I am working on a school project but I am having trouble with this block of code. Although I cant allow you guys to access my database, can you please try to find any syntax error or anything I am doing wrong. All I am getting is a blank space and any echoed text out of the loops.
<?php
$app= mysql_query("SELECT View FROM Stat");
echo "<table><tr>";
while($app_loop = mysql_fetch_array($app)){
$db_item = $app_loop['Item'];
$apps= mysql_query("SELECT * FROM Products WHERE Title='$db_item'");}
while($apps_loop = mysql_fetch_array($apps)){
$db_icon = $apps_loop['Icon'];
$db_title = $apps_loop['Title'];
echo"<td>
<form method='post' action='AppCatPage.php'>
<input type='image' src='$db_icon' width='50px' height='50px' id='sb'>
<input type='hidden' value='$db_title' name='apptitleu'>
</form>
</td>";
}
echo"</tr></table>";
?>
$app= mysql_query("SELECT View FROM Stat");
you selected only View column from table stat
$db_item = $app_loop['Item'];
but you are trying to read content of 'Item' Column
change first line to:
$app= mysql_query("SELECT * FROM Stat");
i think this is the problem ...
Related
The context is: e-commerce, the problem stands in adding items to the cart.
I created a while loop to iterate through each item my query returns and each item has a button that redirects to a "info on the item" page. My problem is that since there's a loop, the values to submit (e.g. the ID of the item) is overloaded and every button submits the values of the last item.
I can pass all the IDs of all the plants but i have no idea how to, in the "item detail" page, to show the correct item among the array.
lista-piante.php: (summarized)
<?php session_start();
// connect to the database
$connessione = new mysqli('localhost', 'root', 'root', 'mio');
//query
$user_check_query = "SELECT Pianta.NOME as nome, PIANTA.ID as pid, Item.PREZZO as prezzo, Item.ID as id
FROM Item, Pianta WHERE Pianta.ID = Item.PIANTA";
$result = mysqli_query($connessione, $user_check_query);
if($result->num_rows > 0) {
echo"<h3>Lista delle nostre piante</h3>";
echo"<ul class=\"plant-flex\">";
// loop through records
while($row = $result->fetch_array(MYSQLI_ASSOC)){
echo"<form method='get' action='../html/details-pianta.php'>";
echo"<li>";
echo"<div class='plant-preview'>";
echo"<div class='plant-preview-description'>";
//dichiarazione variabili (per leggibilità)
$nome= $row['nome'];
$pid = $row['pid'];
// PRINT NAME
echo"<div class='plant-preview-description-name'>";
echo "<p class='bold'>" . $nome . "</p>";
echo "<input type='hidden' name='name' value='$nome' />";
echo"</div>";
echo "<input type='hidden' name='pid[]' value='$pid' />";
echo"<div>";
echo"<button type=\"submit\" class=\"btn\" name=\"details_plant\">Dettagli" . $item . "</button>";
echo"</div>";
echo"</li>";
echo"<form/>";
}
$result->free();
}
echo "<ul/>";
$connessione->close();
details-pianta.php: (summarized, it will contain the style of the page)
<?php session_start();?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="it" lang="it">
<head> <!-- meta tag and other stuff --> </head>
<body>
<div>
<?PHP include('../php/dettagli-pianta.php'); ?>
</div>
</div>
</body>
</html>
dettagli-pianta.php: (summarized, it should contain the info of each item)
<?php
session_start();
// connect to the database
$connessione = new mysqli('localhost', 'root', 'root', 'mio');
$pid = mysqli_real_escape_string($connessione, $_GET['pid']);
//but pID is either the last item's id, or an array with all items' ids, so i can't chose the only one i want
//the URL shows always more pIDs (from the lista-piante.php get form)
$user_check_query = "SELECT * FROM Pianta, item WHERE Pianta.ID = '$pid' ";
$result = mysqli_query($connessione, $user_check_query);
if($result->num_rows > 0) {
echo"<h3>Dettagli della pianta</h3>";
echo"<ul>";
//loop thought query records
while($row = $result->fetch_array(MYSQLI_ASSOC)){
echo"<form method='post' action='../php/add-carrello.php'>";
echo"<li>";
echo"<div>";
//dichiarazione variabili (per leggibilità)
$nome =$row['NOME'];
//$genere= $row['GENERE'];
//$specie= $row['SPECIE'];
//etc etc
// PRINT NAME
echo"<div>";
echo "<p class='bold'>" . $nome . "</p>";
echo"</div>";
//echo"<div>";
//echo "<p class='bold'>" . $specie. "</p>";
//echo"</div>";
//echo "<input type='hidden' name='pid' value='$pid' />";
echo"<div>";
echo"<button type=\"submit\" class=\"btn\" name=\"add-carrello\"> Aggiungi al carrello</button>";
echo"</div>";
echo"</li>";
}
$result->free();
}
echo "<ul/>";
$connessione->close();
There is an error with form closing, but... I have a feeling you are complicating it for yourself by using all those forms/buttons.
