This question already has an answer here:
Closed 11 years ago.
Possible Duplicate:
Why isn't my image showing up?
I have a weird problem here. I have this line of code where it works on one page but it doesnt on another. The PHP code is as follows:
PHP Page That Shows Image
<table border=1>
<tr>
<td align=center>EDIT</td>
</tr>
<tr>
<td>
<table>
<?
$id = $_GET['product_id'];
$result = mysql_query("SELECT * FROM products WHERE serial = '$id'");
$info = mysql_fetch_array($result);
?>
<form method="post" action="editsuccess.php">
<input type="hidden" name="id" value="<? echo "$info[name]"?>">
<table border='0' width=100%>
<tr>
<td>Name</td>
<td>
<input type="text" name="name"
size="20" value="<? echo "$info[name]"?>">
</td>
</tr>
<tr>
<td>Description</td>
<td>
<input type="text" name="name"
size="20" value="<? echo "$info[description]"?>">
</td>
</tr>
<tr>
<td>Price</td>
<td>
<input type="text" name="address" size="40"
value="<? echo "$info[price]"?>">
</td>
</tr>
<tr>
<td>Image</td>
<td>
<? echo'<img src="../getImage.php?id=' . $info['serial'] .'"/>'?>
</td>
</tr>
<tr>
<td align="right">
<input type="submit"
name="submit value" value="Update Product">
</td>
</tr>
</form>
</table>
</td>
</tr>
</table>
PHP Page That Doesnt Show Image
<?php
$id = $_GET['product_id'];
$query = mysql_query("SELECT * FROM products WHERE serial = '$id'")
or die(mysql_error());
while($info = mysql_fetch_array($query)) {
echo "";
$name = $info['name'];
$description = $info['description'];
$price = $info['price'];
$picture = $info['picture'];
}
?>
<form action="editsuccess.php?product_id=<?php echo $id; ?>" method="post">
Product ID:<br/>
<input type="text" value="<?php echo $id;?>" name="product_id" disabled/>
<br/>
Name:<br/>
<span id="sprytextfield1">
<input type="text" value="<?php echo $name;?>" name="name"/>
<span class="textfieldRequiredMsg">Enter Product Name</span></span><br/>
Description:<br/>
<span id="sprytextfield2">
<input type="text" value="<?php echo $description;?>" name="description"/>
<span class="textfieldRequiredMsg">Enter A Description</span></span><br/>
Price:<br/>
<span id="sprytextfield3">
<input type="text" value="<?php echo $price;?>" name="price"/>
<span class="textfieldRequiredMsg">Enter Price</span><span class="textfieldInvalidFormatMsg">Enter Numbers Only</span></span><br/>
Picture:<br/>
<?php echo '<img src="../getImage.php?id=' . $row['serial'] .'"/>'
?>
</br>
<input type="submit" value="Update Product"/>
</form>
The line of code i am talking about is this one:
<?php echo '<img src="../getImage.php?id=' . $row['serial'] .'"/>'
?>
Any ideas why it dont work???
-----EDIT--------
getImage.php code is as follows:
<?php
$host="localhost"; // Host name
$user="****"; // Mysql username
$passwd="****"; // Mysql password
$dbName="**********"; // Database name
// Connect to server and select databse.
mysql_connect("$host", "$user", "$passwd")or die("cannot connect");
mysql_select_db("$dbName")or die("cannot select DB");
$link = mysql_connect($host, $user, $passwd);
mysql_select_db($dbName);
$query = 'SELECT picture FROM products WHERE serial="' . $_GET['id'] . '"';
$result = mysql_query($query,$link);
$row = mysql_fetch_assoc($result);
header("Content-type: image/jpeg");
echo $row['picture'];
?>
First of all, try to avoid short tags (<?). Not every webserver is configured to understand them and it kind of conflicts with XML tags (which open with <?xml). So replace your <? with <?php to make sure your code always works on any webserver, regardless of it's configuration setting for short_open_tags.
Second, You're calling $row['serial'], but $row doesn't appear to be an array (at least it's not defined within the code you pasted here). Are you sure it shouldn't be $info['serial']?
