i've made a website, and i made a control panel for it for admin
now iwant to make admin able to add more users to be admins from the control panel
its worked
but i want to make him able to edit them also ( like the usernames and passwords )
i wrote the code but it didnt work and i think the problem maybe with the $editget = $_GET['euid']; it dosent give the number in the url that should be www.example.com/admin/index.php?adpa=users&euid=4 , so it should get me the number 4
i did the same thing with delectation it works and the GET gave me the number after deluid=
so where im going wrong
here is the code :
$eusername = $_POST['eusername'];
$epassword = $_POST['epassword'];
#===========================================================#
if (isset($_POST['edit']) and $_POST['edit'] == 'user') {
$editget = $_GET['euid'];
$edituserinfo = $db->query("update user set username='$eusername', password='$epassword' where user_id='$editget'");
if (isset($edituserinfo)) {
die ("
<center>
<div class='head'>تــــــــم</div>
<div class='bodypanel'>
<br>
تــــعديل بيـــانات الـــمدير بنـــجاح
<br>
<br>
</div>
</center>
<meta http-equiv='refresh' content='4; url=?cpages=users' />
");
}
}
and here is the edit form code :
if ($_REQUEST['euid']) {
$edituid = $db->query("select * from user where user_id='$editu'");
$redit = $edituid->fetch(PDO::FETCH_OBJ);
echo "
<form action='?cpages=users' method='post'>
<table width='100%' align='center' cellpadding='10' cellspacing='0'>
<tr>
<td class='tbl' colspan='2'>تعديل بيانات مدير</td>
</tr>
<tr>
<td class='tblrl' align='left'>اسم المدير : </td>
<td class='tblrl' align='right'><input type='text' name='eusername' value='".$redit->username."'></td>
</tr>
<tr>
<td class='tblrl' align='left'>كلمة سر المدير : </td>
<td class='tblrl' align='right'><input type='text' name='epassword' value='".$redit->password."'></td>
</tr>
<tr>
<td class='tblb' colspan='2' align='center'><input class='buttons' type='submit' value='تعديل'/></td>
</tr>
</table>
<input type='hidden' name='edit' value='user' />
</form>";
}
You are not passing the userId in the form
change
<form action='?cpages=users' method='post'>
to
<form action='?cpages=users&euid=" . $_GET['euid'] . "' method='post'>
your problem is here in the form in this line
<form action='?cpages=users' method='post'>
your taking it to users page but there is no euid in there so just add
&euid=" . $_GET['euid'] . " to get it to work fine
Related
just trying to make a little calculator for myself in php and i wonder if its possible to make the answer instant update after i type in the values?
Thank you.
<?php
if (isset($_POST['valuea'])) $valuea = $_POST['valuea'];
if (isset($_POST['valueb'])) $valueb = $_POST['valueb'];
if (isset($_POST['check1'])) {
$answer = (($valuea * $valueb) * 10)*2;
} else {
$answer = ($valuea * $valueb) * 10;
}
echo <<<_END
<form method='post' action=''>
<table border='0' width='500px' cellpadding='3' cellspacing='1' class="table">
<tr class="calcrow">
<td>Lenght:</td>
<td align="center"><input type='text' name='valuea' value="$valuea"/></td>
</tr>
<tr class="calcrow2">
<td>Width:</td>
<td align="center"><input type='text' name='valueb' value="$valueb"/></td>
</tr>
<tr class="calcrow2">
<td>2x test</td>
<td align="center"><input type="checkbox" name="check1"></td>
</tr>
<tr class="submit"><td colspan="2"><input type='submit' value='Calculate'/></td></tr>
_END;
?>
<tr class="calcrow">
<td><i>Answer</td>
<td align="center"><input type="text" value="<?php echo round($answer)?>"></td></i>
</tr>
</table>
</form>
You are looking for a thing called Jquery.
Which can fetch current Values of your form inputs or any other elements from your webpage. Then you can then send that data to your php file where you can perform the calculation and return the result which can again be displayed wherever you want .
All of this happens in real time.
This is the way you could do it if you wanted to do it in php
Else you could always go for plain JavaScript or a mixture of jquery + javascript, to avoid using php and ajax.
