While loop not running if statements right - php

So I have have a while loop and it does work in terms of the database and if statements etc.. however for some reason the if statements are not running correctly
Here is the code (edited)
<?php session_start( ); ?>
<?php include 'core/init.php';
include 'includes/header.php';
require 'core/database/db_connection.php';
function friend_check($user_id, $friend_id) {
$result = mysql_query("SELECT * FROM fyp_friends WHERE user_id={$user_id} AND friend_id={$friend_id} AND type=1");
$num_rows = mysql_num_rows($result);
echo $num_rows;
}
?>
<link rel="stylesheet" type="text/css" href="style/members.css">
<?php
/*------------------------------------------------------------------------------------- --------------------*/
//Get user information from fyp_users
$sql = ("SELECT user_id, user_name, first_name, last_name, email, profile FROM fyp_users");
$user =mysql_query($sql) or die(mysql_error());
//$userinfo = mysql_fetch_array($user);
//echo $userinfo['user_id'];
//Get friend information from fyp_users
//$sql = ("SELECT user_id, friend_id, type FROM fyp_friends");
//$friend =mysql_query($sql) or die(mysql_error());
//$friendinfo = mysql_fetch_array($friend);
//echo $friendinfo['user_id'];
?>
<?php
while ($usermain = mysql_fetch_array($user)) {
echo '<div id="friends">';
echo '<div class="profilepiclarge"><img src="', $usermain['profile'], '"alt="', $usermain['first_name'],'\'s Profile Image"></div>';
?>
<div class="userinfo">
<?php
echo "</br>{$usermain['first_name']}";
echo "</br>{$usermain['last_name']}";
echo "</br>{$usermain['email']}";
echo "</br>{$usermain['user_name']}</br>";
echo '<div class="viewprofile">';
echo "<a href='profile.php?user_name={$usermain['user_name']}'>View Profile</a>";
echo '</div>';
$sql = ("SELECT user_id, friend_id, type FROM fyp_friends WHERE user_id= {$usermain['user_id']}");
$friend =mysql_query($sql) or die(mysql_error());
$friend_result = friend_check($session_user_id, $usermain['user_id']);
echo $friend_result;
if ($usermain['user_id'] === $session_user_id) {
echo "This is you";
} else if (intval($friend_result) == 1) {
echo '<div class="removefriend">';
echo"Remove Friend";
echo '</div>';
} else if (intval($friend_result) == 0) {
echo '<div class="addfriend">';
echo"Add Friend";
echo '</div>';
}
echo "</div>";
echo "</div>";
//If statment to go here to see if already friends dont show add friends function also if current user is logged in sont show it. If already friends the option
//to remove the user as a fried becomes avalible
}


Your second query has no WHERE clause so i'm not seeing how you are listing friends related to the user in question, change the query to :
SELECT user_id, friend_id, type FROM fyp_friends WHERE user_id = $usermain['user_id']

Related

How to delete receiver name and our messages in my messaging code in the display page?

Messages I want to delete a receiver name and our messages or the entire receiver row in the database in the display page.I have 2 codes to show, 1st is the displaying page, next is the delete page. When I press the x image, it will not delete any receiver name and our messages. I wonder if the request id in the index.php I made is effective or not. Consider my codes below:
main page / index.php
$q = 'SELECT DISTINCT `receiver_name`,`sender_name`,`id`
FROM `messages` WHERE
`sender_name`="' . $_SESSION['username'] . '" OR
`receiver_name`="' . $_SESSION['username'] . '"
ORDER BY `date_time` DESC';
$r = mysqli_query($con, $q);
if ($r) {
if (mysqli_num_rows($r) > 0) {
$counter = 0;
$added_user = array();
while ($row = mysqli_fetch_assoc($r)) {
$sender_name = $row['sender_name'];
$receiver_name = $row['receiver_name'];
$id = $row['id'];
if ($_SESSION['username'] == $sender_name) {
//add the receiver_name but only once
//so to do that check the user in array
if (in_array($receiver_name, $added_user)) {
//dont add receiver_name because
//he is already added
} else {
//add the receiver_name
?>
<div class="grey-back">
<img src="images/profile_user.jpg" class="image"/>
<?php echo '' . $receiver_name . '';
echo '<img src="x.png" style="width:12px; height:12px; float:right;">';
?>
</div>
<?php
//as receiver_name added so
///add it to the array as well
$added_user = array($counter => $receiver_name);
//increment the counter
$counter++;
}
} elseif ($_SESSION['username'] == $receiver_name) {
//add the sender_name but only once
//so to do that check the user in array
if (in_array($sender_name, $added_user)) {
//dont add sender_name because
//he is already added
} else {
//add the sender_name
?>
<div class="grey-back">
<img src="images/profile_user.jpg" class="image"/>
<?php echo '' . $sender_name . ''; ?>
</div>
<?php
//as sender_name added so
///add it to the array as well
$added_user = array($counter => $sender_name);
//increment the counter
$counter++;
}
}
}
} else {
//no message sent
echo '<div style="float:left; padding: 70px 0 0 150px;">';
echo 'no user';
echo '</div>';
}
} else {
//query problem
echo $q;
}
delete page
require_once "connection.php";
$id = $_REQUEST['id'];
mysqli_query($con, "DELETE FROM messages WHERE id=$id");
header("location: index.php");