But most importantly, whenever you allow user-input (like a $_GET) to determine your SQL query, always escape your code with mysql_real_escape_string, like this:
$result = mysql_query("SELECT * FROM products WHERE serial = '" . mysql_real_escape_string($id) . "'");
Or when you're sure that it's always an integer (e.g. if the field has INT datatype in your database), cast the value as an integer, like so:
$result = mysql_query("SELECT * FROM products WHERE serial = " . (int) $id);
You shooed to remove while cicluse
next code
while($info = mysql_fetch_array($query)) {
echo "";
$name = $info['name'];
$description = $info['description'];
$price = $info['price'];
$picture = $info['picture'];
}
?>
change just with
$info = mysql_fetch_array($query)
Try and tell us does is ok, and does is like you want. :)
Related
I want to display all rows by a php query and update all by a submit button in sql. I this way below a can display all row and update particular row by its own submit button. But I want to update all by a single submit button.
So for do it, I thank, I want to loop for update. But I cannot understand how to do it in this case.
Here is my code:
<?php
include_once('../db.php');
global $db;
$result = mysqli_query($dbh,"SELECT * FROM ppad");
if(!$result) {
die("Database query failed: " . mysqli_error());
}
while($row = mysqli_fetch_assoc($result)) {
$id=$row['id'];
$name=$row['name'];
$date=$row['date'];
$title=$row['title'];
$Detail=$row['Detail'];
echo '<form action="padSproccess.php" method="POST">
<table width="100%" border="1">
<tr>
<td width="10%">Date</td>
<td width="14%">Time</td>
<td width="20%">Name(url)</td>
<td width="30%">Detail</td>
</tr>
<tr>
<td width="10%"><input type="text" name="date" maxlength="2" value="'.$date.'"></td>
<td width="14%"><input type="text" name="title" maxlength="50" value="'.$title.'"></td>
<td width="20%"><input type="text" name="name" maxlength="50" value="'.$name.'"></td>
<td width="30%"><input type="text" name="Detail" maxlength="100" value="'.$Detail.'"></td>
<input type="hidden" name="id" value="'.$id.'">
</tr>
</table>
<input type="submit" name="submit" id="submit" value="Submit">
</form>';}
?>
padSproccess.php
include("../db.php");
global $db;
if(isset($_POST['submit'])){
$date = mysqli_real_escape_string($dbh,$_POST['date']);
$title = mysqli_real_escape_string($dbh,$_POST['title']);
$name = mysqli_real_escape_string($dbh,$_POST['name']);
$Detail = mysqli_real_escape_string($dbh,$_POST['Detail']);
$id = mysqli_real_escape_string($dbh,$_POST['id']);
// update data in mysql database
$update = mysqli_query($dbh,"UPDATE ppad SET date='$date', month='$month', name='$name', Detail='$Detail' WHERE id = '$id'");
// if successfully updated.
}
For this you need to update your code into
<?php
include_once('../db.php');
global $db;
$result = mysqli_query($dbh,"SELECT * FROM ppad");
if(!$result) {
die("Database query failed: " . mysqli_error());
}?>
<form action="padSproccess.php" method="POST">
<table width="100%" border="1">
<tr>
<td width="10%">Date</td>
<td width="14%">Time</td>
<td width="20%">Name(url)</td>
<td width="30%">Detail</td>
</tr>
<?php
while($row = mysqli_fetch_assoc($result)) {
$id=$row['id'];
$name=$row['name'];
$date=$row['date'];
$title=$row['title'];
$Detail=$row['Detail'];
echo '<tr>
<td width="10%"><input type="text" name="date[]" maxlength="2" value="'.$date.'"></td>
<td width="14%"><input type="text" name="title[]" maxlength="50" value="'.$title.'"></td>
<td width="20%"><input type="text" name="name[]" maxlength="50" value="'.$name.'"></td>
<td width="30%"><input type="text" name="Detail[]" maxlength="100" value="'.$Detail.'"></td>
<input type="hidden" name="id[]" value="'.$id.'">
</tr>';
}?>
</table>
<input type="submit" name="submit" id="submit" value="Submit">
</form>
