Can you see a logic error - php

I have this script:
<?php
/**
* The template for displaying all pages.
* Template Name: modify.php
* This is the template that displays all pages by default.
* Please note that this is the WordPress construct of pages
* and that other 'pages' on your WordPress site will use a
* different template.
*
* #package WordPress
* #subpackage Twenty_Twelve
* #since Twenty Twelve 1.0
*/
get_header(); ?>
<div id="primary" class="site-content">
<div id="content" role="main">
<?php while ( have_posts() ) : the_post(); ?>
<?php get_template_part( 'content', 'page' ); ?>
<?php comments_template( '', true ); ?>
<?php endwhile; // end of the loop. ?>
<?php
$user_id = get_current_user_id();
if($user_id==0)
{
echo "Login please";
exit;
}
mysql_connect("localhost", "", "") or die (mysql_error());
#echo "Connected to MYSQL ";
mysql_select_db("derp") or die (mysql_error());
#echo "Connected to Data Base";
/*$query = "SELECT * FROM addserverame WHERE userId='{$user_id}'";
$result = mysql_query ($query) or die (mysql_error());*/
if(!isset($_POST['submit'])) {
$q = "SELECT * FROM addserverame WHERE ID = $_GET[id] AND userId='{$user_id}'";
$result = mysql_query ($q);
$person = mysql_fetch_array ($result);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Add Your Server</title>
<link rel="stylesheet" type="text/css" href="view.css" media="all">
<script type="text/javascript" src="view.js"></script>
</head>
<body id="main_body" >
<img id="top" src="top.png" alt="">
<div id="form_container">
<h1><a>Modify Server</a></h1>
<form id="form_606591" class="appnitro" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<div class="form_description">
<h2>Add Your Server</h2>
<p></p>
</div>
<ul >
<li id="li_1" >
<label class="description" for="servername">Server Name </label>
<div>
<input id="element_1" name="Servername" class="element text medium" type="text" maxlength="255" value="<?php echo $person['servername']; ?>"/>
</div><p class="guidelines" id="guide_1"><small>Enter your server name here NOT your server address.</small></p>
</li> <li id="li_2" >
<label class="description" for="Serveraddress">Server Address </label>
<div>
<input id="element_2" name="Serveraddress" class="element text medium" type="text" maxlength="255" value="<?php echo $person['serveraddress']; ?>"/>
</div><p class="guidelines" id="guide_2"><small>This will the DNS name of your server</small></p>
</li> <li id="li_3" >
<label class="description" for="Portnumber">PortNumber </label>
<div>
<input id="element_3" name="Portnumber" class="element text medium" type="text" maxlength="255" value="<?php echo $person['portnumber']; ?>"/>
</div><p class="guidelines" id="guide_3"><small>This will be the port your server is using.</small></p>
</li> <li id="li_4" >
<label class="description" for="Description">Server Description </label>
<div>
<textarea id="element_4" name="Description" class="element textarea medium" value ="<?php echo $person['description']; ?>"></textarea>
</div><p class="guidelines" id="guide_4"><small>Enter server description/rules here.</small></p>
</li>
<li class="buttons">
<input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
<input id="saveForm" class="button_text" type="submit" name="submit" value="Modify" />
</li>
</ul>
</form>
<div id="footer">
</div>
</div>
</body>-
</html>
<?
if(isset($_POST['submit'])) {
$u = "UPDATE addserverame SET `servername`='$_POST[Servername]', `serveraddress`='$_POST[Serveraddress]', `portnumber`='$_POST[Portnumber]', `description`='$_POST[Description]' WHERE ID = $_POST[id] AND userId='{$user_id}'";
mysql_query($u) or die (mysql_error());
echo "Server Info Has Been Modified";
}
?>
</div><!-- #primary -->
</div><!-- Content -->
<?php //endif; ?>
<?php get_footer(); ?>
I cant figure what, if any what the logical errors are.
Whats meant to happen
the user chooses to update a table if the table is theirs they should be able to edit it and update the table.
Whats happening
the user will try and edit it but it will not update there is no successful modify echo and they are redirected to the front page.
Can any one in all there wisdom explain to me why this is happening instead of what i want to happen.
Thanks
Ben


the probab cause for your form t fail is that the form is not runing in your default page thatts routing to somewhere in your index page as gives you the php file thats executing and that the index.php so the main cause may be your form action i.e. you are using action in your form like
action="<?php echo $_SERVER['PHP_SELF']; ?>"
so it might be redirecting to your home page i.e. index.php so place your form action blank might this help you

