Get individual ID of ROW, and make the result linkable - php

I need to get the 'id' column from my table 'reports' to get the unique value and make it linkable.
The link of the element has this format: http://www.mysite.com/id, (coma included)
Can you help me how to get the info from id column and make it clikable in the results?
<?php
$MySQLPassword = "*****";
$HostName = "***";
$UserName = "***";
$Database = "****";
mysql_connect($HostName,$UserName,$MySQLPassword)
or die("ERROR: Could not connect to database!");
mysql_select_db($Database) or die("cannot select db");
$default_sort = 'ID';
$allowed_order = array ('name','description');
if (!isset ($_GET['order']) ||
!in_array ($_GET['order'], $allowed_order)) {
$order = $default_sort;
} else {
$order = $_GET['order'];
}
if (isset($_GET['keyword'])) {
if(!$_GET['keyword']) {
die('<p>Please enter a search term.</p>');
}
/////////////////////////HERE IS THE BEGINING OF CODE WHERE I THINK SHOULD BE THE PROBLEM ////////////////////////////
$tables = 'reports';
$return_fields = 'name organizer_id no_pages publication_date price';
$check_fields = 'name description';
$query_text = $_GET['keyword'];
$clean_query_text =cleanQuery($query_text);
$newquery=bq_simple ($return_fields, $tables, $check_fields, $clean_query_text);
$newquery = $newquery . " ORDER BY $order;";
$result = mysql_query($newquery) or die(mysql_error());
$numrows = mysql_num_rows($result);
if ($numrows == 0) {
echo "<H4>No data to display!</H4>";
exit;
}
echo "<p>Your search '$query_text' returned ".$numrows. " results.</p>\n";
echo "<p>Click on the headings to sort.</p>\n";
$row = mysql_fetch_assoc ($result);
echo "<TABLE border=1>\n";
echo "<TR>\n";
foreach ($row as $heading=>$column) {
echo "<TD><b>";
if (in_array ($heading, $allowed_order)) {
echo "$heading";
} else {
echo $heading;
}
echo "</b></TD>\n";
}
echo "</TR>\n";
$results = mysql_query("SELECT id, name FROM reports WHERE id = $id") or die(mysql_error());
while ($row = mysql_fetch_assoc ($result)) {
echo "<TR>\n";
echo '' . $row['name'] . '';
echo "</TR>\n";
}
echo "</TABLE>\n";
}
////////////////////////FINISH OF THE CODE WITH PROBLEM ////////////////////////////
/* * * * * * * * * * * * * * F U N C T I O N S * * * * * * * * * * * */
function cleanQuery($string)
{
$string = trim($string);
$string = strip_tags($string); // remove any html/javascript.
if(get_magic_quotes_gpc()) // prevents duplicate backslashes
{
$string = stripslashes($string);
}
if (phpversion() >= '4.3.0')
{
$string = mysql_real_escape_string($string);
}
else
{
$string = mysql_escape_string($string);
}
return $string;
}
function bq_handle_shorthand($text) {
$text = preg_replace("/ \+/", " and ", $text);
$text = preg_replace("/ -/", " not ", $text);
return $text;
}
function bq_explode_respect_quotes($line) {
$quote_level = 0; #keep track if we are in or out of quote-space
$buffer = "";
for ($a = 0; $a < strlen($line); $a++) {
if ($line[$a] == "\"") {
$quote_level++;
if ($quote_level == 2) { $quote_level = 0; }
}
else {
if ($line[$a] == " " and $quote_level == 0) {
$buffer = $buffer . "~~~~"; #Hackish magic key
}
else {
$buffer = $buffer . $line[$a];
}
}
}
$buffer = str_replace("\\", "", $buffer);
$array = explode("~~~~", $buffer);
return $array;
}
function bq_make_subquery($fields, $word, $mode) {
if ($mode == "not") {
$back = " LIKE '%$word%'))";
}
else {
$back = " LIKE '%$word%')";
}
if ($mode == "not") {
$front = "(NOT (";
$glue = " LIKE '%$word%' AND ";
}
else {
$front = "(";
$glue = " LIKE '%$word%' AND ";
}
$text = str_replace(" ", $glue, $fields);
$text = $front . $text . $back;
return $text;
}
function bq_make_query($fields, $text) {
$text = strtolower($text);
$text = bq_handle_shorthand($text);
$wordarray = bq_explode_respect_quotes($text);
$buffer = "";
$output = "";
for ($i = 0; $i<count($wordarray); $i++) {
$word = $wordarray[$i];
if ($word == "and" or $word == "not" and $i > 0) {
if ($word == "not") {
$i++;
if ($i == 1) { #invalid sql syntax to prefix the first check with and/or/not
$buffer = bq_make_subquery($fields, $wordarray[$i], "not");
}
else {
$buffer = " AND " . bq_make_subquery($fields, $wordarray[$i], "not");
}
}
else {
if ($word == "and") {
$i++;
if ($i == 1) {
$buffer = bq_make_subquery($fields, $wordarray[$i], "");
}
else {
$buffer = " AND " . bq_make_subquery($fields, $wordarray[$i], "");
}
}
else {
if ($word == "and") {
$i++;
if ($i == 1) {
$buffer = bq_make_subquery($fields, $wordarray[$i], "");
}
else {
$buffer = " AND " . bq_make_subquery($fields, $wordarray[$i], "");
}
}
}
}
}
else {
if ($i == 0) { # 0 instead of 1 here because there was no conditional word to skip and no $i++;
$buffer = bq_make_subquery($fields, $wordarray[$i], "");
}
else {
$buffer = " AND " . bq_make_subquery($fields, $wordarray[$i], "");
}
}
$output = $output . $buffer;
}
return $output;
}
function bq_simple ($return_fields, $tables, $check_fields, $query_text) {
$return_fields = str_replace(" ", ", ", $return_fields);
$tables = str_replace(" ", ", ", $tables);
$query = "SELECT $return_fields FROM $tables WHERE ";
$query = $query . bq_make_query($check_fields, $query_text);
#
# Uncomment to debug
#
return $query;
}
?>


