thanks now I have a error code HY093 Invalid parameter number after using the renameit SUBMIT button. Any idea why? thanks
Any help would be appreciated. Thanks a lot.
<?php
// init
include("db_con1.php");
require("menu.php");
// modify distribution list name
if(is_numeric($_GET['gid'])) {
$g_id=$_GET['gid'];
$one = $pdo->prepare('SELECT * FROM contactgroups WHERE id=:gid');
$one->bindParam(':gid', $g_id, PDO::PARAM_INT);
if( $one->execute(array(':gid' => $_GET['gid'])) ) {
$result = $one->fetch();
}
}
// distribution list query
$queryl = $pdo->prepare('SELECT id, gr_name FROM contactgroups WHERE status=1 ORDER BY gr_name ASC');
$queryl->execute();
// Members list query
if (isset($_GET['gid'])) {
$g_id=$_GET['gid'];
$querym = $pdo->prepare('SELECT STRAIGHT_JOIN gm.linktype, if( gm.linktype = "group", cg.gr_name, cm.contact_sur ) mname FROM groupmembers gm LEFT JOIN contactgroups cg ON gm.link_id = cg.id LEFT JOIN contactmain cm ON gm.link_id = cm.id WHERE gm.group_id =:gid ORDER BY mname ASC');
$querym->bindParam(':gid', $g_id, PDO::PARAM_INT);
$querym->execute();
}
// distribution list query
$queryr = $pdo->prepare('SELECT * FROM contactmain WHERE status=1 ORDER BY contact_sur ASC');
$queryr->execute();
This is what should but does not work...
if (isset($_POST['renameit'])) {
$ren = htmlspecialchars($_POST['rename']);
$g_id = $_GET['gid'];
if ($g_id !== '' && is_numeric($g_id)) { // Change that first to == if gid != 0 as well
$sqlren = "UPDATE contactgroups SET gr_name = :rename WHERE id = :gid";
$sqlren = $pdo->prepare($sqlren);
$sqlren->bindValue(':rname', $ren); // <<< Is this supposed to be :ren?
$sqlren->bindValue(':gid', $g_id);
if ($sqlren->execute()) {
echo "<meta http-equiv=\"refresh\" content=\"0;URL=groups.php\">";
} else {
//Query failed.
$errorcode = $sqlren->errorCode();
echo $errorcode;
}
} else {
echo 'gid not provided'; // Or something
}
}
?>
and this is the HTML bit:
<form id="group-in" method="post" action="groups.php">
Add new Distribution group: <input type="text" name="newgroup" placeholder="name..."> <input type="submit" name="createit" value="Create new">
Rename groupname: <input type="text" name="rename" value="<?php echo $result['gr_name']; ?>"> <input type="submit" name="renameit" value="Rename">
</form>
<!-- Distribution list -->
<div id="left"><label class="header">Distribution list</label>
<ul>
<?php foreach ($queryl as $i => $rowl) { ?>
<li >
<?php if ($i)?>
<input name="checkbox1_add[]" id="dist_<?php echo $i ?>" type="checkbox" value="<? echo $rowl['id']; ?>" />
<label for="groups_<?php echo $i ?>">
<a href="groups.php?gid=<?php echo $rowl['id']; ?>" <?php $g_id=$_GET['gid']; if ($g_id==$rowl['id']) echo 'class="bold"'; ?> >
<?php echo $rowl['gr_name']; ?>
</a></label>
</li>
<?php } ?>
</ul>
</div>
sorry for the long code but I think I loose this $_GET somehow after selecting the distribution item.
Shouldn't you be doing something like this?
if (isset($_POST['renameit'])) {
$ren = htmlspecialchars($_POST['rename']);
$g_id = $_GET['gid'];
if ($g_id !== '' && is_numeric($g_id)) { // Change that first to == if gid != 0 as well
$sqlren = "UPDATE contactgroups SET gr_name = :ren WHERE id = :gid";
$sqlren = $pdo->prepare($sqlren);
$sqlren->bindValue(':rname', $ren); // <<< Is this supposed to be :ren?
