I've asked a similar question before however i've done alot of changes to my script and my question is now different to my last question. So now i've done these changes this should all work fine however it isn't.
I've basically got user reviews where a user can delete or approve reviews. I am focusing purely on the delete function at the moment.
We pull the reviews through in reviews.php and a the user can click delete which points to delete_review.php which then runs the sql function stored in functions.php.
I've listed the exact code layed how it works below but besides me spending ages trying to work out why it won't work i can't figure it out. When we click delete it links to delete_review.php but it won't find the review id which is the id of the review in which to delete.
Can someone please show me how i can fix this. thank you.
review.php
<?php
$reviews_set = get_new_reviews();
while ($reviews = mysql_fetch_array($reviews_set)) {
?>
<div class="prof-content-pend-reviews" id="reviews">
<div class="pend-review-content">
<?php echo "{$reviews['content']}"; ?>
</div>
<div class="message_pic">
<?php echo "<img width=\"50px\" height=\"50px\" src=\"data/photos/{$reviews['from_user_id']}/_default.jpg\" />";?>
</div>
<div class="forum-text">
<?php echo "Posted by {$reviews['display_name']}"; ?> <?php echo "".$age." days ago"; ?>
</div>
<div class="delete"></div>
</div>
<? } ?>
function.php
function delete_review($review, $user) {
global $connection;
global $_SESSION;
$query = "UPDATE ptb_reviews
SET deleted='1'
WHERE id=$review
AND to_user_id=$user";
mysql_query($query, $connection);
}
function get_new_reviews() {
global $connection;
global $_SESSION;
$query = "SELECT r.from_user_id, p.display_name, r.content, r.id reviews_id, r.date_added
FROM ptb_reviews r, ptb_profiles p
WHERE r.to_user_id =".$_SESSION['user_id']."
AND r.deleted = '0'
AND r.read_review = '0'
AND p.user_id = r.from_user_id
ORDER BY r.date_added DESC ";
$reviews_set = mysql_query($query, $connection);
confirm_query($reviews_set);
return $reviews_set;
}
delete_review.php
<?php
require_once("session.php");
require_once("functions.php");
require('_config/connection.php');
delete_review ($_GET['review'], $_SESSION['user_id']);
?>
1- check if you make session start session_start(); in the begining of your review.php file
2- look at this
$query = "SELECT r.from_user_id, p.display_name, r.content, r.id reviews_id, r.date_adde
^--------what this space ?
3- try to do global $_SESSION['user_id'] in your function.
4 be sure if its $reviews or $reviews_id here as ROY Finley mentioned
<a href="includes/delete_review.php?review=<?php echo $reviews['review']
^----------here
I think this:
$reviews['review']
maybe should be this:
$reviews['reviews_id']
not sure, your code needs some improvement. You should really look into mysqli or PDO. All of this could easily be done with a simple class.
Related
I need help. I have problem when commenting on topic. I want when the user comment in specific topic, it will appear only in the specific topic. The problem is when user comment in the specific topic, the comment can be seen in any topic available including the specific topic. Previously i store in comment.txt file but now i already delete the comment.txt file and make a database to store the comment based on what reply has told me. The problem is still the same. How to make it appear in topic A rather than appear on other topic. Hope anyone can help me because i has been trying to solve this for 4 days. Below is the updated code:
<?php
$conn = mysqli_connect("localhost", "root", "", "ourmusic");
$post_title = $_GET["post_title"];
//echo "<h1>".$post_title."</h1>";
$query = mysqli_query($conn,"SELECT poster, post_title, post_desc FROM posting WHERE post_title = '$post_title';");
$data = mysqli_fetch_assoc($query);
echo "</br><h1>".$data["post_title"]."</h1>";
echo "<sup>by <b>".$data["poster"]."</b></sup <br><br><br><br><hr><br><br>";
echo "<p>".$data["post_desc"]."</p><br><br><br>";
?>
<!-- Back to Forum -->
<a href="forum.php">
<button type="submit" name="back-btn" class="btn btn-success">Back</button>
</a>
<a href="comment.php">
<button type="submit" name="back-btn" class="btn btn-success">Comment</button>
</a><br><br>
<p>Comments:</p>
<!-- Post And Show The Comment -->
<?php
$connection = mysqli_connect("localhost", "root","","ourmusic");
$query_c = "SELECT * FROM [ourmusic].[posting].[dbo].[post_title]";
$result_c = mysqli_query($connection, $query_c);
?>
<?php
$username = $_SESSION['username'];
while($data_c = mysqli_fetch_assoc($result_c))
{
$poster= $data_c['poster'];
$comment_content = $data_c['comment_content'];
?>
<tr>
<td><b><?php echo $poster; ?></b></td><br>
<td><?php echo $comment_content;?></td><br>
</tr>
<?php
}
?>
And this is for my Final Year Project.
