Need help saving the answer from a Select into Database - php

Hi there;
I need some help; I need to save the answer from a select into my database. I do not know where I went wrong. Here is some details regarding my code.
I have a database named 'lib'
The table is named 'games'
I need to save the following into the table; 1) Game (all the words) and 2) Type
It is for a tournament website. So that I can make it available on the LAN via XAMPP.
Here is my code.
http://pastebin.com/iP7MCMzJ
Thanks in advance!
UPDATE:
Thanks for all the help! I have found and fixed my problem! In my database the VARCHAR was limited to 50 characters. I have fixed that. Now all is good :)
Thanks once again!

Well, you're not showing any code but this is how I'd expect it to work based on your description:
Your HTML will want to look something like:
<?php echo '<option name="game" value="' . htmlentities($game) . '">' . $row['game'] . '</option>'; ?>
Notice the name attribute? Also, I changed the way the HTML was written as yours was very tough to read.
PHP
if(isset($_POST['game']) && isset($_POST['type'])){
$game = $_POST['game'];
$type = $_POST['type'];
// PLEASE CLEAN YOUR INPUT PRIOR TO INSERTING THIS DATA!
Insert into games (Game, Type) VALUES ($game, $type)
}
else{
echo( "error getting info");
}

Related

cant retrieve data from mysql db with php

Sorry for my bad English,
I cant retrieve record from mysql database, there's no error messages and nothing showing. The things is I want to retrieve data on a page with session using external php file. My table has data on it, I've inserted it with phpmyadmin. Here's the code :
UPDATE
I only work on php file now, and here the konek.php
<?php
error_reporting(E_ALL);
$konek=new mysqli('localhost','root','zxcvbnm','jumat') or die(mysqli_connect_error);
$selek=mysqli_query($konek,'select * from kategori');
while($baris=mysqli_fetch_array($selek)){
echo $baris['kodekat'].' '.$baris['namakat'];
echo '<br>';
}
if($konek){
echo 'koneksi ok';
}
$konek->close();
?>
it only shows the 'koneksi ok' word, is the while not processed?
thank you in advance
What are you trying to do with this line:
if($i<=mysql_fetch_array($selek)){
If you are trying to compare with the no. of data use:
if($i<=mysql_num_rows($selek)){
From personal experience, I had trouble with this traditional MySQL api.
I'll share this small PDO tutorial that got me over this mess, hope this helps you as much as it helped me.
http://code.tutsplus.com/tutorials/php-database-access-are-you-doing-it-correctly--net-25338
Try this:
<?php
$konek=mysqli_connect("localhost","root","zxcvbnm","jumat") or die(mysqli_error());
$selek=mysqli_query($konek,"select kodekat,namakat from kategori");
$i=0;
if(mysqli_num_rows($selek) > 0 ){
while($baris = mysqli_fetch_array($selek)){
$id = $baris["kodekat"];
$nmk = $baris["namakat"];
echo"kode: ".$id."nama:".$nmk.'<br/>';
}
}else{
echo 'No items in database';
}
mysqli_close($konek);
?>
I know the problem.
Yhe problem is, my database is empty, I'm so forgetfull, :)
sorry for the inconvenience, I'm sorry I'm sorry,
the code is fine, all of them, :)
and all of answers above, I'm sure it works,
its my faults, that's my database was empty in the first place,

insert into phpMyAdmin - loop array

sorry, im a beginner. Still learning the basics of php.
Here is where i'm stuck. I'm using php to get the results and sending the results onto the database(phpMyAdmin).
I've set up a loop to get the results
i'm trying to get the above results to be sent to phpMyAdmin. i cannot work out on how to do it. I guess i need INSERT INTO somewhere inside the loop so that it can send each into phpMyAdmin There are about 10 different questions. they are displayed on the php but do not know where to go ahead from here
thanks for your help :)
edit
Thanks for the guide, I cannot seem to work out where mysql_query will go inside the loop.
mysql_query("INSERT INTO.......
Assuming u have connected to DB and has a proper table in the DB*.I am just modifying your code* so make sure about the value of $_POST['something'] and the way it should behave.
$con=mysqli_connect("localhost","username","password","dbname") or
die("Error " . mysqli_error($con));
if (isset($_POST['something']))
{
foreach ($_POST['something'] as $key => $value)
{
echo 'something #' . $key . ' You gave it ' . $value . '<br>';
$a="insert into tablename(columnname) values('$value')";
$b=mysqli_query($con,$a);
}
}
else
{
echo 'no options selected';
}
To connect to a database, you need to use the PHP mysqli_* functions. You can find more informations on the PHP online manual.
You can also use PDO (PHP Data Objects). Here's the link to a very good tutorial : http://www.phpeveryday.com/articles/PHP-Data-Object/PDO-Tutorial-P842.html
Both ways are valid and secure.

