC_Admins.php?op=add&user=$useradd' method='post'>";
echo "Role: <select name='role'>";
$query = "SELECT DISTINCT rightName FROM ".$dbName.".rights WHERE rightName!='ADMIN' ORDER BY rightName ASC";
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
$righttoadd=$row[0];
echo "<option value='$righttoadd'>$righttoadd</option>";
}
echo "</select></br>";
echo "Head: <input type='radio' name='head' value='0' checked> No <input type='radio' name='head' value='1'> Yes";
echo "<p> </p>";
MODW_Buttons_Button(Normal,Normal,Normal,Normal,None,$RKP,$id,BGenSu,$intern,$intcont);
echo "</form>";
//echo '<pre>';print_r($userToEdit);echo '</pre>';
}
echo "</div>";
echo ' </div>
</div>';
/***** Section: Roles *****/
echo '
<!-- div: Edit -->
<div id="dashboardPanelWrapper">
<div id="sectionArrow"></div>
<div id="dashboardPanelTitle">Disciplinary Committee Roles</div>
<div id="dashboardPanelContent">';
echo "<div id='DV_simple_wrapper_wide'>";
echo "<table width='60%'><tr><th>Series</th><th>Staff</th><th> </th><tr>";
$query = "SELECT id, compName FROM ".$dbName.".competitions WHERE active='1' AND id!='10' ORDER BY id ASC";
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
$compid=$row[0];
$compName=$row[1];
echo "<tr><td><b>$compName</b></td><td>";
// $query2= "SELECT userId FROM ".$dbName.".rights WHERE rightName='$role' AND siteLimit='gpvwc'";
$query2 = "SELECT CONCAT (u.firstName, ' ',u.lastName) AS username, r.role, u.id, r.series FROM ".$dbName.".DC_roles r LEFT JOIN ".$dbName.".users u ON r.user=u.id WHERE r.series='$compid' ORDER BY username ASC";
$result2 = mysql_query($query2);
while ($row = mysql_fetch_row($result2)) {
$name=$row[0];
$role=$row[1];
$userid=$row[2];
$seriesid=$row[3];
if ($role=='1') { $name="<i>$name</i>"; }
if ($role=='0') { $name="$name"; }
echo "$name <a href='$RKP/kernel/lib/php_lib/action/AC_Admins.php?op=DelDCRights&user=$userid&comp_id=$seriesid'><b>X</b></a></br>";
}
echo "</td></tr>";
}
echo "</table>";
echo "</div>";
echo "<form id='dcroles' action='$RKP/kernel/lib/php_lib/action/AC_Admins.php?op=AddDCRights' method='post'>";
echo "User: <select id='userDC' name='userDC'>";
$query1 = "SELECT id, firstName, lastName FROM ".$dbName.".users ORDER BY lastName ASC, firstName ASC";
$result1 = mysql_query($query1);
while ($row = mysql_fetch_row($result1)) {
$DCuserId=$row[0];
$DCfirstName=$row[1];
$DClastName=$row[2];
echo "<option value='$DCuserId'>$DClastName, $DCfirstName</option>";
}
echo "</select></br>";
echo "</br>";
echo "Series: <select id='seriesDC' name='seriesDC'>";
$query = "SELECT id, compName FROM ".$dbName.".competitions WHERE active='1' AND id!='10' ORDER BY id ASC";
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
$DCcompId=$row[0];
$DCcompName=$row[1];
echo "<option value='$DCcompId'>$DCcompName</option>";
}
echo "</select></br>";
echo "Third Checker: <input type='radio' id='head' name='head' value='0' checked> No <input type='radio' name='head' value='1'> Yes</br>";
echo "<input type='submit' value='Submit'>";
echo "</form>";
I created a drop down list that has been populated by the database and now I'm having trouble retrieving the data. Normally, I would know how to retrieve the value of the drop down list if I had to manually name the data, but in this case, I'm not quite sure how I would name it.
