Every time it takes two clicks on the submit button to get the code to go, also just randomly it was triggering different codes that are setup the same way but with different names for the input and inside the $_POST. Am I using the $_POST right by setting the name of the input to the same thing?
here is the code
<?php
//If submit form was clicked
if(isset($_POST['intro'])) {
//Server side validation for security purposes
if($userpoints >= 100 AND $intro == 0 AND $lifeonmarsalbum == 0) {
mysqli_query($con,"UPDATE users SET points = points - 100 WHERE users.user_name = '$username' LIMIT 1");
mysqli_query($con,"UPDATE users SET intro = 1 WHERE users.user_name = '$username' LIMIT 1");
}
}
?>
<form method="post" action="index.php">
<?php
if ($userpoints >= 100 AND $intro == 0 AND $lifeonmarsalbum == 0) {
echo '<input type="submit" name="intro" value="100pts">';
} elseif ($intro == 1 OR $lifeonmarsalbum == 1) {
echo '<input type="submit" name="submit" value="100pts" disabled title="You already earned this track!">';
} else {
echo '<input type="submit" name="submit" value="100pts" disabled title="You need at least 100 points for this download">';
}
?>
You only output a name="intro" submit button when that first line of if() clauses is met. Most likely the first time you load this page, that condition isn't met, so there's no intro button. After the first submitt, the condition IS met, and you get name="intro" in the form, and the submit then "starts" working.
Related
Im making a small php webpage which I plan to use to track on which subjects a helpdesk receives calls. My database has 3 important fields: id, name, and amount for each subject.
On my page I have a form with a dropdown list where you select a type of call and click submit. The idea is that every time you click submit the page reloads and the amount in the database for the chosen id is heightened by 1.
The form gives me the id and name for each call:
<form method="post" action="index.php">
<select class="select" id="calltype" name="calltype">
<?php
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<option value=".$row["ID"].">".$row["NAAM"]."</option>".PHP_EOL;
}
}
?>
</select></br>
<input class="input" type="submit" name="Submit" value="Submit">
</form>
This part works, if I echo $_POST['calltype'] I get the correct ID. What I can't get to work is the update statement which I want to heighten the counter, like:
if(isset($_POST['calltype']{
mysqli_query("UPDATE calls SET amount=(amount+1), WHERE id = $_POST['calltype']");
}
How would I go about this? I tried several methods but can't get it to work
besides for the extra comma, interpolation with the POST array like this is risky. maybe try:
mysqli_query("UPDATE calls SET amount=(amount+1) WHERE id = " . mysqli_real_escape_string($link, $_POST['calltype']) . " ;");
I'd like to ask two things for this particular user ability. The first is how to delete a row upon user clicking a button. The second is....would this be a good idea? How can I create a safe environment for someone to do this. This is what I've got so far :
<?php
include_once "db_conx.php";
if($_POST['wall'] == "post") {
//open if($_POST['wall'] == "post")
$id = mysqli_real_escape_string($db_conx, trim($_POST['id1']));
if($id == " ")
{
exit();
}
else
$sql = "SELECT FROM courseprogress WHERE userid='$id' LIMIT 1";
$results = mysqli_query($db_conx, $sql);
$sidebar = mysqli_num_rows($results);
if($sidebar > 0) {
//close if($sidebar > 0)
while($row = mysqli_fetch_assoc($results))
{
$sql = mysqli_query("DELETE FROM courseprogress WHERE userid='$id'");
$results = mysqli_query($db_conx, $sql);
}
//close if($sidebar > 0)
}
else
{
echo 'Already Complete!';
echo "<pre>";
var_dump($sql);
echo "</pre><br>";
}
//close if($_POST['wall'] == "post")
}
?>
Right now I'm in the process of dumping out variables, but can't seem to get my id variable right.
The idea is to "start over" in a sense. The table holds the user progression and settings. Once they've decided they need to start over they will be allowed to do so by simply deleting the row. When the begin again the row will be created again.
A little more information:
The small form script I was trying to use is:
<div class="userInfoContain"><div class="positionRight"><div id="form"> <form><div class="submit"><input type="hidden" id="id" value="'.$id.'" /><input type="submit" name="button" id="button" value="Start Over" onclick="return false" onmousedown="javascript:wall();"/><img src="images/loading.gif" alt="" width="15" height="15" id="loadingstart" /></div></form></div></div></div>
<script type="text/javascript">
$(document).ready(function(){
$('#loadingstart').hide();
});
function wall(){
$('#loadingstart').show();
var id = $('#id').val();
var URL = "./includes/start-over-user.php"; /////post.php will be equal the variable "comment"
$.post(URL,{wall:"post",id1:id},function(data){//parameter wall will be equal "post", name1 will be equal to the var "name" and comment1 will be equal to the var "comment"
$("#result").prepend(data).show();// the result will be placed above the the #result div
$('#loadingstart').hide();
});
}
</script>
1) Safely allow user to delete: The safest way is to not allow delete permissions on the MySQL user that is being used by the website. A method called soft delete is much safer for deleting rows in MySQL tables. This involves adding a column named "is_deleted" to the table where you are making this update. When is_deleted is set to 0, allow the row to act normally. When a user sets is_deleted to 1, it should act as if it doesn't exist. In this example, I am assuming you have set $is_deleted to the column is_deleted in your table:
if($is_deleted == '1')
{
// Don't display
}
else
{
// Display
}
2) How to implement: The best way to do this is with:
UPDATE tablename SET is_deleted = '1' WHERE id = '".$id."'
which should be executed through AJAX command or a link that will execute the MySQL query.
to delete I advice you to use ajax , it's perfect and you can have more control on this action
the other Problem i need more explanation i didn't understand you good
How do I check with PHP if this code has been clicked so I can use it in an if statement?