Rather than save comments in a text file and read them later on, it will be ideal to save the comments in a database.
Your table could contain columns for comments and topics.
For example, for Topic A, save the topic as well as the comment in the table at the point of commenting.
When fetching the comments, query the database for the comments, filtering them by topics.
I am trying to make this program where I can delete a thread if I am logged in. Now I already have the button linked and everything, I have it doing multiple tasks when pressed, but it seems to not run the SQL query I want it to. Now I have a variable called $forumid which is set in the URL and retrieved using $_GET['forumid'];
I know this is setting properly, because I have done echo $forumid; and its been correct. But there is one line of code that doesn't run for some reason, and that is:
$db->query("DELETE FROM threads WHERE id='$forumid'");
Now when I remove the WHERE clause, it works, but it wipes out the entire table. So I now know that the problem is the WHERE clause, I just can't find out why it is the issue. I am fairly new to PHP so please forgive my ignorance. But if anyone is able to see the issue, please tell me. Thank you.
[EDIT: COMPLETE CODE]
<?php
require 'connect.php';
session_start();
$forumid = $_GET['forumid'];
$title;
$body;
$by;
$loggedAsAuthor;
?>
<html>
<head>
<title>Legend Factions - View Forum</title>
<link href="stylesheet.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<div id="header">
Home
Forum
Vote
Donate
Members
</div>
<div id="content">
<div id="divider">
<?php
if ($result = $db->query("SELECT * FROM threads")) {
while ($row = $result->fetch_assoc()) {
if ($row['id'] == $forumid) {
$title = $row['title'];
$body = $row['words'];
$by = $row['by'];
if ($_SESSION['sess_username'] == $by || $_SESSION['sess_username'] == "admin") {
$loggedAsAuthor = true;
}
}
}
}
echo '<h2>', $title, '</h2><br/><label>By: ', $by;
if (isset($loggedAsAuthor)) {
echo '<form action="viewForum.php" method="post">
<br/><input type="submit" name="delete" value="Delete Thread"/>
</form>';
}
$delete = $_POST['delete'];
if (isset($delete)) {
$db->query("DELETE FROM threads WHERE id=$forumid ");
//header("Location: forum.php");
}
?>
<hr/>
<?php
echo $body;
?>
</div>
</div>
</body>
</html>`
You need to modify your sql query as like :
$db->query("DELETE FROM threads WHERE id= $forumid "); // removed single quotes
Hope it works for you now.
You can try this way, Hope it will help
$qry = "DELETE FROM threads WHERE id= $forumid ";
$db->query($qry);
Your query seems to be correct.
If $_GET['forumid'] is a string, do :
$db->query("DELETE FROM threads WHERE id=".$db->quote($_GET['forumid']));
If $_GET['forumid'] is numeric, do :
$db->query("DELETE FROM threads WHERE id=".(int)$_GET['forumid']);
In any case, string syntax should work, because string will be cast to integer by mysql.
To debug, do :
echo "DELETE FROM threads WHERE id=".$db->quote($_GET['forumid']) ;
And give us the result, or directly paste it into phpMyAdmin to see the error.
You should also add this line at the top of your script to see all errors :
error_reporting(E_ALL) ;
ini_set('display_errors', true) ;
if(isset($_GET['forumid']) && !empty($_GET['forumid'])){
$qry = "DELETE FROM threads WHERE id= '" . mysql_real_escape_string ($_GET['forumid']) . "'";
}
or use active record
$this->db->where('id', $forumid );
$this->db->delete('threads ');
Either integer or string syntax in MySQL should work if the threads id is an integer. What I see that could be happening is:
1) $forumid does not have the value you think it has?
To check it, var_dump the variable right before the delete query:
var_dump($forumid); die;
2) The table id column is not named "id"?
Check the database schema, to check if the column has the name you think it should have. In mysql CLI:
desc threads;
I'm trying to add a delete function for my blog where the logged in user can click on the delete link, but it just does not work.
this is the form for display:
<div id= "blogtitle"><?php echo $title; ?></div><div id= "date"><?php echo $date; ?></div>
<div id="contant"> <?php echo $contant; ?> </div> <p>Delete</p>
this is the deleteblog.php:
delete('blog', $_GET['id']);
header('Location: index.php');
die();
and this is the function:
function delete($blog, $id){
$blog = mysql_real_escape_string($blog);
$id = (int)$id;
mysql_query("DELETE FROM '{$blog}' WHERE 'id' = {$id}");
}
It just does not delete it, I've made it to work before where it did delete all the entries but it still wasn't what I intended it to do.
you have pass the id in delete link
<div id="contant"> <?php echo $contant; ?> </div> <p>Delete</p>
Arun answer is correct. As a plus stop using mysql old functions and use mysqli functions instead. Or even better use PDO.