Now within your padSproccess.php you'll receive an array of results within your variables which'll be updated using foreach loop
What you need to do first is have an overall form, not a form for each (unless you want to throw in javascript to fire off ajax calls). So what you'll need to do is make sure each row can be associated with a specific id:
<?php
include_once '../db.php';
$result = mysqli_query($dbh, "SELECT * FROM ppad");
if(!$result) {
die("Database query failed: " . mysqli_error());
}
?>
<form action="padSproccess.php" method="POST">
<table width="100%" border="1">
<thead>
<tr>
<td width="10%">Date</td>
<td width="14%">Time</td>
<td width="20%">Name(url)</td>
<td width="30%">Detail</td>
</tr>
</thead>
<tbody>
<?php
while($row = mysqli_fetch_assoc($result)) {
$id = $row['id'];
$name = $row['name'];
$date = $row['date'];
$title = $row['title'];
$Detail = $row['Detail'];
echo '
<tr>
<td width="10%"><input type="text" name="date[' . $id . ']" maxlength="2" value="'.$date.'"></td>
<td width="14%"><input type="text" name="title[' . $id . ']" maxlength="50" value="'.$title.'"></td>
<td width="20%"><input type="text" name="name[' . $id . ']" maxlength="50" value="'.$name.'"></td>
<td width="30%"><input type="text" name="Detail[' . $id . ']" maxlength="100" value="'.$Detail.'"></td>
</tr>
';
}
?>
</tbody>
</table>
<input type="submit" name="submit" id="submit" value="Submit">
</form>
Then in padSproccess.php you'll receive an array of names, dates, titles and Details, each one keyed by the ID of the row. So that'll change to something like this:
<?php
include "../db.php";
if(isset($_POST['submit'])){
$ids = array_keys($_POST['name']);
foreach ($ids as $id) {
$date = mysqli_real_escape_string($dbh,$_POST['date'][$id]);
$title = mysqli_real_escape_string($dbh,$_POST['title'][$id]);
$name = mysqli_real_escape_string($dbh,$_POST['name'][$id]);
$Detail = mysqli_real_escape_string($dbh,$_POST['Detail'][$id]);
$id = mysqli_real_escape_string($id);
// update data in mysql database
$update = mysqli_query($dbh,"UPDATE ppad SET date='$date', month='$month', name='$name', Detail='$Detail' WHERE id = '$id'");
}
// if successfully updated.
}
Try this. Of course for the database I've not started and it is possible errors.
<?php
include_once('../db.php');
global $db;
$result = mysqli_query($dbh,"SELECT * FROM ppad");
if(!$result) {
die("Database query failed: " . mysqli_error());
}
?>
<form action="padSproccess.php" method="POST">
<?php
while($row = mysqli_fetch_assoc($result)) {
$id=$row['id'];
$name=$row['name'];
$date=$row['date'];
$title=$row['title'];
$Detail=$row['Detail'];
echo '
<table width="100%" border="1">
<tr>
<td width="10%">Date</td>
<td width="14%">Time</td>
<td width="20%">Name(url)</td>
<td width="30%">Detail</td>
</tr>
<tr>
<td width="10%"><input type="text" name="ar['.$id.'][date]" maxlength="2" value="'.$date.'"></td>
<td width="14%"><input type="text" name="ar['.$id.'][title]" maxlength="50" value="'.$title.'"></td>
<td width="20%"><input type="text" name="ar['.$id.'][name]" maxlength="50" value="'.$name.'"></td>
<td width="30%"><input type="text" name="ar['.$id.'][Detail]" maxlength="100" value="'.$Detail.'"></td>
</tr>
</table>
';}
?>
<input type="submit" name="submit" id="submit" value="Submit">
</form>
<?php
include("../db.php");
global $db;
if(isset($_POST['submit'])){
foreach($_POST['ar'] as $id=>$dat){
$date = mysqli_real_escape_string($dbh,$dat['date']);
$title = mysqli_real_escape_string($dbh,$dat['title']);
$name = mysqli_real_escape_string($dbh,$dat['name']);
$Detail = mysqli_real_escape_string($dbh,$dat['Detail']);
$id = mysqli_real_escape_string($dbh,$id]);
// update data in mysql database
$update = mysqli_query($dbh,"UPDATE ppad SET date='$date', month='$month', name='$name', Detail='$Detail' WHERE id = '$id'");
}
// if successfully updated.