<form id="rating" action="index.php" method="post">
Rating
</form>
So if it is clicked I want to use this query:
if () {
$result = mysqli_query($con,"SELECT * FROM users WHERE `approved` = 1 ORDER BY `rating`");
}
You would have to add an input, like <input type="hidden" name="hidden_element" value="data"/> to your form, otherwise there is no POST data for the server to receive.
Then in the index.php script you can check if $_POST['hidden_element'] is set.
For your example:
if (isset($_POST['hidden_element']) {
$result = mysqli_query($con,"SELECT * FROM users WHERE `approved` = 1 ORDER BY `rating`");
}
So since your current form doesn't submit any data i like the technique of if multiple buttons are inside a form each should have its propper name and a type of submit
and on php you check like
if (this button was pressed then)
else if (this button was pressed then)
else (redirect in none or what ever you need to do when landed)
your form, i changed the ahref to an input type submit with the name of button
<form id="rating" action="index.php" method="post">
<input type="submit" name="button"
onclick="document.getElementById('rating').submit();">Rating
</form>
the php action should look like this, you can later implement ajax calling here
if (isset($_POST['button']) === true && empty($_POST['button']) === tre)
{
$result = mysqli_query($con,"SELECT * FROM users WHERE `approved` = 1 ORDER BY `rating`");
}
I have PHP code which creates a list with radio buttons for each list item.
$result = mysql_query("SELECT * FROM attitudes WHERE x_axis = '$famID'",$db);
$rowcheck = mysql_num_rows($result);
while ($row_user = mysql_fetch_assoc($result))
foreach ($row_user as $col=>$val) {
if ($col != $famID && $col != 'x_axis') {
list($famname) = mysql_fetch_row(mysql_query("SELECT familyname FROM families WHERE families_ID='$col'",$db));
echo "col $col famname $famname is val $val.";
echo "<input type = \"radio\" name = \"whichfam\" value = \"$col\" />";
echo "</br>";
}
}
Then I have a submit button at the bottom (and form tags for the whole thing)
I want to have two possible submissions. This code is intended to let the player raise or lower a value. They click on one of the radio buttons, and then select "Raise", or "Lower". It should then post to a backend and execute code to either raise or lower that value. I know how to do this in jquery, but I don't know how to have two SUBMIT buttons in PHP.
How can I do this?
(Specifically, how do I make two submission buttons work, the backend code should be relatively simple, $_POST or whatever)
Is this what you're looking for?
<button type="submit" name="submit1" value="submit1">submit1</button>
<button type="submit" name="submit2" value="submit2">submit2</button>
then
if(isset($_POST["submit1"])) {
} else if(isset($_POST["submit2"])) {
}
<?php $name=$_POST['name']; ?>
<form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="text" name="name">
<input type="submit" value="GO" name="submit">
</form>
<?php
include ('db.php');
if(isset($_POST['submit']))
{
mysql_query ("INSERT INTO example (name) VALUES('$name')") or die(mysql_error());
}
if (!isset($_GET['startrow']) or !is_numeric($_GET['startrow'])) {
$startrow = 0;
}
else {
$startrow = (int)$_GET['startrow'];
}
$query = "SELECT * FROM example ORDER BY id DESC LIMIT $startrow, 20";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
echo "<li>";
echo $row['name'] ." "." <a href= 'like.php?quote=" . urlencode( $row['name'] ) . "'>Click Here</a>";
echo "</li>";
}
echo 'Next';
?>
I want to make my page links hidden , how can i make then hidden so that a user cant edit it.
2nd question,
currently i am showing total 10 records on each page and then a next page button , but the next button is keep showing even when there is no more records...! how to remove a next page button when records ended. ??
line number 28 is the link to pages which can be easyily editable by any user, i wnat to make them secure (using ID)
and line 35 is n'next' page link , this link should not be appear when number of records ended
I can't think of a reason why you really should hide the page numbers from the user in the link. Keeping them in the query string as $_GET variables is probably the most common practice i know of in this specific case of paging.
I would do validation on the numebrs being recieved in the $_GET variables, since this could often lead to SQL Injection and other problems... Make sure it's a number, possibly divisible by 10 (if that's how you like the site to be), perhaps not bigger than a certain defined number, etc...
If you REALLY still don't agree, and you want to hide it, then you could always do that by saving cookie on the user's computer (this is still exposed to user in some way) or save the page number in the session (although this seems like a big waste of server resources to me!).
About your second question - There are so many possibilities to this...
Here's one way :
Create an sql query that queries how many rows are there to your table.
Let's say the number is 55. You put that into a hidden value.
If you're displaying 10 items on a page then you know the last page is number 6 (showing items 50-55, if you start counting at page number 1).
Simple php check when page loads: if ($_GET['page'] == 5) then you don't display the next button.
something like this (skipping out validation checks and the sql query) :
<input type="hidden" value="<?php echo $itemCount;?>">
<?php
if ($_GET['page'] < ($itemCount \ 10))
{
echo "<a href=\"items.php?page=".($_GET['page']+1)."\">";
}
?>
Using this, I would add a check to make sure the user doesn't enter a number bigger than this number as well, and if they do, just redirect them to the last number they can.