i have this quick issue please.
I have this code here which permits me to extract a user name and a photo, and when the name is clicked it takes me to this hostess.php file, well, i need to pass the id variable to the hostess.php and save it, in order to get information only for that id..
Here is the code:
while ($row = mysql_fetch_array($query)) {
echo "<div id='photo'>";
echo "<div id='picture'>";
echo "<td> <img src=foto/photo1/".$row['photo'] . "></td>";
echo "</div>";
echo "<div id='text'>";
echo '<td>'. $row['first_name_en']." ". $row['family_name_en']."</td>";
echo "</div>";
echo "</div>";
}
How can i just get the id and then how can i save it to the $id variable
Thanks
The table structure is like this:
The table name is called hostess and the field i need to retrieve from hostess is the [id]
Change the line:
echo '<td><a href="hostess.php">'. $row['first_name_en'] .
" ". $row['family_name_en']."</a></td>";
to this:
echo '<td><a href="hostess.php?id={$row[id]}">'. $row['first_name_en'] .
" ". $row['family_name_en']."</a></td>";
and in hostess.php, use this to extract the value:
$id = $_GET['id'];
EDIT
Here is another method to pass variable as POST. Again, change the aforementioned line to:
echo '<td><form method="POST" action="hostess.php">' . "<input type='hidden'
name='id' value='{$row[id]}' />" . "<input type='submit' value='" .
$row['first_name_en'] . " " . $row['family_name_en'] .
" /></form></td>";
You can use CSS to style that button as simple text too. And the value can be retrieved in hostess.php as follows:
$id = $_POST['id'];
Add/change this in your code:
$personID = $row['id']; #or whatever the field name is
echo '<td>'. $row['first_name_en']." ". $row['family_name_en']."</td>";
The addition of "?personID='.$personID will send the value in the GET statement, or within the URL.
On the receiving page get the value that way:
$personID = $_GET['personID']+0; #add zero to force a numeric value--be sure to scrub your data!
#be sure to do other validation if needed!
Related
* if(!empty) retrieves first entry in array and shouldn't be used *
This script searches a database for a url that matches the one submitted by a user in a form. Currently the $query printed by the echo statement works fine in mysql and returns one entry. This script executes and prints the table header, but doesn't enter the while($row =.. ) loop.
Any thoughts or suggestions would be really appreciated. I've used this method before with no trouble so I'm sort of stumped right now.
//1. Query DB for results
$query = "SELECT * FROM projects WHERE projectsurl='".$url."';";
echo "<br>".$query;
$projects = mysqli_query($conn, $query);
// 2. Print Project Results
if(!empty(mysqli_fetch_assoc($projects))){
//Print Project Results
echo "Is this your project?<br>";
echo "<table style=width:'100%'>";
while ($row = mysqli_fetch_assoc($projects)){
echo $tabler . $thh . "Title: <br>" .$row['title'] . $thsp . "No. Rewards: <br>" . $row['rewards'] . $thf . $xtabler;
echo $tabler . $thh . "ID: " .$row['id'] . $thf . $xtabler;
// Echo two rows for the URL Strings because they are longer.
echo $tabler . $thh . "<a href='" . $row['projectsurl'] . "'>Projects</a>" . $thsp . "<a href='" . $row['rewardsurl'] . "'> Rewards " . $thf . $xtabler;
echo "<form id='confirmation' action='../index.php' method='POST'>
<input type='hidden' value='2' name = 'stage'>
<input type='hidden' value='".$row['id']."' name='id'>
<input type='hidden' value='".$row['title']."' name='title'>
<input type='submit' value='Confirm'></form>";
}
echo "</table>";
}else{
//trigger ruby script to search for lost file
echo "Project Not Found. <br>";
}
Oh and the random table stuff is defined elsewhere as
$tabler = "<tr>";
$xtabler = "</tr>";
$thh = "<th><b>";
$thsp = "</th><th>";
$thf = "</b></th>";
$csp = "</td><td>";
$ch = "<td>";
$cf = "</td>";
If there's only one row, then if(!empty(mysqli_fetch_assoc($projects))){ will fetch it and your while loop will not be entered. Instead, to check if a row exists, use mysqli_num_rows($projects).
