Im using ThickBox 3.1 and regretting it since it is no longer supported and Im new to programming so I could use all the help I can get.
Im almost done setting up several Thickboxes on my site but my last one requires a variable to be passed from the parent page to ThickBox and I just can't seem to pick it up in my php script. I have a parent page that is getting the variable from a currently selected drop down menu. When I hover over the link that will open the ThickBox Modal I see:
http://localhost/forms/modal_product.html?strUser=100&TB_iframe=true&height=300&width=590
which is great because I need the strUser variable. So the ThickBox opens I enter some information into a short form just like my other ThickBoxes but nothing happens. When I look under firebug to see the AJAX response it informs me that:
<b>Notice</b>: Undefined index: strUser in <b>C:\xampp\htdocs\forms\item_add.php</b> on line <b>3</b
Ive tried seeing what $_SERVER['QUERY_STRING']; comes up with and it is NULL.
I think my question is generic in that I just don't know where my _GET variable is going? Can anyone with experience with ThickBox help me out? Ive read my butt off and I realize in older versions of ThickBox it was harder to pass variables and it required hacks but I should be able to do this the way I have it. What am I doing wrong? Is there an easier way to pass variables or am I just missing something obvious?
Also when I go to my form page directly and not as a link through the parent window, if I manually put a GET variable into the URL it still gives me the same errors which leads me to believe I'm just missing something basic. Here is my php code.
<?php
include '../dbc.php';
$getman = ($_GET['strUser']);
$manid1 = mysql_query("SELECT manufacturer_id FROM manufacturers WHERE man_name='$getman'");
$manid11 = mysql_fetch_array($manid1);
$manid21 = $manid11[0];
if ($_POST) {
// Collect POST data from form
$item_num = stripslashes($_POST['item_num']);
$descript = stripslashes($_POST['descript']);
$quanti = stripslashes($_POST['quanti']);
$fdaa = stripslashes($_POST['fdaa']);
}
$params = $_SERVER['QUERY_STRING'];
$domain = $_SERVER['SCRIPT_NAME'];
$queryString = $_SERVER['REQUEST_URI'];
$stmnt2 = mysql_query("INSERT INTO products (product_id, item_number, description, quantity_per_unit, fda_approved, manufacturer_id) VALUES ('NULL', '" . $item_num . "', '" . $descript . "' ,'" . $quanti . "', '" . $fdaa . "' , '" . $manid21 . "')");
$resp['status'] = 'success';
if ($stmnt2) {
$resp['errmessage'] = "Item submitted. Submit another item or click close.";
} else {
$resp['errmessage'] = $params;
}
echo json_encode($resp);
?>
I worked it out. I had to pull the variable in Jquery from the URL, put it into a hidden field and then run my php script.
Related
I'm looking to pass an array from a separate database within wordpress and echo it out into the content, having a bit of trouble understanding how.
Here is my current code in functions.php:
function get_lead() {
$wpdb = new wpdb('root','password','database', 'localhost');
if ($wpdb->connect_errno) {
die("Failed to connect to MySQL: (" . $db->connect_errno . ") " . $db->connect_error);
}
// Get lead info
if(isset($_SESSION['lead_id'])) {
global $lead;
$table_name = $wpdb->prefix . 'customers';
$lead = $wpdb->get_row($wpdb->prepare("SELECT * FROM $table_name WHERE id = '".$_SESSION['lead_id']."'", ARRAY_A));
$error = $wpdb->print_error();
return $lead;
}
}
I originally tried this in a custom php file included in a custom wordpress header via require_once 'filename.php';, here is the code for that:
if(isset($_SESSION['lead_id'])) {
$lead_query = $db->query("SELECT * FROM customers WHERE id = '".$_SESSION['lead_id']."'");
$lead = $lead_query->fetch_assoc();
$lead_query->free();
}
I know this gets the data fine and passing the variable if I place it in header.php and echo out there, but I can't get WordPress to load it into the content within the editor, it's just an empty if I echo $lead['postcode']; there for example.
