I have created a MySQL database along with a front-end to manipulate it using PHP. However, while I can add content to the database manually, I cannot utilize my front-end. When I try to submit the data in my front-end's form fields, I receive the prompt "Duplicate Candidate Name."
The following PHP file is my general script for displaying the front-end:
<?php
if(isset($_POST['sbmtbtn']) && ($_POST['sbmtbtn'] != ""))
{
$desc = strip_tags($_POST['txtdesc']);
$date = glb_func_chkvl($_POST['txtdate']);
$first = glb_func_chkvl($_POST['txtfirst']);
$last = glb_func_chkvl($_POST['txtlast']);
$skill = glb_func_chkvl($_POST['txtskill']);
$sub1 = glb_func_chkvl($_POST['txtsub1']);
$sub2 = glb_func_chkvl($_POST['txtsub2']);
$person = glb_func_chkvl($_POST['txtperson']);
$company = glb_func_chkvl($_POST['txtcompany']);
$location = glb_func_chkvl($_POST['txtlocation']);
$complex = glb_func_chkvl($_POST['complex']);
$sts = glb_func_chkvl($_POST['lststs']);
$dt = date('Y-m-d');
$emp = $_SESSION['sesadmin'];
$sqryquestion_info
= "SELECT candi_first
FROM question_info
WHERE candi_first='$first'";
if(isset($_POST['frmtyp']) && ($_POST['frmtyp'] == "add"))
{
$srsquestion_info =mysql_query($sqryquestion_info);
$rows = mysql_num_rows($srsquestion_info);
if($rows > 0)
{
$gmsg = "<font color=red size=2>Duplicate Candidate Name . Record not saved</font>";
}
else
{
$iqryquestion_info="insert into question_info(
candi_first,candi_last,date,
skill,subtype_1,
subtype_2,person_int,
comp_name,loc_int,complex_lvl,
type_int,question_candi,q_crton,
q_crtby)
values('$first','$last','$date','$skill','$sub1','$sub2','$person','$company',
'$location','$complex','$sts','$desc','$dt','$emp')";
$irsquestion_info = mysql_query($iqryquestion_info);
if($irsquestion_info==true)
{
$gmsg = "<font color=green size=2>Record saved successfully</font>";
}
else
{
$gmsg = "<font color=red size=2>Record not saved</font>";
}
}
}
if(isset($_POST['frmtyp']) && ($_POST['frmtyp'] == "edit"))
{
$id = $_REQUEST['hdnedit'];
$pg = $_REQUEST['hdnpg'];
$countstart = $_REQUEST['hdncntstrt'];
$sqryquestion_info .=" and ques_id !=$id";
$srsquestion_info = mysql_query($sqryquestion_info);
$rows = mysql_num_rows($srsquestion_info);
if($rows > 0)
{
?>
<script>location.href="view_all_questions.php?sts=d&pg=<?php echo $pg;?>&countstart=<?php echo $countstart;?><?php echo $srchval;?>";</script>
<?php
}
else
{
$uqryquestion_info="update question_info set
date ='$date',
candi_first ='$first',
candi_last ='$last',
skill ='$skill',
subtype_1 ='$sub1',
subtype_2 ='$sub2',
person_int ='$person',
comp_name ='$company',
loc_int ='$location',
complex_lel ='$complex',
type_int ='$company',
question_candi ='$desc',
q_mdfdon ='$dt',
q_mdfdby ='$emp' ";
$uqryquestion_info .= " where ques_id=$id";
$ursquestion_info = mysql_query($uqryquestion_info);
if($ursquestion_info==true)
{
?>
<script>location.href="view_all_questions.php?sts=y&pg=<?php echo $pg;?>&countstart=<?php echo $countstart;?><?php echo $srchval;?>";
</script>
<?php
}
else
{
?>
<script>location.href="view_all_questions.php?sts=n&pg=<?php echo $pg;?>&countstart=<?php echo $countstart;?><?php echo $srchval;?>";
</script>
<?php
}
}
}
/*********************************** End Editing ******************************************************/
}
?>
Here begins my "main file" for editing:
<?php
if(isset($_POST['sbmtbtn']) && ($_POST['sbmtbtn'] != ""))
{
$desc = strip_tags($_POST['txtdesc']);
$date = glb_func_chkvl($_POST['txtdate']);
$first = glb_func_chkvl($_POST['txtfirst']);
$last = glb_func_chkvl($_POST['txtlast']);
$skill = glb_func_chkvl($_POST['txtskill']);
$sub1 = glb_func_chkvl($_POST['txtsub1']);
$sub2 = glb_func_chkvl($_POST['txtsub2']);
$person = glb_func_chkvl($_POST['txtperson']);
$company = glb_func_chkvl($_POST['txtcompany']);
$location = glb_func_chkvl($_POST['txtlocation']);
$complex = glb_func_chkvl($_POST['complex']);
$sts = glb_func_chkvl($_POST['lststs']);
$dt = date('Y-m-d');
$emp = $_SESSION['sesadmin'];
$sqryquestion_info="select candi_first
from question_info
where candi_first='$first'";
if(isset($_POST['frmtyp']) && ($_POST['frmtyp'] == "add"))
{
$srsquestion_info =mysql_query($sqryquestion_info);
$rows = mysql_num_rows($srsquestion_info);
if($rows > 0)
{
$gmsg = "<font color=red size=2>Duplicate Candidate Name . Record not saved</font>";
}
else
{
$iqryquestion_info="insert into question_info(
candi_first,candi_last,date,
skill,subtype_1,
subtype_2,person_int,
comp_name,loc_int,complex_lvl,
type_int,question_candi,q_crton,
q_crtby)
values('$first','$last','$date','$skill','$sub1','$sub2','$person','$company',
'$location','$complex','$sts','$desc','$dt','$emp')";
$irsquestion_info = mysql_query($iqryquestion_info);
if($irsquestion_info==true)
{
$gmsg = "<font color=green size=2>Record saved successfully</font>";
}
else
{
$gmsg = "<font color=red size=2>Record not saved</font>";
}
}
}
if(isset($_POST['frmtyp']) && ($_POST['frmtyp'] == "edit"))
{
$id = $_REQUEST['hdnedit'];
$pg = $_REQUEST['hdnpg'];
$countstart = $_REQUEST['hdncntstrt'];
$sqryquestion_info .=" and ques_id !=$id";
$srsquestion_info = mysql_query($sqryquestion_info);
$rows = mysql_num_rows($srsquestion_info);
if($rows > 0)
{
?>
<script>location.href="view_all_questions.php?sts=d&pg=<?php echo $pg;?>&countstart=<?php echo $countstart;?><?php echo $srchval;?>";</script>
<?php
}
else
{
$uqryquestion_info="update question_info set