I'm trying to create users and save them to my database. I have this login formula with css and html and the code to put it into my db:
function registerUser()
{
echo "
<form method='get' action=''>
<div style=\"text-align: center;\"><input class=\"button\" style=\"z-index:1;\" type=\"submit\" name=\"reset\" value=\"Neues Spiel\">
Zur Highscore
</form>
<form style=\"border:5; border-color:blue; \" align=\"center\" action=\"\" method=\"post\">
<table style='background-color:#696969' border='5' align='center'>
<tr>
<th>Dein Username:</th>
</tr>
<tr>
<td><input type=\"text\" size=\"24\" maxlength=\"50\"
name=\"username\"></td>
</tr>
<tr>
<th>Dein Passwort:</th>
</tr>
<tr>
<td><input type=\"password\" size=\"24\" maxlength=\"50\"
name=\"password\"></td>
</tr>
<tr>
<th>Passwort Wiederholen:</th>
</tr>
<tr>
<td><input type=\"password\" size=\"24\" maxlength=\"50\"
name=\"password2\"></td>
</tr>
<tr><td><input style=\"margin-left:49;\" align=\"center\" type=\"submit\" value=\"Abschicken\" name=\"saveUser\"></tr></td>
</table>
</form>
";
}
and my saveUser() function:
function saveUser($username, $password, $passwordCheck)
{
$this->db->exec("INSERT INTO users (username, password) VALUES ({$username}, {$password})");
}
And I got this in my other document to get access:
if(isset($_GET['saveUser'])){
$user->saveUser($_GET['username'],$_GET['password'],$_GET['password2']);
}
It does not work.
Modify your code and use this:
$this->db->exec("INSERT INTO users (username, password) VALUES ('{$username}', '{$password}')");
And also one thing you forgot you need to validate your data to avoid sql injections, never ever trust an input coming from the user of any type.
I am trying to update multiple rows on submit of a form (in particular this one is the "hours" field.
I have it working but only one of the value updates vs all of them.
There is the possibility of having different values for each update.
The form code:
$query2 = "select * FROM work_hours WHERE formid = $formid ";
$result = $mysqli->query( $query2 );
$num_results = $result->num_rows;
if( $num_results > 0){
echo " <table border='0' align='center'>
<tr>
<td colspan='2' align='center'>
<strong> Time Away Break Down</strong>
</td>
</tr>
<tr>
<td align='center'>Date</td>
<td align='left'>Hours</td>
</tr>";
while( $row = $result->fetch_assoc() ){
extract($row);
echo " <tr>
<td class='hidden_sm' align='center'>
<input type='text' name='id' size='10' value='$id' class='dept' readonly style='width:30px;'>
<input type='text' name='date' size='40' value='$date' class='dept' readonly> <input type='text' name='end_date' size='40' value='$end_date' class='dept' readonly>
</td>
<td class='hidden_sm' align='left' >
<input type='text' name='hours' size='10' style='width:30px;' value='$hours' class='dept' >
</td>
</tr>
";
}
echo "<tr>
<td colspan='2' align='center'>
<input type='submit' name='Submit' value='Submit Request'>
</td>
</tr>
</form>
</table>";//end table
Submit Code:
$id = $_POST['id'];
$formid = $_POST['formid'];
$hours = $_POST['hours'];
include 'connect-db.php';
$stmt = $mysqli->prepare("UPDATE work_hours SET hours = ? WHERE formid = ?");
$stmt->bind_param('si',
$_POST['hours'],
$_POST['formid']);
$stmt->execute();
if ( $stmt ) {
echo "<p align='center'>Thank you, this request has been approved.<BR>You will be redirected in 5 seconds</p>";
} else {
echo "Error, you status cannot be updated. <BR> Please contact your system administrator.";
}
$stmt->close();
?>
Could anyone point me in the right direction to have all values update on submit, as I have had zero luck.
As well I do understand the need to prevent SQL Injections, and that I am working, so no need to remind me.
Thanks in advance!
Looks like you'll want to use a CASE statement as explained here:
How does MySQL CASE work?