Related

HTML data submit button returns php source file and does not send data to mysql table

Installed Apache2 and uncommented php7 module with: https://websitebeaver.com/set-up-localhost-on-macos-high-sierra-apache-mysql-and-php-7-with-sslhttps
Location of apache config in my machine:
/etc/apache2
Installed MySQl with homebrew according to : https://tecadmin.net/install-mysql-macos/#
Locations of MySQl on my machine is:
mysql is /usr/local/bin/mysql
mysql is /usr/local/mysql/bin/mysql
Wrote unique mysql tables under same database for two unique html registration forms written on Visual Studio Code. Live server extension on VS Code allows browser to display and navigate html/css but after I submit data on signup.html, my interpreters.php code is automatically returned as a download with unknown server script injection.
signup.html file displays on browser
!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="signup.css">
<link rel="stylesheet" type="text/css" href="navigationbar.css">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Sign up with ...</title>
</head>
<header>
<div id="menu-content">
<div class="navbar">
<ol>
<li> Home </li>
<li> For Professionals </li>
<li> Request Service </li>
</ol>
</div>
</div>
</header>
<body>
<form name="signup" action="interpreters.php" method="get" style="border:1px solid #ffff">
<div class="container">
<h1><center>Professional Interpreter Registration</center></h1>
<label for="first">First Name: </label>
<input type="text" placeholder="Your name..." name="first" required>
<label for="last">Last Name:</label>
<input type="text" placeholder="Your last name..." name="last" required>
<label for="industry"><b> Industry: </b></label>
<input type="text" placeholder="Your industry..." name="industry" required>
<label for="type"><b> Service Type: </b></label>
<input type="text" placeholder="Description:Translation of legal documents Mandarin and Arabic/Interpret Italian through video only." name="industry" required>
<label for="email">Email:</label>
<input type="text" placeholder="email" name="email" required>
<div class="clearfix">
<button type="submit" class="signupbtn name="submit">Sign Up</button>
</div>
</div>
</form>
</body>
</html>
The action that the html is linked to is the following interpreters.php
<?php
// php code to Insert data into mysql database from input text
if(isset($_GET ['insert'] ) )
{
$hostname = "localhost";
$username = "root";
$password = "......";
$databaseName = "registrations";
// get values form input text and number
$last = $_GET ['last'];
$first = $_GET['lfirst'];
$industry = $_GET['industry'];
$type = $_GET['type'];
$email = $_GET['email'];
// connect to mysql database using mysqli
$connect = mysqli_connect($hostname, $username, $password, $databaseName);
// mysql query to insert data
$query = "INSERT INTO `interpreters`(`last`, `first`, `industry`, 'type', 'email') VALUES ('$last','$first','$industry', '$type', '$email' )";
$result = mysqli_query($connect,$query);
// check if mysql query successful
if($result)
{
echo 'Data Inserted';
}
else
{
echo 'Data Not Inserted';
}
mysqli_free_result($result);
mysqli_close($connect);
}
?>
<html>
<body>
Thank you, <?php echo $_POST['first']; ?><br />
We will contact you at <?php echo $_POST['email']; ?><br />
<br />
</body>
</html>

Why are my search results not visible under the search form?