I would clean up the code and get rid of the form/button scheme altogether, and use simple a href links with ?id=$pid
Something like this (shortened, if needed post a comment and I can expand):
while($row = $result->fetch_array(MYSQLI_ASSOC)){
echo "<li>";
echo "<div class='plant-preview'>";
echo "<div class='plant-preview-description'>";
//dichiarazione variabili (per leggibilità)
$nome = $row['nome'];
$pid = $row['pid'];
// PRINT NAME
echo "<div class='plant-preview-description-name'>";
echo "<p class='bold'>" . $nome . "</p>";
echo "</div>";
echo "<div>";
echo "<a href ='../html/details-pianta.php?pid=$pid'>Dettagli " . $nome . "</a>";
echo "</div>";
echo "</li>";
}
You can use CSS later to make your a-href link look like a button, add image, or play with it any way you like.
Then in the product details page (dettagli-pianta.php) use your product id pretty much same as you already do:
$pid = $_GET['pid']
...
$user_check_query = "SELECT * FROM Pianta WHERE Pianta.ID = '$pid' ";
Here is one Stack Overflow that talks about using link instead form:
How send parameter to a url without using form in php?
Edit (mistakes found, more suggestions, in case you still want to keep forms/buttons):
you did not close ?> in your examples, but ok, probably just copy/paste here
you have $item variable that isn't defined, and not pulled from SELECT query, so I can only assume that is supposed to be $nome (or you deleted something to make it shorter in question and forgot about it)
you also probably wanted a space like this (note space after Dettagli)
echo "<button type='submit' class='btn' name='details_plant'>Dettagli " . $nome . "</button>";
not sure why you keep files in folders "../html/" and "../php/" when both are with extensions .php, could be confusing for others later working on your code, or ... maybe it's just me
you have <?php session_start();?> then under it you include a file that also has <?php session_start();?> ... no need for one of them. Since "details-pianta.php" is in folder "html" I guess you can remove it from there, as you don't need session just to include another PHP file
in form you submit name='pid[]' when you should just use name='pid' (no brackets), like this:
echo "<input type='hidden' name='pid' value='$pid' />";
in "dettagli-pianta.php" you have a select like this: $user_check_query = "SELECT * FROM Pianta, item WHERE Pianta.ID = '$pid' "; where you name two tables but don't join them, and I can only assume it should be $user_check_query = "SELECT * FROM Pianta WHERE Pianta.ID = '$pid' ";
be careful of uppercase/lowercase in database and column names, try to standardize
in one line you echo with mixed quotes something like echo "<bla name='bla'>" and in next you escape quotes like echo "<bla name=\"bla\">" ... make it easy on yourself and - standardize. Unless absolutely necessary, first way (mixing single and double quotes) is preferable, and only when you have something really complicated to echo like mix of HTML+JavaScript, then resort to escaping quotes
And finally, but actually a direct answer to your issue - you closed your form in the wrong way (yeah, had to look real hard to see it):
echo"<form/>";
You need to have (space is optional, reads better):
echo "</form>";
Non the less, as others too have already commented, using forms just to get buttons is an overkill. Try using simple links (<a href> elements) and style them with CSS to your liking, making them look like buttons...
And last, but... I believe it to be important... Try not to mix Italian and English in code (including database structure). It is obvious you are just learning but havin database called "mio" with table "pianti" and column "prezzo" ... then use something like "item". Also, names of files like "details-pianta", then you have another file "detaggli_pianta", and in button name you use "details_plant", it is huge mashup of two languages. you seem to be fluent English speaker judging from your question, so - why not use English everywhere in code? Name your database "my_first_web_store", name your table "plants", name your column "price", name your PHP files "plant_details" (or details_plant, whatever), use comments in English in your code (nobody but you and other developers see that). You will be thankful later when your plant-selling company expands worldwide, and when you will have multi-language webshop, and maybe 3 more developers working from India and US, all working on same project... :)
Have fun learning!