Use a loop to build the statement and you're better off using the id as the identifier instead of formid, since the id is the unique value and you could have different results in the form.
hello guys i have a problem with this code
when id add a comment and comment insert in database
and when i make refresh on the same page i get this warning :
One of the fields are still empty,
i think the problem in the first code
<?php
if ($_POST['add'] and $_POST['add']=='comm'){
$comm_name =strip_tags($_POST['comm_name']);
$comm_country =strip_tags(mysql_real_escape_string($_POST['comm_country']));
$c =strip_tags(mysql_real_escape_string($_POST['comm']));
$comm_thread =strip_tags(mysql_real_escape_string($_POST['comm_thread']));
$status =$_POST['status'];
$getidtopic=$_GET['id_topic'];
$post_code=$_POST['post_code'];
if ($comm_name=='' or $comm_country=='' or $c=='' or $post_code=='' ){
echo "<script>alert(\"One of the fields are still empty
\");</script>";
}else if ($_POST['post_code']==$_SESSION['code']) {
$insertcomm=mysql_query("insert into comments values('','$comm_name','$comm_country','$comm','$comm_thread','$status') ")or die (mysql_error);
echo "<script>alert(\"your comment has been adding\");</script>";
}
}
?>
and this is the comment's form
<form action='' method='post' >
<table class='rightcol' width='100%' cellpadding='0' cellspacing='5'>
<tr>
<td colspan='3' id='addcomm'>add comm</td>
</tr>
<tr>
<td width='15%' ><div id='title_comm' value=''>name : </div></td>
<td ><input type='text' name='comm_name' value='<?if (!$insertcomm){
echo $comm_name;
}?>'/></td>
</tr>
<tr>
<td width='15%' ><div id='title_comm'>country </div></td>
<td ><input type='text' name='comm_country'
value='<?if (!$insertcomm){echo $comm_country;}?>'/>
</td>
</tr>
<tr>
<td valign='top' width='15%'><div id='title_comm'>comment : </div></td>
<td width='50%'>
<textarea cols='55' rows='12' name='comm'>
<?if (!$insertcomm){echo $c;}?>
</textarea></td>
<td valign='top' ><div id='note_comm'>
your comment will not insert if you try to use some thing bad
</div></td>
</tr>
<tr>
<td width='15%' ><div id='title_comm'><span style='color:red'>code : <br/>write these codes </span></div></td>
<td ><input type='text' name='post_code'/></td>
</tr>
<tr>
<td ><div id='code'>
<?php
$text=rand(400,80000);
echo $_SESSION['code']=$text;
?>
</div></td>
</tr>
<td colspan='4' ><input type='submit' name='addcomm' id='add' value='add comm'/></td>
</table>
<input type='hidden' name='comm_thread' value='<?php echo $getidtopic;?>' />
<input type='hidden' name='add' value='comm'/>
<input type='hidden' name='status' value='2'/>
</form>
that is because, when you refresh the page, the $_POST fields are reset, and the fields get empty, so when the page executes its PHP line if ($comm_name=='' or $comm_country=='' or $c=='' or $post_code=='' or $post_code=='' ){ it will find them to be empty.
You need to show us the table definition to better figure out what the issue is exactly. My guess is that your SQL statement is not properly prepared.
I am new here and I have a question. I have a problem that I can't figure it out with _POST. I have been searching for hours before start writing! As far as I can see I haven't done any of the mistakes that are posted for other similar question (form action..., name attribute...,etc). Please, can you check my code below to tell me what am I doing wrong??
I use xampp 1.7.3 on windows 7.