extracting links as clickable links from sql table

Been at this for a while and cant figure it out so i thought id come to the ppl who know.
my php / sql is so-so but.....this is what im trying to do / figure out..
i have a database setup to take in messages (of any sort) and works fine. The user enters data in a field, hits send, and the message gets logged.
But when a user puts in a link for example " http://www.google.com "
its stored in the DB just fine but when its printed back onto the page, it comes back as plain
text, what i want is that when the page throws back the message with the link in it, that the link is live and clickable.
Ive googled my a$# off but im guessing im searching for the wrong thing (or im missing something unbeknownst to me. )
Any tips/*direction* etc, ill gladly accept. also, I dont mind doing the work/research so if you have links only ill take those too.
Thanks in advanced.
You need to parse messages plain text in order to find links. Then, change link texts by adding an anchor tag (<a>).
This link should help you.
you need regular expressions to detect links and convert them to ...
see the answer here:
PHP validation/regex for URL
<?php echo "your_field"; ?>
Something like this should work (I took this from some code I wrote for a client):
$query = mysql_query("SELECT * FROM wcordersinfo WHERE dealer_id = '" . $dealer_id . "' && drawing_num = " . $_GET['reference_id'] . "");
while ($orders = mysql_fetch_array($query)) {
if ($orders['drawing_num'] != '') {
$link_open = '<a href="http://www.example.com/dealers/order-details.php?reference_id=' . $orders['drawing_num'] . '">';
$link_close = '</a>';
} else {
$link_open = $link_close = '';
}
and then where you want to display the content:
<?php echo "<li>' . $link_start . $orders['carrier'] . $link_end . '</li>"; ?>
You may want to check out http://www.php.net/manual/en/function.preg-replace.php for replacing regular expressions with something.
There you want to replace every website with a typical html link syntax like ...

deleting a comment you posted with php code?

I was wondering if you can maybe help me out here... I created a link sharing website and managed to create a comment on a shared link.
I want to give you a scenario of what I would like to achieve. Every comment made by user_1 for instance, can only be deleted by user_1 and admin.
I understand that when "deleting" it from the php page it must also be dropped from the database. How can you do this?
//I pressume where I INSERTED my post's 'vales' I must DELETE them again from there??
//It is very much alike from reply.php's code where you INSERT the data into the database. Now I just want to delete it.
//I don't know if this code below is correct??
$sql = "DELETE FROM
posts(post_content,
post_date,
post_topic,
post_by)
WHERE ('" . $_POST['reply-content'] . "',
NOW(),
" . mysql_real_escape_string($_GET['id']) . ",
" . $_SESSION['user_id'] . ")";
$result = mysql_query($sql);
if(!$result)
{
echo 'Your reply has not been saved, please try again later.';
}
else
{
echo 'Your comment has been deleted!';
}
Your Delete query has major syntax errors. You don't delete individual fields from a table - you CAN'T. you can only delete entire records. The proper syntax is:
DELETE FROM sometable WHERE (...)
Your where clause also has errors. You're not doing any comparison operations, just listing some values. Again, a syntax error. Most like you'd want this (guessing at your post's table primary key field name):
DELETE FROM posts WHERE (post_id = $id);
You should give your comments ID's, and simply perform delete from posts where ID = $id.
The SQL statement you currently have won't even execute. Look at the manual for how the syntax works.
What would really be helpful is some separation of presentation logic from db logic from bus. logic. Try a MVC pattern, which makes it a lot easier to parse through the code and to only look at DB or presentation or bus. logic code. Then, we could focus on the answer to the question posted.

