The action on form page venue_events calls event_list and gives me the query output requested. If you type the link to the event_list page, it will populate a new query with out values from the form. Is there a way I can prevent the user from doing this or can I redirect them back to the venue_events page if this has been done?
In your landing page you have to check if you have a correct query, or correct data to build up your query. If not, for example because the user typed in the url directly, you can redirect the user to the page you want (probably the form one) using, if you have echoed nothing before, header('Location: http://www.mysite.com/my_form_page.php');.
If I understand you right you should validate the values before querying your database. If there are no valid values you can initiate a redirect using javascript or meta redirection in html or using:
header('Location: http://www.domain.com/site.php');
That is only working of there is no output before the header() command.
In addition you could also check if you got back some results from the database. If thats not the case you can also initiate a redirect.
My suggestion to your comment:
<?php
// Was a search term passed?
if (isset($_POST['search']) && !empty($_POST['search'])){
$sql=" SELECT * FROM venue_event ";
$search_term = mysql_real_escape_string($_POST['AAC']);
$sql .= "WHERE venue = '{$search_term}' ";
$sql .= "AND state = '{$search_term2}'"; // $search_term2 isn't defined in your code at all...
$sql .= "ORDER BY startdate ASC";
$result=mysql_query($sql) or die(mysql_error());
}else{
// Do redirection here
}
?>
Related
I have been going through pagination tutorials for past 1 week. I have an html page wherein user enter values into the textfields and click submit button. The page then redirects to a php page which displays corresponding output from the sql database. The database makes use of variables which were received by the php script from the HTML page. I am trying to paginate the final table displayed on the php page but have been unable to do so. Relevant Code for the same is:
Search.html
ClOrdID
Symbol
**index.php**
<?php $clordid = $_POST['clordid'];?>
<?php $orderid = $_POST['orderid'];?>
//connected to database using mysqli
$result = mysqli_query($con,"SELECT * FROM abc where clordid like '$clordid' and orderid like '$orderid'
while ($row = $result->fetch_array(MYSQLI_BOTH)) {
echo "<tr>";
for($k=0;$k<150;$k++){
echo "<td>" .$row[$k]. "</td>";}
This code works fine. When I run this query again to calculate total number of rows and also total number of page links to be displayed in pagination, that works as well. However, whenever I click next page using pagination, the code forgets the value of variables imported earlier from html page. I tried to pass it using the url but has been unsuccessful. I believe somehow the values from html page must be retained by the program at all times to make query execute successfully at all times. Can anyone provide me some basic example (or a url) that could help me understand the process? Thanks
You can assign the variable to the session like so:
session_start();
if ($_GET['page_number'] == 1){
$_SESSION['clordid'] = $_POST['clordid'];
}
Since I asked my question (Previous question) in a way no doubt most users think "dude this is tl;dr" let me put it more simple. I want to use post-redirect-get pattern to avoid user refreshing the site and resubmiting the data etc... I understand that in order to do so I have to redirect the user from html form, through php processing script and back to a new site (or original html form site) that displays the processed data.
Now my question. How do I GET my processed data back from my php? I don't understand the GET part... Currently I don't know how to show php generated data in a nice html display (view) page without include 'site.html';. This example isn't what I am looking for either: Simple Post-Redirect-Get code example. Code in the below example just redirects me to a current page.
It depends on context, but for example:
Given: invoice-form.html, invoice-processing.php and current-invoices.php:
User fills in data on invoice-form
User submits form which has action="invoice-processing.php"
Browser POSTs data to invoice-processing
invoice-processing takes the data from the form and puts it in a database
invoice-processing outputs 302 status and a Location header
Browser goes to current-invoices
current-invoices fetches a list of invoices (including the most recently submitted one) from the database and sends them to the browser as an HTML document
I hope this will help because it has taken me quite a while to get it as well. I tested my understanding like this. I have two php pages, the first page (prg1.php) sends the form to the database, action set to the second one (prg2.php). prg2.php checks the POST data, updates the database and issues a redirect to prg1.php with anything I need to pass back as GET variables. prg2.php looks like this
<?php
if (isset($_POST['gameid'])){
// process the data, update the database
$gameid = htmlspecialchars($_POST['gameid']);
$playerid = htmlspecialchars($_POST['playerid']);
$message = htmlspecialchars($_POST['message']);
//redirect, after updating the database
$getinfo = '?gameid=' . $gameid . '&playerid=' . $playerid;
header("Location: prg1.php" . $getinfo );
exit();
}
?>
You could try something like this:
/****************************************/
/* Fetch my data. */
/****************************************/
$mydata = $_GET["data"];
/****************************************/
/* Has to be sent before anything else! */
/****************************************/
header( 'Location: http://www.yoursite.com/index.php?data='.$mydata );
I have made this function to delete the record from the table. When the delete operation is done, the page displays all data(including the deleted one), But, I need to refresh or reload the page to see the results after I have deleted the row. How it can be done in following code? Thanx in advance!!
public function deletedata(){
if(isset($_GET['del_id'])){
$delete_id = $_GET['del_id'];
$query ="DELETE FROM tbl_data WHERE project_id ='".$delete_id."' ";
$this->databaseObject->getConnection()->query($query);
}
Usually you'd use the header function to reload a page.
