here is my code. actually i am displaying some data from mysql on the page and creating dynamic link.i want started a session with session_start() in the very begining of code before starting any code. i want to store the value of the link that is to be display on other pagepage..
page1.php
<a style="color:#F00; font-family:Arial, Helvetica, sans-serif; margin-left:33px; font-weight:bold">
No. of registered students:
</a>
<table border='1' align="center" style="font-size:14px" width="95%" cellspacing="3" class="db_table">
<tr class="db_table_tr" >
<th class="db_table_th" name="submit">USN</th>
</tr>
<?php
include('includes/login_connection.php');
$query = "select p.usn, p.name from personal_details p, course_codes c where p.usn = c.usn order by p.usn";
$run = mysql_query($query) or die($query."<br/><br/>".mysql_error());
$num = mysql_numrows($run);
echo $num;
while($row = mysql_fetch_assoc($run)){
echo "<tr>";
echo "<td>" . $row['usn'] . "" . "</td>";
echo "<td>" . $row['name'] . " </td>";
if(isset($_GET['submit'])){
$_SESSION['session_usn'] = $_GET['usn'];
}
}
echo "</tr>";
mysql_close($bd);
?>
</table>
page2.php
<?php
session_start();
if(isset($_SESSION['session_usn']))
{
$_POST['usn'] = $_SESSION['session_usn'];
echo $_POST['usn'];
}
?>
You need to provide a fall-back, in case the URL provided does not contain the proper variables in the $_GET section.
You have:
if(isset($_GET['submit'])){
$_SESSION['session_usn'] = $_GET['usn'];
}
You should do something else if $_GET['submit'] isn't set:
if(isset($_GET['submit'])){
$_SESSION['session_usn'] = $_GET['usn'];
} else {
$_SESSION['session_usn'] = "unset";
// or set a warning flag like "unset"
}
You should be feeding your php file a url like:
http://yoururl.com/page1.php?usn='333'
Where 333 is the value you want to store.
Related
So, I am trying to design a php website, and so far it works well in terms of adding an entry to the list table.
The problem is, it isnt able to update the table using edit.php. When the edit link is clicked it shows a message:
"There is no data to be edited."
But if I try to manually put localhost/edit.php**?id=1** it shows the id numbered list and works fine. Please help.
home.php
<html>
<head>
<title>My first PHP Website</title>
</head>
<?php
session_start(); //starts the session
if($_SESSION['user']){ // checks if the user is logged in
}
else{
header("location: index.php"); // redirects if user is not logged in
}
$user = $_SESSION['user']; //assigns user value
?>
<body>
<h2>Home Page</h2>
<hello>!
<!--Display's user name-->
Click here to go logout<br/><br/>
<form action="add.php" method="POST">
Add more to list: <input type="text" name="details" /> <br/>
Public post? <input type="checkbox" name="public[]" value="yes" /> <br/>
<input type="submit" value="Add to list"/>
</form>
<h2 align="center">My list</h2>
<table border="1px" width="100%">
<tr>
<th>Id</th>
<th>Details</th>
<th>Post Time</th>
<th>Edit Time</th>
<th>Edit</th>
<th>Delete</th>
<th>Public Post</th>
</tr>
<?php
mysql_connect("localhost","root","") or die(mysql_error());
mysql_select_db("first_db") or die("Cannot connect to database");
$query = mysql_query("select * from list");
while($row = mysql_fetch_array($query))
{
print "<tr>";
print '<td align="center">'. $row['id'] . "</td>";
print '<td align="center">'. $row['details'] . "</td>";
print '<td align="center">'. $row['date_posted'] . " - " . $row['time_posted'] . "</td>";
print '<td align="center">'. $row['date_edited'] . " - " . $row['time_edited'] . "</td>";
print '<td align="center">edit</td>';
print '<td align="center">delete</td>';
print '<td align="center">'. $row['public'] . "</td>";
print "</tr>";
}
?>
</table>
</body>
</html>
)
edit.php
<html>
<head>
<title>My first PHP website</title>
</head>
<?php
session_start(); //starts the session
if($_SESSION['user']){ //checks if user is logged in
}
else{
header("location:index.php"); // redirects if user is not logged in