}
?>
I have a simple, unsecured, local database that I'm learning with (yes still using MySQL for now) I can view my database rows in a table and click on an edit button which then displays the single record chosen with each column inside a text box to update and save. Here is my edit page.
<?php
$id = $_GET['id'];
$connect = mysql_connect("localhost", "XXXXXX", "XXXXXXX") or
die ("Check your connection.");
mysql_select_db("toner");
$quey1="select * from inventory where id ='".$id."'";
$result=mysql_query($quey1) or die(mysql_error());
?>
<html>
<form action="updateinfo.php" method="post">
<table>
<?php
while ($row=mysql_fetch_array($result))
{
?>
<tr>
<td align="right">Partnumber:</td>
<td align="left"><input type="text" name="partnumber" value="<?php echo $row['partnumber'];?>"/></td>
</tr>
<tr>
<td align="right">Description:</td>
<td align="left"><input type="text" name="description" value="<?php echo $row['description'];?>"/></td>
</tr>
<tr>
<td align="right">Vendor:</td>
<td align="left"><input type="text" name="vendor" value="<?php echo $row['vendor'];?>"/></td>
</tr>
<tr>
<td align="right">Price:</td>
<td align="left"><input type="text" name="price" value="<?php echo $row['price'];?>"/></td>
</tr>
<tr>
<td align="right">Quantity:</td>
<td align="left"><input type="text" name="quantity" value="<?php echo $row['quantity'];?>"/></td>
</tr>
</table>
<br>
<input type="hidden" name="id" value="<?php echo $row['id'];?>"/>
<input type="submit" value="Edit/Update Toner">
<?php
}
?>
</form>
</html>
Here is my UPDATED updateinfo
<?php
mysql_connect("localhost","XXXXX","XXXXX") or die("Error: ".mysql_error());
mysql_select_db("toner");
$id =$_POST['id'];
$partnumber = $_POST['partnumber'];
$description = $_POST['description'];
$vendor = $_POST['vendor'];
$price = $_POST['price'];
$quantity = $_POST['quantity'];
$sql = "UPDATE inventory SET partnumber ='".$partnumber."',description ='".$description."',vendor ='".$vendor."',price ='".$price."',quantity ='".$quantity."' WHERE id ='".$id."'";
mysql_query($sql) or die ("Error: ".mysql_error());
echo "Updated successfully";
header( "refresh:10;url=toner.php" );
?>
After adding a primary key I'm able to update the DB however $id = $_POST['id']; still gives an error, any assistance is appreciated. Thanks. Yes I'm aware its vulnerable to injection and that I should be using PDO or MySQLi but I'm still a beginner and this is where I've chosen to start learning. Thank you.
the problem is because of partnumber,here you are again reseting the partnumber but the new one is not present in your database and because of that query does not update the new values.
$sql = "UPDATE inventory SET description ='".$description."',vendor ='".$vendor."',price ='".$price."',quantity ='".$quantity."' WHERE partnumber = '".$partnumber."'";
Solution
Don't again set the partnumber use it only in where clause.
I have an update page where I check the title of the employee whether he is a doctor or a nurse. If the employee is a doctor/nurse an HTML form will be shown, if not a doctor/nurse, patient information will only be displayed and cannot be edited. But my code somehow skips the part where I wanted to display the form even if I am logged in as a doctor/nurse. Can you please help me with this....