hoping somebody is able to help!
I have created a search form to enable a user to search for a specific assessment day using the name, date and the company it is for.
The results of this search should appear below the form used to generate the search. However, at the moment, when the search button is selected the form just refreshes and does not show any results?
Can anyone advise? Code below:
<?php
if(isset($_GET['submit'])){
require_once 'connect.php';
if(isset($_GET['nameofassessmentday'])) {
if(isset($_GET['dateofassessmentday'])) {
if(isset($_GET['companyname'])) {
$nameofassessmentday = $db-> real_escape_string($_GET['nameofassessmentday']);
$dateofassessmentday = $db-> real_escape_string($_GET['dateofassessmentday']);
$companyname = $db-> real_escape_string($_GET['companyname']);
$query = $db->query ("
SELECT Name, Company
FROM assessment_day_details
WHERE Name LIKE '{$nameofassessmentday}'
AND Company LIKE '{$companyname}'
AND Date_of_Day = '{$dateofassessmentday}'
");
}
}
}
?>
<div class="result-count">
Found <?php echo $query->num_rows; ?> results.
</div>
<?php
if($query-> num_rows) {
while($r = $query->fetch_object()) {
?>
<div class="result">
<?php echo $r->Name; ?>
<?php echo $r->Company; ?>
</div>
<?php
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Assess Existing Assessment Day-Search</title>
<link rel="stylesheet" href="style.css">
</head>
<?php
include 'function.php';
}
?>
<body>
<div id="form">
<form method="get">
<p>
<label>Name of Assessment Day:</label>
<input type="text" id="nameofassessmentday" name="nameofassessmentday" required/>
</p>
<p>
<label>Date of Assessment Day:</label>
<input type="date" id="dateofassessmentday" name="dateofassessmentday" required />
</p>
<p>
<label>Company Name :</label>
<input type="text" id="companyname" name="companyname" required/>
</p>
<p>
<input type="submit" id="btn" value="Search" />
</p>
</form>
</div>
</body>
</html>
Also, just one additional question for future reference. Is there anyway I would be able to hyperlink a search result to go to a particular page?
Thanks in advance!
And as some further information, prior to trying to get the search results to show in the same webpage, I had the below two pages and it worked perfectly.
<!DOCTYPE html>
<html>
<head>
<title>Assess Existing Assessment Day-Search</title>
<link rel="stylesheet" href="style.css">
</head>
<?php
include 'function.php';
?>
<body>
<div id="form">
<form action="search.php" method="get">
<p>
<label>Name of Assessment Day:</label>
<input type="text" id="nameofassessmentday" name="nameofassessmentday" required/>
</p>
<p>
<label>Date of Assessment Day:</label>
<input type="date" id="dateofassessmentday" name="dateofassessmentday" required />
</p>
<p>
<label>Company Name :</label>
<input type="text" id="companyname" name="companyname" required/>
</p>
<p>
<input type="submit" id="btn" value="Search" />
</p>
</form>
</div>
</body>
</html>
<?php
require_once 'connect.php';
include 'function.php';
if(isset($_GET['nameofassessmentday'])) {
if(isset($_GET['dateofassessmentday'])) {
if(isset($_GET['companyname'])) {
$nameofassessmentday = $db-> real_escape_string($_GET['nameofassessmentday']);
$dateofassessmentday = $db-> real_escape_string($_GET['dateofassessmentday']);
$companyname = $db-> real_escape_string($_GET['companyname']);
$query = $db->query ("
SELECT Name, Company
FROM assessment_day_details
WHERE Name LIKE '{$nameofassessmentday}'
AND Company LIKE '{$companyname}'
AND Date_of_Day = '{$dateofassessmentday}'
");
}
}
}
?>
<div class="result-count">
Found <?php echo $query->num_rows; ?> results.
</div>
<?php
if($query-> num_rows) {
while($r = $query->fetch_object()) {
?>
<div class="result">
<?php echo $r->Name; ?>
<?php echo $r->Company; ?>
</div>
<?php
}
}
?>

you have to add '%' when you use LIKE in query
check here https://www.w3schools.com/sql/sql_like.asp

