I have a strange problem here.
I'm doing a admin page to edit movie info. I have a movie for exemple called "Blood Diamonds" in my database, but on the oage it only show "Blood" without the second word "diamonds", I couldnt find whyyy.
require('../classes/movie_class.php');
$moviecinemas = movie::get_movie_info( $_GET['movie_id']);
foreach ($moviecinemas as $movie)
{
$movie_id = $movie['movie_id'];
$movie_name = $movie['movie_name'];
$movie_category = $movie['movie_category'];
$movie_display = $movie['movie_display'];
echo "<input name='movieid' type='hidden' id='movieid' value=" . $movie_id . '><br/>';
echo "Movie Name :";
echo "<input name='moviename' type='text' id='moviename' value=" . $movie_name . '><br/>';
echo "Movie Category :";
echo "<input name='moviecategory' type='text' id='moviecategory' value=" . $movie_category . '><br/>';}
?>
In the class page :
public static function get_movie_info($movie_id)
{
$query = mysql_query(
"SELECT *
FROM movie
WHERE movie_id = {$movie_id}"
);
while( $movie = mysql_fetch_assoc( $query ) )
{
$results[] = $movie;
}
return $results;
}
The value property in your input tags should have quotes surrounding the movie name. Otherwise, when there's a space, it interprets the next words as more properties of the input.
echo "<input name='moviename' type='text' id='moviename' value='" . $movie_name . "'><br/>";
Your HTML tags are not set properly, missing " in value attribute :
replace
echo "<input name='moviename' type='text' id='moviename' value=" . $movie_name . '><br/>';
by
echo "<input name='moviename' type='text' id='moviename' value=" . $movie_name . '"><br/>';
In addition you should probably encode values so that a " in a database value will not corrupt your html code (htmlentities for instance).
Related
First of all I am kind of new to PHP.
I've been asked to change up a bit of code and add the option to see the status of a field and mark the rows which are completed. So I've added a status field to my MySQL database which has a standard value of 0. Then on button click I'd like this to change to the value 1. Based on this I can either project a cross glyph icon with a button to update this, or project a checkmark so that the status is "done".
Now I'm having issues with the update part. I just cannot seem to get it to work with clicking the button and updating only that row. Field "prdh_num" is my unique value if that is usefull.
Here's the code I work with:
function uren_error(){
global $mysql;
$sql = "
SELECT *
FROM uren_error, medw
WHERE uren_error.uren_datum between adddate(now(),-14) and now() AND medw.medw_num = uren_error.medw_num
ORDER BY uren_error.prdh_num";
$query = $mysql->query($sql);
echo "<h1>Niet in MKG verwerkte uren van de afgelopen 14 dagen</h1>";
echo "<div class='row' id='urenTabel'>";
echo "<div class='col-xs-0 col-md-0'></div>";
echo "<div class='col-xs-12 col-md-12'>";
echo "<table class='table'>";
echo "<thead>";
echo "<th>Verwerkingsdatum</th>";
echo "<th>Medewerker</th>";
echo "<th>Productieorder</th>";
echo "<th>Productieorder regel</th>";
echo "<th>Bewerking</th>";
echo "<th>Duur</th>";
echo "<th>Status</th>";
echo "<th>Actie</th>";
echo "</thead>";
while($row = mysqli_fetch_array($query)){
$hours = floor($row['uren_tijd_man_std'] / 3600);
$mins = floor($row['uren_tijd_man_std'] / 60 % 60);
echo "<tr>";
echo "<td>" .$row['uren_datum']. "</td>";
echo "<td>" .$row['medw_roepnaam'] . " " . $row['medw_tussenvoegsel'] . " " . $row['medw_naam'] . "</td>";
echo "<td>" .$row['prdh_num']. "</td>";
echo "<td>" .$row['prdr_num']. "</td>";
echo "<td>" .$row['bewerk_num']. "</td>";
echo "<td>" .$hours.":".$mins. "</td>";
if($row['uren_status'] == "0"){
echo "<td><div class='glyphicon glyphicon-remove' style='color:red'></div></td>";
echo "<td><form action'' method='POST'><input type='submit' name=".$row['prdh_num']."></input></form></td>";
} else if($row['uren_status'] == "1"){
echo "<td><div class='glyphicon glyphicon-ok' style='color:green'></div></td>";
}
echo "</tr>";
}
echo "</table>";
}
my update code so far:
$productieorder = $row['prdh_num'];
$updateStatus = "UPDATE uren_error SET uren_status = 1 WHERE prdh_num=".$productieorder."";