I see one problem:
echo '<img src="x.png" style="width:12px; height:12px; float:right;">';
will output
<img src="x.png" style="width:12px; height:12px; float:right;">
but if $id=76, I'd guess you want it to be:
To do that try:
echo '';
And if $id is something more complex, with symbols & whatnot, then id='.$id.' becomes id='.urlencode($id).'.
That might be your problem. If it still doesn't work, let me know what output & error messages you are getting

PHP results not getting MySQL database

I do not understand PHP and SQL. We are just barely scraping it at the end of the semester, and its frustrating me. I am trying to get my results page to show the correct info, but for the life of me, it won't grab anything. I clearly have something wrong and was wondering if I could get some help.
Initial page
(normal top of basic webpage here)
<form id="ClubForm" action="ClubMembersResults.php" method="get">
<?php
require_once ('dbtest.php');
$query= "SELECT * FROM tblMembers ORDER BY LastName, FirstName, MiddleName;";
$r = mysqli_query($dbc, $query);
if (mysqli_num_rows($r) > 0) {
echo '<select id="memberid" name="memberid">';
while ($row = mysqli_fetch_array($r)) {
echo '<option value="'.$row['LastName'].'">'
.$row['LastName'].", ".$row['FirstName']." ".$row['MiddleName']. '</option>';
}
echo '</select>';
} else {
echo "<p>No Members found!</p>";
}
?>
<input type="submit" name="go" id="go" value="Go" />
</form>
<div id="results"></div>
</body>
results page currently written as:
<?php
$memid = 0;
$memid = (int)$_GET['memberid'];
if ($memid > 0) {
require_once ('dbtest.php');
$query = "SELECT * FROM tblMembers WHERE MemID = $memid;";
$r = mysqli_query($dbc, $query);`enter code here`
if (mysqli_num_rows($r) > 0) {
$row = mysqli_fetch_array($r);
echo "<p>Member ID: ".$row['MemID']."<br>";
echo "Member Name: ".$row['LastName'].", ".$row['FirstName']." ".$row['MiddleName']."<br>";
echo "Member Joined: ".$row['MemDt']."<br>";
echo "Member Status: ".$row['Status']."<br></p>";
}else {
echo "<p>Member not on file.</p>";
}
//table for inverntory
echo "<table border='1'>";
echo "<caption>Transaction History</caption>";
echo "<tr>";
echo "<th>Purchase Dt</th>";
echo "<th>Trans Cd</th>";
echo "<th>Trans Desc</th>";
echo "<th>Trans Type</th>";
echo "<th>Amount</th>";
echo "</tr>";
$query2 = "SELECT p.Memid, p.PurchaseDt, p.TransCd, c.TransDesc, p.TransType, p.Amount
FROM tblpurchases p, tblcodes c
WHERE p.TransCd = c.TransCd AND p.MemId = 'member id'
ORDER BY p.MemId, p.PurchaseDt, p.TransCd
";
$r2 = mysqli_query($dbc, $query2);
while ($row = mysqli_fetch_array($r2)) {
echo "<tr>";
echo "<td>".$row['PurchaseDt']."</td>;";
echo "<td>".$row['TransCd']."</td>";
echo "<td>".$row['TransDesc']."</td>";
echo "<td>".$row['TransType']."</td>";
echo "<td>".$row['Amount']."</td>";
echo "</tr>";
}
echo "</table>";
} else {
echo '<p>No Member ID from form.</p>';
}
?>
the results page should be showing tables with the info in the TH and TR/TD areas. Both those areas are coming from a separate SQL table, and teh the only similar field between the tblmembers and tblpurchases is MemID.