ECHO Results into a FORM after multiple pages

I've seen tutorials on doing this sort of things echo'ing the results directly from the form into a different form on the following page however the issue I'm facing is slightly different and I can't find any threads that cover it, I'm sure someone will prove how much of a novice I am by answering this however.
I have a search form as shown here:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Search Contacts</title>
</head>
<p><body>
<h3>Search Contacts Details</h3>
<p>You may search either by first or last name</p>
<form method="post" action="search.php?go" id="client">
<input type="text" name="name">
<input type="submit" name="submit" value="Search">
</form>
</body>
</html>
</p>
The results are then display in a table on the Search.PHP page, the code is shown here:
enter code here
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Client/title>
<link href="/csstwo.css" type="text/css" rel="stylesheet">
</head>
<div id="Header">
<h1>Search results</h1>
<div id="Banner"></div>
<div id="logo"></div>
<div style="clear: both;"></div>
</div> <!-- /Header -->
<body>
<div id="nav">
<div id="nav_wrapper">
<ul>
<li>Home</li>
<li>Client
<ul>
<li>Add a Client</li>
<li>Manage Client</li>
</li><li>Client List</li>
</ul>
<li>Case
<ul>
<li>Add a Case</li>
</li><li>Manage Case</li>
</ul>
<li>Help <img src="arrow.jpg">
<ul>
<li>Case</li>
<li>Client</li>
</li><li>Contacts</li>
</ul>
</li>
</ul>
</div>
</div>
<div id="content">
<table width="70%" cellpadding="5" cellspace="5" position="centre">
<tr>
<td><strong>ID</strong></td>
<td><strong>Forename</strong></td>
<td><strong>Surname</strong></td>
<td><strong>Postcode</strong></td>
<td><strong>Address Line One</strong></td>
<td><strong>Address Line Two</strong></td>
<td><strong>Town/City</strong></td>
<td><strong>Contact Number</strong></td>
<td><strong>Manage Client</strong></td>
</tr>
<?php while ($row =mysql_fetch_array($result)) { ?>
<tr>
<td><?php echo $ID =$row ['ClientID'] ?></td>
<td><?php echo $FirstName =$row ['forename'] ?></td>
<td><?php echo $LastName =$row ['surname'] ?></td>
<td><?php echo $row ['postcode'] ?></td>
<td><?php echo $row ['addresslineone'] ?></td>
<td><?php echo $row ['addresslinetwo'] ?></td>
<td><?php echo $row ['towncity'] ?></td>
<td><?php echo $row ['contactnumber'] ?></td>
<td><a href='manageclient.php?id={$row['id']}'>Manage</a></td>
</tr>
<?php } ?>
</table>
</body>
I have a link at the end that takes you to Manageclient.php, the user would select Manage Client on the Search.php page that displays results. This would then take the user to Manageclient.php with a prepopulate form from the results of Search.php.
I'm probably being extremely stupid but I can't seem to carry the results from the Search.php and echo them into the form on Manageclient.php, I always keep getting errors saying the variables are not defined.
I hope this makes sense and any help on this would be appreciated greatly.
EDIT:
I'm posting to this form on manageclient.php:
<form action="manageclient.php" method="post" form id="client">
<div class="label">
<h1> Edit a Client
<span>Please enter the case's details below.</span>
</h1>
<div class="label">*ClientID:
<div class="txtbox">
<input name="ClientID" type="text" id="txt" placeholder="Enter Your First Name." value="<?php echo $result ['ClientID']; ?>"/>
</div>
</div>
<br>
<div class="label">*Forename:
<div class="txtbox">
<input name="forename" type="text" id="txt" placeholder="Enter Your Last Name." value="<?php echo $result ['forename']; ?>"/>
</div>
</div>
<div class="label">*Surname:
<div class="txtbox">
<input name="surname" type="text" id="txt" placeholder="DD/MM/YYYY." value="<?php echo $result ['surname']; ?>"/>
</div>
</div>
I get the following error messages:
Notice: Undefined variable: result in C:\xampp\htdocs\acaproject\manageclient.php on line 105
Warning: mysql_fetch_array() expects parameter 1 to be resource, null given in C:\xampp\htdocs\acaproject\manageclient.php on line 105
Notice: Undefined index: ClientID in C:\xampp\htdocs\acaproject\manageclient.php on line 75
Notice: Undefined index: forename in C:\xampp\htdocs\acaproject\manageclient.php on line 81
Notice: Undefined index: surname in C:\xampp\htdocs\acaproject\manageclient.php on line 86
FURTHER EDIT: Showing PHP in search.php
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[ a-zA-Z]+/", $_POST['name'])){
$name=$_POST['name'];
//connect to the database
$db=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
//-select the database to use
$mydb=mysql_select_db("acatestdb");
//-query the database table
$sql="SELECT ClientID, forename, surname, dateofbirth, postcode, addresslineone, addresslinetwo, towncity, contactnumber FROM clienttbl WHERE surname LIKE '%" . $name . "%' OR forename LIKE '%" . $name ."%'";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
}
}
}
?>