I don't see the query in your code but the general idea is as follows:
$result = mysql_query("SELECT id, name FROM reports WHERE field = value") or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo '' . $row['name'] . '';
}
Keep in mind the mysql_* functions are deprecated. You should use mysqli or PDO.

Related

Dynamic update statement - prepared statement

I am generating my MYSQL update statement dynamically in PHP. As I want my application to be secure to SQL injections I want to use the prepared statement function. But as I'm pretty experienced I'm struggling to do so. Below my code so far:
function sqlUpdate($tablename)
{
$connect = sqlConnect();
$updateString = "UPDATE " . $tablename . " SET ";
$columnname = getColumnname($tablename, false, true);
for ($k=0; $k<count($columnname, COUNT_RECURSIVE); $k++)
{
if ($k+1 < count($columnname, COUNT_RECURSIVE))
{
$updateString .= $columnname[$k] . " = '" . mysqli_real_escape_string($connect, $_POST[$columnname[$k]]) . "', ";
}
else
{
$updateString .= $columnname[$k] . " = '" . mysqli_real_escape_string($connect, $_POST[$columnname[$k]]) . "' WHERE " . $columnname[0] . " = '" . mysqli_real_escape_string($connect, $_POST[$columnname[0]]) . "';";
}
}
if(mysqli_query($connect, $updateString))
{
echo "Daten wurden erfolgreich aktualisiert! </br>";
}
else
{
echo "Es ist ein Fehler aufgetreten... </br>";
}
mysqli_close($connect);
}
My code is working fine at the moment but I'm not managing to get it to work with prepared statements. I hope my question is not too stupid. Can somebody share some thoughts how to realize it with my code or do I have to completly overthink my approach?
Sorry again for my noob question...
Thanks!