date ='$date',
candi_first ='$first',
candi_last ='$last',
skill ='$skill',
subtype_1 ='$sub1',
subtype_2 ='$sub2',
person_int ='$person',
comp_name ='$company',
loc_int ='$location',
complex_lel ='$complex',
type_int ='$company',
question_candi ='$desc',
q_mdfdon ='$dt',
q_mdfdby ='$emp' ";
$uqryquestion_info .= " where ques_id=$id";
$ursquestion_info = mysql_query($uqryquestion_info);
if($ursquestion_info==true)
{
?>
<script>location.href="view_all_questions.php?sts=y&pg=<?php echo $pg;?>&countstart=<?php echo $countstart;?><?php echo $srchval;?>";
</script>
<?php
}
else
{
?>
<script>location.href="view_all_questions.php?sts=n&pg=<?php echo $pg;?>&countstart=<?php echo $countstart;?><?php echo $srchval;?>";
</script>
<?php
}
}
}
/*********************************** End Editing ******************************************************/
}
?>
Related
I am having some issues for the last 5 hours. I've been trying to fix it and I can't seem to find a solution, so I hope you can help me!
So I have this vote.php script:
<?php
if(basename($_SERVER["PHP_SELF"]) == "vote.php") {
die("403 - Access Forbidden");
}
echo "<h2 class=\"text-left\">Vote</h2><hr/>";
$earnedpoints = false;
$insertnew = false;
$time = time();
$redirect = "";
$account = $mysqli->real_escape_string(preg_replace("/[^A-Za-z0-9 ]/", '', #$_POST['name']));
$siteid = $mysqli->real_escape_string(#$_POST['votingsite']);
$checkacc = $mysqli->query("SELECT * FROM accounts WHERE name = '$account'");
$countcheckacc = $checkacc->num_rows;
$row = $checkacc->fetch_assoc();
if($countcheckacc == 0 && isset($_POST['submit'])) {
$funct_error = "This account doesn't exist!";
}
if($row['loggedin'] > 0 && isset($_POST['submit'])) {
$funct_error = "This account is logged in!";
} elseif ($account == '' && isset($_POST['submit'])) {
$funct_error = 'You need to put in a username!';
} elseif(empty($_POST['votingsite']) && isset($_POST['submit'])){
$funct_error = "Please select a voting site";
} elseif(isset($_POST['submit'])) {
$checksite = $mysqli->query("SELECT * FROM ".$prefix."vote WHERE id = ".$siteid."");
$countchecksite = $checksite->num_rows;
if($countchecksite == 0 && isset($_POST['submit'])) {
$funct_error = "Invalid voting site.";
} else {
$result = $mysqli->query("SELECT *, SUM(times) as amount FROM ".$prefix."votingrecords WHERE NOT account='' AND NOT account='0' AND account='".$account."' AND siteid = '".$siteid."'") or die('Error - Could not look up vote record!');
$row = $result->fetch_assoc();
$sitequery = $mysqli->query("SELECT * FROM ".$prefix."vote WHERE id = '".$siteid."'");
$vsite = $sitequery->fetch_assoc();
$gvp = $vsite['gvp'];
$gnx = $vsite['gnx'];
$timecalc = $time - $row['date'];
if ($row['amount'] == '' || $timecalc > $vsite['waittime']) {
if($row['amount'] == '') {
$result = $mysqli->query("INSERT INTO ".$prefix."votingrecords (siteid, ip, account, date, times) VALUES ('".$siteid."', '".$ipaddress."', '".$account."', '".$time."', '1')") or die ('Error - Could not insert vote records!');
} else {
$result = $mysqli->query("UPDATE ".$prefix."votingrecords SET siteid = '".$siteid."', ip='".$ipaddress."', account='".$account."', date='".$time."', times='1' WHERE account='".$account."' AND siteid = '".$siteid."'") or die ('Error - Could not update vote records!');
}
$earnedpoints = true;
if ($earnedpoints == true) {
if ($account != '') {
$result = $mysqli->query("UPDATE accounts
SET $colvp = $colvp + $gvp,
$colnx = $colnx + $gnx
WHERE name='".$account."'") or die ('Error - Could not give rewards. Your site administrator needs to configure the NX and VP settings.');
}
$funct_msg = '<meta http-equiv="refresh" content="0; url='.$vsite['link'].'">';
$redirect = true;
}
} elseif($timecalc < $vsite['waittime'] && $row['amount'] != '') {
$funct_msg = 'You\'ve already voted for '.$vsite['name'].' within the last '.round($vsite['waittime']/3600).' hours!';
$funct_msg .= '<br />Vote time: '. date('M d\, h:i A', $row['date']);
} else {
$funct_error = 'Unknown Error';
}
}
}
if($redirect == true) {
echo $funct_msg;
} else {
if(isset($funct_msg)) {
echo '<div class="alert alert-danger">'.$funct_msg.'</div>';
}
if(isset($funct_error)) {
echo '<div class="alert alert-danger">'.$funct_error.'</div>';
}
$query = $mysqli->query("SELECT * from ".$prefix."vote");
if($query->num_rows == 0){
echo "<div class=\"alert alert-danger\">Your administrator has not added any voting sites yet!</div>";
} else {
echo "
<form method=\"post\">
<div class=\"form-group\">
<label for=\"voteSite\">Select Site:</label>
<select name=\"votingsite\" class=\"form-control\" id=\"voteSite\" required>
<option value=\"\" disabled selected>Select Site...</option>";
while($row = $query->fetch_assoc()){
echo "<option value=\"".$row['id']."\">".$row['name']."</option>";
}
echo "</select>
</div>";
if(!isset($_SESSION['id'])) {
echo "<input type=\"text\" name=\"name\" maxlength=\"15\" class=\"form-control\" placeholder=\"Username\" required autocomplete=\"off\"/><br/>";
} else {
echo "<input type=\"text\" name=\"name\" maxlength=\"15\" class=\"form-control\" placeholder=\"".$_SESSION['name']."\" value=\"".$_SESSION['name']."\" required autocomplete=\"off\"/><br/>";
}
echo "
<input type=\"submit\" name=\"submit\" value=\"Submit »\" class=\"btn btn-primary\"/>
</form>";
}
}
I have this in votingrecords table in SQL: ip, account, date, times, amount. It's correct.