First of all this is my first question on here, and altohugh I have searched the site none of the answers I've seen resolve my current problem.
I am a PHP novice and am currently working on an end project for a course. The object is to make a rudimentary blog where users can post, delete and edit their news, admins can edit or delete everything etc. I am mostly doing fine, but am having a bit of trouble with the editing feature.
The following code displays all blog posts, their authors and dates of posting. If the currently logged in person is the author of a post or a admin, they have the option of deleting or editing each individual post. A small form appears that contains the title and post text. When the user types something else in clicking on the edit button should change the values in the database to the new values the user specified. The problem is that whenever i click on the edit button in the current setup, nothing happens. If i move the if statement outside of the other if statement, the posts do update, but become blank in the database.
Running print_r($_POST) after the fact shows that the array it builds has correct names and updated values, but still they aren't updated in the database. Here is the code, the pertinent part starts at the last if statement( I know, it isn't injection proof, will get to that as soon as it works):
$query = "SELECT id, title, body, pub_date, user_id FROM posts ORDER BY id desc";
$query_fetch = mysql_query($query);
while ($blog_post = mysql_fetch_assoc($query_fetch)) {
$author_id = $blog_post["user_id"];
$post_id = $blog_post["id"];
$post_id2 = $blog_post["id"] . 2;
$title = $blog_post['title'];
$body = $blog_post['body'];
$query = "SELECT username FROM users WHERE id = '$author_id'";
$query_run = mysql_query($query);
$author = mysql_fetch_assoc($query_run);
echo "<h2>" . censor($blog_post["title"]) . "</h2>" . "<br> <p> Autor: " . $author["username"] . "</p><br><p>Objavljeno: " . $blog_post["pub_date"];
if ($_SESSION['admin'] == 1 or $_SESSION['username'] == $author["username"]) {
echo "<form action='' method='POST'><input type='submit' name= '$post_id' value= 'Obriši objavu'></form>";
echo "<form action='' method='POST'><input type='submit' name= '$post_id2' value= 'Uredi objavu'></form>";
}
echo "<p>" . censor($blog_post["body"]) . "</p>";
if (isset($_POST["$post_id"])) {
$del_post = "DELETE FROM posts WHERE id = '$post_id'";
mysql_query($del_post);
}
if (isset($_POST["$post_id2"])) {
echo "<form action='' method= 'POST'>New title<input type='text' value = '$title' name='title'>New text<textarea name='body' id='' cols='30' rows='10'>$body</textarea><input type='submit' name='edit' value='edit'></form>";
if (isset($_POST['edit'])) {
$edit_title = $_POST['title'];
$edit_body = $_POST['body'];
$query = "UPDATE posts SET title= '$edit_title', body= '$edit_body' WHERE id= '$post_id'";
mysql_query($query);
}
}
}
Any help would be appreciated.
This last piece of code
if (isset($_POST["$post_id2"])) {
echo "<form action='' method= 'POST'>New title<input type='text' value = '$title' name='title'>New text<textarea name='body' id='' cols='30' rows='10'>$body</textarea><input type='submit' name='edit' value='edit'></form>";
if (isset($_POST['edit'])) {
$edit_title = $_POST['title'];
$edit_body = $_POST['body'];
$query = "UPDATE posts SET title= '$edit_title', body= '$edit_body' WHERE id= '$post_id'";
mysql_query($query);
}
}
gets activated when post_id2 is sent, but generates a form where post_id2 is not contained anymore. So when you submit that form, the IF is not entered.
You can modify it like this:
if (isset($_POST["$post_id2"])) {
echo "<form action='' method= 'POST'>New title<input type='text' value = '$title' name='title'>New text<textarea name='body' id='' cols='30' rows='10'>$body</textarea><input type='submit' name='edit' value='edit'></form>";
}
if (isset($_POST['edit'])) {
$edit_title = $_POST['title'];
$edit_body = $_POST['body'];
$query = "UPDATE posts SET title= '$edit_title', body= '$edit_body' WHERE id= '$post_id'";
mysql_query($query);
}
In general I think you would find it easier to use forms differently, specifically by using some sort of action tag:
input type="hidden" name="command" value="edit"
input type="hidden" name="post" value="{$post_id}"
This way you could run one single query immediately, without the need for browsing all the posts in a cycle.