Thanks to everybody who answered I managed to get it to work. I used the call_user_func_array function and can now generate the prepared statements for UPDATE and INSERT in one function:
function preparedStatement($tableName, $action)
{
$connect = sqlConnect();
$stmt = $connect->stmt_init();
$columnname = getColumnname($tableName, false, true);
for ($k=0; $k<count($columnname, COUNT_RECURSIVE); $k++)
{
$fielddata[] = $columnname[$k];
$fieldvalue[] = $_POST[$columnname[$k]];
}
if ($action == "insert")
{
$fieldvalue[0] = " ";
}
$fieldvalue_join = implode(',', array_map('addquote', $fieldvalue));
$fieldvalue = explode(",",$fieldvalue_join);
$valueCount = count($fieldvalue);
$question_mark = array();
for($i=0; $i<$valueCount; $i++)
{
$question_mark[] = '?';
}
$join_question_mark = implode(",", $question_mark);
$types = '';
foreach($fieldvalue as $param)
{
if(is_int($param))
{
$types .= 'i'; //integer
}
elseif (is_float($param))
{
$types .= 'd'; //double
}
elseif (is_string($param))
{
$types .= 's'; //string
}
else
{
$types .= 'b'; //blob and unknown
}
}
if ($action == "insert")
{
$insertString = "INSERT INTO ".$tableName."(".implode(",",$fielddata).") VALUES (".$join_question_mark.");";
$stmt->prepare($insertString);
$bind_names[] = $types;
}
elseif ($action == "update")
{
$updateString = "UPDATE " . $tableName . " SET ";
for ($k=0; $k<count($columnname, COUNT_RECURSIVE); $k++)
{
if ($k+1 < count($columnname, COUNT_RECURSIVE))
{
$updateString .= $columnname[$k] . " = ?, ";
}
else
{
$updateString .= $columnname[$k] . " = ? WHERE " . $columnname[0] . " = '" . mysqli_real_escape_string($connect, $_POST[$columnname[0]]) . "';";
}
}
$stmt->prepare($updateString);
$bind_names[] = $types;
}
for ($i=0; $i<count($fieldvalue); $i++)
{
$bind_name = 'bind' . $i;
$$bind_name = $fieldvalue[$i];
$bind_names[] = &$$bind_name;
}
call_user_func_array(array($stmt,'bind_param'),$bind_names);
if($stmt->execute())
{
$insert_id=$stmt->insert_id;
$stmt->close();
return $insert_id;
}
else
{
echo "Fehler beim Ausführen der Aktion...";
}
}
function addquote($str)
{
if($str[0]=="'" || $str[0]=='"' && $str[strlen($str)-1]=="'" || $str[strlen($str)-1]=="'" )
{
$str=substr($str,1);
$str=substr($str,0,-1);
}
return sprintf("%s", $str);
}

function results in Notice: Undefined offset: 0 on one website but not the other

This is bizarre. I am working on a new website using WAMP on my pc and I copy and pasted the database functions I created from another site I worked on.
Below is the function. On this new site I'm getting an error (Notice: Undefined offset: 0) whenever there is nothing that matches in the database. But, on the other site (which is hosted externally) I never get that error (never have and I just tested it specifically to make sure).
Obviously, I could just put the "return $rows[0]" in an if statement to prevent this. But, I would like to know what is causing the problem in case I need to make some changes to the old site! I'm kind of worried!
There's also another difference. On the new site I get an error when the $order is NULL, saying that $s3 is undefined. Again, I can fix it easily by just defining it along with $s1 and $s2 at the beginning. But, it works fine on my other site and has for a long time. What on earth is the difference??
function get_row5($table, $field, $where1, $value1, $where2=NULL, $value2=NULL, $where3=NULL, $value3=NULL, $where4=NULL, $value4=NULL, $where5=NULL, $value5=NULL, $order=NULL) {
$rows = array();
global $conn;
connect();
$s1 = "SELECT $field FROM $table WHERE $where1" . '=' . "'$value1'";
$s2 = "";
if ($where2 != NULL) {
if ($value2 == NULL) {
$s2 = " and $where2 is NULL";
} else {
$s2 = " and $where2" . ' = ' . "'$value2'";
}
}
if ($where3 != NULL) {
if ($value3 == NULL) {
$s2 .= " and $where3 is NULL";
} else {
$s2 .= " and $where3" . ' = ' . "'$value3'";
}
}
if ($where4 != NULL) {
if ($value4 == NULL) {
$s2 .= " and $where4 is NULL";
} else {
$s2 .= " and $where4" . ' = ' . "'$value4'";
}
}
if ($where5 != NULL) {
if ($value5 == NULL) {
$s2 .= " and $where5 is NULL";
} else {
$s2 .= " and $where5" . ' = ' . "'$value5'";
}
}
if ($order != NULL) {
$s3 = " ORDER BY $order LIMIT 1";
}
$sql = $s1 . $s2 . $s3;
$result = $conn->query($sql);
while ($row = $result->fetch_assoc()) {
$rows[] = $row;
}
mysqli_free_result($result);
$conn->close();
return $rows[0];
}