$query2 = $mysql->query($updateStatus);
In more simple way you can use <a> tag to update your record ,instead of <form> , just attached your parameter which you need to passed . i.e :
echo "<td><a href='currentphppagename.php?prdh_num=".$row['prdh_num']."'></a></td>";
And to get prdh_num use $_GET on same page i.e :
//check if have some value or not
if (isset($_GET['prdh_num'])) {
//getting value passed in url
$productieorder = $_GET['prdh_num'];
$updateStatus = "UPDATE uren_error SET uren_status = 1 WHERE prdh_num=".$productieorder."";
$query2 = $mysql->query($updateStatus);
}
And other way using form you can have one hidden field and assign row value to that :
echo "<td><form action='' method='POST'><input type='hidden' value=".$row['prdh_num']." name='prdh_num'/><input type='submit' name='submit'></input></form></td>";
Now on click of submit check below on same page :
//check if have some value or not
if (isset($_POST['submit'])) {
//getting value passed in url
$productieorder = $_POST['prdh_num'];
$updateStatus = "UPDATE uren_error SET uren_status = 1 WHERE prdh_num=".$productieorder."";
$query2 = $mysql->query($updateStatus);
}
You can do this with javascript. You should put "ondblclick" event on tr tag.
<tr ondblclick="Update(rowno)" />
And in javascript tag, there must be a function like
<script type="text/javascript">
function Uptdate(row) {
window.location.href ="update.php?row="+row;
}
</script>
I have a button that generates after each table row is generated in the loop, the name of each consecutive button is generated by $a++ variable. How do i use the $_POST method on my edit_contact.php page so i can use the variable from the $_POST array?
The variable is stored in the $_POST array, i have checked with Print_r($_POST); for example when i click on the third row edit button of the table, it will display as:
Array ( [3] => edit )
Here is the code of the loop on my list_contact.php page:
$a = "0";
// print whether success or not
if ($rst)
{
if (mysql_num_rows($rst)>0) // chech there are records
{
echo "<form name=addcontact method=post action=edit_contact.php>";
echo "<table border=\"1\" cellspacing=\"0\">";
/*** print out feild names ***/
while ($row = mysql_fetch_array($rst)) // fetch each row
{
echo "<tr>";
for ($i=0; $i<mysql_num_fields($rst); $i++) //for ech row print out field values
{
echo "<td>" . $row[$i] . "</td>";
}
echo "<td>" . "<input id=button type=submit name=" . $a++ . " value=Edit" . "</td>";
echo "</tr>";
}
echo "</table>";
echo "</form>";
}
else
{
echo "There are no records in the database";
}
}
And here is the code i am having trouble with on my edit_contact.php:
$qry = "SELECT * FROM contacts WHERE ContactID = " . $_POST;
How can i get that post to reflect just my variable? ie 3
You can do it once. You don't need any more fields. Just use foreach to access its key
foreach($_POST as $key => $value){
if(strtolower(trim($value)) == "edit"){ // Validate if editing being sent
// Display it if true
echo $key; // and this is the variable you want
}
}
you could use a hidden input field so instead of:
echo "<td>" . "<input id=button type=submit name=" . $a++ . " value=Edit" . "</td>";
you could do:
echo '<td><form method="post"><input type="hidden" name="ContactID" value="'.($a++).'"><input id="button" type="submit" value="Edit"></form></td>';
then retrieve the hidden input field like:
$ContactID = $_POST['ContactID'];
Note: You will still need to properly escape your POST data before using it for SQL queries, but hopefully this will point you in the right direction.
Restructure the code so that the name is actually a constant, and the value is dynamic.
echo "<td><input id=button type=submit name=\"edit\" value=\"" . $a++ . "\"></td>";
This way you can access it with:
$_POST['edit'];
And it will yield the value of: value=\"" . $a++ . "\" for the button that was clicked.
Which will return something like 3, as you desire.
i try to make checkboxes. When i click checkbox it makes isPremium = 1 if i click a checked checkbox it makes isPremium = 0
However: when i click a checked checkbox it does not work..
