I am having a php page in which i have captured different values from the previous page, There is also a print button, Which prints all these fields including the unique number. When user clicks on the print button record will be inserted in database and print window displays on the screen. But the problem is there is a unique number on html page, For example if two persons are login at the same time, The will get same unique number, and both will be able to print the same page having same unique number.
How i can control this issue, I also tried to redirect the user to the previous page but its not working.
Here is my php page, Which i am calling using ajax
<?php
$conn = mysql_connect('localhost','','') or die ("");
mysql_select_db("") or die ("Database Problem");
$query = "select * from print where a = $a;
$result = mysql_query($query);
if(mysql_num_rows($result) == 0)
{
$query = "INSERT INTO print () VALUES ()
$result = mysql_query($query) or die();
if(mysql_affected_rows()<>1)
{
header ("Location:mainpage.php?uniquenumber=xy");
}
}
you can use unisid http://php.net/manual/en/function.uniqid.php
To generate an unique id
What is this uniquenumber needed for in the client side? I mean having it accessible and editable for the users is kinda dangerous if it's an important value.
If you just need this number to tell apart the different entries in the print table, why not just use and auto_increment index for this table?
Another solution would be session variables. When a user succesfully logs in generate this unique ID based on multiple variables (username, time, browser), that will ensure there won't be repeated values for this ID. Then store the variable like this:
session_start();
$_SESSION['ID']=$unique_ID;
You can then read it in any other PHP script like this:
session_start();
$unique_ID=$_SESSION['ID'];
You can validate the unique number before inserting to database ( Before Printing also ). If the unique no is exist, throw a error message "unique no is already used " and give another unique number ( By loading the HTML Page again or doing something else ).
Related
I have a database running and I'm currently printing out in a website, in a "php block" the usernames of the database. I achieved it with this
if ($db_handle) {
print "Database ISSSSS Found ";
$SQL = "SELECT * FROM `database.com`.`users`";
$result = mysql_query($SQL);
//print $result;
while ( $db_field = mysql_fetch_assoc($result) ) {
print $db_field['username'] . "<BR>";
}
mysql_close($db_handle);
}
However this gives me a giant string of all the users (I currently have 4). How do I make it so its just the individual user accessing their profile through the website
Typically, when someone logs in, you would store non sensitive information about the user in the session. This way, you can get to it quickly without needing to make database calls on every page. For instance, if you wanted to show their username in the pages header, you would always have their username handy to do so. Then, when they go to view their profile, you can use that username you stored as part of your SQL WHERE clause to pull in information pertaining only to that specific user.
Use WHERE username = 'yourusername' in your SQL query.
That shall fix your problem
I have created a registration form which is in application.php and when submitted it is processed and the contents are stored using submit.php and I want to redirect to thanks.php with a parameter called message with value equal to the primay key of the recently inserted row.. For example it should return my 100th applicant to the page,
www.mydomain.com/thanks.php?message=100
where 100 is the Primary key (AI).
In other words I want to print the primary key of the table as a refernce id for the users.. I tried
header("location: thanks.php?message=".$id); and
header("location: thanks.php?message=".$_POST['id']);
Both dont work for me.
Kindly help me guys!
EDIT:
require("admin/sources/connection.php");
$id = mysql_insert_id();
// Other variables are declared here
$sql = "my_INSERT_query_goes_here";
$result = $conn->query($sql);
if($result) {
header("location: thanks.php?message=".$id);
}
This is my submit.php code
Wrong execution order - simple fix
You are first assigning $id, and then running the query.
Twist them around to make it work.
Not using auto-increment?
I see in the query in your comment, that you manually pass the id you want to enter. Did you realize that mysql_insert_id() will not return the sql column that you did call "id", but the column that you set an auto-increment on? That is a single row in your table that automaticly gets an incrementing number without the need to manually enter it.
Couple issues ... it looks like you're mixing mysql_ methods with mysqli and you have the execution in the wrong order.
If your database table is auto-increment, you don't need to pass an ID in the query. By calling $id = mysql_insert_id(); and using the id in the query, you're passing in 0 as the id which uses the next auto-increment id.
Getting the insert_id after $conn->query($sql); will return to you the insert id used.
Echo some variables to see what values you're getting for mysql_insert_id(); before and after.
However, if you're doing a $conn->query(), then you're not using the standard mysql_ functions.
Try this:
require "admin/sources/connection.php";
// Other variables are declared here
$sql = "my_INSERT_query_goes_here";
$result = $conn->query($sql);
if($result) {
$id = $conn->insert_id;
header("location: thanks.php?message=".$id);
}
I have a question about adding a link to my website that when 'clicked' will send the user to a random URL stored in my MySQL database.
My database is titled "movie" and I would like to be able to have the user click on a link and it would send them to one of the movie page URLs stored in my database.