Also, Reminder, escape your user submitted data before using it in your MySQL query if you haven't already. This can be done by: $query = "SELECT * FROM projects WHERE projectsurl='".mysqli_real_escape_string($conn, $url)."';";
EDIT: Alternatively, prepare your MySQL statements before executing them. This is the preferred method, although both protect you from injections.
I've written this code for a user to edit one row and update it in MySQL, but it always posts the last row no matter which row you have selected (there are 3 rows).
What's the problem?
<?php include("includes/db_connection.php"); ?>
<?php
global $connection;
$sid="s5";
/**select all salesman from store 5**/
$sql ="SELECT * FROM employees WHERE e_type='Salesperson' AND store_assigned='".$sid."';";
/**get the result and put into table, which can be edited by user**/
$result = mysql_query($sql);
echo "<form method='post' action='update_salesman.php'>";
echo "<table border='1'><tr><th>Employee ID</th><th>Name</th><th>Address</th><th>Email</th><th>Job Title</th><th>Store</th><th>Salary</th></tr>";
while ($row = mysql_fetch_assoc($result)) {
echo "<tr><td><input type='text' name='eid' value='".$row['eid']."' readonly /></td>";
echo "<td><input type='text' name='e_name' value='".$row['e_name']."' /></td>";
echo "<td><input type='text' name='e_addr' value='".$row['e_addr']."' /></td>";
echo "<td><input type='text' name='e_email' value='".$row['e_email']."' /></td>";
echo "<td><input type='text' name='e_type' value='".$row['e_type']."' /></td>";
echo "<td><input type='text' name='store_assigned' value='".$row['store_assigned']."'/></td>";
echo "<td><input type='text' name='e_salary' value='".$row['e_salary']."' /></td>";
echo "<td><input type ='submit' value='update' /></td></tr>";
}
echo "</table>";
echo "</form>";
print($sql);
?>
Get the posted data, and update it in MySQL database:
<?php include("includes/db_connection.php"); ?>
<?php
$eid = $_POST['eid'];
$ename = $_POST['e_name'];
$eaddr = $_POST['e_addr'];
$eemail = $_POST['e_email'];
$etype = $_POST['e_type'];
$estore = $_POST['store_assigned'];
$esalary = $_POST['e_salary'];
$sql = "UPDATE employees SET e_name='" . $ename . "', e_addr='" . $eaddr . "', e_email='" . $eemail . "', e_type='" . $etype . "', store_assigned='" . $estore . "', e_salary='" . $esalary . "' WHERE eid='" . $eid . "' ;";
$result = mysql_query($sql);
print("</br>" . $sql);
?>
The result is always this:
UPDATE employees SET e_name='Norah ', e_addr='111 Melwood,PA', e_email='anorahm#gmiil.com', e_type='Salesperson', store_assigned='s5', e_salary='4000.00' WHERE eid='e334' ;
Your problem is twofold. First, when generating the HTML code, you use a while loop to echo the fields. Note that the names of these fields are the same every time the loop runs. (You can see this in the generated HTML (source code). Note that on submitting, one one of the multiple same-named fields will be posted.
Second, in the PHP form handler code, you read the post data and then do one update query, while you may want to update more than one field.
The easiest way to solve this is to make sure that the field names in the HTML form are different for each of the rows, and to use a loop structure when updating the sql table such that there's an update for each row.
even though it may appear fine on the html side, it's clear what's happening on the server side when it gets the form
When the server gets the form it will only see the last record because each record will overwrite the values that come before it resulting in only getting the data from the last record
What you can do is give each set of values its own form (Wouldn't suggest). But with this method, you can leave your code almost as is, just move the form tags into the while loop. OR write the input names as e_name[], etc.