You need to use a join in your sql request to show purchases by members.
SELECT m.Memid, p.PurchaseDt, p.TransCd,
FROM tblpurchases p join
tblmembers m on p.MemId=m.MemId
This is an example of a join

View data to another page in PHP

I have a problem for display data from page to another page.
This is index.php:
<?php
include '../php/connect.php';
$query = mysql_query("SELECT * FROM user
ORDER BY user.id_user DESC") or die(mysql_error());
if(mysql_num_rows($query) == 0){
echo '<tr><td colspan="6">Tidak ada data!</td></tr>';
}else{
while($data = mysql_fetch_assoc($query)){
echo '<tr>';
echo '<td>'.$data['id_user'].'</td>';
echo '<td>'.$data['name'].'</td>';
echo '<td>'.$data['email'].'</td>';
echo '<td>View File</td>';
echo '<td>Konfirmasi</td>';
echo '</tr>';
?>
<?php
}}
?>
This is confirm_pembayaran.php
<?php
include '../php/connect.php';
$query = mysql_query("SELECT * FROM user
WHERE id_user=$id_user") or die(mysql_error());
if(mysql_fetch_array($query) == 0){
echo '<tr><td colspan="6">Tidak ada data!</td></tr>';
}else{
while($data = mysql_fetch_assoc($query)){
echo '<tr>';
echo '<td>'.$data['id_user'].'</td>';
echo '<td>'.$data['name'].'</td>';
echo '<td>'.$data['email'].'</td>';
echo '</tr>';
?>
<?php
}}
?>
The problem is in confirm_pembayaran.php for id_user that i was click from index.php not display in confirm_pembayaran.php. What should i do for confirm_pembayaran.php?

On the index page change the link to something like this ( unless you have set your .htaccess file up to accept links as they were generated )
You should, however, not be using the mysql_ family of functions as they have been deprecated. The code, as it is now is vulnerable to sql injection - I merely posted this to show how to pass the user_id parameter from one page to another which was what ( I think ) you wanted
/* index.php */
Konfirmasi
/* confirm_pembayaran.php */
$user_id=isset( $_GET['user_id'] ) ? filter_input( INPUT_GET,'user_id', FILTER_SANITIZE_STRING ) : false;
$query = mysql_query("SELECT * FROM user
WHERE id_user='{$user_id}'") or die(mysql_error());

First you need to pass your user id in query string correctly like below:
index.php
Changes this line
echo '<td>Konfirmasi</td>';
To
echo '<td>Konfirmasi</td>';
Then you need to change confirm_pembayaran.php
<?php
include '../php/connect.php';
$id_user = $_GET['id_user']; // Add this line for get your user id
$query = mysql_query("SELECT * FROM user
WHERE id_user=$id_user") or die(mysql_error());
if(mysql_fetch_array($query) == 0){
echo '<tr><td colspan="6">Tidak ada data!</td></tr>';
}else{
while($data = mysql_fetch_assoc($query)){
echo '<tr>';
echo '<td>'.$data['id_user'].'</td>';
echo '<td>'.$data['name'].'</td>';
echo '<td>'.$data['email'].'</td>';
echo '</tr>';
?>
<?php
}}
?>

Simplest way is:
In index.php
Konfirmasi
in confirm_pembayaran.php
$id_user = intval($_GET['userId']);