}
$user = $_SESSION['user']; //assigns user value
$id_exists = false;
?>
<body>
<h2>Home Page</h2>
<p>Hello <?php Print "$user"?>!</p> <!--Displays user's name-->
Click here to logout<br/><br/>
Return to Home page
<h2 align="center">Currently Selected</h2>
<table border="1px" width="100%">
<tr>
<th>Id</th>
<th>Details</th>
<th>Post Time</th>
<th>Edit Time</th>
<th>Public Post</th>
</tr>
<?php
if(!empty($_GET['id']))
{
$id = $_GET['id'];
$_SESSION['id'] = $id;
$id_exists = true;
mysql_connect("localhost", "root","") or die(mysql_error()); //Connect to server
mysql_select_db("first_db") or die("Cannot connect to database"); //connect to database
$query = mysql_query("Select * from list Where id='$id'"); // SQL Query
$count = mysql_num_rows($query);
if($count > 0)
{
while($row = mysql_fetch_array($query))
{
Print "<tr>";
Print '<td align="center">'. $row['id'] . "</td>";
Print '<td align="center">'. $row['details'] . "</td>";
Print '<td align="center">'. $row['date_posted']. " - ". $row['time_posted']."</td>";
Print '<td align="center">'. $row['date_edited']. " - ". $row['time_edited']. "</td>";
Print '<td align="center">'. $row['public']. "</td>";
Print "</tr>";
}
}
else
{
$id_exists = false;
}
}
?>
</table>
<br/>
<?php
if($id_exists)
{
Print '
<form action="edit.php" method="POST">
Enter new detail: <input type="text" name="details"/><br/>
public post? <input type="checkbox" name="public[]" value="yes"/><br/>
<input type="submit" value="Update List"/>
</form>
';
}
else
{
Print '<h2 align="center">There is no data to be edited.</h2>';
}
?>
</body>
</html>
<?php
if($_SERVER['REQUEST_METHOD'] == "POST")
{
mysql_connect("localhost", "root","") or die(mysql_error()); //Connect to server
mysql_select_db("first_db") or die("Cannot connect to database"); //Connect to database
$details = mysql_real_escape_string($_POST['details']);
$public = "no";
$id = $_SESSION['id'];
$time = strftime("%X");//time
$date = strftime("%B %d, %Y");//date
foreach($_POST['public'] as $list)
{
if($list != null)
{
$public = "yes";
}
}
mysql_query("UPDATE list SET details='$details', public='$public', date_edited='$date', time_edited='$time' WHERE id='$id'") ;
header("location: home.php");
}
?>
and here's the one with ?id=1 in the url
http;//s15,postimg,org/yoabiq0p7/screenshot_21,png (change the commas with fullstops).
You are printing only the edit.php, you need to print the entire edit link.
print '<td align="center">edit</td>';
Replace this line with:
print '<td align="center">edit</td>';
This will solve the problem.
P.S: Be careful, your code is open for SQL Injection! Make sure to use mysql_real_escape_string() in this place:
$id = mysql_real_escape_string($_GET['id']);
If the id is only number, you can do the following too to avoid SQL Injection:
$id = intval($_GET["id"]);
The SQL Injection thing is very serious and you need to filter what comes from outside. I recommend using prepared statement PDO too.
you arent passing the data in the home.php
you are doing normal link to edit.php and you arent passing the data ?id=1
try edit this:
print '<td align="center">edit</td>';
to this:
print '<td align="center">edit</td>';
How can i save a session in php so that when i click value in td tag it will save a session and redirect into another page?
this is my code:
<?
$sql = "SELECT * from members";
$result = mysql_query($sql);
while($row1 = mysql_fetch_array($result)){
echo '<tr><td><img src='. $row1['propict'] .' width="70" height="70" /></td><td name="frnd"><a href="fprofile.php">' . $row1['name'] . '</td>';
}
?>
what i want here is when i click name that shows from td i will be redirected to fprofile.php that contain the information base on the name i clicked.
please help me guys to do this i really need to know this information.
You have 2 ways of doing the same :-
1). You can follow this approach also, but the user name will be displayed in the url.
Like:-
http://googl.com/aba.php?name=dinesh
<?