Here is my current code:
<h1>Generate Reports</h1>
<form enctype="multipart/form-data" action="http://localhost/yiiFolder/index.php/create" method="post">
<table>
<tr>
<td><strong>Materials</strong></td>
<?php
mysql_connect('host', 'root', 'password');
mysql_select_db ("db");
$sql = "SELECT material_name FROM materials";
$result = mysql_query($sql);
echo "<td><select name='materials'>";
while ($row = mysql_fetch_array($result))
{
echo "<option value='" . $row['material_name'] . "'>" .
$row['material_name'] . "</option>";
}
echo "</select></td></tr> ";
$sql2 = "SELECT location_name From locations";
$result2 = mysql_query($sql2);
?>
<td><strong>Locations</strong></td>
<?php
echo "<td><select name='locations'>";
while ($row2 = mysql_fetch_array($result2))
{
echo "<option value='" . $row2['location_name'] . "'>" .
$row2['location_name'] . "</option>";
}
echo "</select></td></tr>";
?>
<tr>
<td><button name="submit" type=submit>Generate</button></td>
</tr>
</table>
</form>
<?php
$material = $row['material_name'];
$locations = $row2['location_name'];
$generate = $_POST['submit'];
if(isset($generate))
{
echo $material;
echo $locations;
}
?>
You're trying to capture value before the submit button is hit. Also, as Hanky pointed out you're using the wrong names while referring to select data. You should do this instead
if(isset($_POST['submit'])) // this code will run after the button is clicked
{
$material = $_POST['materials']; // and not material_name
$locations = $_POST['locations']; // and not location_name
echo $material;
echo $locations;
}
PS: You're following a very unsecure way of developing a web application. At the very least you need to switch to PDO and always escape the data.
I'm writing an php script to approve users that registered on my page, but i'm facing a little problem when i want to approve them. Here's as far as i could get.
Table:
<?php
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("activation") or die(mysql_error());
//User Approval Script
$result2 = mysql_query("SELECT * FROM userinfo WHERE status='0'")
or die(mysql_error());
echo "<table border='1'>";
echo "<tr> <th>Name</th> <th>Action</th> <th>Hours</th> <th>Approve</th> </tr>";
while($row = mysql_fetch_array( $result2 )) {
// Print out the contents of each row into a table
echo "<tr><td>";
echo $row['first_name'];
echo "</td><td>";
echo $row['last_name'];
echo "</td>";
echo "<td>";
echo $row['email'];
echo "</td><td>";
echo "<form action=\"approve.php\" method=\"post\"><input name=\"approve[]\" type=\"checkbox\">";
echo "</td></tr>";
}
echo "</table>";
echo "<input type=\"submit\" value=\"Approve\"></form>";
?>
approve.php
<?php
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("activation") or die(mysql_error());
$ticked = $_POST['approve'];
foreach($ticked as $id) {
mysql_query("UPDATE status SET approved = '1' WHERE `ID` = '$id'");
}
unset($id);
?>
I would also like to know how i can send email to each user that is approved...
Thanks in advance everyone!
Edit:
The page on approve.php is all blank, and status isn't getting updated.
Can you try this, Moved <form> tag from near checkbox into top and added checkbox value with $row["id"]
<?php
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("activation") or die(mysql_error());
//User Approval Script
$result2 = mysql_query("SELECT * FROM userinfo WHERE status='0'")
or die(mysql_error());
echo "<form action=\"approve.php\" method=\"post\"><table border='1'>";
echo "<tr> <th>Name</th> <th>Action</th> <th>Hours</th> <th>Approve</th> </tr>";
while($row = mysql_fetch_array( $result2 )) {
// Print out the contents of each row into a table
echo "<tr><td>";
echo $row['first_name'];
echo "</td><td>";
echo $row['last_name'];
echo "</td>";
echo "<td>";
echo $row['email'];
echo "</td><td>";
echo "<input name=\"approve[]\" type=\"checkbox\" value='".$row["id"]."' >";
echo "</td></tr>";
}
echo "</table>";
echo "<input type=\"submit\" value=\"Approve\"></form>";
?>
In approve.php,
<?php
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("activation") or die(mysql_error());
$ticked = $_POST['approve'];
foreach($ticked as $id) {
mysql_query("UPDATE status SET approved = '1' WHERE `ID` = '$id'");
$message ='Approved message';
mail('to email address', 'Your Subject', $message);
}
?>
Note: Use mysqli_* functions or PDO instaed of using mysql_* functions (deprecated)
You tried to open form in loop while and missed attribute value in checkbox.