The problem I'm having is that whenever I type my username to vote for the game, I'm getting this error message "Error - Could not look up vote record!".
Here's the code for this error:
else {
$result = $mysqli->query("SELECT *, SUM(times) as amount
FROM ".$prefix."votingrecords
WHERE NOT account=''
AND NOT account='0'
AND account='".$account."'
AND siteid = '".$siteid."'") or die('Error - Could not look up vote record!');
$row = $result->fetch_assoc();
$sitequery = $mysqli->query("SELECT * FROM ".$prefix."vote WHERE id = '".$siteid."'");
$vsite = $sitequery->fetch_assoc();
$gvp = $vsite['gvp'];
$gnx = $vsite['gnx'];
$timecalc = $time - $row['date'];
I hope you guys can help me, since I've tried everything and cannot get it to work
thanks for helping.
I got this issue fixed by executing this SET GLOBAL sql_mode = 'STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'; in MYSQL.
This would not happen if #RiggsFolly didn't tell me to use this code to display real useful errors, so thank you.
Thanks all!
I am trying to display a message when the search finds 0 results. I have tried several different ways to do it but nothing works; I always get a blank page or manage to display the message even when search finds results.
The code:
$post = $_POST;
if (isset($post['Kohderyhmä']) &&
isset($post['Näytön_aste']) &&
isset($post['Vaikutusten_vahvuus']) &&
isset($post['Käyttökelpoisuus']))
{
$Kohderyhmä = $post['Kohderyhmä'];
$Näytön_aste = $post['Näytön_aste'];
$Vaikutusten_vahvuus = $post['Vaikutusten_vahvuus'];
$Käyttökelpoisuus = $post['Käyttökelpoisuus'];
}
else
{
echo '<!-- Virhe -->'; /*die ('<h2>Ei hakutermiä syötetty. Avaa haku</h2>');*/
}
$count = 0;
$and = "";
$query = "";
if (!empty($Kohderyhmä) && $Kohderyhmä !="Kaikki" ) {
if ($count > 0) {
$and = " AND ";
}
$count++;
$query = $query.$and."`Kohderyhmä` LIKE '%".$Kohderyhmä."%'";
}
if (!empty($Näytön_aste) && $Näytön_aste !="Kaikki" ) {
if ($count > 0) { $and = " AND "; }
$count++;
$query = $query.$and."`Näytön aste` LIKE '%".$Näytön_aste."%'";
}
if (!empty($Vaikutusten_vahvuus) && $Vaikutusten_vahvuus !="Kaikki" ) {
if ($count > 0) { $and = " AND "; }
$count++;
$query = $query.$and."`Vaikutusten vahvuus` LIKE '%".$Vaikutusten_vahvuus."%'";
}
if (!empty($Käyttökelpoisuus) && $Käyttökelpoisuus !="Kaikki" ) {
if ($count > 0) { $and = " AND "; }
$count++;
$query = $query.$and."`Käyttökelpoisuus` LIKE '%".$Käyttökelpoisuus ."%'";
}
if ($count > 0) {
$query = "SELECT * FROM `tietokanta` WHERE ".$query;
} else {
$query = "SELECT * FROM `tietokanta`";
}
//echo $query;
if ($results = $conn->query($query)) {
while ($row = $results->fetch_assoc()) {
echo '<h3>' . $row['Nimi'] . '</h3>';
echo $row['Kokonaisarvio'] ."<br /><br />";
echo $row['Kuvaus'] ."<br /><br />";
}
} else {
echo '<h2>Haku ei tuottanut yhtään tulosta. Muuta hakuehtoja ja hae uudestaan.</h2>';
}
I have tried to find tutorials and other tips from the internet and php.net pages but I can't find a working solution.