$sqlren->bindValue(':gid', $g_id);
if ($sqlren->execute()) {
echo "<meta http-equiv=\"refresh\" content=\"0;URL=groups.php\">";
} else {
//Query failed.
$errorcode = $sqlren->errorCode();
echo $errorcode;
}
} else {
echo 'gid not provided'; // Or something
}
}
Also, if it's always going to be an integer, you could use:
$g_id = (int)$_GET['gid'];
But you would need to be careful with things that evaluate to 0 and check for it in your if statement:
if ($g_id > 0) {
Assuming 0 is not a valid gid value.
EDIT
Looking at your markup and form, this all seems confused.
For instance, your PHP code is using GET, but your code here is not including the gid in the ACTION attribute. (Also, you really should use two different forms for this, IMO.)
<form id="group-in" method="post" action="groups.php?gid=<?php echo $g_id;?>">
Add new Distribution group:
<input type="text" name="newgroup" placeholder="name...">
<input type="submit" name="createit" value="Create new">
</form>
<form id="group-in" method="post" action="groups.php?gid=<?php echo $g_id;?>">
Rename groupname:
<input type="text" name="rename" value="<?php echo $result['gr_name']; ?>">
<input type="submit" name="renameit" value="Rename">
</form>
However, your comment seems to suggest that multiple checkboxes can be checked to rename a group? But then you don't have a FORM tag around it:
<!-- Distribution list -->
<div id="left"><label class="header">Distribution list</label>
<form id="group-in" method="post" action="groups.php">
<ul>
<?php foreach ($queryl as $i => $rowl) { ?>
<li >
<?php if ($i)?>
<input name="checkbox1_add[]" id="dist_<?php echo $i ?>" type="checkbox" value="<? echo $rowl['id']; ?>" />
<label for="groups_<?php echo $i ?>">
<a href="groups.php?gid=<?php echo $rowl['id']; ?>" <?php $g_id=$_GET['gid']; if ($g_id==$rowl['id']) echo 'class="bold"'; ?> >
<?php echo $rowl['gr_name']; ?>
</a></label>
</li>
<?php } ?>
</ul>
</form>
</div>
The challenge that you're going to have here is that you need to loop through that $_POST['gid'] array, whereas the first single group rename you key off of the gid in the GET. I would suggest organizing your code into a Group/Groups object(s) and use a Model/View/Controller (MVC) pattern to organize your code.
Are you saying that you can't get $_GET['gid'] after you submit the group-in form?
Because if that's the case, what you have to do is create a hidden input with your gid value so it can be available in $_POST.
Without putting much thought to what you're trying to do, I can tell you that you simply can't have code using $_GET and $_POST simultaneously.
Update: I don't think you understood what I meant. But Jared is already doing a better job explaining what is wrong with your code, so I guess I won't repeat it.
Related
I want to show a list of all entries where the column "approved" is "no" and then place a button next to it that when clicked will change the "approved" to a "yes". I ran this through code checker and fixed a few issues with brackets and such. It now tells me there are no errors so something else is just not working with this. It is probably something small that I am missing (I hope). Can anyone help me find/understand what part of this is incorrect... and/or if there is a better way to achieve what I'm wanting?
<?php
//select the database to write to
$unapprovedsires = mysql_query("SELECT * FROM nominatedsires WHERE approved = 'no'");
//While loop to cycle through the rows
while($row = mysql_fetch_assoc($unapprovedsires)){
$sirename = $row['sirename'];
echo $sirename;}
?>
<ul class="admin-fields">
<?php
foreach($row as $field){
if(empty($field)){
echo "....";
}
print '<li>' .$field.' </li>';
}//End For Each Loop
//print $sirename;
?>
</ul>
<p>
<?php
if(isset($_POST['approve'])){
mysql_query("UPDATE nominatedsires SET approved = 'yes' WHERE sirename = '.$sirename.'") or die ("Something went wrong");
}
?>
<ul>
<li>
<form method="post">
<input type="hidden" name="sirename" value="$sirename" />
<button name="approve" id="approve" type="submit">Approve Sire</button>
</form>
</li>
</ul>
As I mentioned as a comment, you need to wrap $sirename in PHP tags with an echo statement. You are also not passing $_POST['sirename'] into your script. It otherwise defaults to the original $sirename from your mysql_fetch_assoc().