You are geting this error because there is no row return from query you can overcome with following code
function get_row5($table, $field, $where1, $value1, $where2=NULL, $value2=NULL, $where3=NULL, $value3=NULL, $where4=NULL, $value4=NULL, $where5=NULL, $value5=NULL, $order=NULL) {
$rows = array();
global $conn;
connect();
$s1 = "SELECT $field FROM $table WHERE $where1" . '=' . "'$value1'";
$s2 = "";
$s3 = "";
if ($where2 != NULL) {
if ($value2 == NULL) {
$s2 = " and $where2 is NULL";
} else {
$s2 = " and $where2" . ' = ' . "'$value2'";
}
}
if ($where3 != NULL) {
if ($value3 == NULL) {
$s2 .= " and $where3 is NULL";
} else {
$s2 .= " and $where3" . ' = ' . "'$value3'";
}
}
if ($where4 != NULL) {
if ($value4 == NULL) {
$s2 .= " and $where4 is NULL";
} else {
$s2 .= " and $where4" . ' = ' . "'$value4'";
}
}
if ($where5 != NULL) {
if ($value5 == NULL) {
$s2 .= " and $where5 is NULL";
} else {
$s2 .= " and $where5" . ' = ' . "'$value5'";
}
}
if ($order != NULL) {
$s3 = " ORDER BY $order LIMIT 1";
}
$sql = $s1 . $s2 . $s3;
$result = $conn->query($sql);
while ($row = $result->fetch_assoc()) {
$rows[] = $row;
}
mysqli_free_result($result);
$conn->close();
if(count($rows))
return $rows[0];
else
return $rows; //<---empty row
}

Check and set array to null

I am trying to set result_array to null if there are no existing data in the database. The result should be shown in a table format but I cannot get the result_array as null and keep getting error on the line $result_array[] = null;
global $db;
$db = new mysqli();
$db->connect("localhost", "root", "", "databasename");
$db->set_charset("utf8");
if ($db->connect_errno) {
printf("Connection has failed: %s\n", $db->connect_error);
exit();
}
$html = '';
$html .= '<li class="result">';
$html .= '<a target="_blank" href="url">';
$html .= '<h3>name</h3>';
$html .= '</a>';
$html .= '</li>';
$search = preg_replace("/[^A-Za-z0-9]/", " ", $_POST['query']);
$search = $db->real_escape_string($search);
if (strlen($search) >= 1 && $search !== ' ') {
$query = 'SELECT * FROM tablename WHERE name LIKE "%'.$search.'%"';
$result = $db->query($query) or trigger_error($db->error."[$query]");
if(!$results = $result->fetch_array()){
$resultArray[] = null;
}
else{
while($results = $result->fetch_array()) {
$resultArray[] = $results;
}
}
if (isset($resultArray)) {
foreach ($resultArray as $result) {
$show_name = preg_replace("/".$search."/i", "<b class='highlight'>".$search."</b>", $result['name']);
$show_url = 'index.php';
$out = str_replace('name', $show_name, $html);
$out = str_replace('url', $show_url, $out);
$_SESSION['result']= $result['name'];
echo($out);
}
}else{
$out = str_replace('url', 'javascript:void(0);', $html);
$out = str_replace('name', '<b>No Results.</b>', $out);
echo($out);
}
}
?>

why aren't you using this?
...
$result_array = array();
if(!$results = $result->fetch_array()){
//do nothing
}
else{
while($results = $result->fetch_array()) {
$result_array[] = $results;
}
...
Also please use either $result_array or $resultArray

Displaying MySQL results in two columns (editing existing code)