I am not sure what are you asking for.
Your style is very unclear same as code :-(
But check this line:
<td><a href='manageclient.php?id={$row['id']}'>Manage</a></td>
should be
<td>Manage</td>
and in your manageclient.php you can try:
<div class="label">*ClientID:
<div class="txtbox">
<input name="ClientID" type="text" id="txt" placeholder="Enter Your First Name." value="<?=(isset($_GET['ClientID']))?$_GET['ClientID']:'' ?>"/>
</div>
</div>
<br>
<div class="label">*Forename:
<div class="txtbox">
<input name="forename" type="text" id="txt" placeholder="Enter Your Last Name." value="<?=(isset($_GET['forename']))?$_GET['forename']:'' ?>"/>
</div>
</div>
<div class="label">*Surname:
<div class="txtbox">
<input name="surname" type="text" id="txt" placeholder="DD/MM/YYYY." value="<?=(isset($_GET['surname']))?$_GET['surname']:'' ?>"/>
</div>

Post data for comment is not being transferred to query

I have a update query that I want to use and it's not working. All data is being posted except for CommentID and I can't understand why.
This is my query's output:
UPDATE comments SET
title='PHP',universitet='Högskolan',
kurs='Objekt orienterad programmering i PHP',
kurskod='HIG480-34', betyg='8', message='kom igen nu PHP'
WHERE CommentID = ''
As you can see WHERE CommentID = '' is empty.
<?php
require_once 'DBConnection/connection.php';
class EditPost{
public $comment;
public $id;
public function __construct() {
$this->comment = comment;
$this->id = mysql_real_escape_string($_GET['CommentID']);
}
public function EditThePost(){
if(!isset($_POST['editComment'])){
$query = "SELECT * FROM comments WHERE CommentID = '$this->id'";
$result = mysql_query($query);
$this->comment = mysql_fetch_array($result);
}elseif(isset($_POST['CommentID'])){
$updateQuery = "UPDATE comments SET title='$_POST[title]',universitet='$_POST[universitet]',kurs='$_POST[kurs]',kurskod='$_POST[kurskod]',betyg='$_POST[betyg]',message='$_POST[TheComment]' WHERE CommentID = '$_POST['CommentID]'";
mysql_query($updateQuery) or die(mysql_error());
echo $updateQuery;
header("Location: loggedin.php");
exit();
}
}
}
Here is the edit page with HTML:
<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE);
require_once 'DBConnection/connection.php';
require_once 'Posting/editPost.php';
$edit = new EditPost();
$edit->EditThePost();
?>
<!DOCTYPE html>
<html lang="sv">
<?php include('incl/header.php'); ?>
<body>
<!--The Navbar-->
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="container" align="center">
Hem ||
<?php include('incl/logoutUser.php'); ?>
</div>
</div>
<!--The page container-->
<div id="container" >
<img src="logo.png" id="logoType" align="center">
<br>
<br>
<span class="label label-warning">Redigera inlägg:</span>
<div class="container" align="left">
<br>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<p><span class="label label-info">Titel: </span> <br><input type="text" require name="title" placeholder="Ange titel.." value="<?php echo $edit->comment['title'] ;?>"</p>
<p><span class="label label-info">Högskola: </span> <br><input type="text" require name="universitet" placeholder="Ange högskola.." value="<?php echo $edit->comment['universitet']?>"></p>
<p><span class="label label-info">Kurs: </span> <br><input type="text" require name="kurs" placeholder="Ange kurs.." value="<?php echo $edit->comment['kurs']; ?>"></p>
<p><span class="label label-info">Kurskod: </span> <br><input type="text" require name="kurskod" placeholder="Ange kurskod.." value="<?php echo $edit->comment['kurskod']; ?>"></p>
<p><span class="label label-info">Betyg: </span> <br><input type="text" require name="betyg" placeholder="Betyg mellan 1-10" value="<?php echo $edit->comment['betyg']; ?>"></p>
<p><span class="label label-info">Meddelande: </span></p>
<textarea rows="10" cols="80" require name="TheComment" placeholder="Skriv ditt meddelande.." ><?php echo $edit->comment['message'];?></textarea>
<br><br>
<input type="hidden" name="CommentID" value="<?php echo $_POST['CommentID'];?>"/>
<p><input type="submit" class="btn btn-primary" name="editComment" value="Redigera inlägg"></p>
<br>
</form>
<br />
</div>
</div>
<?php include('incl/footer.php'); ?>
</div>
</body>
</html>