PHP, Mysql Calendar

I have created a calendar which is connected to mysql. The calendar searchs mysql and shows the number of employees on timeoff. There are several managers for a variety of employees. I created a searchterm box at which the manager can type there name and the code will query the database specific to the managers name (essentially only showing that managers employees instead of the whole company). The number of employess on time off are shown inside the calendar as a link and the total number for that specific day. Once clicked it then shows the employee names associated with the day. The problem im having is once the manager clicks onto the link, it automatically defaults to all employees instead of the ones specific to the manager. The managers search term is getting dropped and the code is defaulting back as if nothing was entered. My question is how I can reuse that searchterm over and over again until other wise directed.
$searchTerm = trim($_GET['keyname']);
if( $searchTerm != 'All Drivers' && $searchTerm != '')
{
$sqlEvent2 = mysql_query("select * FROM timeoff_365_days where (DM = '$searchTerm' or FM = '$searchTerm' or region ='$searchTerm' or location ='$searchTerm') and TimeOffDate = '".$year."-".$month."-".$i."'");
$num_rows = mysql_num_rows($sqlEvent2);
echo '<div id="button">';
echo "<a href='".$_SERVER['PHP_SELF']."?month=".$monthstring."&day=".$i."&year=".$year. "&v=false ' >".$num_rows."</a></td>";
echo '</div>';
}
else{
$sqlEvent = mysql_query( "select * FROM timeoff_365_days where TimeOffDate = '".$year."-".$month."-".$i."'" );
if (!$sqlEvent) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$num_rows = mysql_num_rows($sqlEvent);
echo '<div id="button">';
echo "<a href='".$_SERVER['PHP_SELF']."?month=".$monthstring."&day=".$i."&year=".$year."&v=true' >".$num_rows."</a></td>";
echo '</div>';
$sqlEvent = mysql_query( "select * FROM timeoff_365_days where TimeOffDate = '".$year."-".$month."-".$i."'" );
if (!$sqlEvent) {
echo 'Could not run query: ' . mysql_error();
exit;
}
$num_rows = mysql_num_rows($sqlEvent);
echo '<div id="button">';
echo "<a href='".$_SERVER['PHP_SELF']."?month=".$monthstring."&day=".$i."&year=".$year."&v=true' >".$num_rows."</a></td>";
echo '</div>';
}
}
echo "<tr>";
echo"</table>";
?>
<div class="accordion vertical">
<ul>
<li>
<input type="radio" id="radio-3" name="radio-accordion" />
<label for="radio-3">Time Off by Driver Code</label>
<div class="content">
<?php
if(($_GET['v']==false)) {
$sqlEvent2 = "select * FROM timeoff_365_days where (DM = '$searchTerm' or FM = '$searchTerm' or region ='$searchTerm'or location ='$searchTerm') and TimeOffDate ='".$year."/".$month."/".$day."'";
$resultEvents2 = mysql_query($sqlEvent2);
while ($events2 = mysql_fetch_array($resultEvents2)){
echo $events2['DriverCode']."-";
echo $events2['Unit']."</br>";
}
}
else {
echo "";
}
?>
<?php
echo "<tr >";
var_dump($searchTerm);
if(isset($_GET['v'])) {
$sqlEvent = "select * FROM timeoff_365_days where TimeOffDate ='".$year."/".$month."/".$day."'";
$resultEvents = mysql_query($sqlEvent);
while ($events = mysql_fetch_array($resultEvents)){
echo $events['DriverCode']."-";
echo $events['Unit']."</br>";
}
}
else {
echo "";
}
echo "<tr>";
var_dump($searchTerm);
?>

GET it with $_GET, so do it in the url with domain.com/index.php?search=asddf

Showing delete link for comments posted by the logged in users only in PHP

I have a page which shows the comments posted by all users. Here I need to show a delete link on the side of the comments posted by that current logged in user and he should be able to delete that comment too (like in Facebook, Orkut or any Blogging site). The sample code which I have tried is:
<?php
$user_id = 1;
$con = mysql_connect("localhost","root","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("blog", $con);
$result = mysql_query("SELECT * FROM replies");
while($row = mysql_fetch_array($result))
{
$replies = $row;
if($replies['poster_id' == $user_id]){
$delete = 'Delete';
}
echo $replies['poster_id']?></a> ¦ <?php echo $replies['reply_text']?> ¦ <?php echo $delete?></div>
<?php echo "<br />";
}
mysql_close($con);
?>
Here I have given the user_id which is hardcoded here.
What I got is, delete link is displayed on all comments. I need to display delete link for user_id with "1" only.
Can anyone suggest me to get the solution...Thanks in Advance...

<?php
if (isset($_GET['reply'],$_GET['where']))
$result=mysql_query("Delete FROM $replies WHERE entry_id = '$_GET['reply']'");
$username = $session->username;
$result=mysql_query("SELECT * FROM $replies WHERE entry_id = '$id' ORDER by reply_id DESC");
while ($i = mysql_fetch_array($result))
{
$replies = $i;
if ($replies['poster_id'] == $username){
$delete = 'Delete';
}
?>
<div>
<div><a href="profiles/<?php echo $replies['poster_id']?>">
<?php echo $replies['poster_id']?></a> ¦ <?php echo $replies['post_time']?> ¦ <?php echo $delete?></div>
<div><?php echo $replies['reply_text']?></div>
</div><br/><br/>
<?
}

I know this is kind of old, and probably already well taken care of, but you forgot a ; after $delete
<?php echo $delete?>
should be
<?php echo $delete; ?>

Categories