That is quite strange because this question is asked every week. Not to mention you can read on mysqli_query's manual page that this function's return value is always positive, no matter whether it was found anything or not
Change your code to this
if ($results = $conn->query($query)->fetch_all(MYSQLI_ASSOC)) {
foreach ($results as $row) {
echo '<h3>' . $row['Nimi'] . '</h3>';
echo $row['Kokonaisarvio'] ."<br /><br />";
echo $row['Kuvaus'] ."<br /><br />";
}
} else {
echo '<h2>Haku ei tuottanut yhtään tulosta. Muuta hakuehtoja ja hae uudestaan.</h2>';
}
Try this following code
$results = $conn->query($query);
if ($results->num_rows >= 1){
while ($row = $results->fetch_assoc()) {
echo '<h3>' . $row['Nimi'] . '</h3>';
echo $row['Kokonaisarvio'] ."<br /><br />";
echo $row['Kuvaus'] ."<br /><br />";
}
}
else{
echo '<h2>Haku ei tuottanut yhtään tulosta. Muuta hakuehtoja ja hae uudestaan.</h2>';
}
So my code get a value from previous page, compare it with a table field in the database and display success or failure. Here is the original code:
<?php
if ($_GET['q'] !='')
{
include('config.inc');
$foo = $_GET['q'];
$query= "INSERT INTO register(name) VALUES('$foo')";
$result = mysql_query("SELECT * FROM user_student");
while($row = mysql_fetch_array($result))
{
$id= $row['sid'];
if($id==$foo)
{
$res = mysql_query($query);
if ($res)
{
echo 'Insertion ok';
}
else
{
echo " ";
echo "Attendance already taken for $foo";
}
}
else
{
echo " ";
echo "Student $foo does not exist!!";
}
}
}
else echo "Invalid Command";
?>
Am having duplicating result e.g Student 1124 does not exist!! 10times. I've modify the code to:
while($row = mysql_fetch_array($result))
{
$id= $row['sid'];
if($id==$foo)
{
$res = mysql_query($query);
}
else
{
echo " ";
echo "Student $foo does not exist!!";
}
}
if ($res)
{
echo 'Insertion ok';
}
else
{
echo " ";
echo "Attendance already taken for $foo";
}
So i've placed the $res outside the loop to avoid duplication result but now it says: variable cannot be resolved Any suggestions?
A bit of changed version of CaldasGSM:
<?php
if (!empty($_GET['q']))
{
include('config.inc');
$foo = mysql_real_escape_string($_GET['q']);
$result = mysql_query("SELECT * FROM user_student WHERE sid = '{$foo}'");
$num_rows = mysql_num_rows($result);
if($num_rows > 0)
{
$res = mysql_query("INSERT INTO register(name) VALUES('$foo')");
if ($res)
{
echo 'Insertion ok';
}
else
{
echo " ";
echo "Attendance already taken for $foo";
}
}
else
{
echo " ";
echo "Student $foo does not exist!!";
}
}
else
{
echo "Invalid Command";
}
?>
maybe something like
<?php
if ($_GET['q'] !='')
{
include('config.inc');
$foo = $_GET['q'];
$result = mysql_query("SELECT * FROM user_student");
$bRecordExists = false;
while($row = mysql_fetch_array($result))
{
$id= $row['sid'];
if($id==$foo)
{
$bRecordExists = true;
break;
}
}
if($bRecordExists)
{
$res = mysql_query("INSERT INTO register(name) VALUES('$foo')");
if ($res)
{
echo 'Insertion ok';
}
else
{
echo " ";
echo "Attendance already taken for $foo";
}
}
else
{
echo " ";
echo "Student $foo does not exist!!";
}
}
else
{
echo "Invalid Command";
}
?>
I have a simple upload script that has some validation on the form. The idea behind the upload form is to upload 2 images, one a thumbnail and one a larger image. Both need to be the correct dimensions and require an image to be selected in order for the form to validate and successfully upload the images.
However, I have been tasked to remove the first upload part, the thumbnail. We now only need the larger image. Though I'm unsure how to remove the validation part of the process. I have tried to remove the input field from the HTML, but obviously the upload script sees this as not upload the first image and throws an error.
Anyway the files:
Upload.php
<?php
// Edit upload location here
$thumb_destination_path = "../storyslide_thumbs/";
$large_destination_path = "../storyslide_large/";
$type = $_POST['type'];
if (isset($_POST['ID'])) {
$ID = $_POST['ID'];
}
$caption = mysql_real_escape_string($_POST['caption']);
$caption2 = mysql_real_escape_string($_POST['caption2']);
if ($type == "article" || $type == "editarticle") {
$sql="select a.title, a.category, c.title as cattitle, s.section as stitle, c.type from article a, category c, section s WHERE c.catID=a.category AND c.sectionid=s.sectionid AND a.articleID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$stitle = html_entity_decode($stitle);
$stitle = punct_remove($stitle);
$linktitle = html_entity_decode($title);
$linktitle = punct_remove($linktitle);
$cattitle = html_entity_decode($cattitle);
$cattitle = punct_remove($cattitle);
if ($category=='43') {
$link = "/fans/obituaries/$ID-$linktitle..html";
} else {
if ($type=="Blog") {
$ID = "b$ID";
$cattitle = $cattitle . "-" . $category;
} else {
$cattitle = $category . "-" . $cattitle;
}
$link = "/$stitle/$cattitle/$ID-$linktitle.html";
}
} elseif ($type == "player") {
$sql = "SELECT name FROM player WHERE playerID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$name = html_entity_decode($name);
$name = punct_remove($name);
$link = "/players/squad/$ID-$name.html";
} elseif ($type == "match") {
$sql="select r.versus, r.venue, s.year FROM regmatch r, season s WHERE r.matchID='$ID' AND r.season=s.seasonID";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
if ($venue=='Home') {
$teams = "Stanlow V $versus";
$teams2 = "Stanlow_vs_" . str_replace(" ", "_", strtolower($versus));
}
else {
$teams = "$versus V Stanlow";
$teams2 = str_replace(" ", "_", strtolower($versus)) . "_vs_Stanlow";
}
$year = str_replace("/", "-", $year);