I will answer your question while ignoring the security issues, mostly because I don't have much time right now.
You have one issue in your constructor, where you're assigning the contents of a $_GET['CommentID'] to one variable a the $_POST['CommentID']. This is a really bad idea, you should use either $_GET['CommentID'] or $_POST['CommentID'], using both is asking for trouble.
The reason why your comment ID isn't posting is because it's not in your HTML form. From your link, you are doing
<input type="hidden" name="id" value="<?php echo $_GET['CommentID'];?>"/>
To do what you want, it should read
<input type="hidden" name="CommentID" value="<?php echo $_POST['CommentID'];?>"/>
Change the name attribute of this input to be CommentID, read the contents of $_POST['CommentID'], and your code should work.

php if statement and comparison value

<?php
error_reporting(0);
session_start();
if(!$_SESSION["login"]){
print '<script type="text/javascript">';
print 'alert("You need to login first")';
print '</script>'; echo '<meta http-equiv="REFRESH" content="0;url=home.php">';
die();
}
?>
<?php
//This is the book stuff
ob_start();
#error_reporting(0);
$host="localhost"; // Host name
include 'databaselogin.php';
$db_name="X"; // Database name
$tbl_name="Books"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$id = $_GET["id"];
$sql = 'SELECT * FROM Books WHERE `id` = '.$id.' LIMIT 1';
$result=mysql_query($sql) or die(mysql_error());
while($rows = mysql_fetch_array($result)){
?>
<?
//this is user stuff.
ob_start();
error_reporting(0);
$host="localhost"; // Host name
include 'databaselogin.php';
$currentuser = $_SESSION["id"];
$db_name="X"; // Database name
$tbl_name="users"; // Table name
$tbl_name="Books"; // Table name
/*
if ($rows['userid'] != $currentusers)
{
print '<script type="text/javascript">';
print 'alert("you dont have permissions")';
print '</script>'; echo '<meta http-equiv="REFRESH" content="0;url=home.php">';
}
*/
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Silent Generation</title>
<link rel="stylesheet" href="styles.css" type="text/css" media="screen" />
<link rel="stylesheet" type="text/css" href="print.css" media="print" />
<!--[if IE]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
<!--script section-->
<script type="text/javascript">
</script>
<!--end script section-->
</head>
<body>
<div id="wrapper"><!-- #wrapper -->
<header><!-- header -->
<h1>Silent Generation</h1>
<h2>Would it be too chezy to say silent but deadly</h2>
</header><!-- end of header -->
<nav><!-- top nav -->
<div class="menu">
<ul>
<li>Home</li>
<li>Sell</li>
<li>Buy</li>
<li>Stores</li>
<li>Donate</li>
<li>Contact Us</li>
<li>Support</li>
</ul>
</div>
</nav><!-- end of top nav -->
<section id="main"><!-- #main content and sidebar area -->
<section id="content"><!-- #content -->
<article>
<form method="GET" action="editadd.php" name="add" id="add">
Book Name:
<div align="center" style="margin-top:-15px;">
<input type="text" name="name" id="name" value="<?echo $rows["name"];?>"/></div>
Author's Name: <div align="center" style="margin-top:-15px;"><input type="text" name="author" id="author" value="<?echo $rows["author"];?>"></div>
ISBN: <div align="center" style="margin-top:-15px;"><input type="text" name="ISBN" id="ISBN" value="<?echo $rows["ISBN"];?>"></div>
Edition : <div align="center" style="margin-top:-15px;"><input type="text" name="edition" id="edition" value="<?echo $rows["edition"];?>"></div>
Contact info:<div align="center" style="margin-top:-15px;"> <input type="text" name="contact" id="contact" value="<?echo $rows["contact"];?>" /></div>
Price: <div align="center" style="margin-top:-15px;"> <input type="text" name="price" id="price" / value="<?echo $rows["price"];?>"></div>