<?php
$a=$_SESSION['employeeID'];
$title="SELECT title FROM employee WHERE employeeID = '$a'";
if($title == 'nurse' OR $title == 'doctor')
{
echo '<form method="post" id="customForm" action="add_assessment.php">
<table>
<input type="hidden" name="res_id" value="' . $_GET['res_id'] . '" />
<tr>
<td><label for="name"><font style="color:white">Symptoms</font><font style="color:gray"></font></label>
<input id="name" name="symptoms" type="text" /></td>
<td><label for="name"><font style="color:white">Respiratory Rate</font></label>
<input id="name" name="respiratoryRate" type="text" /></td>
<td><label for="name"><font style="color:white">Temperature</font> <font style="color:gray"></font></label>
<input id="name" name="temperature" type="text" /></td>
</tr>
<tr>
<td><label for="name"><font style="color:white">Blood Pressure</font></label>
<input id="name" input name="bloodPressure" type="text" class="input2"/></td>
<td><label for="name"><font style="color:white">Pulse Rate</font></label>
<input id="name" input name="pulseRate" type="text" /></td>
</tr>
<tr>
<td><label for="name"><font style="color:white">Chief Complaint</font></label>
<input id="name" input name="complaint" type="text" class="input2"/></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input id="send" name="send" type="submit" value="Submit" /></td>
</tr>
</table>
</form>';
}
else
{
$host="localhost";
$username="root";
$password=""; // password
$db_name="rhu"; // Database name
$tbl_name="assessment"; // Table name
mysql_connect("$host", "$username", "$password");
mysql_select_db("$db_name");
$id = $_GET['res_id'];
$sql = mysql_query("SELECT * FROM assessment WHERE patientID='$id'");
while($row = mysql_fetch_array($sql))
{
echo "<p>ID: ".$id."</p>";
echo "<p>Assessment ID: ".$row['assessmentID']."</p>";
echo "<p>Symptoms: ".$row['symptoms']."</p>";
echo "<p>Respiratory Rate: ".$row['respiratoryRate']."</p>";
echo "<p>Temperature: ".$row['temperature']."</p>";
echo "<p>Blood Pressure: ".$row['bloodPressure']."</p>";
echo "<p>Pulse Rate: ".$row['pulseRate']."</p>";
echo "<p>Complaints: ".$row['complaint']."</p>";
echo "<p>Date: ".$row['date']."</p>";
echo "<br>";
}
}
?>
In its current state, you are simply assigning a string to the variable $title. You are literally saying that $title is the string "SELECT title FROM employee WHERE employeeID = '$a'"; therefore it is skipping the if($title == 'nurse' OR $title == 'doctor').
You are also not executing a MySQL query, try this first
$a=$_SESSION['employeeID'];
$sql = mysql_query("SELECT title FROM employee WHERE employeeID = '"$a"'");
while($row = mysql_fetch_array($sql)){
$title = $row['title'];
if($title == 'nurse' OR $title == 'doctor')
{
echo....
You should also note that mysql_* is deprecated and will be phased out of PHP as a solution in the future. To future-proof your code, consider using mysqli or PDO transactions.
You can try like this--
$sql = mysql_query("SELECT title FROM employee WHERE employeeID = '$a'");
while($row = mysql_fetch_array($sql)){
$title = $row['title'];
if($title == 'nurse' OR $title == 'doctor')
{
...continue you coding
I am running while loop and fetch 3 records from database. and then update it on same page. Every record have submit button. But after edit when i submit the form it catchs the values of last record only and update other rows with the last record values. Please if somebody help me out i'll be very thankful. Remember it catches the exact (id) but the other parameters are only of last row.
<form method="post" action="">
<table width="700" border="1">
<tr><th><?php echo $_SESSION['teamtwo']; ?></th></tr>
<tr>
<th>Player Name</th>
<th>Runs</th>
<th>Edit</th>
<th>Save</th>
</tr>
<?php
$team = new DBConnection();
$condition = "WHERE teamname = '".$_SESSION['teamtwo']."' and datecreated = CURDATE()";
$sel_player = $team->SelectRecord(array("*"),"`match`","$condition");
//$sel_player = mysql_query("SELECT * FROM `match` WHERE teamname = '$team1' and datecreated = CURDATE()") or die(mysql_error());
while($get_player = mysql_fetch_array($sel_player))
{
$totalruns = $get_player['runs_bat'];
$totalballs = $get_player['ball_bat'];
#$strike = $totalruns / $totalballs * 100;
?>
<tr>
<td><input type="text" name="player_name" value="<?php echo $get_player['player_name']; ?>" disabled="disabled" /></td>
<td><input type="text" name="runs" value="<?php echo $get_player['runs_bat']; ?>" size="1" /></td>
<td><button>Edit</button></td>
<td><input type="submit" value="Save" name="team" /></td>
</tr>
<?php
} ?>
</table>
</form>
<?php } ?>
</div>
</div>
</body>
</html>
<?php
if(isset($_POST['team'])){
$runs = $_POST['runs'];
$balls = $_POST['ball'];
$object = new DBConnection();
$arr_Field=array("runs_bat","ball_bat","player_status","how_out","opposite_bowl","opposite_player","sr","overs","bowl_ball","runs_ball","extra","madien");
$arr_Values=array("$runs","$balls","$status","$how_out","$opposite_bowler","$opposite_player","$sr","$over","$bowls","$score","$extra","$madien");
$condition = "WHERE id = '".$_REQUEST['player']."'";
//echo $_REQUEST['player'];
//echo $runs.$balls;
$object->UpdateRecord("`match`",$arr_Field,$arr_Values,"$condition") or die(mysql_error());
//header("Location:extra.php?update");
}
the problem is you are having one form and when you submit the form it will submit the last rows values because you are having same name for all 3 rows inside 1 form.
