I've got an admin area where the admins can set the level of repair and it shows on a progress bar in the users area. I have it all working apart from updating the mySQL database to the value submitted.
My database has a table called 'users' and fields 'UserID', 'Username', 'Password', 'progress', 'admin'.
Here is the code I'm using to try and make the magic happen:
<?php
$query="SELECT * FROM users";
$result=mysql_query($query);
$num=mysql_numrows($result);
?>
<form id="chooseuseredit" method="post" action="<?php echo $PHP_SELF;?>">
<select name="ChooseUser">
<?php
$i=0;
while ($i < $num) {
$f1=mysql_result($result,$i,"UserID");
$f2=mysql_result($result,$i,"Username");
$f3=mysql_result($result,$i,"progress");
$f4=mysql_result($result,$i,"admin");
?>
<option value="<?php echo $f1; ?>"><?php echo $f2; ?></option>
<?php
$i++;
}
?>
</select>
<input type="submit" name="chooseSubmit" id="chooseSubmit" value="Choose User" />
</form>
<?php
if(isset($_POST['chooseSubmit']) )
{
$varID = $_POST['ChooseUser'];
$errorMessage = "Jesus Christ Benton, Choose a User!!";
?>
<br>
<p><strong>Editing UserID: <?php echo "$varID"; ?></strong></p>
<p>Progress:<br>
<form name="edituserform" method="post" action="<?php echo $PHP_SELF;?>">
<select name="editinguser">
<option value="0">Phone Not Recieved</option>
<option value="20">Phone Recieved</option>
<option value="40">Parts Recieved</option>
<option value="60">Repair Started</option>
<option value="80">Repair Finished</option>
<option value="100">Posted Back</option>
</select>
<input type="hidden" name="edituserid" id="edituserid" value="<?php echo "$varID"; ?>" />
<input type="submit" name="edituser" id="edituser" value="Edit" />
</form>
<?php
if(isset($_POST['edituser'])){
$add = $_POST['edituser'];
$varIDe = $_POST['edituserid'];
$errorMessage = "Jesus Christ Benton, Choose a User!!";
$query1 = mysql_query("UPDATE users SET progress = $add WHERE UserID = $varIDe");
mysql_query($query1) or die("Cannot update");
echo $add;
echo $varIDe;
}
?>
<?php
}
?>
I'm not sure if the variables are working or not, or if it's the way I've used the submit button before? Its got me a little stumped.
You're query should be
$query1 = mysql_query("UPDATE users SET progress = '$add' WHERE UserID = $varIDe");
Don't forget the quotes
and it would be best to change your
mysql_query($query1) or die("Cannot update");
to mysql_query($query1) or die("MySQL ERROR: ".mysql_error());
to get it to display errors
edit
Found a few errors
mysql_numrows should be mysql_num_rows
and major error
$query1 = mysql_query("UPDATE users SET progress = $add WHERE UserID = $varIDe");
is running a query, change it to
$query1 = "UPDATE users SET progress = '".$add."' WHERE UserID = '".$varIDe."'";
I think your getting the wrong variable
if(isset($_POST['edituser'])){
$add = $_POST['edituser']; // this is a button
should be :
if(isset($_POST['editinguser'])){
$add = $_POST['editinguser']; // this is a select list
But please read the following about SQL Injection
When something's going wrong, with respect to query, you better debugging, adding one: or die ( mysql_error ( ) ) ; and then the error message is displayed.
$query1 = mysql_query("UPDATE `users` SET `progress` = '".$add."' WHERE UserID = '".$varIDe."'");
if(mysql_query($query1))
{
//DO SOME ACTION
}
else
{
die(mysql_error());
}
Related
There are 02 tables called item and customer.
item(item_id, item_name)
customer(cus_id, iid, cus_name)
I just tried to store item_id from item to the iid in the customer.
but it always showing null values.
My database is item_sales.
Here is my PHP code
<html>
<title></title>
<head></head>
<body>
<?php
$hostname = "localhost";
$database = "item_sales";
$username = "root";
$password = "";
$con = mysql_pconnect($hostname, $username, $password);
error_reporting(0);
?>
<form action="index.php" method="post" enctype="multipart/form-data">
<p>Customer Name : <input type="text" name="cus_name" /><br/><br/> </p>
<p>Select an Item:
<select name="iid">
<?php
$sql = mysql_query("SELECT * FROM item");
mysql_select_db($database,$con);
while($sqlv = mysql_fetch_array($sql))
{ ?>
<option id="<?php echo $sqlv['item_id']; ?>"><?php echo $sqlv['item_name']; ?></option>
<?php } ?>
</select>
</p>
<?php
if(isset($_POST['submit']))
{
$sql2 = "SELECT * FROM item WHERE iid='%item_id%'";
mysql_select_db($database,$con);
$mydata = mysql_query($sql2);
$cus_name = $_POST['cus_name'];
$sql3 = "INSERT INTO customer (cus_id, iid, cus_name) VALUES ('', '$_POST[iid]', '$cus_name')";
mysql_query($sql3);
}
?>
<input type="submit" name="submit" value="Add Sale" />
</form>
</body>
</html>
The reason it is not working is that you are attempting to save the iid select into the iid field, and I'm guessing the iid field in customer is a numeric type field, like INT - using the POST variable like this, you are going to be saving the text of the SELECT rather than the val.