<?php require("includes/header.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php require_once("includes/functions.php"); ?><head>
<script type="text/javascript">
function theChecker()
{
if(document.getElementById('checker').checked){
document.getElementById('submitter').disabled=false;
}
else{
document.getElementById('submitter').disabled=true;
}
}
</script>
</head>
<?php require("includes/body_no_menus.php"); ?>
<div align="center">
<form name="signup" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<?php
echo "<hr/>
<table width='600' border='0'>
<tr>
<td width='237'>Κωδικός οικοδομής</td>
<td width='351'><input name='building_id' type='text' id='building_id' size='30' maxlength='40' />*</td>
</tr>
<tr>
<td>Κωδικός διαμερίσματος</td>
<td><input name='apartment_id' type='text' id='apartment_id' size='30' maxlength='40' />*</td>
</tr>
<tr>
<td></td>
<td height='31' colspan='2' ><label>
<input name='send' type='submit' value='Αποστολή' />
</label></td>
</tr>
</table>
";
?>
</form>
</div>
<p>
<?php
if(isset($_POST['send'])) {
// Check input / Required fields
$building_id = check_input($_POST['building_id'],"Εισάγετε τον κωδικό της οικοδομής!");
$apartment_id = check_input($_POST['apartment_id'],"Εισάγετε όνομα χρήστη!");
$query = "SELECT idTENANT,FNAME,LNAME,BUILDING_ADMIN,PHONE FROM TENANT,APARTMENT, BUILDING
WHERE TENANT.APARTMENT_ID = APARTMENT.idAPARTMENT
AND APARTMENT.BUILDING_ID = BUILDING.idBUILDING
AND idAPARTMENT = '$apartment_id'
AND idBUILDING = '$building_id'";
$result=mysql_query($query) or die ("Couldn't execute query.");
$row = mysql_fetch_array( $result );
$id = $row['idTENANT'];
$fname = $row['FNAME'];
$lname = $row['LNAME'];
$apartment = $row['APARTMENT_ID'];
$phone = $row['PHONE'];
if($row['BUILDING_ADMIN'] == 0)
$admin = "ΟΧΙ";
else
$admin = "ΝΑΙ";
echo " <hr />
<table width='300' border='0'>
<tr>
<td>Όνομα</td>
<td>$fname</td>
</tr>
<tr>
<td>Επίθετο</td>
<td>$lname</td>
</tr>
<tr>
<td>Όνομα χρήστη</td>
<td><input name='username' type='text' size='30' maxlength='20' />*</td>
</tr>
<tr>
<td>Κωδικός χρήστη</td>
<td><input name='password' type='password' size='30' maxlength='20'/>*</td>
</tr>
<tr>
<td>Επαλήθευση κωδικού</td>
<td><input name='verify_password' type='password' size='30' maxlength='40'/> *</td>
</tr>
<tr>
<td>Διαχείριση οικοδομής</td>
<td>$admin</td>
</tr>
<tr>
<td>Τηλέφωνο</td>
<td>$phone</td> </tr>
<tr>
<td></td>
<td><input name='checkterms' type='checkbox' id='checker' onclick='theChecker()' value='Ναι'/>
<label>Έχω διαβάσει και αποδέχομαι τους όρους χρήσης.</label> *</td>
</tr>
<tr>
<td></td>
<td><input type='submit' name='complete' id='submitter' value='Ολοκλήρωση εγγραφής' disabled/></td>
</tr>
</table>
";
}
if(isset($_POST['complete'])) {
// Password match
if ($password != $verify_password)
{
echo '<font color="red">Οι κωδικοί δεν ταιριάζουν</font>';
}//if
else
{
// Execute MySQL commands
$query = "UPDATE TENANT SET USERNAME = '$un', PASSWD='$pw' WHERE idTENANT='$id'";
$result=mysql_query($query) or die ("Couldn't execute query.");
header("Location: main_login.php");
}//else
}//if
?>
</p>
<?php require("includes/footer.php"); ?>
The first _POST (if(isset($_POST['send']))...) works perfectly. But if(isset($_POST['complete'])) {... does nothing. I ve tried to echo some data to see if my connection doesn't work, but its the _POST...
Please help me!!!!
Thanks for your time!
what you could try:
use vardump to see what $_POST contains: var_dump($_POST);.
use firebug (or something similar for another browser) to lookup the request and see which POST-Parameters are sent.
The second set of form elements (username, password, verify_password, checkterms, complete) are not inside any html form element. Clicking the second button does not post the form to server.
header("Location: main_login.php");
Is not going to work, when $_POST["complete"] is reached. You already sent heaps of output before that. Enable more error_reporting.