One other useful possibility is to split your code between different PHP files, and keeping common code in one include:
<?php // this is delete.php
include "common.php";
$post_id = my_get_var('post_id');
my_sql_command("DELETE FROM posts WHERE...");
used from
<form action="delete.php" method="post" ...>
As you can see this allows for different ways of retrieving post_id (centrally defined in a single function my_get_var in common.php) and the central definition of SQL functions. How this function interfaces to MySQL can then be updated, specifically passing from mysql_ functions (which are deprecated, and soon will no longer be available) to e.g. PDO.
It also allows you to test a single command independently, by directly entering delete.php in the browser (you need for my_get_var to accept both POST and GET variables to do this).
Details
You want to inspect and/or modify a collection of posts. You then require initially at least the following operations: list, edit, and delete.
Only the first works against all posts.
So you could have a list.php file running the SELECT. Also, it is only in this SELECT that you need information about the user, so your query could become:
$query = "SELECT posts.id, title, body, pub_date, user_id, username FROM posts JOIN users ON (posts.user_id = users.id) ORDER BY posts.id desc";
In the display cycle we would display this information:
$query_fetch = mysql_query($query);
// This file will receive requests to edit or delete
// We can use a single form.
echo '<form action="manage.php">';
while ($post = mysql_fetch_assoc($query_fetch)) {
echo "<h2>" . censor($post["title"]) . "</h2>" . "<br> <p> Autor: " . $post["username"] . "</p><br><p>Objavljeno: " . $post["pub_date"];
if ((1 == $_SESSION['admin']) or ($_SESSION['username'] == $post["username"]) {
echo "<input type=\"submit\" name=\"Obriši objavu\" value=\"{$post['id']}\" />";
echo "<input type=\"submit\" name=\"Uredi objavu\" value=\"{$post['id']}\" />";
}
echo "<p>" . censor($blog_post["body"]) . "</p>";
}
echo "</form>";
This way you need only one form, and it will submit one field with a name describing the action to be taken, and the post on which to do it.
The file manage.php will then receive this information -- and can also be used to update it:
foreach(array(
"delete" => "Obriši objavu", // from list.php
"edit" => "Uredi objavu", // " "
"update" => "update" // from this file itself (see below)
)
as $test_todo => $var) {
if (array_key_exists($var, $_POST)) {
$id = $_POST[$var];
$todo = $test_todo;
}
}
if (isset($id)) {
switch($todo) {
case "delete":
mysql_query("DELETE FROM posts WHERE id = '{$id}'");
break;
case "edit":
// Get this post.
$query = "SELECT posts.id, title, body, pub_date, user_id, username FROM posts JOIN users ON (posts.user_id = users.id) WHERE posts.id = '{$id}';";
echo '<form action="manage.php" method= "POST">';
// This is how we tell this file what to do, and to what.
echo "<input type=\"hidden\" name=\"update\" value=\"{$id}\">";
// run query, fetch the one record, display info...
echo "</form>";
break;
case "update":
// Build the update query from $_POST.
mysql_query("UPDATE posts SET ...");
}
At first check that your query is correct. Then try to hard-code your query. Also test your query in phpMyAdmin Also you can try to remove the '' from your number variables on every query.
Please, can you give us your error?
There is a possibility also that your database has already been updated. So double check it.
This is how I usually debug. echo the query. Run it in PHPmyadmin, and see the error.
so, in your case.
echo "UPDATE posts SET title= '$edit_title', body= '$edit_body' WHERE id= '$post_id'";
echo that and you will have the query that the script will be trying to run.
Try running it in phpmyadmin and check what the error is.
I have a site where an admin can enter exam marks for papers which are part of an exam.
I am on the final part of actually giving a user their mark. But I just can't seem to do it.
So far what I have done is:
Allow the admin to view all of the exams, click on a specific exam and view the papers for that exam, then click on a paper and view all of the people who took that paper.
Then, click on a user and enter their marks and feedback. This is the part which I cannot do. I have pasted my code below along with what I am trying to do but it just is not working, any help would be great!
So, along with their mark and feedback I am also inserting into the marks table the, paperID and the examID.