Solution:-
Create form element inside the while loop and close it inside the while loop itself . Like this you will have 3 forms each for 3 rows.
Code Example:-
while($get_player = mysql_fetch_array($sel_player))
{
$totalruns = $get_player['runs_bat'];
$totalballs = $get_player['ball_bat'];
#$strike = $totalruns / $totalballs * 100;
?>
<form>
<tr>
<td><input type="text" name="player_name" value="<?php echo $get_player['player_name']; ?>" disabled="disabled" /></td>
<td><input type="text" name="runs" value="<?php echo $get_player['runs_bat']; ?>" size="1" /></td>
<td><button>Edit</button></td>
<td><input type="submit" value="Save" name="team" /></td>
</tr>
</form>
<?php
} ?>
1.
you need to make input array in while because name attribute is overwriting in loop
<td><input type="text" name="player_name[<?php echo $get_player['id']?>]" value="<?php echo $get_player['player_name']; ?>" disabled="disabled" /></td>
<td><input type="text" name="runs[<?php echo $get_player['id']?>]" value="<?php echo $get_player['runs_bat']; ?>" size="1" /></td>
2.
you have all text boxes mean if press submit button of one row, then also you will get all textboxes as php side so make hidden variable in form to get which button clicked
//write javascript in your page
<script>
function setPlayerId(id) {
document.getElementById('playerid').value=id;
}
</script>
//take hidden field into form
<input type='hidden' name='playerid' value='0'>
//write down onlick button event
<input type="submit" value="Save" name="team" onClick="setPlayerId('<?php <?php echo $get_player['id']?>?>')"/>
3.
Now in php you will get that as below
echo $_POST['player_name'][$_POST['playerid']];
// same way you can do your insert or update.
this code must work
<form method="post" action="">
<table width="700" border="1">
<tr><th><?php echo $_SESSION['teamtwo']; ?></th></tr>
<tr>
<th>Player Name</th>
<th>Runs</th>
<th>Edit</th>
<th>Save</th>
</tr>
<?php
$team = new DBConnection();
$condition = "WHERE teamname = '".$_SESSION['teamtwo']."' and datecreated = CURDATE()";
$sel_player = $team->SelectRecord(array("*"),"`match`","$condition");
//$sel_player = mysql_query("SELECT * FROM `match` WHERE teamname = '$team1' and datecreated = CURDATE()") or die(mysql_error());
while($get_player = mysql_fetch_array($sel_player))
{
$totalruns = $get_player['runs_bat'];
$totalballs = $get_player['ball_bat'];
#$strike = $totalruns / $totalballs * 100;
?>
<tr>
<td><input type="text" name="player_name" value="<?php echo $get_player['player_name']; ?>" disabled="disabled" /></td>
<td><input type="text" name="runs<?=$get_player['id']?>" value="<?php echo $get_player['runs_bat']; ?>" size="1" /></td>
// you didnt write this i added
<input type="text" name="ball<?=$get_player['id']?>" value="<?php echo $get_player['ball_bat']; ?>" size="1" />
<td><button>Edit</button></td>
<td><input type="submit" value="Save" name="team" /></td>
</tr>
<?php
} ?>
</table>
</form>
<?php } ?>
</div>
</div>
</body>
</html>
<?php
if(isset($_POST['team'])){
$runsname = 'runs'.$_GET['player'];
$ballsname = 'ball'.$_GET['player'];
$runs = $_POST[$runsname];
$balls = $_POST[$ballsname];
$object = new DBConnection();
$arr_Field=array("runs_bat","ball_bat","player_status","how_out","opposite_bowl","opposite_player","sr","overs","bowl_ball","runs_ball","extra","madien");
$arr_Values=array("$runs","$balls","$status","$how_out","$opposite_bowler","$opposite_player","$sr","$over","$bowls","$score","$extra","$madien");
$condition = "WHERE id = '".$_REQUEST['player']."'";
//echo $_REQUEST['player'];
//echo $runs.$balls;
$object->UpdateRecord("`match`",$arr_Field,$arr_Values,"$condition") or die(mysql_error());
//header("Location:extra.php?update");
}
-------EDIT-------
hi guys, seeing that you solved this problem for me, i thought it would be a good idea to solve the same problem again but on a different page. i cannot get the image to show up.