What you need to do to fix this particular problem is set a "value" on each of the select options. You've set an ID but thats no real help here.
<select name="iid">
<?php
$sql = mysql_query("SELECT * FROM item");
mysql_select_db($database,$con);
while($sqlv = mysql_fetch_array($sql))
{ ?>
<option value="<?php echo $sqlv['item_id']; ?>"><?php echo $sqlv['item_name']; ?></option>
<?php } ?>
</select>
This is besides the point your code is very dangerous. I would recommend you do not use the original mysql functions as, 1) they don't offer any real protection from malicious users, and 2) they will be removed from PHP support very soon.
See this SO article on how to replace the mysql functionality from your PHP code : How can I prevent SQL injection in PHP?
That article also might help you understand the dangers your code offers.
The correct code is following :
<html>
<title></title>
<head></head>
<body>
<?php
$hostname = "localhost";
$database = "item_sales";
$username = "root";
$password = "";
$con = mysql_pconnect($hostname, $username, $password);
error_reporting(0);
?>
<form action="index.php" method="post" enctype="multipart/form-data">
<p>Customer Name : <input type="text" name="cus_name" /><br/><br/> </p>
<p>Select an Item:
<select name="iid">
<?php
$sql = mysql_query("SELECT * FROM item");
mysql_select_db($database,$con);
while($sqlv = mysql_fetch_array($sql))
{ ?>
<option value="<?php echo $sqlv['item_id']; ?>"><?php echo $sqlv['item_name']; ?></option>
<?php } ?>
</select>
</p>
<?php
if(isset($_POST['submit']))
{
$sql2 = "SELECT * FROM item";
mysql_select_db($database,$con);
$mydata = mysql_query($sql2);
$cus_name = $_POST['cus_name'];
$iid = $_GET['item_id'];
$sql3 = "INSERT INTO customer (cus_id, iid, cus_name) VALUES ('', '$_POST[iid]', '$cus_name')";
mysql_query($sql3);
}
?>
<input type="submit" name="submit" value="Add Sale" />
</form>
</body>
</html>
can anybody post an code for option list which can retrieve data dynamically from database, and once user selects from option list a record, that record must post it ($_POST) to database.. !!
ive tried this, it retrieves records from db, but not posting it :
<?php
require_once "db.php";
if (isset($_POST['a_id']) {
$a = $_POST ['a_id'];
$sql = "INSERT INTO projektet
VALUES ('$a')";
mysql_query($sql);
}
HERE IS THE PART SEEMS NOT WORKING :
<form method="post">
<select name="a_id">
<?php
$host="localhost";
$username = 'root';
$password = "";
$con = mysql_connect($host,$username,$password);
mysql_select_db('naho',$con);
// Checking connection
if (!$con){
echo ("Failed to connect to MySQL:. " .mysql_error($con));
}
else {
echo("db connect");
}
$result = mysql_query("SELECT * from `arqitekti`");
if($result == FALSE) {
die(mysql_error()); // TODO: better error handling
}
while($row=mysql_fetch_array($result)){
?>
<option value="<?php '.row[a_id];'?>"><?php echo $row["a_emri"];?></option>
<?php }
?>
</select>
<input type="submit" value="submit"/>
</form>
<option value="<?php '.row[a_id];'?>"><?php echo $row["a_emri"];?></option>
This line looks strange... Shouldn't it be:
<option value="<?php echo $row[a_id]; ?>"><?php echo $row["a_emri"];?></option>
I think that your code is POSTing, but it wasn't getting any value because of the value declaration on the options of the select. After that change it should work.
PS: If your POST code isn't in the same page as your HTML, it's <form method="POST" action="YOUR_PAGE">, not only <form method="POST">.
I'm trying to create a form that allows a user to select a field from a drop down box and then change what is currently written in the field.
My current code allows me to view the drop down list select the field I want to change and then enter my new text into a box. But when I click update, nothing happens.
<?php
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
$query = "SELECT * FROM news_updates";
$result=mysql_query($query) or die("Query Failed : ".mysql_error());
$i=0;
while($rows=mysql_fetch_array($result))
{
$roll[$i]=$rows['Text'];
$i++;
}
$total_elmt=count($roll);
?>
---------------------------------------------------------Now I have the form
<form method="POST" action="">
Select the news post to Update: <select name="sel">
<option>Select</option>
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option><?php
echo $roll[$j];
?></option><?php
}
?>
</select><br />
Text Field: <input name="username" type="text" /><br />
<input name="submit" type="submit" value="Update"/><br />
<input name="reset" type="reset" value="Reset"/>
</form>
-----------------------------------------------Now I have the update php
<?php
if(isset($_POST['submit']))
{
$username=$_POST['username'];
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
$result2=mysql_query($query2) or die("Query Failed : ".mysql_error());
echo "Successfully Updated";
}
?>
Well, you seem to be missing the $value part. Something like this should do, for the last part:
<?php
if(isset($_POST['submit']))
{
$username = mysql_real_escape_string($_POST['username']);
$value = mysql_real_escape_string($_POST['sel']);
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
echo $query2; //For test, to see what is generated, and sent to database
$result2=mysql_query($query2) or die("Query Failed : ".mysql_error());
echo "Successfully Updated";
}
?>
Also, you should not use mysql_* functions as they are deprecated. You should switch to mysqli or PDO.