$sql = "SELECT * from members";
$result = mysql_query($sql);
while($row1 = mysql_fetch_array($result)){
echo '<tr>
<td><img src='. $row1['propict'] .' width="70" height="70" /></td>
<td name="frnd" onClick="showUserInfo('$row1[name]')"><a href="fprofile.php">' . $row1['name'] . '</td>';
}
?>
Js function write just below of you code..
function showUserInfo(name) {
window.location= <YOUR BASE URL>+'user_info.php?name='+name;
}
2). The name can also be set in the SESSION by AJAX also. This is a bite long approach but the name will not be displayed in the url.
You need to follow the following steps.
<?
$sql = "SELECT * from members";
$result = mysql_query($sql);
while($row1 = mysql_fetch_array($result)){
echo '<tr>
<td><img src='. $row1['propict'] .' width="70" height="70" /></td>
<td name="frnd" onClick="showUserInfo('$row1[name]')"><a href="fprofile.php">' . $row1['name'] . '</td>';
}
?>
JS function:---
Write the name in session in set_name_in_session.php file, then redirect the control to user_info.php page. There read the user name in user_info.php page and fetch the user details..
function showUserInfo(user_name) {
$.ajax({
url: <BASE_URL_OF_YOUR_SITE>+'set_name_in_session.php', //SET THE SESSION IN THIS FILE
data: {name: user_name},
method:'post',
success:function(response) {
window.location = <BASE_URL_OF_YOUR_SITE>+"user_info.php";
}
});
}
<?
$sql = "SELECT * from members";
$result = mysql_query($sql);
while($row1 = mysql_fetch_array($result)){
echo "<tr><td><img src='. $row1['propict'] .' width='70' height='70' /> </td>";
echo "<td name='frnd'><a href='fprofile.php?name=". $rows['name']. "'>" .
$row1['name'] . '</td>';
}
?>
and in fprofile.php
$_SESSION['name']= $_GET['name'];
now the clicked name is in the variable of $_SESSION['name']
just tell me if there is a syntax error
Update the link so that it passes the name you want to store in the session.
<a href="fprofile.php?name=' . $row1['name'] . '">' .$row1['name'] . '</td>
In fprofile.php, detect if $_GET['name'] has been set, and store it in the session.
if (isset($_GET['name']) && !empty($_GET['name'])) {
$_SESSION['name'] = $_GET['name'];
}
This assumes you are auto starting your session.
You can use $_REQUEST instead of $_GET to handle POST and GET requests similarly.
I'm not sure about the title, I tried my best.
I have a table displayed with information from a database using this file
display.php
<?php
mysql_connect("localhost", "root", "root") or die(mysql_error());
mysql_select_db("tournaments") or die(mysql_error());
$result = mysql_query("SELECT * FROM tournies")
or die(mysql_error());
echo '<table id="bets" class="tablesorter" cellspacing="0" summary="Datapass">
<thead>
<tr>
<th>Tournament <br> Name</th>
<th>Pot</th>
<th>Maximum <br> Players</th>
<th>Minimum <br> Players</th>
<th>Host</th>
<th></th>
<th></th>
</tr>
</thead>
<tbody>';
while($row = mysql_fetch_array( $result )) {
$i=0; if( $i % 2 == 0 ) {
$class = "";
} else {
$class = "";
}
echo "<tr" . $class . "><td>";
echo $row['tour_name'];
$tour_id = $row['tour_name'];
echo "</td><td>";
echo $row['pot']," Tokens";
echo "</td><td class=\"BR\">";
echo $row['max_players']," Players";
echo "</td><td class=\"BR\">";
echo $row['min_players']," Players";
echo "</td><td class=\"BR\">";
echo $row['host'];
echo "</td><td>";
echo "<input id=\"delete_button\" type=\"button\" value=\"Delete Row\" onClick=\"SomeDeleteRowFunction(this)\">";
echo "</td><td>";
echo "<form action=\"join.php?name=$name\" method=\"POST\" >";
echo "<input id=\"join_button\" type=\"submit\" value=\"Join\">";
echo "</td></tr>";
}
echo "</tbody></table>";
?>
Basically I want the user to press a button from a row of the table and they go to a new page called join.php. I need the persons username and the name of the tournament from the row the clicked.
For example here's my page:
When they click the join button at the end of row one it should send them to
'join.php?name=thierusernamehere&tourname=dfgdds'
Any help much appreciated. Thanks.
echo '<td>Join</td>'
There are many way to approach.
The easiest way is just echo 'JOIN';
or you can use a form with hidden input and submit button.