This way it will be passed as an array to the server and you can loop through to get all your values
On the server end, to get the array you would do something like
$e_names = $_POST['e_name']; //Value will be an array
When I create/edit post to my website, and when I use html tags (either type it by my self or using WYSIWYG editor (in this case nicEdit, but I've used different one - same problem)) it does not show anything on the page.
to be more specific: I have article container which imports php code, which than iterates through the db table and echo posts. This is the code:
<h3>Wydarzenia</h3>
<?php
//collects data from table "events" and sort it by "id" date in descending oreder
$event_table_data = mysqli_query($db_con, "SELECT * FROM events ORDER BY id DESC")
or die(mysqli_error());
//puts the data from "events" into an array
$event_content_array = mysqli_fetch_array($event_table_data);
//makes variables from table columns
$id = id;
$title = title;
$happeninng_date = happen;
$created_date = created;
$content = content;
$author = author;
//add new post button
if((isset($_SESSION['sess_wizardrights'])) && ($_SESSION['sess_wizardrights'] == true)){
echo "<a class='e_event_addpost_link' href='./index.php?link=add_post'><button class='e_event_addpost_button' type='button'>Dodaj nowy post</button></a>";
}
do{
//echo each event for main event article
echo "<span class='b_events_span' id='" . $event_content_array[$id] . "'>";
echo " <a class='b_events_anchor' id='" . $event_content_array[$id] . "'></a>";
echo " <h2 class='b_events_title'>" . $event_content_array[$title] . "</h2>";
if((isset($_SESSION['sess_wizardrights'])) && ($_SESSION['sess_wizardrights'] == true)){
echo "<form class='b_events_edit_form' name='edit_post' action='./index.php?link=edit_post' method='post'>";
echo " <input type='hidden' name='id' value='" . $event_content_array[$id] . "'> ";
echo " <input class='e_events_edit_submit' type='submit' value='Edytuj wydarzenie'>";
echo "</form>";
}
echo " <div class='fb-share-button' data-href='http://www.zhppgkaberdeen.co.uk/index.php?link=events#" . $event_content_array[$id] . "'></div>";
echo " <p class='b_events_happening_date'><i>Data wydarzenia: " . $event_content_array[$happeninng_date] . "</i></p>";
echo " <p class='b_events_content'>" . $event_content_array[$content] . "</p>";
echo " <p class='b_events_created_date'>Utworzono: " . $event_content_array[$created_date] . "</p>";
echo " <p class='b_events_author'><b>Czuwaj!</b><br/>" . $event_content_array[$author] . "</p>";
echo "</span>";
}while($event_content_array = mysqli_fetch_array( $event_table_data ));
?>
When I add tags like <img> for instance with alt="" parameter it completely ruins web page. What I mean by that is that the article container is not shown at all (I've checked that with firebug) as well as everything after the article tag (like footer for instance). What is even more strange is that this: alt="text" did not break the page but every other random word does, how ever it does not show the "text" at image at all.
Similar thing happen when I tried to create table within the post and title or target parameter, I cant remember which one.
I have tried to use htmlentities($event_content_array[$content]), htmlspecialchar($event_content_array[$content]) and mysqli_real_escape_string($do_con, $event_content_array[$content]) -> non of this helped.
Is there a way to fix that or I just need to give up using this tags/parameters?
Thank you for any help or explanation
if you are using e.g echo "<img alt="text">";try to escape the " such as alt=\"text\"
<?php
$paseoLocationTo=$_POST['locationTo'];
$paseoLocationFrom=$_POST['locationFrom'];
$PTime=$_POST['time'];
echo"The value of Location to is $paseoLocationTo </br>";
echo"The value of Location from is $paseoLocationFrom </br>";
echo"The value of time is $PTime </br>";
mysql_connect('localhost', 'root', '')
or die(mysql_error());
mysql_select_db('shuttle_service_system')
or die(mysql_error());
$TripID =mysql_query("
SELECT DISTINCT Trip_ID as 'TripID'
FROM trip
WHERE Timeslot LIKE '$PTime' AND Location_From Like '$paseoLocationFrom' AND Location_To LIKE '$paseoLocationTo'
");
echo "<form action='LastPage.php' method='post'>";
while($check = mysql_fetch_array($TripID))
**echo "<name='TripID' id='TripID'>" . $check['TripID'] . " ";**
echo "<p class='sure'> Are you sure with your reservation? </p>";
echo"<input type='submit' value='Submit' class='Log'>";
echo"</form";
?>
From another php file, this the LastPage.php
<?php
**$TripID=$_POST['TripID'];
echo"The value of trip ID is $TripID </br>";**
?>
Hi guys I was wondering why I can't access the "TripID" variable in the other php file? I was accessing it before but now there seems to be a problem, am I doing it right? I'm sorry a php and SQL newbie.