Change
echo "<form action=\"approve.php\" method=\"post\"><input name=\"approve[]\" type=\"checkbox\">";
To
echo '<input name="approve" type="checkbox" value='.$row["id"].'>';
Then put echo "<form action ='approve.php' method='post'>"; above while($row = mysql_fetch_array( $result2 )) {
You should have one large form, with many checkboxes (I imagine that's what your second page is based upon), but checkboxes are <input>s, not <form>s. Your final HTML should look something like:
<form>
<table>
...
<td><input type="checkbox" name="approve[]" value="USERIDTHATYOUWANTTOAPPROVE"></td>
...
<td><input type="checkbox" name="approve[]" value="OTHERUSERIDTHATYOUWANTTOAPPROVE"></td>
...
</table>
</form>
Also!
Your code is very susceptible to SQL Injection. See How can I prevent SQL injection in PHP? and Why shouldn't I use mysql_* functions in PHP?.
You should use prepared statements to offload work in your code (you only send the query once, and change the parameters each time).
I am trying to get the code to update some data that has been selected by the user.
What is happening is that its updating everything in that column to the value the user has edited it to.
For example i have bob, bob1, bob2 and i want to select bob1 to edit. I then edit it so bob1 is now fred1, when it updates it updates every value to fred1. So there is 3 fred1's.
Could someone help? please.
update.php
<?php
session_start();
include_once 'connection.php';
if (isset($_POST['update'])) {
$success = updateValue($_POST['name']);
if (!$success)
echo 'Sorry, the update failed';
session_destroy();
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Main Page</title>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method='post'>
View a Member's Details:
<select name='members' value='members'id="Mmembers">
<?php
$results = getResults('members');
if ($results) {
foreach ($results as $row) {
echo '<option value="' . $row['member_id'] . '">' . $row['name'] . '</option>';
}
}
else
echo '<option value="0"0"> No Data</option>';
?>
</select>
<input type="submit" id="submit" value="Submit"/>
<br/>
<br/>
</form>
<?php
if (isset($_POST['members'])) {
$ResultSet = getMemberResults(($_POST['members']));
echo "<h1> Member Details. </h1>";
echo "<table border='1' cellpadding='6'>";
echo "<tr> <th>Id</th> <th>Name</th>";
foreach ($ResultSet as $row) {
echo "<form action=update.php method=POST>";
echo "<tr>";
echo "<td>" . "<input type=text name=member_id value=" . $row ['member_id'] . " </td>";
echo "<td>" . "<input type=text name=name value=" . $row ['name'] . " </td>";
echo "<td>" . "<input type=submit name=update value=update" . " </td>";
echo "</tr>";
echo "</form>";
}
echo "</table>";
}
?>
</body>
</html>
connection.php
<?php
//Connect to the database
function getSQLConnection() {
$mysqlConnection = new PDO('mysql:host=localhost;dbname=', "root", "");
return $mysqlConnection;
}
//Get all results from members table
function getResults($tablename) {
$sql = "SELECT * FROM " . $tablename;
$mysqlConnection = getSQLConnection();
$ResultSet = $mysqlConnection->query($sql);
return $ResultSet;
}
function getMemberResults($id) {
$sql = "SELECT * FROM members WHERE members.member_id = '$id'";
$mysqlConnection = getSQLConnection();
$ResultSet = $mysqlConnection->query($sql);
return $ResultSet;
}
function updateValue($id) {
$sql = "UPDATE members SET name='$id' WHERE members.member_id = members.member_id";
$mysqlConnection = getSQLConnection();
$ResultSetting = $mysqlConnection->query($sql);
return $ResultSetting;
}
?>
Your SQL UPDATE statement is incorrect.
WHERE members.member_id = members.member_id
The above where is always going to resolve true for all rows, making your call
UPDATE members SET name='$id'
You should set the name and also add the members id (a unique identity) in the WHERE cause.