Try like this
function delete($blog, $id){
$blog = mysql_real_escape_string($blog);
$id = (int)$id;
mysql_query("DELETE FROM $blog WHERE id = $id");
}
And you should pass id in your anchor tag
i have changed that line to what you have given me and i have also changed the delete function to:
'function delete($blog, $id){
$blog = mysql_real_escape_string($blog);
$id = (int)$id;
mysql_query("DELETE FROM $blog WHERE id = $id");
}
and now it comes up saying that the id varieble is unidentify in my anchor tags... :<
I have a reviews system on my site where users can rate other users. When a user logs in they can go to their pending reviews section where they can either approve or delete a review.
I pull through the reviews from the table ptb_reviews and list them on the page reviews.php. Each review then has an approve or delete link which goes to either approve_review.php or delete_review.php and in there is the SQL function to set the relevant column in my table, so approve or delete, from 0 to 1.
So if a user approves a review it updates approve in the table to 1 where that specific review has been chosen to be approved and then its the same for deleted.
I'm having a problem in that when I try to approve or delete a review, I echo out the query to test it to see what's happening and to see if its doing what I'm asking it to do and I get this:
UPDATE ptb_reviews SET approved = 1 WHERE id = '' LIMIT 1
this is implying that it cant find the review id and it wont therefore apply the update to 1 in the table where appropriate for that review.
here's my code for reviews.php where the reviews are pulled through:
<?php
$reviews_set = get_new_reviews();
while ($reviews = mysql_fetch_array($reviews_set)) {
$review_id = (int) $_GET['review_id'];
// Just this, is a great security enhancement. Forces the variable to be int (like all id's are).
// You can also check if its a numeric by doing
if (is_numeric($review_id)){
// continue with the update query
} else {
// something fishy is going on..
}
?>
<div class="prof-content-pend-reviews" id="reviews">
<div class="pend-review-content">
<?php echo "{$reviews['content']}"; ?>
</div>
<div class="message_pic">
<?php echo "<img width=\"50px\" height=\"50px\" src=\"data/photos/{$reviews['from_user_id']}/_default.jpg\" />";?>
</div>
<div class="forum-text">
<?php echo "Posted by {$reviews['display_name']}"; ?> <?php echo "".$age." days ago"; ?>
</div>
<div class="approve"></div>
<div class="delete"></div>
</div>
<? } ?>
And next is my code that carry's out the SQL function for approve_review.php:
<?php
require_once("session.php");
require_once("functions.php");
require('_config/connection.php');
$query = "UPDATE ptb_reviews SET approved = 1 WHERE id = '$review_id' LIMIT 1";
mysql_query($query, $connection);
echo $query;
die();
// See what is really sent to MySQL
if (!mysql_query($query, $connection)){
die(mysql_error());
}
?>
I'm basically asking is the reason nothing updates because it can not find the id for the review which is being either approved or deleted and what can I do to get it to update and so that it knows which review I'm asking it to approve or delete?
I'm still learning PHP and MySQL so if someone could show me or explain what to do that'd be great.
You are getting the query variable like this:
$review_id = (int) $_GET['review_id'];
But in your link you use:
<a href="includes/approve_review.php?review=<?php echo $reviews['review_id']; ?>">
^^^^^^
So your review ID is stored in $_GET['review'] and not $_GET['review_id'].
To start you should change that line to (or the other way around...):
$review_id = (int) $_GET['review'];
I have a simple page which contains some products in the database. What I want is to create some sort of an updater, if the user add a product then that specific div in the page will display the latest product added automatically.
I tried to view this link but it doesnt help at all we have different problem.
Anyway heres the function i have in php.
function recentlyAddeditems() {
echo '<h3>Recently Added Products</h3> <hr/>';
echo '<div id="main_section_widget">';
$sql = mysql_query("SELECT * FROM products ORDER BY id DESC LIMIT 20") or die(mysql_error());
if ($sql) {
while ($row = mysql_fetch_array($sql)) {
$name = $row['name'];
$id = $row['id'];
$category = $row['category'];
echo "$name | $category<br/>
<hr/>
";
}
echo '</div>';
echo '
<p><br/>More items...</p>
';
}
}
and the in html page
<div id="main_section_widget_cover" class="dates">
<?php recentlyAddedItems(); ?>
</div>
Is there a simpler way how to do this? I tried to read about ajax in jquery but still having confused without a concrete example.
Please help wizards of stack!!!
IF you want an example of a ajax in jquery here is a really simple example
<div id="main_section_widget_cover" class="dates"><div>
<script>
$('#main_section_widget_cover').load('recentitems.php');
</script>
in recentitems.php
<?php recentlyAddedItems(); ?>
Thats it, thats all you need to do to do a basic ajax call