First, try adding a value to your options, like so:
for($j=0;$j<$total_elmt;$j++)
{
?>
<option value="<?php echo $roll['id']; ?>"><?php echo $roll['option_name']; ?></option>
<?php
}
Then, when you parse your file, go like so:
$value = $_POST['sel']; // add any desired security here
That should do it for you
You need to change this
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option><?php
echo $roll[$j];
?></option><?php
}
to this
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option value="<?php echo $roll[$j];?>"> <?php echo $roll[$j];?></option> <?php
}
And you also need to change the update query from this
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
to this
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='".$_POST['sel']."'";
N. B.: Here I am assuming that $_POST['sel'] has the value selected by the user from the drop down menu because I could not find anything which corresponds to $value
I have a problem with a delete from database..So, I have:
<?php
include('createdb.php');
if(!empty ($_POST['tribuna']))
{
$delete = mysql_query("DELETE FROM tb_tribuna WHERE id = '".$_POST['tribuna']."';");
header("Location:index.php?a=buy"); //redirect
exit;
}
?>
<form id="formid" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<label>Tribuna :</label> <select name="tribuna" class="tribuna">
<option selected="selected">-Select-</option>
<?php
$sql=mysql_query("select id,tribune_number from tb_tribuna ");
while($row=mysql_fetch_array($sql))
{
$id=$row['id'];
$tribune_number=$row['tribune_number'];
echo '<option value="'.$id.'">'.$tribune_number.'</option>';
} ?>
</select><br/><br/>
<input name="delete" type="submit" id="delete" value="Delete">
</form>
When I push on submit nothing happens...
I want that when I select an option and when I press delete to delete from the database row...
Help plizzz friends..
Assuming that "createdb.php" has the correct database connection information:
$conn = mysql_connect("$host","$db_uid","$db_pwd");
mysql_select_db("$db", $conn);
make your delete function look like this:
$sql = "DELETE FROM tb_tribuna WHERE id = '$_POST[tribuna]' ";
$result = mysql_query($sql, $conn) or die(mysql_error());
You need to pass the db connection to mysql_query.
And add "or die mysql_error()" to your mysql statements so that when something doesn't work, you get an error message that helps point you to where the problem is.
I'm creating a task management list for a project. I've created a form to add each task and echo it into a list.
I want to add a select tag to the form that will allow the user to select the size of the task (small, medium, large or extra large).
My database is set up with 3 columns a unique key that auto increments, description and status.
I want to manipulate the value of the the status at the same time I enter the description. For example selecting "small" from the drop down will give the task entered a value of "1" and a different appearance in the list than a description with a status of "2".
Any feedback is greatly appreciated!!
Here is the code I have:
<?php
mysql_connect('localhost', 'root', 'root');
$query = "INSERT INTO `project1`.`tasklist` (
`key` ,
`description` ,
`status`
)
VALUES (
NULL , '".$_GET["newToDo"]."', '".$_GET["status"]."'
);";
mysql_query($query);
header('Location: index.php');
?>
<?php
mysql_connect('localhost', 'root', 'root');
foreach($_GET['toDone'] as $toDoKey) {
$query = "UPDATE `project1`.`practice` SET `status` = '0' WHERE `tasklist`.`key` =".$toDoKey.";";
mysql_query($query);
}
header('Location: index.php');
?>
<h1>Get stuff done!</h1>
<form action = "secondary.php" method="GET">
<label for="newToDo">New To Do:</label>
<input type="text" name="newToDo" id="newToDo" />
<select name="taskSize">
<option value="small" selected="selected">Small</option>
<option value="medium">Medium</option>
<option value="large">Large</option>
<option value="extraLarge">X-Large</option>
</select>
<input type="submit" />
</form>
<h2>to do</h2>
<form action="toDone.php" method="GET">
<ul>
<?php
mysql_connect('localhost', 'root', 'root');
$query = "SELECT * FROM `project1`.`tasklist` WHERE `status` = 1";
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result)) {
echo $row['description'];
echo "</li>";
}
?>
</ul>
<input type="submit" />
<h2>done</h2>
<ul id="dunzo">
<?php
$query = "SELECT * FROM `project1`.`tasklist` WHERE `status` = 0";
$result = mysql_query($query);
while ($row = mysql_fetch_assoc($result)) {
echo "<li>";
echo $row['description'];
echo "</li>";
}
?>
</ul>
What I want is to change how each new row in the list looks based on what is selected in the dropdown.
Dude just one thing to add to your code..
Deprecation of mysql_ functions