Warning: the way you have your script set up, you're vulnerable to injection attacks. This is just an example to show you how to pass in variables. See: How can I prevent SQL injection in PHP?
<?php
//select the database to write to
$unapprovedsires = mysql_query("SELECT * FROM nominatedsires WHERE approved = 'no'");
//While loop to cycle through the rows
while($row = mysql_fetch_assoc($unapprovedsires)){
$sirename = $row['sirename'];
echo $sirename;}
?>
<ul class="admin-fields">
<?php
while($row = mysql_fetch_assoc($unapprovedsires)){
if(empty($row['sirename']))
echo "....";
else
print '<li>' .$row['sirename'].' </li>';
}
//print $sirename;
?>
</ul>
<p>
<?php
if(isset($_POST['approve'])){
$sirename = mysql_real_escape_string($_POST['sirename']);
mysql_query("UPDATE nominatedsires SET approved = 'yes' WHERE sirename = '$sirename'") or die ("Something went wrong");
}
?>
<ul>
<li>
<form method="post" method="<?php echo $_SERVER[PHP_SELF]; ?>">
<input type="hidden" name="sirename" value="<?php echo $sirename; ?>" />
<input type="submit" name="approve" id="approve" value="Approve Sire" />
</form>
</li>
</ul>
I've already spent hours over this problem , and searched for answer online, but found nothing that helped me.
So, I am making a filter for a hotel website, and one of the criteria for hotel search is the district where the hotel is located. I use GET method:
<?php if (isset($_GET['District1'])){
$district1= ($_GET["District1"]);
}else ($district1=0);
if (isset($_GET['District2'])){
$district2= ($_GET["District2"]);
}else ($district2=0);
if (isset($_GET['District3'])){
$district3= ($_GET["District3"]);
}else ($district3=0);
if (isset($_GET['District4'])){
$district4= ($_GET["District4"]);
}else ($district4=0);
?>
where $district1, $district2, $district3, $district4 are 4 different districts of the city.
What I am trying to do is to build the district variables by using for loop (the digit at the end of variable name would be ascending by 1 : $district1..2..3..4),
then place these district variables in an if clause which is inside while loop as follows:
<?php
$districts_filter_query="SELECT * FROM districts_table ";
$districts_filter_result = mysql_query($districts_filter_query, $connect);
$districts_filter_row = mysql_fetch_array($districts_filter_result);
for($count = 1; $count <= 4 ; $count++){
do {
$district_name = $districts_filter_row['district_name'];
$district_value = $districts_filter_row['district_value'];
echo '
<label for="group13"> <p '; ?> <?php
if ( eval(' return $district'.$count.';') !=0){echo 'class="greenBG"';}
else {echo ' class="checkbox" ';}?> <?php echo ' >
<input type="checkbox" name="District'.$count.'" id="group13" value="'.$district_value.'"
onClick="this.form.submit();" ';?>
<?php if ( eval (' return $district'.$count.';') !=0){echo ' checked ';};?><?php echo '/> '.$district_name.'
</p>
</label> ';
}
while($districts_filter_row = mysql_fetch_array ($districts_filter_result));
}
?>
The problem is here, I guess: eval(' return $district'.$count.';'), by this I try to construct district variable names. But it does not work.