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require 'connectDB.php';
$mysql = new mysql();
$mysql->connect();
$dbResult = mysql_query("select * from profiles");
echo "<form action='#' method='post'>";
$dbResult = mysql_query("select * from profiles");
while ($info = mysql_fetch_array($dbResult)) {
if ($info['isPremium'] == 0)
echo "<input type=checkbox name='check2[]' id='check2' value=" . $info['id'] . ">";
else
echo "<input type=checkbox name='check1[]' id='check1' value=" . $info['id'] . " checked>";
echo $info['profileName'] . "<br />";
}
echo "<p><input type='submit' name='btnPremium' /></p>";
echo "</form>";
if (isset($_POST['btnPremium'])) {
if (isset($_POST['check2'])) {
$arrPremium = $_POST['check2'];
foreach ($arrPremium as $result) {
mysql_query("UPDATE profiles set isPremium=1 where id=" . $result . "");
}
}
else
{
$arrPremium = $_POST['check1'];
foreach ($arrPremium as $result2) {
mysql_query("UPDATE profiles set isPremium=0 where id=" . $result2 . "");
}
}
}
?>
when i click a checked checkbox it makes another checkbox unclick.
This is the checkbox page
I have refactored your code into this:
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require 'connectDB.php';
$mysql = new mysql();
$mysql->connect();
$update = (isset($_POST['check']) && is_array($_POST['check']));
$dbResult = mysql_query("select * from profiles");
echo "<form action='#' method='post'>";
while ($info = mysql_fetch_array($dbResult))
{
if ($update)
{
$info['isPremium'] = (in_array($info['id'], $_POST['check']) ? 1 : 0);
mysql_query("UPDATE profiles SET isPremium = " . $info['isPremium'] . " WHERE id = " . $info['id']);
}
echo "<input type=checkbox name='check[]' value=" . $info['id'] . ($info['isPremium'] == 0 ? "" : "checked") . " />";
echo htmlspecialchars($info['profileName']) . "<br />";
}
echo "<p><input type='submit' name='btnPremium' /></p>";
echo "</form>";
?>
There were several problems with your original code:
Several HTML input elements with the same ID. This is wrong. We can have several elements with the same name attribute, but the id attribute should be unique for each element.
The database UPDATE code runs after displaying the form. This is wrong. In this case, we should update the database prior to generating the HTML output.
IMPORTANT: There is no need of two different POST arrays (check1 and check2). We only need one array. The checked boxes will be posted by the browser. The unchecked boxes will not be posted by the browser. As the id is the value, we can use the in_array function to verify if the checkbox for an item was checked or not.
It is a good idea to escape things you will output as HTML from the database. Otherwise, the application is vulnerable for some kinds of attack. The function htmlspecialchars is useful for this purpose.
If I understand correctly what you're trying to achieve, your code is needlessly complicated. You should use isset to check whether the value of a checkbox was included in the $_POST array. If yes, the checkbox was checked.
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require 'connectDB.php';
$mysql = new mysql();
$mysql->connect();
echo "<form action='#' method='post'>";
$dbResult = mysql_query("SELECT * FROM profiles");
$profileid = array();
while ($info = mysql_fetch_array($dbResult)) {
echo "<input type=\"checkbox\" name=\"" . $info['id'] . "\" " . ($info['isPremium'] != 0 ? "checked " : "") . "/>";
echo $info['profileName'] . "<br />";
$profileid[] = $info['id'];
}
echo "<p><input type='submit' name='btnPremium' /></p>";
echo "</form>";
if (isset($_POST['btnPremium'])) {
foreach ($profileid as $id) {
if (isset($_POST[$id])) {
mysql_query("UPDATE profiles SET isPremium=1 WHERE id=" . $id);
} else {
mysql_query("UPDATE profiles SET isPremium=0 WHERE id=" . $id);
}
}
}
?>
Checkboxes typically send the value "on" to the server, regardless of what value attribute is set. If you can, try to use radio buttons instead, as these send the proper value to the server. If that's not an option, have the name of the checkbox be check1[".$info['id']." and access array_keys($_POST['check1']).
I'm using a table to update a database, the table has 264 checkboxes which can be checked and unchecked then updated on the database.
I'm doing this by posting data on the form, using a while loop to set all fields to blank ( the value of the checkbox and the textarea value) for each respective field, then using a foreach loop to update each row in the database with the value of the checkbox.