I have been asked to revise an existing site, it's still using PHP5.3 and an old version of PHPmyDirectory, and the code is a little messy.
I'm trying to revise it to just display the list of cities in two columns. I'm trying to do it as a table, as it seemed easiest, but I could also just pull the results into to side by side divs, as there are never more than 26 cities listed (so first half or first 13 in div one, the rest in div two).
Here's the existing original code (I know its not mysqli, but we'll be redoing this site shortly so there's no sense trying to redo a million pages of code right now):
function create_service_area($title) {
global $listing;
$sql = "SELECT state_id, city_id FROM " .T_LISTINGS_CITIES. " WHERE listing_id = {$listing['id']} " ;
$result = query($sql);
if(!$result){
$output = "<p>Call for Service Area!</p>";
}
else {
$output = "<p>";
$result_array = array();
while ($service = fetch_array($result))
{
$sql2 = "SELECT title FROM " .T_LOCATIONS. " WHERE id = {$service['city_id']} " ;
$result2 = query($sql2);
if(!$result2){
break;
} else {
while ($service2 = fetch_array($result2))
{
$output .= "{$service2['title']}";
$title_array = explode(',', $service2['title']);
$result_array[] = $title_array;
}
$output .= "<br/>";
}
}
if($listing['custom_103'] =="Yes") {
$output .= "<b>".$title." will travel for an additional fee!</b></p>";
} else {
$output .="</p>";
}
}
return $output;
}
This is what is looks like currently: Current Site
Here's what I've tried to do:
function create_service_area($title) {
global $listing;
$sql = "SELECT state_id, city_id FROM " .T_LISTINGS_CITIES. " WHERE listing_id = {$listing['id']} " ;
$result = query($sql);
if(!$result){
$output = "<p>Call for Service Area!</p>";
}
else {
$result_array = array();
while ($service = fetch_array($result)) {
$sql2 = "SELECT title FROM " .T_LOCATIONS. " WHERE id = {$service['city_id']} " ;
$result2 = query($sql2);
$i=0;
if(!$result2) {
break;
}
else {
while ($service2 = fetch_array($result2)) {
$output .= "{$service2['title']}";
$title_array = explode(',', $service2['title']);
$result_array[] = $title_array;
$i++;
}
echo "<table>";
for ($j=0; $j<$i; $j=$j+2) {
echo "<tr>";
echo "<td>".$title_array[$j]."</td><td>".$title_array[$j+1]."</td>";
echo "</tr>";
}
echo "</table>";
}
}
if($listing['custom_103'] =="Yes") {
$output .= "<p><b>".$title." will travel for an additional fee!</b></p>";
}
else {
$output .="";
}
}
return $output;
}
And here's what I'm getting: DEV site
I'm very much a PHP newbie, and my understanding is pretty spotty, but I've tried a bunch of different solutions I've found here, and can't get them to work. I'm sure I'm missing something obvious.
Thanks for any pointers!

if I got it correct you should change your
else {
$output = "<p>";
$result_array = array();
while ($service = fetch_array($result))
{
$sql2 = "SELECT title FROM " .T_LOCATIONS. " WHERE id = {$service['city_id']} " ;
$result2 = query($sql2);
if(!$result2){
break;
} else {
while ($service2 = fetch_array($result2))
{
$output .= "{$service2['title']}";
$title_array = explode(',', $service2['title']);
$result_array[] = $title_array;
}
$output .= "<br/>";
}
}
if($listing['custom_103'] =="Yes") {
$output .= "<b>".$title." will travel for an additional fee!</b></p>";
} else {
$output .="</p>";
}
}
with
else {
$output = "<table>";
$result_array = array();
$even_odd=true;
while ($service = fetch_array($result))
{
$sql2 = "SELECT title FROM " .T_LOCATIONS. " WHERE id = {$service['city_id']} " ;
$result2 = query($sql2);
if(!$result2){
break;
} else {
$output .= "";
while ($service2 = fetch_array($result2))
{
if ($even_odd) {
$output .= '<tr><td>'."{$service2['title']}".'</td>';
$even_odd=false;
} else {
$output .= '<td>'."{$service2['title']}".'</td></tr>';
$even_odd=true;
}
$output .= "{$service2['title']}";
$title_array = explode(',', $service2['title']);
$result_array[] = $title_array;
}
}
}
if($listing['custom_103'] =="Yes") {
$output .= "<b>".$title." will travel for an additional fee!</b></p>";
} else {
if (!$even_odd)$output .="<td></td></tr>";
$output .="</table>";
}
}

Try this, I couldn't test it of course, since I've got no access to the data being loaded.
echo "<table>";
$result_array = array();
while ($service = fetch_array($result))
{
//this will loop multiple times. 7 times for Tony S. in the example.
$sql2 = "SELECT title FROM " .T_LOCATIONS. " WHERE id = {$service['city_id']} " ;
$result2 = query($sql2);
$i=0;
if(!$result2)
{
break;
}
else
{
while ($service2 = fetch_array($result2))
{
$title_array = explode(',', $service2['title']);
$result_array[] = $title_array;
$i++;
}
}
}
for ($j=0; $j < count($result_array); $j++)
{
if ($j % 2 == 0)
{
echo "<tr>";
}
echo "<td>".$result_array[$j][0]." (".$result_array[$j][1].")</td>";
if ($j % 2 == 0)
{
echo "</tr>";
}
if ($j % 2 == 1 && $j == count($result_array)-1)
{
echo "<td></td></tr>";
}
}
echo "</table>";
Paste and replace between this lines:
if(!$result){
$output = "<p>Call for Service Area!</p>";
}
else {
.... PASTE IN HERE ....
}