BUT
Your code is really a mess, try to make your code more maintainable and readable. And do NOT use any mysql_* functions, they are deprecated.
Read more about PDO:
http://php.net/manual/en/book.pdo.php
http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/
I'm a novice at this and I just lately dug into the code... I'm having hard time understanding why this doesn't work:
I added a button in the search results so it would delete the certain data field but it doesn't do it.
What am I missing out here?
<?php //deleting
isset($_GET['action']) ? $action=$_GET['action'] : $action="";
if($action=='delete'){
$id=$_REQUEST['id'];
$query=mysql_query("set names 'utf8'");
$query = mysql_query("DELETE FROM norse5_proov WHERE id='$id'") or die(mysql_error());
if($query){
echo "<div id='dain'><br><br><br><br><br><br><br><br><br><br>Andmed kustutatud.</div>";
}
}
?>
<?php //searching
mysql_query ("set character_set_results='utf8'");
if($_SERVER['REQUEST_METHOD'] == "POST"){
$query = "SELECT * FROM norse5_proov WHERE 1=1 ";
if(!empty($_POST["osakond"])){
$query .= " AND osakond LIKE '%".mysql_real_escape_string($_POST["osakond"])."%'";
}
if(!empty($_POST["soetusaasta"])){
$query .= " AND soetusaasta LIKE '%".mysql_real_escape_string($_POST["soetusaasta"])."%'";
}
if(!empty($_POST["it_number"])){
$query .= " AND it_number LIKE '%".mysql_real_escape_string($_POST["it_number"])."%'";
}
if(!empty($_POST["tooteruhm"])){
$query .= " AND tooteruhm LIKE '%".mysql_real_escape_string($_POST["tooteruhm"])."%'";
}
if(!empty($_POST["mudeli_nimetus"])){
$query .= " AND mudeli_nimetus LIKE '%".mysql_real_escape_string($_POST["mudeli_nimetus"])."%'";
}
if(!empty($_POST["sn"])){
$query .= " AND sn LIKE '%".mysql_real_escape_string($_POST["sn"])."%'";
}
if(!empty($_POST["riigivara_nr"])){
$query .= " AND riigivara_nr LIKE '%".mysql_real_escape_string($_POST["riigivara_nr"])."%'";
}
if(!empty($_POST["inventaari_nr"])){
$query .= " AND inventaari_nr LIKE '%".mysql_real_escape_string($_POST["inventaari_nr"])."%'";
}
if(!empty($_POST["maja"])){
$query .= " AND maja LIKE '%".mysql_real_escape_string($_POST["maja"])."%'";
}
if(!empty($_POST["ruum"])){
$query .= " AND ruum LIKE '%".mysql_real_escape_string($_POST["ruum"])."%'";
}
if(!empty($_POST["vastutaja"])){
$query .= " AND vastutaja LIKE '%".mysql_real_escape_string($_POST["vastutaja"])."%'";
}
if(!empty($_POST["markus"])){
$query .= " AND markus LIKE '%".mysql_real_escape_string($_POST["markus"])."%'";
}
if(!empty($_POST["id"])){
$query .= " AND id LIKE '%".mysql_real_escape_string($_POST["id"])."%'";
}
?>
<table id="tablk">
<tr>
<th width="80">Osakond</th>
<th width="80">Soetusaasta</th>
<th width="80">IT Number</th>
<th width="80">Tooterühm</th>
<th width="80">Mudeli nimetus</th>
<th width="80">SN</th>
<th width="80">Riigivara nr</th>
<th width="80">Inventaari nr</th>
<th width="80">Maja</th>
<th width="80">Ruum</th>
<th width="80">Vastutaja</th>
<th width="80">Märkus</th>
<th width="80">ID</th>
<th width="80">Tegevus</th>
</tr>
<?php
$result = mysql_query($query);
while($row = mysql_fetch_assoc($result)){
echo "<tr>";
echo "<td>".$row["osakond"]."</td>";
echo "<td>".$row["soetusaasta"]."</td>";
echo "<td>".$row["it_number"]."</td>";
echo "<td>".$row["tooteruhm"]."</td>";
echo "<td>".$row["mudeli_nimetus"]."</td>";
echo "<td>".$row["sn"]."</td>";
echo "<td>".$row["riigivara_nr"]."</td>";
echo "<td>".$row["inventaari_nr"]."</td>";
echo "<td>".$row["maja"]."</td>";
echo "<td>".$row["ruum"]."</td>";
echo "<td>".$row["vastutaja"]."</td>";
echo "<td>".$row["markus"]."</td>";
echo "<td>".$row["id"]."</td>";
echo "<td>";
echo "<button onclick='delete_user( {id} )'>Kustuta</button>";
echo "<form method='post' action='edit.php?id=<?php echo ".$row["id"]."; ?>'><input type='submit' value='Muuda'>";
echo "</td>";
echo "</tr>";
}
mysql_free_result($result);
?>
</table>
<?php
}
?>
This line:
echo "<button onclick='delete_user( {id} )'>Kustuta</button>";
creates a button and calls delete_user function, but it is not PHP function but Javascript. You probably did not define this function. Secondly the problem might be in {id}, perhaps you should have written delete_user(".$row["id"].").