Everything works perfectly if I use this code:
<label for="group1"> <p <?php
if ($district1!=0){echo 'class="greenBG"';}
else echo 'class="checkbox"';?>>
<input type="checkbox" name="District1" id="group1" value='1013' onClick="this.form.submit();"
<?php if ($district1!=0){echo 'checked ';};?>/> district1
</p>
</label>
<label for="group2"> <p <?php
if ($district2!=0){echo 'class="greenBG"';}
else echo 'class="checkbox"';?>>
<input type="checkbox" name="District2" id="group2" value='1014' onClick="this.form.submit();"
<?php if ($district2!=0){echo 'checked ';};?>/> district2
</p>
</label>
<label for="group3"> <p <?php
if ($district3!=0){echo 'class="greenBG"';}
else echo 'class="checkbox"';?>>
<input type="checkbox" name="District3" id="group3" value='1015' onClick="this.form.submit();"
<?php if ($district3!=0){echo 'checked ';};?>/> district3
</p>
</label>
<label for="group4"> <p <?php
if ($district4!=0){echo 'class="greenBG"';}
else echo 'class="checkbox"';?>>
<input type="checkbox" name="District4" id="group4" value='1016' onClick="this.form.submit();"
<?php if ($district4!=0){echo 'checked ';};?>/> district4
</p>
</label>
But this is not suitable for me because there are more than 30 districts, and it would take a lot of time and effort to make any minor change to code.
I would be greatful if you help me solve this problem and save my time. Thanks, hope my question is clear enough.
Use http://php.net/manual/en/language.variables.variable.php instead of some ugly eval(). (For example ${"district$count"})
$count = 0;
do {
$count++;
$district_name = $districts_filter_row['district_name'];
$district_value = $districts_filter_row['district_value'];
?>
<label for="group<?php echo $count; ?>">
<p <?php
if (${"district$count"} != 0) echo 'class="greenBG"';
else echo 'class="checkbox"'; ?>>
<input type="checkbox" name="District<?php echo $count; ?>" id="group<?php echo $count; ?>" value='<?php echo $district_value; ?>' onClick="this.form.submit();"
<?php if (${"district$count"} != 0) echo 'checked '; ?>/> <?php echo $district_name; ?>
</p>
</label>
<?php
}
while($districts_filter_row = mysql_fetch_array ($districts_filter_result));
And then delete this for loop around it.
that's a little convoluted as an approach, but a quick solution to get rid of eval is to use variable variables:
<?php
$district_name = "district$count";
if ($$district_name != 0) { ... }
?>
... though a better solution would be to just use an array and loop through it.
So I have a form that users fill out with some radio buttons. The values from the radio buttons get passed to MySQL. I now want to pull those values from the database, display them in a table on a different page, and apply different styles to them with span tags.
Here's the code from the form:
<input class="radio_style" type="radio" name="job_type" value="fulltime"/>Full-time<br/>
<input class="radio_style" type="radio" name="job_type" value="parttime"/>Part-time<br />
Here's the code for the page where I want to display it:
<div class='job_type_div'>
<?php if($job_type=='fulltime') {?>
<span class='job_type_style'>
<?php echo $row['job_type']; ?>
</span>
<?php if($job_type=='parttime') {?>
<span class='job_type_style2'>
<?php echo $row['job_type']; ?>
</span>
<?php } ?>
<?php } ?>
</div>
So ideally, the "fulltime" value will have one style and the "parttime" value will have another style. But when I try running this code, nothing happens. I'm definitely connecting to the database correctly. And the row name is properly labelled "job_type". Any ideas on where I might be going wrong? Any help would be greatly appreciated :)
First of all, your form should be something like so:
<form action="page_you_want_to_display.php" method="POST">
<label for="type">Job Type:</label>
<label for="fulltime">
<input class="radio_style" id="fulltime" name="job_type" type="radio" value="fulltime">
Fulltime
</label>
<label for="parttime">
<input class="radio_style" id="parttime" name="job_type" type="radio" value="parttime">
Part Time
</label>
<input name="submitted" type="submit" value="Submit">
</form>
The page you want to display on should look something like this:
if(isset($_POST["submitted"])){
$job_type = $_POST['job_type'];
echo '<div class="job_type_div">';
if($job_type=='fulltime'){
$res = mysql_query("SELECT * FROM jobs WHERE job_type='fulltime'");
while ($row = mysql_fetch_assoc($res)) {
echo '<div class="fulltime">';
echo $row['job_title'].' - '.$row['job_type'];
echo '</div>';
echo '<br>';
}
} elseif ($job_type=='parttime'){
$res = mysql_query("SELECT * FROM jobs WHERE job_type='parttime'");
while ($row = mysql_fetch_assoc($res)) {
echo '<div class="parttime">';
echo $row['job_title'].' - '.$row['job_type'];
echo '</div>';
echo '<br>';
}
}
echo '</div>';
}
and CSS:
.fulltime {
margin:0px;
padding:5px;
width:300px;
background:#9C0;
color:#fff;
}
.parttime {
margin:0px;
padding:5px;
width:300px;
background:#069;
color:#fff;
}
Tested:
Hope this helps
may be problem in your php. Is there some logic?