delete a row from my sql table

I'm still new to php and working my way around it but i'm stuck at the following piece:
code for deleting a row in my table
i have a link directing towards this piece of my script. i run through the first half just fine but when i press on submit and try to execute my delete query it won't go to my second if statement let alone get to the delete query.
$pgd is the page id
my hunch is there is problem with the action in the form i'm building after my while statement
forgive me for the wierd formatting of my msg but its 2am and very tired, i promise to format my questions in the future better! any help is appreciated
edit: ok other then the obvious mistake of missing method=post #.#;
edit:
hey everyone,
first of all, i'd like to thank everyone for their response.
i just started coding in php last weekend so forgive my messy codes. the code is still running locally and my main goal was to finish the functions and then work on securing my code.
now back to the issue, i'm sorry if i was vague about my problem. i'll try to reiterate it.
my issue isn´t selecting an item i want to delete, the issue is that it won´t get to the 2nd if statement.
Re-edit:
this time with my current code:
if($_GET['delete'] == "y")
{
//content hier verwijderen
$sqlcont1="SELECT * FROM content where id ='".$_GET['id']."'";
echo $sqlcont1;
$resultcont1 = mysql_query($sqlcont1) or die (include 'oops.php');
while($rowcont1= mysql_fetch_array($resultcont1)){
echo '<form class="niceforms" action="?pg='.$pgd.'&delete=y&remove=y&id='.$_GET['id'].'" method="post">';
echo '<h1>'.$rowcont1['Titel'].'</h1>';
echo '<p>'.$rowcont1['Content'].'</p>';
echo '<input type="submit" value="Delete article">';
echo '</form>';
}
if($_GET['remove']=="y"){
echo 'rararara';
$id=$_GET['id'];
$sqlrem="DELETE FROM content WHERE id="$id;
echo $sqlrem;
mysql_query($sqlrem);
}
}
echoing $sqlrem gives me the following now:
DELETE FROM content WHERE id=8
that being my current code, i get in to the second IF statement but now to get it to delete!
#everyone:
ok maybe thinking out loud or following my steps worked but the code works, i know its very messy and it needs fine tuning. i'd like to thank everyone for their help and feedback. i'm liking this and you'll probably see me alot more often with nubby questions and messy codes with no escapes :(
First of all, you have SQL injection vulnerability in your script. Anyone can add some string that will be attached to your query, possibly altering it in a way that can make almost anything with the data from your database.
Escape your values with one of anti-SQL-injection methods. Read more for example on php.net/manual/en/function.mysql-query.php
To the point...
Your deletion code will be executed only if you invoke URL with two params (remove and delete set to y. That means your URL should look similar to something.php?delete=y&remove=y. Maybe you just did not spot it.
Please give details about any errors that occured and tell me whether the above mentioned solution helped.
mysql_fetch_array() returns an array
your while statement acts as an if, and does not iterate thru the array returned as you think it does
you need something like
$all_rows = mysql_fetch_array($result);
foreach ($all_rows as $row) {
$sql = "delete from table where id = " . $row['id'];
}
It looks to me like you're mixing two forms together here: you're wanting to see if you went to the delete row form (the first few lines), and you're trying to present the delete row form (the while loop.) I would break these two things apart. Have a page that simply displays your forms for row deletes, and another page that processes those requests. And another page that brings you to the delete rows page.
For now, just echo all the values you're expecting to receive in $_GET[] and see if they are what you expect them to be.
You have a lot of problems in that script alone, so just to make things easier (considering you uploaded a pic), put an
echo $sqlrem;
in your second if statement, see if the query is displayed. If not, it means it doesn't even get to that part of code, if it gets displayed, copy it and run it in phpmyadmin. That should output a more coherent error message. Tell us what that is and we'll work it through.
I also noticed that your DELETE SQL query might have an issue. If your $pgd' id is a integer, you shouldn't include the ' single quote, that is for string only.
**Correction**
$sqlrem = "DELETE FROM content WHERE id = " . controw1['id'];
EDIT
Anyway, just to help out everyone, I typed out his code for easier viewing.
I think his error is $rowcont1['Tilel'] --> that might caused PHP to have an error because that column doesn't exist. I assumed, it should be `Title' causing an typo error.
if(_$GET['delete'] == "y") {
$sqlcont1 = "SELECT * FROM content where id ='" . $_GET['id'] . "'";
$resultcont1 = mysql_query($sqlcont1) or die (include 'oops.php');
while ($rowcont1 = mysql_fetch_array($resultcont1)) {
echo '<form class = "niceforms" action = "?pg=' .$pgd . '&delete=y&remove=y">';
echo '<h1>' . $rowcont1['Title'] . '<h1>'; // <-- error here
echo '<p>' . $rowcont1['Content'] . '</p>';
echo '<input type = "submit" value = "Delete article">';
echo '</form>';
}
if ($_GET['remove'] == "y"){
$sqlrem = "DELETE FROM content WHERE id = " . $rowcont1['id'];
mysql_query ($sqlrem);
}
}

Categories