Comments: <div align="center"><textarea id="comments" name="comments" rows="13" cols="80" ><?echo $rows["comment"];?> </textarea></div>
<div align="center"><input type="submit" value="Submit" style="width:660px;height:70px;"/></div>
<input type="hidden" name="id" value="<?echo $rows["id"];?>" />
</form>
current user: <?echo $currentuser;?>
posted by: <?echo $rows['userid']?>
<?
}
ob_end_flush();
if ( intval($rows['userid']) == intval($currentusers))
{echo "true";}
else
{echo "fasle";}
?>
</article>
<pre>
</pre>
</section><!-- end of #content -->
<aside id="sidebar"><!-- sidebar -->
<?php
error_reporting(0);
session_start();
if(!$_SESSION["login"]){
?>
<h3>Login</h3>
<form method="post" ACTION="login.php">
E-mail
<input type="text" id="myusername" name="myusername" />
<br/>
<br/>
Password <input type="password" id="mypassword" name="mypassword" />
<br/>
<br/>
<INPUT TYPE="submit" VALUE="Submit" />
<br/>
<input TYPE="button" VALUE="Password?"onclick="javascript:document.location='lostpass.php'; return false; "/>
</form>
<pre>
</pre>
<h3>Register</h3>
<form method="post" action="register.php" name="register" id="register">Name <br/><input type="text" id="name" name="name" ><br/>
Email <br/> <input type="text" id="email" name="email"><br/>
School <br/> <select name="school" id="school">
<option value='Sierra College'>Sierra College</option>
<option value='American River'>American River</option>
<option value='UC Davis'>UC Davis</option>
<option value='UCLA'>UCLA</option>
<option value='UCSD'>UCSD</option>
</select><br/>
Password <br/> <input type="password" id="password" name="password"><br/>
Conform Password <br/> <input type="password" id="password2" name="password2"><br/>
<br/>
<input type="submit" value="Submit">
<input type="reset" value="Clear">
</form>
<?}else{?>
<h3>Welcome</h3> <?php echo $_SESSION["username1"] ?>
Logout
<?}
?>
<h3>Connect With Us</h3>
<ul>
<li>Twitter</li>
<li>Facebook</li>
</ul>
</aside><!-- end of sidebar -->
</section><!-- end of #main content and sidebar-->
<footer>
<section id="footer-area">
<section id="footer-outer-block">
<aside class="footer-segment">
<h4>Joubin Jabbari</h4>
<p>© 2011 Silentgen.com
presents a site by a student for students.
</p>
</aside><!-- end of #fourth footer segment -->
</section><!-- end of footer-outer-block -->
</section><!-- end of footer-area -->
</footer>
</div><!-- #wrapper -->
<!-- Free template created by http://freehtml5templates.com -->
</body>
</html>
The above is my entire code.... the fist few blocks of php is all you need to look at. All I want to is to make sure that the person is trying to edit this post is the person that has posted it. otherwise, they need to be rerouted else where.

hmm... perhaps trying if ( intval($rows['userid']) == intva($currentusers))
Ok, you were using the wrong variable name. It is meant to by $currentuser not $currentusers.
if ( $rows['userid'] == $currentuser)
echo "true";
else
echo "false";

based on your variable name your $currentusers is an array of users, if so you can check if a value exists in it with in_array($value,$array);
if not, you have named your variable in a bad manner =D, maybe it's a type problem. cast both of them to int values with intval function
if(inval($rows['userid']) == intval($currentusers))

Nothing is wrong with your conditional statement, so it must be an issue with what is being stored in $currentusers and $rows['userid']. Can you provide more code specific to the values being assigned to those two variables?
EDIT: You have a typo in your code. You're comparing to "$currentusers" instead of "$currentuser". Try this:
if ( intval($rows['userid']) == intval($currentuser))
{echo "true";}
else
{echo "fasle";}

Categories