I'm getting a conflict with these 2 sections of code:
first one to validate that the log in session is in the database tab
include "../scripts/connectpage.php";
$sql = mysql_query("SELECT * FROM login WHERE id='$managerID' AND username='$manager' AND password='$password' LIMIT 1");
$existCount = mysql_num_rows($sql);
if ($existCount == 0) {
echo "Your login session data is not on record in the database.";
exit();
and this one that list all content of another tab
$product_list ="";
$sql = mysql_query("SELECT * FROM table ORDER BY date_added DESC");
$productCount = mysql_num_rows($sql);
if ($productCount > 0) {
while($row = mysql_fetch_array($sql)){
$id = $row["id"];
$product_name = $row["product_name"];
$price = $row["price"];
$date_added = strftime("%b %d, %Y", strtotime($row["date_added"]));
$product_list .= and so on.........
I can log in to the page and it seems fine but I if I refresh it or execute any other stuff on the page, the first code don't validate anymore with the database and I get the echo. If I remove either of the codes they both work fine independently.
Most likely because when you refresh the page, variables:
$managerID, $manager,$password
are not visible anymore on the page.
How you assign value to those variables, through get or post request ?
Related
I'm working on attendance base on login and logout, Is there a way I can make this code work, I'm having a problem on after successfully update the data it will go to another notepad and in there it has a select query that will display the image and basic info of user. But when I tried to logout it displays different user info and images.
Here is my code for php:
<?php
include_once ('connection.php');
if(isset($_POST['submit']))
{
$username2 = $_POST['username2'];
$password1= $_POST['password1'];
$time=date("H:i:s");
$sql = mysqli_query($conn,"SELECT tbl_visitor.Birthday,tbl_visitor.School_Company,tbl_visitor.Contact_number,tbl_visitor.Visitor_Address,tbl_visitor.image,tbl_visitor.Visitor_username,tbl_visitor.Visitor_id,tbl_visitor.Visitor_password,concat(Visitor_first_name,'',Visitor_last_name) as name,
tbl_visitor_form.Time_in,tbl_visitor_form.Time_out , tbl_visitor_form.Number FROM tbl_visitor LEFT JOIN tbl_visitor_form on tbl_visitor.Visitor_id = tbl_visitor_form.Visitor_id WHERE tbl_visitor.Visitor_username = '$username2' and tbl_visitor.Visitor_password = '$password1'
order by Number DESC limit 1");
$count = mysqli_num_rows($sql);
if ($count == 0) {
$_SESSION['error_message'] = "Incorrect username or password";
header("Location:logout.php?");
} else{
while ($row = mysqli_fetch_array($sql)) {
$username2 = $row['Visitor_username'];
$password1 = $row['Visitor_password'];
$name=$row['name'];
$id=$row['Visitor_id'];
$image=$row['image'];
if(empty($row['Time_in'])) {
header("location:visitorvalidate1.php");
} else if(empty($row['Time_out'])){
$InsertSql = "Update tbl_visitor_form set Time_out = '$time' where Visitor_username='$username2' and Visitor_password = '$password1' order by Number DESC limit 1 ";
$res = mysqli_query($conn, $InsertSql);
header("location:outsuccess.php?");
}else{
header("location:visitorvalidate1.php");
}
}
}
}
?>
here is my outsuccess.php:
<?php
include_once('connection.php');
$sql = "select Visitor_username, image, Visitor_name from tbl_visitor_form
order by Number DESC limit 1 ";
$result = mysqli_query($conn,$sql);
while( $row = mysqli_fetch_array($result)) {
$uname=$row['Visitor_username'];
$name=$row['Visitor_name'];
$image=$row['image'];
}
?>
the first query above is working but the second query in select has the problem, it selects different value after the update. for example, there is two user has already login user1 and user2 when I try to logout user1 it successfully updated but it displays the info of user2 instead of user1 on outsuccess.php. Hope you can help me fix this. Advance Thanks
I have a table called flagged_posts in my database, and it has the following columns:
id
thought_id
flagged_by_id
What I am trying to do is that if the logged in user has already flagged the post, then don't allow them to flag the post again, and I am trying to achieve this by removing the anchor link and replacing it by a message.
Here is a snippet of my code:
<?php
$query = mysqli_query($connect, "SELECT * FROM user_thoughts WHERE added_by='$user' AND shared ='yes' "."ORDER BY id DESC LIMIT {$start}, {$limit}");
while ($row = mysqli_fetch_array($query)) {
$thought_id = $row['id'];
$message_content = $row['message'];
$date_of_msg = $row['post_details'];
$thoughts_by = $row['added_by'];
$attachent = $row['attachment'];
$shared = $row['shared'];
// getting the id of the user who is logged in.