I've tried setting up a shortcode but can't seem to return an array with that, and the function action doesn't seem to work either, I just get NULL when I var_dump($lead);
It's a 3 step form with a thank you page at the end. I want to echo one piece of data into the first step of the form and two pieces of data onto the thank you page.
Hope this makes sense, any help would be great :)
I have a page that shows comments, "comments.php", and I include the page on any other page that I want comments to show. I am trying to implement a way to delete comments if needed. Each comment has an auto-increment "commentID". Right now I'm using an action, and then just using a link to call the action.
When I hover over the link, the URL looks correct, but when I click it, the page refreshes and nothing happens. Any ideas?
Action:
if ($_POST['action'] == 'delete') {
$sql = "delete from " . $db_prefix . "comments where commentID = " . (int)$_GET['id'];
mysql_query($sql) or die('error deleting user: ' . $sql);
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
Show comments and show link to delete: (unnecessary code has been left out)
echo 'delete
What am I doing wrong?
In your code you're mixing $_POST with $_GET.
Try this,
?php
if ($_GET['action'] == 'delete') {
if (!ctype_digit($_GET['id'])) {
exit("ID has to be an int.");
}
$id = intval($_GET['id']);
$sql = "DELETE FROM `" . $db_prefix . "comments` WHERE `commentID` = " . $id;
mysql_query($sql) or die('error deleting user: ' . $sql);
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
?>
Your link also shows action=delete so you should be checking if $_GET action equals delete.
Edit 1
Your code is prone to SQL injection, you are still using MySQL even though it has been deprecated, you should use either MySQLi or PDO with prepared statements.
Not to mention your $_GET data is being passed on to the query without being sanitized, you should start using intval it would make it better and prevent XSS. Please read up on the function intval and ctype_digit to get a better understanding at what it does.
Edit 2
Scrap $_SERVER['HTTP_REFERER']
How reliable is HTTP_REFERER?
Edit 3
As noted in comments:
"If you're using the same file for everything, just omit the file name ?action=delete&id"
which would explain the 404 you mentioned in comments.
What is happening is I think my code is selecting the data first (basically old data) then updating it but what I want is for it to update then select the data (new data). How can I do this?
I am going to post where it goes wrong and if you need the full code just ask:
$select_links = $db->query("SELECT pid, added_by,link_title,lid,link_order FROM " . TABLE_PREFIX . "homepage_links WHERE pid='$pid'
ORDER BY link_order DESC LIMIT $start,$show");
$check_link_count_rows = $db->num_rows($select_links);
echo "<b> You Current Have " . $check_link_count_rows . " Links On Your Page: </b><br>";
echo "<form action='' method='POST'>
";
while($select_links_array = $db->fetch_array($select_links)) {
$link_title_display = $select_links_array['link_title'];
$link_id_display = $select_links_array['lid'];
if(!$mybb->input["order_edit_$link_id_display"]) {
$link_order_display = $select_links_array['link_order'];
} else {
$link_order_display = $mybb->input["order_edit_$link_id_display"];
}
$order_edit_value1 = $mybb->input["order_edit_$link_id_display"];
$order_edit_value = $db->escape_string($order_edit_value1);
echo "<br>" . $link_title_display . " <a href='?operation=edit_links&link=$link_id_display'> (edit) </a>
<input type='number' name='order_edit_$link_id_display' value='$link_order_display' style='width:40px;'>
<input type='hidden' name='get_link_id_display_value_$link_id_display' value='$link_id_display'><br>
";
$get_link_id_display_value1 = $mybb->input["get_link_id_display_value_$link_id_display"];
$get_link_id_display_value = $db->escape_string($get_link_id_display_value1);
$update_quick_edit_query = $db->query("UPDATE spud_homepage_links SET link_order='$order_edit_value'
WHERE lid='$get_link_id_display_value'");
}
I cannot find a solution as everything is in the right place for it to work besides this bug.
After a discussion in the comments, I determined that you were attempting to render a page after a post form submission that amends the database. It is perfectly possible to re-read your new database state and render it in a post operation, but it is inadvisable, since browsers cannot refresh the page without asking you if you wish to run the operation again. This does not make for a good user experience, especially in relation to using the back/forward buttons.