/** give functions descriptive names **/
function updateMemberName($id, $name) {
$sql = "UPDATE members SET name='$name' WHERE id = '$id'";
//...
update.php
You would then just need to modify the function call
if (isset($_POST['update'])) {
$success = updateMemberName($_POST['member_id'], $_POST['name']);
function updateValue($id) {
$sql = "UPDATE members SET name='$id' WHERE members.member_id = members.member_id";
This is equivalent to
UPDATE members SET name='$id'
as the where clause evaluates to TRUE for all rows
Answering only to make it work like you expect it to, This function:
function updateValue($id) {
$sql = "UPDATE members SET name='$id' WHERE members.member_id = members.member_id";
...
}
Needs to be
function updateValue($id, $value) {
$sql = "UPDATE members SET name='$value' WHERE members.member_id=$id";
...
}
Question: What to do to fix my problem on handling the session because it is returning an incorrect value.
Situation: I'm having problem on this session variable from the table. I added data from database to a table using while loop. Here is my code:
<form action="edit2.php" method="get">
<?php
$link = mysql_connect("localhost", "root", "root");
mysql_select_db("ispot", $link);
$result4 = mysql_query("SELECT * FROM user_ispot", $link);
$num_rows = mysql_num_rows($result4);
$result = mysqli_query($con,"SELECT * FROM complaints");
echo "<table border='1'>
<tr>
<th>Id Number</th>
<th>Category</th>
<th>Problem</th>
<th>Date Reported</th>
<th>Complaint ID </th>
<th>Action</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td name=id_num>" . $row['id_number'] . "</td>";
$_SESSION['favcolor'] = "$row[id_number]";
echo "<td name=remarks>" . $row['remarks'] . "</td>";
echo "<td name=status>" . $row['status'] . "</td>";
echo "<td name=date>" . $row['date_reported'] . "</td>";
echo "<td>" . "<INPUT TYPE = text Name = cid VALUE = " . $row['complaint_id'] . ">" . "</td>";
echo "<td>" . "<INPUT TYPE = Submit Name = Submit1 VALUE =Edit>" . "</td>";
echo "</tr>";
}
echo "</table>" ;?>
And it looks like this:
As you can see, there is the edit button, where I can edit a specific row in the table.
When I press the edit button, this will show:
Notice that the User ID is wrong, what can I do to fix it? because the user id that is being post here was the last user_id that was inserted in the table.
And here is my code for the second image:
<b>Date:</b> <input type='text' name='today' placeholder='<?php echo $today ?>' disabled='disabled'> <br><br>
<b>User ID:</b> <input type='text' disabled='disables' name='userid' placeholder='<?php
//$comid = $_GET["cid"];
//echo $userid;
echo $_SESSION['userid'];
//$result = mysqli_query($con,"SELECT * FROM complaints WHERE id = XXX");
//$row = mysqli_fetch_assoc($result);
//print_r($row);
//$result2 = mysql_query("SELECT * FROM complaints WHERE complaint_id = '$comid'", $link);
//$result2 = mysql_query("SELECT * FROM complaints", $link);
//while($row = mysql_fetch_assoc($result2))
//{
//echo $row['id_number'];
//}
?>'></br><br>
Any help would be appreciated. Thank you.
i replaced the button with a link, used it to pass the value when edit is clicked, catch the value with a get and it works for me.
in edit.php
echo "<td> <a href = 'edit2.php?id=$num_id'>Edit</a></td>";
in edit2.php
$id = $_GET['id'];
<b>User ID:</b> <input type='text' disabled='disables' name='userid' value = '<?php echo $id;?>'></input type>
$result2 = mysql_query("SELECT * FROM complaints WHERE complaint_id = '$comid'", $link);
$result2 = mysql_query("SELECT * FROM complaints", $link);
You must use just one of them this rows. I think problem is the second row. This query not choose the "id" that is "comid".
Your first query row is enough:
$result2 = mysql_query("SELECT * FROM complaints WHERE complaint_id = '$comid'", $link);