Building on Kim's code, I was able to get it working with some revisions. I also scrapped the table for divs, since it seems less messy to me and it seemed like the table styling was interfering somehow.
function create_service_area($title) {
global $listing;
$sql = "SELECT state_id, city_id FROM " .T_LISTINGS_CITIES. " WHERE listing_id = {$listing['id']} " ;
$result = query($sql);
if(!$result){
$output = "<p>Call for Service Area!</p>";
} else {
$output = "<div>";
//$result_array = array();
$even_odd=true;
while ($service = fetch_array($result))
{
$sql2 = "SELECT title FROM " .T_LOCATIONS. " WHERE id = {$service['city_id']} " ;
$result2 = query($sql2);
if(!$result2){
break;
} else {
$output .= "{$service2['title']}";
$title_array = explode(',', $service2['title']);
$result_array[] = $title_array;
while ($service2 = fetch_array($result2))
{
if ($even_odd) {
$output .= '<div style="float:left;width:50%;">'."{$service2['title']}".'</div>';
$even_odd=false;
} else {
$output .= '<div style="float:right;width:50%;">'."{$service2['title']}".'</div>';
$even_odd=true;
}
}
}
}
if($listing['custom_103'] =="Yes") {
$output .= "<div style='clear:both;width:90%;float:none;'><p><b>".$title." will travel for an additional fee!</b></p></div>";
} else {
}
}
return $output;
}
Thanks so much Kim and Mouser!

PHP unitialized string offset: 0

I decided to give PHP a try, and then bought lynda.com's essential training tutorial.
The problem is, that I get this error:
( ! ) Notice: Uninitialized string offset: 0 in
C:\wamp\www\widget_corp\includes\functions.php on line 147.
when trying to compare two values.
Can anyone help me ? :)
error in navigation function:
if($page["id"] == $selectedPage['id']){
Class content.php below:
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php");?>
<?php findSelectedPage(); ?>
<?php include("includes/header.php");?>
<table id="structure">
<tr>
<td id="navigation">
<?php echo navigation($selSubject, $selectedPage);?>
<br/>
+ Add a new subject
</td>
<td id="page">
<?php echo checkSubjOrPage();?>
<br/>
<div id="footer">Copyright 2007, Widget Corp</div>
</td>
</tr>
</table>
<?php require("includes/footer.php"); ?>
class function.php below:
<?php
//This file is the place to store all basic functions.
//NB!
//function to prevent problems with submitting values, that contains
//chars such as: "", '' etc., into the database.
function mysql_prep($value){
$magic_quotes_active = get_magic_quotes_gpc;
//i.e. php>= v4.3.0
$new_enough_php = function_exists("mysql_real_escape_string");
if($new_enough_php){
//undo any magic quotes effects so mysql_real_escape_string can do the work
if($magic_quotes_active){
$value = stripslashes($value);
}
$value = mysql_real_escape_string($value);
} else { // before PHP v4.3.0
//if magic quotes aren't already on then add slashed manually
if(!$magic_quotes_active){
$value = addslashes($value);
}
}
return $value;
}
function confirm_query($result_set){
if(!$result_set){
die("Database connection failed: " . mysql_error());
}
}
function getAllSubjects(){
global $connection;
$query = "SELECT *
FROM subjects
ORDER BY position ASC";
$subject_set = mysql_query($query, $connection);
confirm_query($subject_set);
return $subject_set;
}
function getPagesForSubject($subject_id){
global $connection;
$query = "SELECT *
FROM pages
WHERE subject_id = {$subject_id}
ORDER BY position ASC";
$page_set = mysql_query($query, $connection);
confirm_query($page_set);
return $page_set;
}
function get_subject_by_id($subject_id){
global $connection;
$query = "SELECT * ";
$query .= "FROM subjects ";
$query .= "WHERE id=" . $subject_id . " ";
$query .= "LIMIT 1";
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
//REMEMBER:
//if no rows are returned, fetch_array will return false.
if($subject = mysql_fetch_array($result_set)){
return $subject;
} else {
return NULL;
}
}
function get_page_by_id($page_id){
global $connection;
$query = "SELECT * ";
$query .= "FROM pages ";
$query .= "WHERE id=" . $page_id . " ";
$query .= "LIMIT 1";
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
//REMEMBER:
//if no rows are returned, fetch_array will return false.
if($page = mysql_fetch_array($result_set)){
return $page;
} else {
return NULL;
}
}
function checkSubjOrPage(){
global $selSubject;
global $selectedPage;
if(!is_null($selSubject)){
return "<h2>" . $selSubject['menu_name'] . "</h2>";
} else if(!is_null($selectedPage)){
return "<h2>" . $selectedPage['menu_name'] . "</h2>" . "<div>" . $selectedPage['content'] . "</div>";
} else {
return "<h2>" . "Select a subject or page to edit!" . "</h2>";
}
}
function findSelectedPage(){
global $selSubject;
global $selectedPage;
if(isset($_GET['subj'])){
$selSubject = get_subject_by_id($_GET['subj']);
$selectedPage = "";
} else if(isset($_GET['page'])){
$selSubject = NULL;
$selectedPage = get_page_by_id($_GET['page']);
} else {
$selectedPage = NULL;
$selSubject = NULL;
}
}
function navigation($selSubject, $selectedPage){
$output = "<ul class=\"subjects\">";
//3. Perform our database query
$subject_set = getAllSubjects();
while($subject = mysql_fetch_array($subject_set)){
$output .= "<li";
if($subject["id"] == $selSubject['id']){
$output .= " class=\"selected\"";
}
$output .= "><a href=\"content.php?subj=" . urlencode($subject["id"]) .
"\">{$subject["menu_name"]}</a></li>";
$page_set = getPagesForSubject($subject["id"]);
$output .= "<ul class=\"pages\">";
while($page = mysql_fetch_array($page_set)){
$output .= "<li";
if($page["id"] == $selectedPage['id']){
$output .= " class=\"selected\"";
}
$output .= "><a href=\"content.php?page=" . urlencode($page{"id"}) .
"\">{$page["menu_name"]}</a></li>";
}
$output .= "</ul>";
}
$output .= "</ul>";
return $output;
}
function getPositions(){
$subject_set = getAllSubjects();
$subject_counts = mysql_num_rows($subject_set);
$output = "<select name=\"position\">";
//$subject_counts + 1 b/c we are adding a subject.
for($count = 1; $count <= $subject_counts +1; $count++){
$output .= "<option value=\"{$count}\">{$count}</option>";
}
return $output . " </select>";
}
?>