Now, what I want to do is add the textarea value for each ticked checkbox into the database as well, what i cant figure out is how to do this?
This is my update code:
if (isset($_POST["update"])) {
$seolistRes2 = mysql_query($seolistQ) or die(mysql_error());
while ($seolistRow2 = mysql_fetch_array($seolistRes2)) {
$wsID1 = $seolistRow2["worksheetID"];
$updateWSQ2 = "UPDATE seo_work SET taskValue=0, taskInfo='' WHERE worksheetID=$wsID1 AND userID=$userID";
mysql_query($updateWSQ2) or die(mysql_error());
}
$item = $_POST;
foreach($item as $key => $value) {
$wsID = str_replace("checkbox","",$key);
if (is_numeric($wsID)) {
$updateWSQ = "UPDATE seo_work SET taskValue=$value taskInfo=$value WHERE worksheetID=$wsID AND userID=$userID";
mysql_query($updateWSQ) or die(mysql_error());
header("Location: worksheet.php?y=".$seoworkyear."&userID=$userID&action=success");
}
}
}
This is checkbox and textarea code: (please note this is within a form)
$currentTask = '';
echo "<tr class='tr'>";
while ($seolistRow = mysql_fetch_array($seolistRes)) {
$taskValue = $seolistRow["taskValue"];
$worksheetID = $seolistRow["worksheetID"];
$taskName = $seolistRow["taskName"];
$taskInfo = $seolistRow["taskInfo"];
if ($taskValue == 1) {
$taskDone = "<input type='checkbox' value='1' class='checkbox' name='checkbox".$worksheetID."' id=checkbox'".$worksheetID."' checked='checked' />".
"<textarea class='textarea' name='textarea".$worksheetID."' id=textarea'".$worksheetID."'>" . $taskInfo . "</textarea>";
}
else {
$taskDone = "<input type='checkbox' value='1' class='checkbox' name='checkbox".$worksheetID."' id='checkbox".$worksheetID."' />".
"<textarea class='textarea' name='textarea".$worksheetID."' id=textarea'".$worksheetID."'>" . $taskInfo . "</textarea>";
}
if ($currentTask != $taskName) {
echo "</tr>";
echo "<tr class='tr'>";
echo "<td class='task'>".$taskName."</td>";
}
echo "<td class='tick'>".$taskDone."</td>";
$currentTask = $taskName;
}
echo "</tr>";
Use your HTML form like shown below.
$currentTask = '';
echo "<tr class='tr'>";
while ($seolistRow = mysql_fetch_array($seolistRes)) {
$taskValue = $seolistRow["taskValue"];
$worksheetID = $seolistRow["worksheetID"];
$taskName = $seolistRow["taskName"];
$taskInfo = $seolistRow["taskInfo"];
if ($taskValue == 1) {
$taskDone = "<input type='checkbox' value='1' class='checkbox' name='checkbox[".$worksheetID."]' id='checkbox[".$worksheetID."]' checked='checked' />".
"<textarea class='textarea' name='textarea[".$worksheetID."]' id='textarea[".$worksheetID."]'>" . $taskInfo . "</textarea>";
}
else {
$taskDone = "<input type='checkbox' value='1' class='checkbox' name='checkbox[".$worksheetID."]' id='checkbox[".$worksheetID."]' />".
"<textarea class='textarea' name='textarea[".$worksheetID."]' id='textarea[".$worksheetID."]'>" . $taskInfo . "</textarea>";
}
if ($currentTask != $taskName) {
echo "</tr>";
echo "<tr class='tr'>";
echo "<td class='task'>".$taskName."</td>";
}
echo "<td class='tick'>".$taskDone."</td>";
$currentTask = $taskName;
}
echo "</tr>";
See the modified name and id of your textarea and checkbox. I have modified it to textarea[SOME_WORKSHEET_ID] and checkbox[SOME_WORKSHEET_ID] respectively.
So, when you submit the form, you will receive those checkbox and textarea value as an array, with worksheetId as an index. You can use this [] technique to retrieve the values of the textarea and checkbox, or as many field you want to add in form.
Use above HTML structure and check the $_POST array.
Hope this will help..
Thanks!
Hussain.
You should be able to get the value in the textarea using $_POST['textarea' . $wsID] after your call to is_numeric.