$see_if_flagged_q = mysqli_query($connect, "SELECT id FROM users WHERE username = '$username'");
$getting_deets = mysqli_fetch_assoc ($see_if_flagged_q);
$logged_in_user_id = $getting_deets ['id'];
echo "
<div class='more_options' style='float: right;'>";
$see_if_flagged_q2 = mysqli_query($connect, "SELECT * FROM flagged_posts WHERE flagged_by_id ='$logged_in_user_id' ");
while ($getting_deets2 = mysqli_fetch_assoc ($see_if_flagged_q2)){
$flagged_post_by_id = $getting_deets2 ['flagged_by_id'];
// If the user logged in has not flagged the post, i.e. there is no data in the database ..
// .. which says their user id has flagged this thought_id.. then display the link...
if ($logged_in_user_id == $flagged_post_by_id){
echo "<a href='/inc/flagged_post.php?id=$thought_id'> Flag </a>";
}
// if there is data stating this user has flagged this thought_id, then echo a message
if ($logged_in_user_id != $flagged_post_by_id) {
echo "Flagged";
}
}
echo " </div>";
}
?>
So assume I am logged in as Conor. Conor has an id of 8 (id obtained from users table). Conor flags a post with an id of 209 (thought_id obtained from user_thoughts table). So in my flagged posts table, I will see the following row:
id: 1
thought_id: 209
flagged_by_id: 8
At the moment, neither link nor the message is appearing. If I change my query, i.e. $see_if_flagged_q2 = mysqli_query($connect, "SELECT * FROM flagged_posts "); (removed the WHERE clause) then I get the message Flagged echo'd four times (because there are four rows in the flagged_posts table and they are echo's on every post, even those which have not been flagged by the logged in user.
Update:
Here is the updated code first of all:
$see_if_flagged_q2 = mysqli_query($connect, "SELECT * FROM flagged_posts WHERE flagged_by_id = '$logged_in_user_id'");
$test_num = mysqli_num_rows ($see_if_flagged_q2);
$getting_deets2 = mysqli_fetch_assoc ($see_if_flagged_q2);
$flagged_post_by_id = $getting_deets2['flagged_by_id'];
if ($flagged_post_by_id == $logged_in_user_id){
echo "<a href='/inc/flagged_post.php?id=$thought_id'> Flag </a>";
echo $test_num;
}
if ($flagged_post_by_id != $logged_in_user_id) {
echo "Flagged";
}
With the above, the link appears for all posts now, even if they are flagged. I have echo'd both $flagged_post_by_id and '$logged_in_user_id', which both echo the value of 12 (the id of Conor from users table). The values are correct and the number of rows returned by $test_num is also correct.
Ok, here's a reworking of your original code. I moved the data gathering part up front, so we have a setup section before we run the while loop on the thoughts. I changed a variable name here and there. Basically, we build a list of flagged entries, and then in the while loop the job is simpler. If the current row id is in the flagged_posts array, it's flagged, else present the link.
// get the id of the current user
$user_id_q = mysqli_query($connect, "SELECT id FROM users WHERE username = '$username'");
$getting_deets = mysqli_fetch_assoc($user_id_q);
$logged_in_user_id = $getting_deets['id'];
// build array of posts flagged by current user
$flagged_posts_q = mysqli_query($connect, "SELECT thought_id FROM flagged_posts WHERE flagged_by_id = '$logged_in_user_id'");
$flagged_posts = array();
while ($row = mysqli_fetch_array($flagged_posts_q)) {
$flagged_posts[] = $row['thought_id'];
}
$query = mysqli_query($connect, "SELECT * FROM user_thoughts WHERE added_by='$user' AND shared ='yes' "."ORDER BY id DESC LIMIT {$start}, {$limit}");
while ($row = mysqli_fetch_array($query)) {
//You could just use $row['foo'] down below, and skip all this
/*
$thought_id = $row['id'];
$message_content = $row['message'];
$date_of_msg = $row['post_details'];
$thoughts_by = $row['added_by'];
$attachent = $row['attachment'];
$shared = $row['shared'];
*/
echo "<div class='more_options' style='float: right;'>";
if (in_array($row['id'], $flagged_posts)){
echo "Flagged";
} else {
echo "<a href='/inc/flagged_post.php?id=".$row['id']."'> Flag </a>";
}
echo "</div>";
}
I'm trying to set up a simple comment system and I want to create the correlation between the comment and the page landed.... so when a user arrives at blog.php?id=3 they would be presented the correct comments.
What I'm doing is creating the comments table with a pageid column. The pageid column will be filled when a user posts to the page. Maybe a hidden form field? How do I make this correlation within my MYSQLI
This is what I was thinking...