I suppose you have to create a button that will submit form that is for deletion. You may want to have two forms, one that is for editing (you have it in the next line), the other for deletion.
Instead of the line I cited use:
echo "<form method='post' action='edit.php?action=delete&id=".$row["id"]."'><input type='submit' value='Muuda'>";
echo "<form method='post' action='edit.php?id=<?php echo ".$row["id"]."; ?>
The above line is opening a PHP tag within a PHP string.
try
echo "<button onclick='delete_user(".$row[id].")'>Kustuta</button>";
echo "<form method='post' action='edit.php?action=delete&id=<?php echo ".$row["id"]."; ?>'><input type='submit' value='Muuda'>";
<?php
# session
session_start();
# check that session is set and is valid
if(!isset($_SESSION['login']))
{ header('Location: login.php');
}
?>
<body>
<div class="maincontainer">
<div class="keywordhead">
<div align="center"><img src="Images/keyword_title.png" width="243" height="56" /></div>
</div>
<div class="results">
<p>
<?php
$kword = $_POST["kword"];
function boldText($text, $kword) {
return str_replace($kword, "<strong>$kword</strong>", $text);
}
$testin1 = substr($kword,0,1);
if($testin1 == "") {
print "<strong>No Keyword or a Keyphrase Entered, Please return to the '<a href='keyword_search.php'>Keyword Search Page</a>'</strong>";
}
else {
// Connects to your Database
mysql_connect("localhost", "root") or die(mysql_error());
mysql_select_db("test") or die(mysql_error());
}
mysql_real_escape_string($kword);
$data = mysql_query("select company_name, section_name, question, answer from company, rfp, section, question_keywords
where company.company_id = rfp.company_id
and rfp.rfp_id = question_keywords.rfp_id
and question_keywords.section_id = section.section_id
and keywords like '%$kword%';")
or die(mysql_error());
echo "<table border=0 cellpadding=10>";
echo "<tr align = center bgcolor=white>
<td><b>Company Name</b></td><td><b>Section</b></td><td><b>Question</b></td><td><b>Answer</b></td>" ;
while($info = mysql_fetch_array( $data ))
{
echo "<tr>";
echo "<td width = 130px>".boldText($info['company_name'], $kword) . "</td> ";
echo "<td width = 60px>".boldText($info['section_name'], $kword) . " </td>";
echo "<td width = 300px>".boldText($info['question'], $kword) . " </td>";
echo "<td width = 600px>".boldText($info['answer'], $kword) . " </td></tr>";
}
echo "</table>";
?>
</p>
</div>
<div class="footer"><a href="logout.php"><br />
Logout</a> | Index | Back</div>
</div>
</body>
</html>
I am relatively new to PHP, and i was curious as to whether a certain function is possible. I have a keyword Search and the code for the results page is above. I would like to bold wherever the $kword variable appears on the page. is this possible?
Thanks
You can create a function to do so, and call it prior to echo'ing the variables.
Instead of: $info['question'] use boldText($info['question'], $kword)
function boldText($text, $keyword) {
return str_ireplace($keyword, "<strong>$keyword</strong>", $text);
}
As a side note, don't forget to escape $kword with mysql_real_escape_string() before using it in a SQL query, or even better, consider using MySQLi or PDO since mysql extension is strongly discouraged
Can you use something like this in each of your Print statements?
str_replace($kword, "<b>$kword</b>", $info[...])
(or CSS e.g.
<span style='font-weight:bold'>...</span>
if you prefer).