Here is another approach, not completely tested, but hopefully you get the idea...
if (isset($_POST["update"]))
{
// All to blank
$seolistRes2 = mysql_query($seolistQ) or die(mysql_error());
while ($seolistRow2 = mysql_fetch_array($seolistRes2))
{
$wsID1 = $seolistRow2["worksheetID"];
$updateWSQ2 = "UPDATE seo_work SET taskValue=0, taskInfo='' WHERE worksheetID=$wsID1 AND userID=$userID";
mysql_query($updateWSQ2) or die(mysql_error());
}
// Re use your result from the select to go through all the known IDs
foreach($seolistRow2 as $i => $data)
{
// Obtain the ID
$id = $data['worksheetID'];
// Get the checkbox value for current ID
$checkbox_wsID = $_POST['checkbox' . $id];
// Get the textarea value for current ID
$textarea_wsID = $_POST['textarea' . $id];
// Update the Row using mysql_escape
$updateWSQ = "UPDATE seo_work " .
"SET taskValue = '" . mysql_escape_string($checkbox_wsID) ."' taskInfo = '" . mysql_escape_string($textarea_wsID) ."'" .
"WHERE worksheetID=$id AND userID=$userID";
mysql_query($updateWSQ)
or die(mysql_error());
header("Location: worksheet.php?y=".$seoworkyear."&userID=$userID&action=success");
}
}
I've been trying think of a way to do this. I want it to where users can check off items, hit submit and it goes to the code on the next page and deletes all of the checked items from the database. Problem one is that in the post its only sending over the last checked item. Here is how I have it set up right now.
echo "<form name='fm1' METHOD ='POST' ACTION ='displaydelete.php' > ";
//Draws up the table headers
echo "";
echo "";
echo "Fund Number ";
echo "Hours ";
echo "Percentage";
echo "Delete";
echo "";
//While there are query results data is pushed into table cells
while ($row = mysql_fetch_array($queryResult2))
{
$hours = $row['hours'];
$percentage = $hours / 160 * 100;
echo "<tr>";
echo "<td>";
echo $row['funnumber'];
echo "</td>";
echo "<td>";
echo $hours;
echo "</td>";
echo "<td>";
echo $percentage ."%";
echo "</td>";
echo "<td>";
echo "<input type='checkbox' name='id' value='$row[id]'/>";
echo "</td>";
echo "</tr>";
}
//End of tabel
echo "</table>";
echo" ";
echo "";
What I would like to do is push all of the items into a variable and maybe delete them that way. I'm not really sure how you would handle multiple deletes. I'm doing my delete like this for something else if this helps any.
$query = "DELETE FROM users
WHERE ninenumber = '$ninenumber'";
$result = mysql_query($query)
or die("Query Failed: " .mysql_error());
mysql_close($conn);
In your form:
<input type='checkbox' name='id[]' value='$row[id]'/>
Then, in the file you post to:
if(is_array($_POST['id'])){
foreach($_POST['id'] as $id){
...do something to $id;
}
}
Instead of this:
echo "<input type='checkbox' name='id' value='$row[id]'/>";
You need this:
echo "<input type='checkbox' name='id[]' value='$row[id]'/>";
Note the difference. I added [] after the input name. This tells the client and server that there are multiple inputs with that name. $_POST['id'] will be an array you can loop through on the next page.
foreach ($_POST['id'] as $checkbox) {
// DELETE FROM users WHERE ninenumber = $checkbox
}
isset, is_array, and mysql_real_escape_string omitted for brevity.
In the form-generating code, make the name in the html have" []" after it:
...
echo "<input type='checkbox' name='id[]' value='$row[id]'/>";
...
Then, in the form-reading code, your post'ed id will be an array.
$id_array = isset($_POST['id']) && is_array($_POST['id']) ? $_POST['id'] : array();
foreach( $id_array as $id ) {
$query = "DELETE FROM users WHERE ninenumber = '" . mysql_real_escape_string($id) . "'";
// execute the delete query
}
Putting [] after the name of a control will turn it into an array in the superglobal that you can then iterate over to get all the values from.
You need to have the same name for all of your checkboxes, then all values are passed as array POST variable.
<input type='checkbox' name='id[]' value='$row[id]'/>
Change
name=id
to
name=id[]
this will then give you an array.