<?php
include_once("includes/check_login_status.php");
?>
<?php
// Check to see the URL variable is set and that it exists in the database
if (isset($_GET['id'])) {
// Connect to the MySQL database
include "includes/db_conx.php";
$id = preg_replace('#[^0-9]#i', '', $_GET['id']); // filter everything but numbers
// Use this var to check to see if this ID exists, if yes then get the product
// details, if no then exit this script and give message why
$sql = "UPDATE content SET views=views+1 WHERE ID=$id";
$update = mysqli_query($db_conx,$sql);
$sql = "SELECT * FROM content WHERE id=$id LIMIT 1";
$result = mysqli_query($db_conx,$sql);
$productCount = mysqli_num_rows($result);
if ($productCount > 0) {
// get all the product details
while($row = mysqli_fetch_array($result)){
$article_title = $row["article_title"];
$category = $row["category"];
$readmore = $row["readmore"];
$author = $row["author"];
$date_added = $row["date_added"];
$article_content = $row["content"];
}
} else {
echo "That item does not exist.";
exit();
}
} else {
echo "Data to render this page is missing.";
exit();
}
?>
<?php
include_once "includes/db_conx.php";
$sql = "SELECT * FROM comment WHERE pageid ="$id"ORDER BY id DESC";
$sql_comments = mysqli_query($db_conx,$sql);
while($row = mysqli_fetch_array($sql_comments)){
$name = $row["name"];
$comment = $row["comment"];
$commentlist .= 'name : '.$name.'<br />comment : '.$comment.'<hr>';
}
//////////////
?>
Is the lower half in scope of the get variable? So that I can determine what page we're on? Can this type of variable be passed thorugh a variable in the comment form?
The 3rd sql statement contains an error:
$sql = "SELECT * FROM comment WHERE pageid ="$id"ORDER BY id DESC";
to
$sql = "SELECT * FROM comment WHERE pageid =".$id."ORDER BY id DESC";
You might also want to change the pre_replace statement to intval:
$id = preg_replace('#[^0-9]#i', '', $_GET['id']);
to
$id = intval($_GET['id']);
The reason being if $_GET['id'] = 'ABC123' then preg_replace will return 123 whereas the intval will return 0.
I am building a custom social network in php and mysqli. I have a page called notifications.php that shows the user site notifications as well as friend requests! put simply all I want to do is allow the user to purge his notifications list by clicking on a button!
in my html I have this...
<p><span id="purgeList"><?php echo $purgeList; ?></span></p>
<h2>Notifications</h2><?php echo $notification_list; ?></div>
and so far all I have for the button is this....
<?php
$purgeList = '<button disabled>Purge your List</button>';
if ($notification_list == true){
$purgeList = '';
}
?>
The notifications themselves gets pulled in using this script!
$notification_list = "";
$sql = "SELECT * FROM notifications WHERE username LIKE BINARY '$log_username' ORDER BY date_time DESC LIMIT 5";
$query = mysqli_query($db_conx, $sql);
$numrows = mysqli_num_rows($query);
if($numrows < 1){
$notification_list = "You do not have any notifications";
} else {
while ($row = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
$noteid = $row["id"];
$initiator = $row["initiator"];
$app = $row["app"];
$note = $row["note"];
$date_time = $row["date_time"];
$date_time = strftime("%b %d, %Y", strtotime($date_time));
$notification_list .= "<p><a href='user.php?u=$initiator'>$initiator</a> | $app<br />$note</p>";
}
}
mysqli_query($db_conx, "UPDATE users SET notescheck=now() WHERE username='$log_username' LIMIT 1");
If you are looking for a way to remove their notifications on the fly, you will need to do an XHR request (also known as AJAX)
for documentation on this you can visit jQuery API for more info on that.
you can cause them to reload the page to go to delete their notifications then use a header redirect to send them back to their 'news feed'
In my opinion i would use ajax because it does not cause a page reload and it can happen dynamically.
Hope this helps =)
I need to update database rows and display the change without reloading the page.
This is what I use currently to display the information:
<?php
$limit = 'LIMIT ' .($pageno - 1) * $rows_per_page .',' .$rows_per_page;
$query = "SELECT * FROM craffyposts ORDER by time DESC $limit";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo $row['like']; // This is what needs to be changed when database is updated.
?>
<?php
};
?>
like.php:
<?php
$cid = $_GET['id'];
database_connect();
$query2 = "SELECT * FROM craffyposts WHERE id = '".$cid."'";
$result2 = mysql_query($query2) or die(mysql_error());
while ($row2 = mysql_fetch_assoc($result2)) {
$lk = $row2['like'];
};
$nlk = $lk + "1";
mysql_query("UPDATE craffyposts SET `like` = '".$nlk."' WHERE id = '".$cid."'") or die(mysql_error());
echo "<script type='text/javascript'>window.location='index.php';</script>";
?>
Any help?
Without reloading the page? You'll have to use a client-side request to fetch new data from the server. the most common of such would be JavaScript's AJAX. You can use AJAX to fetch data from the server (presumably in some quickly parsed format such as JSON) and then load the data into the page with JavaScript.
use JavaScript (or a JS Framework, I prefer jQuery) and use Ajax-Methods to display the data.