$sql="select count(*) as num3 FROM loungeimages WHERE matchID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
if ($_POST['p']=="ao") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/awayteam.html";
} elseif ($_POST['p']=="bb") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/bookiekiller.html";
} elseif ($_POST['p']=="tn") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/teamnews.html";
} elseif ($_POST['p']=="s") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/scores.html";
} elseif ($_POST['p']=="l") {
if ($num3>0) {
$sql="select MIN(imgID) as minumumimage FROM loungeimages WHERE matchID='$ID' GROUP BY matchID";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/lounge/$minumumimage.html";
}
else {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/lounge.html";
}
} elseif ($_POST['p']=="fv") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/fansviews.html";
} elseif ($_POST['p']=="fr") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/fansmatchreport.html";
} elseif ($_POST['p']=="ob") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/offtheball.html";
} elseif ($_POST['p']=="mq") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/matchquotes.html";
} elseif ($_POST['p']=="mr") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/matchreport.html";
}
}
elseif ($type == "match2") {
$sql="select r.versus, r.venue FROM regmatch2 r WHERE r.matchID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
if ($venue=='Home') {
$teams = "Stanlow V $versus";
$teams2 = "Stanlow_vs_" . str_replace(" ", "_", strtolower($versus));
}
else {
$teams = "$versus V Stanlow";
$teams2 = str_replace(" ", "_", strtolower($versus)) . "_vs_Stanlow";
}
if ($_POST['p']=="ao") {
$link = "/match/perfectseason/$ID-$teams2/aboutoppo.html";
}
elseif ($_POST['p']=="bb") {
$link = "/match/perfectseason/$ID-$teams2/de_ja_lards_best_bet.html";
}
elseif ($_POST['p']=="tn") {
$link = "/match/perfectseason/$ID-$teams2/teamnews.html";
}
elseif ($_POST['p']=="mr") {
$link = "/match/perfectseason/$ID-$teams2/matchreport.html";
}
elseif ($_POST['p']=="rank") {
$link = "/match/perfectseason/$ID-$teams2/andys_old_rankin.html";
}
}
elseif ($type == "event") {
$link = "/fans/diary.html";
} elseif ($type == "picsubcat") {
$sql = "SELECT s.title as stitle, c.catID, c.title as ctitle, MIN(p.imgID) as imgID, se.section FROM picturesubcategory s, category c, picturetable p, section se WHERE c.sectionid=se.sectionid AND s.piccatID='$ID' AND s.catID=c.catID AND p.piccatID=s.piccatID";
$result = mysql_query($sql) or die ("<script language='javascript'>alert('" . $sql . "');</script>");
$row = mysql_fetch_array($result);
extract($row);
$ctitle = html_entity_decode($ctitle);
$ctitle = punct_remove($ctitle);
$stitle = html_entity_decode($stitle);
$stitle = punct_remove($stitle);
$section = strtolower($section);
$link = "/$section/$catID-$ctitle/$stitle/$imgID.html";
} elseif ($type == "paypal") {
$sql = "SELECT name FROM paypalitems WHERE itemID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$name = str_replace(" ", "_", $name);
$name = urlencode($name);
$link = "/products/" . $ID . "-" . $name . ".html";
} elseif ($type == "lookalike") {
$link = "/funnies/lookalikes/1.html";
} elseif ($type == "wallpaper") {
$link = "/gear/wallpapers/1.html";
}
$result = 0;
$time = time();
while(file_exists($time.'-'.$_FILES['myfile']['name']))
{
$time++;
}
while (file_exists($time.'-'.$_FILES['myfile2']['name']))
{
$time++;
}
$thumb_target_path = $thumb_destination_path . $time.'-'.$_FILES['myfile']['name'];
$large_target_path = $large_destination_path . $time.'-'.$_FILES['myfile2']['name'];
$filename = $time.'-'.$_FILES['myfile']['name'];
$filename2 = $time.'-'.$_FILES['myfile2']['name'];
if ((!isset($_FILES['myfile']['tmp_name']) || $_FILES['myfile']['tmp_name'] == "") || (!isset($_FILES['myfile2']['tmp_name']) || $_FILES['myfile2']['tmp_name'] == "")) {
$result = 3;
} else {
if (is_uploaded_file($_FILES['myfile']['tmp_name']) && is_uploaded_file($_FILES['myfile2']['tmp_name'])) {
if (getimagesize($_FILES['myfile']['tmp_name']) && getimagesize($_FILES['myfile2']['tmp_name'])) {
if ((move_uploaded_file($_FILES['myfile']['tmp_name'], $thumb_target_path)) && (move_uploaded_file($_FILES['myfile2']['tmp_name'], $large_target_path))) {
$result = 1;
$image_dim = getimagesize($thumb_target_path);
$image_dim2 = getimagesize($large_target_path);
if (($image_dim[0] != 75 || $image_dim[1] != 100) || ($image_dim2[0] != 230 || $image_dim2[1] != 199)) {
$result = 4;
unlink($thumb_target_path);
unlink($large_target_path);
} else {
if (isset($_POST['f'])) {
$publishingdate = $_POST['date'];
$sql2 = "INSERT INTO storyslide_future (thumb, large, thumbcaption, largecaption, link, publishingdate) VALUES ('$filename', '$filename2', '$caption', '$caption2', '$link', '$publishingdate')";
$res2 = mysql_query($sql2) or die ('<script language="javascript" type="text/javascript">alert("Error! bad insert statement");</script>');
} else {
$sql = "DELETE FROM storyslide WHERE thumbID='16'";
$res = mysql_query($sql) or die ("Error! bad delete statement");
$sql1 = "UPDATE storyslide SET thumbID=thumbID+1";
$res1 = mysql_query($sql1) or die ('<script language="javascript" type="text/javascript">alert("Error! bad update statement");</script>');
$sql2 = "INSERT INTO storyslide (thumbID, thumb, large, thumbcaption, largecaption, link) VALUES ('1', '$filename', '$filename2', '$caption', '$caption2', '$link')";
$res2 = mysql_query($sql2) or die ('<script language="javascript" type="text/javascript">alert("Error! bad insert statement");</script>');
}
}
}
} else {
$result = 2;
}
} else {
$result = 5;
}
}
sleep(1);