Something like this should work: header('Location: '.$_SERVER['REQUEST_URI']);
http://php.net/manual/en/function.header.php
Alternatively, depending on the structure of your code you could simply call the delete code before the code that retrieves the records. That way you'd avoid the need to reload the page.
As mentioned in laurencek's alternative, there's probably no need to reload the page.
Just perform any necessary record deletion before rendering the HTML.
<?php
$delete_id=isset($_GET['del_id'])&&is_numeric($_GET['del_id'])?$_GET['del_id']:false;
if ($delete_id) {
$query ="DELETE FROM tbl_data WHERE project_id ='".$delete_id."' ";
$this->databaseObject->getConnection()->query($query);
}
$query ="SELECT * FROM tbl_data WHERE 1;";
$this->databaseObject->getConnection()->query($query);
?>
<html>
// some php/html to loop through the query and display records
</html>
This assumes your IDs are numeric.
If not, I strongly suggest checking/escaping the variable before introducing it to your database.
I have a PHP results page which starts off "first-pass" with ALL rows returned. It's a search listing of all pizza places in the county.
SELECT * from pizzeria;
Then the user can drill down into more detail... the page also has a CSS dropdown menu where the user can pick a specific neighborhood (which carries a URL):
href="samepage.php?neighborhood=HELLSKITCHEN"
which then changes the query after I pick up the $_GET[]
SELECT * from pizzaria WHERE nbh=(the $_GET[] variable sent in the URL);
but I'd like the page to call itself and I have header("Cache-Control:no-cache"); at the top.
I'm trying to create a first-pass or first visit flag variable with the isnull() function:
if (is_null($firstpass)) {
$query = SELECT all the records from the pizzaria table
} else {
$query = SELECT only the records WHERE I $_GET[] the value from the reloaded URL
}
It seems though that the $firstpass variable doesn't stick on reloads. Should I SESSION that variable? (though still have the problem of constantly resetting it)
Or maybe implement some other approach?
I know I can redirect to a separate second page and javascript back to this page to avoid "headers already sent", but I want to avoid the round-trip back to the client.
Is there a known best practice on reloads with new info? Kinda new to PHP here. thanks
Maybe I didn't understand well your problem but why wouldn't you do :
if (!isset($_GET['example'])) {
$query = 'SELECT * FROM pizzerias';
} else {
$query = 'SELECT * FROM pizzerias WHERE pizzeria = \'.mysql_real_escape_string($_GET['example']).\' LIMIT 1';
}
at the first pass because, it seem that the $_GET variable is set only when the user choose a pizzeria?
Here is a more targeted answer.
NOTICE: mysql_* functions are being depreciated, so use PDO instead. In my example I'm being semi-lazy and not using PDO.
//Connect to database and define table up here
...
if(!isset($_GET['neighborhood')){
$q = "SELECT * FROM pizzeria;";
}else{
$q = sprintf("SELECT * FROM pizzeria WHERE nbh=%s",mysql_real_escape_string($_GET['neighborhood']));
}
$query = mysql_query($q);
foreach($row = mysql_fetch_array($query,MYSQL_ASSOC){
//display the updated view of restaurants.
}
I would also suggest that you use jQuery for that Web 2.0 effect. It's really nice when you select from a drop-down menu and things magically move without a page reload.
Why does this not show the changes after submit? The page has to be refreshed AFTER submission to see the changes.
$full_path = 'users/'.$_SESSION['user_id'].'/images/'.$name;
if($query = mysql_query("UPDATE user_info
SET user_image = '$full_path'
WHERE user_id = '".$_SESSION['user_id']."' AND
username = '".$_GET['username']."'
"))
{
if(move_uploaded_file($tmp_name, '/Applications/XAMPP/xamppfiles/htdocs/'.$full_path)) {
echo 'Got it!';
}
}
So, if I upload / click submit, the query is successful, but you can't see the changes until an additional page refresh.
Make sure that your update query is before your select for your data in the execution of the PHP page.
You need to fix your SQL, you are just leaving yourself open for SQL injection, with using $_GET['username'] directly in your SQL query.
Please look at utilizing parameterization, also keep in mind that order counts when you develop these things. TOP -> DOWN.
If you have a display SQL call BEFORE your UPDATE call, then you will have to refresh again to see changes from the UPDATE SQL call.
You should do a GET redirect after POST request anyway.