here you override $selectedPage to a string or set it to null
function findSelectedPage(){
global $selSubject;
global $selectedPage;
if(isset($_GET['subj'])){
$selSubject = get_subject_by_id($_GET['subj']);
$selectedPage = "";
} else if(isset($_GET['page'])){
$selSubject = NULL;
$selectedPage = get_page_by_id($_GET['page']);
} else {
$selectedPage = NULL;
$selSubject = NULL;
}
}
And here it should be an array:
if($page["id"] == $selectedPage['id']){
function findSelectedPage(){
global $selSubject;
global $selectedPage;
if(isset($_GET['subj'])){
$selSubject = get_subject_by_id($_GET['subj']);
$selectedPage = NULL;
} else if(isset($_GET['page'])){
$selSubject = NULL;
$selectedPage = get_page_by_id($_GET['page']);
} else {
$selectedPage = NULL;
$selSubject = NULL;
}
}
function navigation($selSubject, $selectedPage){
$output = "<ul class=\"subjects\">";
//3. Perform our database query
$subject_set = getAllSubjects();
while($subject = mysql_fetch_array($subject_set)){
$output .= "<li";
if(isset($selSubject['id']) && $subject["id"] == $selSubject['id']){
$output .= " class=\"selected\"";
}
$output .= "><a href=\"content.php?subj=" . urlencode($subject["id"]) .
"\">{$subject["menu_name"]}</a></li>";
$page_set = getPagesForSubject($subject["id"]);
$output .= "<ul class=\"pages\">";
while($page = mysql_fetch_array($page_set)){
$output .= "<li";
if(isset($selectedPage['id']) && $page["id"] == $selectedPage['id']){
$output .= " class=\"selected\"";
}
$output .= "><a href=\"content.php?page=" . urlencode($page{"id"}) .
"\">{$page["menu_name"]}</a></li>";
}
$output .= "</ul>";
}
$output .= "</ul>";
return $output;
}

Categories