?>
<script language="javascript" type="text/javascript">window.top.window.stopUpload(<?php echo $result; ?>);</script>
<?php } ?>
And now the form:
<script src='upload_handler.js' language="javascript" type="text/javascript"></script>
</head>
<body>
<div id='wrapper'> <!-- start wrapper -->
<?php include("top.php"); ?>
<div id='pagetitle'> <!-- start pagetitle -->
<div id='pageimage'><img src='adminimages/note.jpg'/></div>
<div id='title'>Add to Thumbnails</div>
</div> <!-- end pagetitle -->
<div id='admincontrols'> <!-- start admincontrols -->
<center>
<div id='container' style='margin:0 0 0 240px;'>
<div id="content">
<form action='upload.php' method='post' enctype='multipart/form-data' target='upload_target' onSubmit='startUpload();'>
<input type='hidden' name='type' value='<?php echo $type; ?>' />
<?php
if (isset($_GET['ID'])) {
?>
<input type='hidden' name='ID' value='<?php echo $ID; ?>' />
<?php
}
?>
<?php
if (isset($_GET['p'])) {
?>
<input type='hidden' name='p' value='<?php echo $_GET['p']; ?>' />
<?php
}
?>
<?php
if (isset($_GET['f'])) {
?>
<input type='hidden' name='f' value='<?php echo $_GET['f']; ?>' />
<input type='hidden' name='date' value='<?php echo $_GET['date']; ?>' />
<?php
}
?>
<p id="f1_upload_process">Loading...<br/><img src="images/loader.gif" width="200" height="20" /><br/></p>
<div id='f1_upload_form'>
<div id='thumbnail_title' style='font-family:georgia;'>Thumbnail (This Image must be 75px in width and 100px in height):</div>
<div class='input_container'>
<div class='label_image'>File:</div>
<div class='input_image'><input name='myfile' type='file' size='70' class='inputbox'/></div>
</div>
<div class='input_container'>
<div class='label_image'>Caption:</div>
<div class='input_image'><input name='caption' type='text' maxlength='30' class='inputbox'/></div>
</div>
<div id='largerimage_title' style='font-family:georgia;'>Main Image (Only one image required. Minimum dimensions: 230px in width and 199px):</div>
<div class='input_container'>
<div class='label_image'>File:</div>
<div class='input_image'><input name='myfile2' type='file' size='70' class='inputbox'/></div>
</div>
<div class='input_container'>
<div class='label_image'>Caption:</div>
<div class='input_image'><input name='caption2' type='text' maxlength='200' class='inputbox'/></div>
</div>
<label><input type='submit' name='submitBtn' class='sbtn' value='Upload' /></label>
</div>
<iframe id='upload_target' name='upload_target' src='#' style='width:0;height:0;border:0px solid #fff;'></iframe>
</form>
</div>
</div>
</center>
</div>
<div id='controlbuttons'>
<a href='storyslide_write.php?type=<?php echo $type; if (isset($_GET['ID'])) { echo "&ID=" . $ID; } if (isset($_GET['n'])) { echo '&n=c'; } if (isset($_GET['revised'])) { echo '&revised=' . $_GET['revised']; } if (isset($_GET['c'])) { echo '&c=' . $_GET['c']; } ?>' id='savebutton' style='visibility:hidden;'><img src='adminimages/save.jpg' alt='Done' border='0' /></a>
<a href='admin.php'><img src='adminimages/home.jpg' border='0' alt='Main Menu'/></a></div>
</div> <!-- end wrapper -->
</body>
</html>
<?php } ?>
The input that I want to remove so we only have 1 image upload input is:
<input name='myfile' type='file' size='70' class='inputbox'/>
The validation needs to be removed from the first file in order to do this successfully.
I had a few stabs at this myself and noticed that the input field was being referenced in upload.php by the name of the input "myfile", so I searched the upload.php for anhything relating to this input name I found the following and tried to remove:
while(file_exists($time.'-'.$_FILES['myfile']['name']))
{
$time++;
}
$thumb_target_path = $thumb_destination_path . $time.'-'.$_FILES['myfile']['name'];
$filename = $time.'-'.$_FILES['myfile']['name'];
To no avail however...
Any pointers would be greatly appreciated :)
Try with the following code, it removes $_FILES['myfile'] from everywhere, including if statements, SQL queries, etc.:
Upload.php
// Edit upload location here
$thumb_destination_path = "../storyslide_thumbs/";
$large_destination_path = "../storyslide_large/";
$type = $_POST['type'];
if (isset($_POST['ID'])) {
$ID = (int) $_POST['ID'];
}
$caption = mysql_real_escape_string($_POST['caption']);
$caption2 = mysql_real_escape_string($_POST['caption2']);
if ($type == "article" || $type == "editarticle") {
$sql="select a.title, a.category, c.title as cattitle, s.section as stitle, c.type from article a, category c, section s WHERE c.catID=a.category AND c.sectionid=s.sectionid AND a.articleID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$stitle = html_entity_decode($stitle);
$stitle = punct_remove($stitle);
$linktitle = html_entity_decode($title);
$linktitle = punct_remove($linktitle);
$cattitle = html_entity_decode($cattitle);
$cattitle = punct_remove($cattitle);
if ($category=='43') {
$link = "/fans/obituaries/$ID-$linktitle..html";
} else {
if ($type=="Blog") {
$ID = "b$ID";
$cattitle = $cattitle . "-" . $category;
} else {
$cattitle = $category . "-" . $cattitle;
}
$link = "/$stitle/$cattitle/$ID-$linktitle.html";
}
} elseif ($type == "player") {
$sql = "SELECT name FROM player WHERE playerID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$name = html_entity_decode($name);
$name = punct_remove($name);
$link = "/players/squad/$ID-$name.html";
} elseif ($type == "match") {
$sql="select r.versus, r.venue, s.year FROM regmatch r, season s WHERE r.matchID='$ID' AND r.season=s.seasonID";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
if ($venue=='Home') {
$teams = "Stanlow V $versus";
$teams2 = "Stanlow_vs_" . str_replace(" ", "_", strtolower($versus));