<?php
$id = $_GET['product_id'];
$query = mysql_query("SELECT * FROM products WHERE serial = '$id'")
or die(mysql_error());
while($info = mysql_fetch_array($query)) {
echo "";
$name = $info['name'];
$description = $info['description'];
$price = $info['price'];
$picture = $info['picture'];
}
?>
<form action="editsuccess.php?product_id=<?php echo $id; ?>" method="post">
Product ID:<br/>
<input type="text" value="<?php echo $id;?>" name="product_id" disabled/>
<br/>
Name:<br/>
<input type="text" value="<?php echo $name;?>" name="name"/>
<br/>
Description:<br/>
<input type="text" value="<?php echo $description;?>" name="description"/>
<br/>
Price:<br/>
<input type="text" value="<?php echo $price;?>" name="price"/>
<br/>
Picture:<br/>
<? echo'<img src="../getImage.php?id=' . $info['serial'] .'"/>'?>
</br>
<input type="submit" value="Update Product"/>
</form>
This is a page where an admin can edit a product from a row in a table.
The image is not showing up for some reason.
Thanks for any suggestions.
------EDIT ENDS HERE--------
I still cannot get my PHP image to show up even after following the right method in uploading an image to the database. the following code is for displaying the image:
<form name="form1">
<input type="hidden" name="productid" />
<input type="hidden" name="command" />
</form>
<table border="0" cellpadding="2px" width="600px">
<?
$result=mysql_query("select * from products");
while($row=mysql_fetch_array($result)){
?>
<tr>
<td><?php '<img src="getImage.php?id=' . $row['serial'] .'"/>'
?>
</td>
<td> <b><?=$row['name']?></b><br />
<?=$row['description']?><br />
Price:<big style="color:green">
£<?=$row['price']?></big><br /><br />
<input type="button" value="Add to Cart" onclick="addtocart(<?=$row['serial']?>)" />
</td>
</tr>
<tr><td colspan="2"><hr size="1" /></td>
<? } ?>
</table>
the getImage.php looks like this:
...
$link = mysql_connect($host, $user, $passwd);
mysql_select_db($dbName);
$query = 'SELECT picture FROM products WHERE serial="' . $_GET['id'] . '"';
$result = mysql_query($query,$link);
$row = mysql_fetch_assoc($result);
echo $row['picture'];
?>
only the name, description and price is showing up on the webpage. my MySQL table looks like this:
serial
name
description
price
picture (blob)
You are not setting the correct Content-type header before echoing out the image data.
You MUST also escape the $_GET['id'] parameter.
// Escape $id
$id = mysql_real_escape_string($_GET['id']);
$link = mysql_connect($host, $user, $passwd);
mysql_select_db($dbName);
// Use the escaped $id
$query = "SELECT picture FROM products WHERE serial='$id'";
$result = mysql_query($query,$link);
if ($result) {
$row = mysql_fetch_assoc($result);
// Set the Content-type
// This assumes image/jpeg. If you have different image types,
// you'll need logic to supply the correct MIME type
// image/jpeg image/png image/gif, etc
header("Content-type: image/jpeg");
echo $row['picture'];
}
?>
In your main script, it looks like you are merely missing an echo
<td><?php '<img src="getImage.php?id=' . $row['serial'] .'"/>'
// Should be
<td><?php echo '<img src="getImage.php?id=' . $row['serial'] .'"/>'
// ------^^^^^^