The reason for this behaviour is that post operations generally modify the database. They are used for example in credit card purchases or profile amendments where some change in the state of the server is expected. Thus, it is good practice to execute a new round-trip to the server, after the write operation, to change the page method from post to get.
The header() call I linked to will do this, and will resolve your rendering problem too.
good day
need some help here, my Delete button works but page is not automatically refreshing after i clicked the delete button. i still need to manually retrieve the data from db and it would reflect that data is deleted already...
here is my code for delete php: how can i make this to refresh the page automatically?
<?php
require 'include/DB_Open.php';
$id = $_POST['id'];
$idtodelete = "'" . implode("','",$id) . "'";
$query = "DELETE FROM tbl WHERE ticket in (" . $idtodelete . ")";
$myData = mysql_query($query);
echo "DATA DELETED";
if($myData)
{
header("Location: delete.php");
}
include 'include/DB_Close.php';
?>
I suggest fetching the data after your delete logic. Then the delete logic will be executed before fetching the tickets.
Then a redirect to the same page isn't even necessary.
//
// DELETE
//
if (isset($_POST['delete'] && isset($_POST['id'])) {
// Do delete stuff,
// notice delete variable which would be the name of the delete form button e.g.
// If you like, you can still echo "Data deleted here" in e.g. a notification window
}
//
// FETCH data
//
$query = "Select * FROM tbl";
...
if you use post method better with this
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$id = $_POST['id'];
$idtodelete = "'" . implode("','",$id) . "'";
$query = "DELETE FROM tbl WHERE ticket in (" . $idtodelete . ")";
if (mysql_query($query))
{
header("Location: delete.php");
} else {
echo "Can not delete";
}
}
As suggested on one of the comments, and on the php documentation:
http://it2.php.net/manual/en/function.header.php :
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include, or require, functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file.
Basically you have to take out the :
echo "DATA DELETED";
What's the point to try to echo that string if the page is going to be redirected anyway?
If you want to make it fancy you could use Ajax to delete it, and trigger a setTimeout() on JavaScript x seconds after showing the message.
Or if you really really really really, REALLY, want to do it this way, you could disable the errors report/display (using error_reporting(0) and ini_set('display_errors', 'Off'). By experience I know that it will work, but it's nasty and extremately ultra highly not recommended
Basically I've connected my PHP to the mysql database which loads a bunch of users names. I want to be able to click on any of the users name so I've hyperlinked them all through a while loop and . When I click one of the links it opens a new page but I would like to be able to tell which username I clicked on. I think I could do this by using $_GET but I'm getting the following errors:
<?php echo "$first" . " " . "$last";?>;
Also, what should I write in the new page? So far on the new page this is what I've wrote:
$first=$row['FName'];
$last=$row['LName'];
echo "USERNAME: " . "$first";
UPDATE:
echo "<tr>
<td><b><center>.$info['Name']."</td></center></b>
</tr>";
This also gives error, but I think it shouldn't? Maybe I've made a simple mistake with the " somewhere, please check if you can find
In your new page you would check $_GET variable to see if the keys are set.
You have link with usersProfile.php?firstname=somename&lastname=somelastname so the keys you are looking for are firstname and lastname.
You would have to check if the key is set in order to avoid getting undefined indexes.
Ex. $firstname = isset($_GET['firstname']) ? $_GET['fisrtname'] : null;
This checks if the key is set and if it is sets $firstname to the data from the url otherwise to null
If I understand your question correctly, it appears that you are trying to create a link for each user that will send you to a different or personal page when clicked.
In that case, it might be easier to simply query the entire table and have that set up in your html page as a separate .
For instance:
//Database connections
$query="SELECT * FROM userTable WHERE firstName = $firstname and lastName = $lastName";
//Change the query to whatever you want
$result = mysql_query($query)
while($row = mysql_fetch_assoc($result))
{
echo "<a href='somepage.php'>" . $row['Username'] . "</a>";
}
This is just an example and a good amount would need to be added to it, but this more than likely would be easier for what you are trying to do. In this case, the loop would output all the names you have pulled from the database.