EX: The user clicks the "Random" link and gets taken to a movie page from my database(I have about 110 URLs listed with a unique Id).
Would I use something like:
header('Location: 'xxxxx);
To accomplish this?
I know I should be able to accomplish this task using PHP, I am just having trouble figuring this one out. Any help would be great! Thanks.
I'm assuming the query you posted selects one random movie, and that the field where the url is stored is called 'url'.
$result = mysql_query("SELECT url FROM movie ORDER BY RAND() LIMIT 0, 10")
or die(mysql_error());
$row = mysql_fetch_assoc($result);
mysql_free_result($result);
header('Location: '.$row['url']);
This should redirect to the url in the database.
try this:
mt_rand("", ""); // this creates random numbers and use it in a variable as:
$id= mt_rand("1", "110");
// hatever id number is generated it will put out that one in the query but it is only for one if you want multiple put $id in a for loop than print the result in while loop.
$result = mysql_query("SELECT url FROM movie WHERE id= '$id' LIMIT 0, 10")
or die(mysql_error());
$row = mysql_fetch_assoc($result);
mysql_free_result($result);
header('Location: '.$row['url']);
This piece of code has been tripping me out for the past four hours. It is deleting a row of photos by the primary ID.
I have var_dump($selectedPhoto) and it is the correct ID, a number. My code will run every time I press delete photo, get to the mysqli_stmt_store_result part and shoots out the $txtMessage, But the database does not update.
This is really weird because I have used the exact same code, with different variables on another page and it works perfectly fine.
Can you see any errors by looking at this? OR have a better way to writing the delete statement.
if (isset($_POST['btnDeletePhoto']))
{
$selectedPhoto = $_SESSION['selectedPhoto'];
$deleteString = "DELETE FROM Photos WHERE PhotoID = ?";
$preparedDeleteStmt = mysqli_prepare($link, $deleteString);
mysqli_stmt_bind_param($preparedDeleteStmt, 'i', $selectedPhoto);
if (!mysqli_stmt_execute($preparedDeleteStmt))
{
mysqli_close($link);
die("The system is not available, try again later");
}
if(mysqli_stmt_store_result($preparedDeleteStmt))
{
$txtMessage = "Delete successfull";
}
To add: $selectedPhoto is a value of a select, drop down list value.
If the photo comes from the value of a select, it is not going to be stored in a session variable, so you probably need to change:
$selectedPhoto = $_SESSION['selectedPhoto'];
to:
$selectedPhoto = $_POST['selectedPhoto'];
Apart from that you need to add error handling to all database operations.
I'm writing some data to a database using php. 99% of the time, the data is correctly written to the database. But sometimes, blank data is being inserted into the database. I dont think its a issue with my code, since I can write the data to the database most of the time.
If the server on which the database resides have a slow internet connection, or if the user have a slow internet connection in their pc, can this happen?
Actually there is a slight mistake..Seems like the data that gets blank, comes from a session variable. How can be the session variable get blanked at some time ?
This is the code by which the data get stored into the session variable:
if(!preg_match('/^[a-zA-Z0-9._\-]+#[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}$/', $email))
$count = 2;
if(!preg_match('/^[A-Za-z0-9]{6}+$/',$key))
$count = 2;
if(!$count)
{
$result = mysql_query("SELECT * FROM test WHERE verify = '$key' AND email = '$email'");
$count = mysql_num_rows($result);
if($count == 1)
{
$row = mysql_fetch_row($result);
$_SESSION['id'] = $row[0];
$_SESSION['name'] = $row[1];
$_SESSION['email'] = $email;
$_SESSION['pass'] = $row[3];
$_SESSION['key'] = $key;
mysql_close();
}
}
When it happens, all the 5 variables id, name, email, pass and key, becomes blank. Email, and Key is not taken from the Database. The key field contains only alphanumeric content. So is there a way the data taken from the database as well at the GET variables to go blank? ( but even then $count should 1). Because, only if $count is 1, can the data be written to the new table ( where it get blanked )
There are 2 forms. When the user completes the first form, that data is stored in a table test, and a verification mail is sent to them. From the verification link, i find out their key and email, and check the table test, to see whether they are valid. If they are valid ( that means $count is 1 ), then a new form is displayed to the user, where they are asked to enter few more details. Then all the data ( this new data, and also the data that was written to the table test ), shall be written to a new table.
This is where things go wrong. The new data is written perfectly to the new table. But the old data, that was stored in the table test, and copied to the session variable, becomes blank sometimes. I have posted its code above, showing how the session variables are set.
It shall be helpful if someone could point out my mistake, if its something wrong in my code.
Programmers have at least five tactics to make sure data gets written to a database.
Check the content of variables for sanity before writing.
Design the database to reject bad data.
Trap errors. All of them.
Read back what you just wrote.
A verbose mode that writes to a log file.