}
else {
$teams = "$versus V Stanlow";
$teams2 = str_replace(" ", "_", strtolower($versus)) . "_vs_Stanlow";
}
$year = str_replace("/", "-", $year);
$sql="select count(*) as num3 FROM loungeimages WHERE matchID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
if ($_POST['p']=="ao") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/awayteam.html";
} elseif ($_POST['p']=="bb") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/bookiekiller.html";
} elseif ($_POST['p']=="tn") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/teamnews.html";
} elseif ($_POST['p']=="s") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/scores.html";
} elseif ($_POST['p']=="l") {
if ($num3>0) {
$sql="select MIN(imgID) as minumumimage FROM loungeimages WHERE matchID='$ID' GROUP BY matchID";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/lounge/$minumumimage.html";
}
else {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/lounge.html";
}
} elseif ($_POST['p']=="fv") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/fansviews.html";
} elseif ($_POST['p']=="fr") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/fansmatchreport.html";
} elseif ($_POST['p']=="ob") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/offtheball.html";
} elseif ($_POST['p']=="mq") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/matchquotes.html";
} elseif ($_POST['p']=="mr") {
$link = "/match/$year/$ID-$teams2/" . strtolower($venue) . "/matchreport.html";
}
}
elseif ($type == "match2") {
$sql="select r.versus, r.venue FROM regmatch2 r WHERE r.matchID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
if ($venue=='Home') {
$teams = "Stanlow V $versus";
$teams2 = "Stanlow_vs_" . str_replace(" ", "_", strtolower($versus));
}
else {
$teams = "$versus V Stanlow";
$teams2 = str_replace(" ", "_", strtolower($versus)) . "_vs_Stanlow";
}
if ($_POST['p']=="ao") {
$link = "/match/perfectseason/$ID-$teams2/aboutoppo.html";
}
elseif ($_POST['p']=="bb") {
$link = "/match/perfectseason/$ID-$teams2/de_ja_lards_best_bet.html";
}
elseif ($_POST['p']=="tn") {
$link = "/match/perfectseason/$ID-$teams2/teamnews.html";
}
elseif ($_POST['p']=="mr") {
$link = "/match/perfectseason/$ID-$teams2/matchreport.html";
}
elseif ($_POST['p']=="rank") {
$link = "/match/perfectseason/$ID-$teams2/andys_old_rankin.html";
}
}
elseif ($type == "event") {
$link = "/fans/diary.html";
} elseif ($type == "picsubcat") {
$sql = "SELECT s.title as stitle, c.catID, c.title as ctitle, MIN(p.imgID) as imgID, se.section FROM picturesubcategory s, category c, picturetable p, section se WHERE c.sectionid=se.sectionid AND s.piccatID='$ID' AND s.catID=c.catID AND p.piccatID=s.piccatID";
$result = mysql_query($sql) or die ("<script language='javascript'>alert('" . $sql . "');</script>");
$row = mysql_fetch_array($result);
extract($row);
$ctitle = html_entity_decode($ctitle);
$ctitle = punct_remove($ctitle);
$stitle = html_entity_decode($stitle);
$stitle = punct_remove($stitle);
$section = strtolower($section);
$link = "/$section/$catID-$ctitle/$stitle/$imgID.html";
} elseif ($type == "paypal") {
$sql = "SELECT name FROM paypalitems WHERE itemID='$ID'";
$result = mysql_query($sql) or die ("Error! bad select statement");
$row = mysql_fetch_array($result);
extract($row);
$name = str_replace(" ", "_", $name);
$name = urlencode($name);
$link = "/products/" . $ID . "-" . $name . ".html";
} elseif ($type == "lookalike") {
$link = "/funnies/lookalikes/1.html";
} elseif ($type == "wallpaper") {
$link = "/gear/wallpapers/1.html";
}
$result = 0;
$time = time();
while (file_exists($time.'-'.$_FILES['myfile2']['name']))
{
$time++;
}
$large_target_path = $large_destination_path . $time.'-'.$_FILES['myfile2']['name'];
$filename = '';
$filename2 = $time.'-'.$_FILES['myfile2']['name'];
if ((!isset($_FILES['myfile2']['tmp_name']) || $_FILES['myfile2']['tmp_name'] == "")) {
$result = 3;
} else {
if (is_uploaded_file($_FILES['myfile2']['tmp_name'])) {
if (getimagesize($_FILES['myfile2']['tmp_name'])) {
if (((move_uploaded_file($_FILES['myfile2']['tmp_name'], $large_target_path))) {
$result = 1;
$image_dim2 = getimagesize($large_target_path);
if (($image_dim2[0] != 230 || $image_dim2[1] != 199)) {
$result = 4;
unlink($large_target_path);
} else {
if (isset($_POST['f'])) {
$publishingdate = $_POST['date'];
$sql2 = "INSERT INTO storyslide_future (thumb, large, thumbcaption, largecaption, link, publishingdate) VALUES ('$filename', '$filename2', '$caption', '$caption2', '$link', '$publishingdate')";
$res2 = mysql_query($sql2) or die ('<script language="javascript" type="text/javascript">alert("Error! bad insert statement");</script>');
} else {
$sql = "DELETE FROM storyslide WHERE thumbID='16'";
$res = mysql_query($sql) or die ("Error! bad delete statement");
$sql1 = "UPDATE storyslide SET thumbID=thumbID+1";
$res1 = mysql_query($sql1) or die ('<script language="javascript" type="text/javascript">alert("Error! bad update statement");</script>');
$sql2 = "INSERT INTO storyslide (thumbID, thumb, large, thumbcaption, largecaption, link) VALUES ('1', '$filename', '$filename2', '$caption', '$caption2', '$link')";
$res2 = mysql_query($sql2) or die ('<script language="javascript" type="text/javascript">alert("Error! bad insert statement");</script>');
}
}
}
} else {
$result = 2;
}
} else {
$result = 5;
}
}
sleep(1);
?>
<script language="javascript" type="text/javascript">window.top.window.stopUpload(<?php echo $result; ?>);</script>
<?php } ?>
I a have a table like this:
and I want to combine colums 'uitvoeringid' and 'uitvoeringoms' and output as one with space between them.