CODE:
<?php
$epsID = $_GET['epsID'];
$sql = "SELECT * FROM ExamPaperStudent WHERE epsID = '$epsID'";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result))
{
$epID = $row ['epID'];
$sID = $row ['sID'];
echo "<p><form>";
echo "<b>Mark: <input type=text name=mark></b><br>";
echo "<b>Feedback: <input type=text name=feedback></b><br>";
echo $epID;
echo $sID;
echo "</form>";
echo "<a href='insertmark.php?epsID=". $row['epsID']."'>Add Data</a>";
}
?>
INSERTMARK.php code: (At this form I already know the exam/paper ID, which I also am trying to insert (along with marks/feedback).
CODE:
$mark = $_POST["mark"];
$feedback = $_POST["feedback"];
if(isset($_REQUEST['submit']))
{
$sql = mysql_query("insert INTO exammarks (mark, feedback, epID, atID) values ('$mark', '$feedback', '$epID', '$sID')");
$result = mysql_query($result);
}
epsID = exampaperstudent
epID = exampaper
sID = student
your form is wrong .
change this
echo "<p><form>";
to
echo "<p><form action='INSERTMARK.php' method='POST' name='myform'>";
OMG everything is wrong inside your inputs. i just give one and you correct the others
echo "<b>Mark: <input type='text' name='mark'></b><br>";
^----^------^----^---//use single quotes around here
didnt you miss submit button ?
how would i go about refreshing a page after i have submitted a form and done some php stuff with it. Heres my form and the php so far.
<form class="removeform"action='peteadd.php'method='post' enctype='multipart/form-
data' name='image_remove_form' >
<?php
include '../inc/connect.php';
$q = "SELECT * FROM gallerythumbs WHERE gallery = 1";
if($r = mysql_query($q)){
while($row=mysql_fetch_array($r)){
echo "<div class='thumb'>",
"<input type='checkbox' name='remove[{$row['id']}]'>",
"<label for='Remove'><span class='text'>Remove</span></label>",
"<br />",
"<img class='thumbnail' src='{$row['filename']}'
alt='{$row['description']}' />",
"</div>";
}
}
else{
echo mysql_error();
}
?>
<input type='submit' name='submit' value='Remove' />
</form>
</div>
<?php
include '../inc/connect.php';
//if delete was checked, delete entries from both tables
if(isset($_POST['remove'])){
$chk = (array) $_POST['remove'];
$p = implode(',',array_keys($chk));
$t = mysql_query("SELECT * FROM galleryimages WHERE id IN ($p)");
$r = mysql_query("SELECT * FROM gallerythumbs WHERE id IN ($p)");
$url=mysql_fetch_array($t);
$image=$url['filename'];
$url2=mysql_fetch_array($r);
$image2=$url2['filename'];
if ($t){
unlink($image);
unlink($image2);
$q = mysql_query("DELETE FROM galleryimages WHERE id IN ($p)");
$s = mysql_query("DELETE FROM gallerythumbs WHERE id IN ($p)");
}
else{
echo "<span class='text'>
There has been a problem, go back and try again.
<br />
<a href='peteadd.php'>Back</a>
</span>";
}
}
else{
echo "<span class='title'>
There are no images in the gallery
<br />
<a href='peteadd.php'>Add Images</a>
</span>";
}
?>
This for display some thumbnails that are saved in mysql with a remove checkbox above them. When I check them then submit the form the are deleted from the direcotries and the mysql tables ok, but how can I refresh the page so the deletion is obvious?
Thanks for looking
what you are describing sounds like you are displaying your page and within it you run some additional code - like deletion - so when you post your form you end up with images being pull from database and then removed
you should run your logic first and only then display page - that way you will be first deleting your records and then when it came to get data from database it will get right data (without records already deleted)
any other soultion will be nothing but hacky way to bypass problem that souldn't exist in the first place :)
You cannot directly refresh a page with PHP, but you can echo out a refresh tag like this
echo '<meta http-equiv="refresh" content="0">'
, or you can do it with javascript, like
location.reload(true);
I am trying to query a mysql database and display data in a table. That part is working. At the moment, it is set up for displaying the
results within the certain date range.
I now want to take the table and make a button that allows you to export it to an Excel file. Before I added the option of choosing a date range, you were able to export to Excel, but now it seems that the second file does not know what table I am talking about. I tried using POST to send the values of the data and re-query on the other page.
When I click the button to export, the excel document that is downloaded is empty, (though it has a size). Any help please?