You need to add
<input type="text" name="TripID" value="'.$check['TripID'].'" ... />
in your form in order to retrieve values with $_POST['TripID'].
There is no such thing as
**echo "<name='TripID' id='TripID'>" . $check['TripID'] . " ";**
which was found in your code.
**echo "<name='TripID' id='TripID'>" . $check['TripID'] . " ";**
Looks like that should be:
echo "<input type='text' name='TripID' id='TripID' value='" . $check['TripID'] . "' />";
If you don't want it to be editable, display it then add a hidden field:
echo $check['TripID'];
echo "<input type='hidden' name='TripID' id='TripID' value='" . $check['TripID'] . "' />";
Basically, you're not putting your trip id into an actual form tag, so it's not getting posted over to your LastPage.php.
Edit: fixed the first input to wrap the tripID in the value attribute.
Replace following lines
**echo "<name='TripID' id='TripID'>" . $check['TripID'] . " ";**
with
echo "<input type="hidden" name="TripID" value="'.$check['TripID'].'" />";
So it will not be visible to user on current page but when you will post the Form, it will be available in $_POST['TripID'] variable.
One more thing your tag is not properly closed.
Use MySQLi and prepared statements to prevent SQL injection.
PS: accept the answer if its work for you.
Your form tag is not closed properly. It is now as echo </form";
It should be echo"</form>";
Also you didnt added name in input tag.
It should be
echo"<input type='submit' value="$check['TripID']" name="TripID" class='Log'>";
There is no name tag <name> but you used how?
I am pulling addresses out of a mysql database. The addresses are displayed in a form, through an array, as a list with a (hidden) input and a (submit) input attached to each address. The intension is that a user can click on the (submit) input by the address they want to view and the (hidden) input would pass the ID (as_id).
What I coded works to a point. It displays the addresses and an input at each address.
What does not work is that once a (submit) is clicked for the selected address it passes " " no matter which (submit) input is chosen.
I’ve read about turning the input into an array with “[]” after the “name”. I playsed with that for a while. I got a “strip_tags() expects parameter 1 to be string, array” error and got lost for a few hours on that. I gave it up; didn’t think I was going in the right direction.
`enter code here`
echo "<div class='searchres'>";
echo "<form name='choose' method='post' id='choose' action='asset_search.php'>";
echo "<table>";
while ($asset_info = mysql_fetch_array($search_rs)) {
array_pop($asset_info);
echo "<tr>";
echo "<td width='400px'>";
echo $asset_info['as_id'] . " ";
echo $asset_info['as_st_number'] . " ";
echo $asset_info['as_st_dir'] . " ";
echo $asset_info['as_st_name'] . " ";
echo $asset_info['as_st_desig'] . " ";
echo $asset_info['as_unit_num'] . " ";
echo $asset_info['as_city'] . " ";
echo "<br />";
echo "</td>";
echo "<td>";
echo "<input name='hide' type='hidden' value='" . htmlspecialchars($asset_info
['as_id']) . "'>";
echo "<input name='search' type='submit' id='search' value='View Property'>";
}
echo "</td>";
echo "</tr>";
echo "</table>";
echo "</form>";
echo "</div>";
I only need to pass the as_id, not the whole array. Any help would be appreciated.
I am assuming you want to check this line:
echo "<input name='hide' type='hidden' value='" . htmlspecialchars($asset_info['as_id']) . "'>";
You use the name hide, this should be hide[] then you should check for the value of $_POST['hide'].
Edited:
But there is something else wrong with your code. You use one form for all addresses, with the same button for all addresses. You need to make a different form tag for each address. In that case you do not need to put [] behind the input name, although I would pick another name than 'hide'. Put the whole form in the while loop.