This is my class:
public function getBanden($id = NULL, $merk = NULL, $seizoen = NULL)
{
$sql = "SELECT * FROM Uitvoering";
if(!empty($id))
{
$sql .= " WHERE uitvoeringid=:id";
if(!empty($merk)) { $sql .= " AND merkcode=:merk"; }
if(!empty($seizoen)) { $sql .= " AND uitvoeringseizoen=:seizoen"; }
}
else if(!empty($merk))
{
$sql .= " WHERE merkcode=:merk";
if(!empty($seizoen)) { $sql .= " AND uitvoeringseizoen=:seizoen"; }
$sql .= " ORDER BY uitvoeringvoertuigtype ASC, uitvoeringoms ASC";
}
try
{
$stmt = $this->db->prepare($sql);
if(!empty($id)) { $stmt->bindParam(":id", $id, PDO::PARAM_INT); }
if(!empty($merk)) { $stmt->bindParam(":merk", $merk, PDO::PARAM_STR); }
if(!empty($seizoen)) { $stmt->bindParam(":seizoen", $seizoen, PDO::PARAM_STR); }
$stmt->execute();
$this->bandenlijst = $stmt->fetchAll(PDO::FETCH_OBJ);
$stmt->closeCursor();
return $this->bandenlijst;
}
catch (Exception $e)
{
die ( $e->getMessage() );
}
}
This is a part of my file where I output the data:
if(isset($_POST['band_submit']) && $_POST['band_submit'] == "Zoek" || isset($_GET['merk']) && isset($_GET['type']) && isset($_GET['profiel']))
{
$merk = NULL;
$seizoentype = NULL;
if(isset($_POST['band_submit']) && $_POST['band_submit'] == "Zoek")
{
if($_POST['band_seizoen'] != "0") { $seizoentype = $_POST['band_seizoen']; }
$merk = $_POST['band_merk'];
}
else if(isset($_GET['merk']) && isset($_GET['type']))
{
if($_GET['type'] != "0") { $seizoentype = $_GET['type']; }
$merk = $_GET['merk'];
}
else { $seizoentype = NULL; $merk = NULL; }
$strSeizoen = NULL;
if ($seizoentype == "ZO") { $strSeizoen = "Onze zomerbanden"; }
elseif ($seizoentype == "WI") { $strSeizoen = "Onze winterbanden"; }
elseif ($seizoentype == "AS") { $strSeizoen = "Onze All-seasonbanden"; }
elseif ($seizoentype == "OV") { $strSeizoen = "Onze Overige banden"; }
else { $strSeizoen = "Alle A-merken en topklasse huismerken"; }
echo "\t\t\t\t\t<h2>" . $strSeizoen . "</h2>
\t\t\t\t\t<br />\n";
$merken = $merkclass->getMerken($merk);
$banden = $bandclass->getBanden(NULL, $merk, $seizoentype);
$nCount = 0;
$selband = NULL;
?>
<img src="http://www.website.net/logos/<?php echo str_replace(".png", "_150.png", $merken[0]->merk_logo); ?>" width="150" class="logo" alt="<?php echo $merken[0]->merk_naam; ?>"/>
<div id="merken">
<ul>
<?php
foreach($banden as $band)
{
?>
<li><a href="http://example-website.com/<?php
echo $band->merkcode;?>/<?php if(isset($seizoentype) && $seizoentype == "ZO") {echo "zomerbanden";}
else if ($seizoentype == "WI") {echo "winterbanden";}
else if ($seizoentype == "AS") {echo "all-season-banden";}
else if ($seizoentype == "OV") {echo "overig";}
else{ echo "alle-types";}?>/<?php echo $band->uitvoeringid;?>">
<?php echo str_replace(array(' ', ',', '/', '!'), '-',strtolower($band->uitvoeringoms));?>
</a>
</li>
<?php
if(isset($_GET['profiel']) && $band->uitvoeringid == $_GET['profiel']) { $selband = $band; }
$nCount++;
}
if(empty($selband) && count($banden) > 0)
{
$selband = $banden[0];
}
else if(count($banden) > 0)
{
}
else
{
echo "\t\t\t\t\t\t\t<li>Nothing Found</li>\n";
}
?>
</ul>
<div class="clearboth"></div>
</div>
How can I manage to keep the working of this the same but combine 'uitvoeringid' and 'uitvoeringoms' to one output.
So in this part:
<a href="http://example-website.com/<?php
echo $band->merkcode;?>/<?php if(isset($seizoentype) && $seizoentype == "ZO") {echo "zomerbanden";}
else if ($seizoentype == "WI") {echo "winterbanden";}
else if ($seizoentype == "AS") {echo "all-season-banden";}
else if ($seizoentype == "OV") {echo "overig";}
else{ echo "alle-types";}?>/<?php echo $band->uitvoeringid;?>">
<?php echo str_replace(array(' ', ',', '/', '!'), '-',strtolower($band->uitvoeringoms));?>
</a>
I want this line <?php echo $band->uitvoeringid;?> to be 'uitvoeringoms' and 'uitvoeringid' combined to something like "test-2341"
I tried something like:
$sql = "SELECT concat(uitvoeringid, uitvoeringoms) AS single FROM Uitvoering";
But I still want to SELECT everything and not only (uitvoeringid, uitvoeringoms)
I got a bit lost trying to get this working in a good way. Can somebody help me please? :)
It was very hard to explain this in a good way for me so I hope you guys understand it.
Thanks
Isn't this what you are looking for? A space in the middle?
$sql = "SELECT *,concat(uitvoeringid, ' ', uitvoeringoms) AS single FROM Uitvoering";
Or simply:
echo $uitvoeringsid.' '.$uitvoeringoms;
You can have both everything and combined data:
$sql = "SELECT *, concat(uitvoeringid, " ", uitvoeringoms) AS single FROM Uitvoering";
You can use same statement to get all columns but you need to specify the columns names in statement, like below:
$sql = "SELECT concat(uitvoeringid, ' ' ,uitvoeringoms) AS single, Col_1, Col_2... FROM Uitvoering";