-----Query mysql---------
<html><head><title>New Production Rejections</title></head></html>
<?php
include("config.php");
//get serial from submitted data
//$serial = $_POST['sNumber'];
//if the submitted data is empty
$serial = $_POST['entryDate'];
$dateEnd = $_POST['entryDate2'];
//parse the serial from the link in tracker
?>
<form method="post" action="<?php echo "queryNewProdRejections.php?"?>">
Search between dates: (Format: YYYY-MM-DD)<input type='text' size='20' maxlength='20' name='entryDate'> - <input type='text' size='20' maxlength='20' name='entryDate2'>
<input type="submit" value="Search Date Range"><br/></form>
<?php
//query based on approved date that is nothing, repaired date that is nothing,
//tech is a real tech, location that is not Revite (RVP), action was to replace,
//and the status is not (declined or skipped).
$query = "SELECT *
FROM `rma`
WHERE `origin` NOT LIKE 'Field_failure'
AND `origin` NOT LIKE 'DOA_at_Customer'
AND `origin` NOT LIKE 'Sweden_Fail_VI'
AND `entry` > '$serial' AND `entry` < '$dateEnd'";
$data = mysql_query($query) or die(mysql_error());
//Create a table with the array of data from repairs, based on the previous query
echo "<table border='1'><tr><th>RMA</th><th>Product</th><th>Serial</th><th>Origin</th><th>Return To</th><th>Credit Num</th><th>Order</th><th>Entry Date</th><th>Tech</th><th>Traking Num</th></tr>";
while($row = mysql_fetch_array($data)){
print "<tr><td>".$row['intrma']."</td><td>".$row['product']."</td><td>".$row['serial']."</td><td>".$row['origin']."</td><td>".$row['retto']."</td><td>".$row['creditnum']."</td><td>".$row['ordernum']."</td><td>".$row['entry']."</td><td>".$row['tech']."</td><td>".$row['tracknum']."</td></tr>";
}
print "</table>";
?>
<html>
<form method="post" action="saveQueryToExcel.php">
<input type='hidden' name='ent_1' value="<?php echo $_POST['entryDate']; ?>">
<input type='hidden' name='ent_2' value="<?php echo $_POST['entryDate2']; ?>">
<input type="submit" value="Save to Excel">
</form>
</html>
---------------Print to Excel File -- (saveQueryToExcel.php)
<html><head><title>New Production Rejections</title></head></html>
<?php
error_reporting(0);
$dateBeg=$_POST['ent_1'];
$dateEnd=$_POST['ent_2'];
//Connect to the database, repairs in maprdweb
include("config.php");
//query based on approved date that is nothing, repaired date that is nothing,
//tech is a real tech, location that is not Revite (RVP), action was to replace,
//and the status is not (declined or skipped).
$query = "SELECT *
FROM `rma`
WHERE `origin` NOT LIKE 'Field_failure'
AND `origin` NOT LIKE 'DOA_at_Customer'
AND `origin` NOT LIKE 'Sweden_Fail_VI'
AND `entry` > '$dateBeg' AND `entry` < '$dateEnd'";
$data = mysql_query($query) or die(mysql_error());
//Create a table with the array of data from repairs, based on the previous query
header('Content-type: application/vnd.ms-excel');
echo "<table border='1'><tr><th>RMA</th><th>Product</th><th>Serial</th><th>Origin</th><th>Return To</th><th>Credit Num</th><th>Order</th><th>Entry Date</th><th>Tech</th><th>Traking Num</th></tr>";
while($row = mysql_fetch_array($data)){
print "<tr><td>".$row['intrma']."</td><td>".$row['product']."</td><td>".$row['serial']."</td><td>".$row['origin']."</td><td>".$row['retto']."</td><td>".$row['creditnum']."</td><td>".$row['ordernum']."</td><td>".$row['entry']."</td><td>".$row['tech']."</td><td>".$row['tracknum']."</td></tr>";
}
print "</table>";
?>
PHPexcel works great for exporting data to an actual Excel document.
It appears you are just generating an HTML table with your result.. which isn't exactly Excel format.
You should take the same code, and instead of printing <tr> lines with it, send it to fputcsv. Use the standard output as the file handle. You need to set proper html headers for the output to be sent as a csv, along the lines of this post: force file download.
Take a look a this class. It is able to solve the problem.
https://github.com/GSTVAC/HtmlExcel
$xls = new HtmlExcel();
$xls->addSheet("Names", $names);
$xls->headers();
echo $xls->buildFile();