$job_type=null;
if($job_type=='fulltime'){
...
if($job_type=='parttime'){
...
}
}
did you set $job_type variable? May be you need something like this:
<div class='job_type_div'>
<?php if($row['job_type']=='fulltime') {?>
<span class='job_type_style'>
<?php echo $row['job_type']; ?>
</span>
<?php } elseif($row['job_type']=='parttime') {?>
<span class='job_type_style2'>
<?php echo $row['job_type']; ?>
</span>
<?php } ?>
</div>
I don't believe that the conditions will work the way you implemented it, try doing it like this:
<?php
echo "<div class='job_type_div'>";
if($job_type=='fulltime') {
echo "<span class='job_type_style'>"
//etc...
While you fetching your array from Data Base you need to use MYSQL_BOTH, to fetch columns by Name.
mysql_fetch_array($res, MYSQL_BOTH)
So you should have something like this:
$job_type_query = "SELECT * FROM `job`; ";
$res = mysql_query($job_type_query) or die(mysql_error());
while ($row = mysql_fetch_array($res, MYSQL_BOTH))
{
echo $row['job_type'];
}
form.php
if you initially set one 'selected' in your form, dont need to check if its set, simple set db like so:
...
mysql_query("UPDATE X SET (job_type='{$_GET['job_type']}') WHERE Y");
...
display.php
As you will probably be making a stylesheet, reference the selectors with the job_type labels, which you put in your database
while($row = mysql_fetch_assoc($resultsource))
echo "<div class='job_type_div'> <span class='{$row['job_type']}_style'>{$row['job_type']}</span>";
I wanna update my product when there's user login. Here's my code in edit.php
<?php
$id= (int)$_GET['id'];
$query = "SELECT * FROM game WHERE gameId=".$id."";
$rs = mysql_query($query);
while($data = mysql_fetch_array($rs))
{
?>
<form action="doUpdate.php" method="post">
<?php echo "<image src=\"images/".$id.".png\" alt=\"gameImage\" </image>"?>
<div class="cleaner"></div>
<div class="myLabel">Name</div><div>: <input type="text" value="<?php echo $data['gameName'];?>" name="gameName"/></div>
<div class="myLabel">Developer</div><div>: <input type="text" value="<?php echo $data['gameDeveloper'];?>" name="gameDeveloper"/></div>
<div class="myLabel">Price</div><div>: <input type="text" value="<?php echo $data['gamePrice'];?>" name="gamePrice"/></div>
<br/>
<div id="txtError" style="color:#D70005">
<?php
if(isset($err))
{
if($err==1) echo"All Fields must be filled";
else if($err==2) echo"Price must be numeric";
else if($err==3) echo"Price must be between 1-10";
}
?>
</div>
<input type="submit" value="Submit"/>
<input type="button" value="Cancel"/></span>
<?php
}
?>
</form>
This is my code in doUpdate.php
<?php
$nama = $_POST['gameName'];
$dev = $_POST['gameDeveloper'];
$harga =$_POST['gamePrice'];
$id= (int)$_REQUEST['id'];
if($nama == "" || $dev == "" || $harga == "" )
{
header("location:edit.php?err=1");
}
else if(!is_numeric($harga))
{
header("location:edit.php?err=2");
}
else if($harga < 1 || $harga >10)
{
header("location:edit.php?err=3");
}
else
{
$query = "UPDATE game SET gameName='".$nama."', gameDeveloper='".$dev."', gamePrice=".$harga." where gameId=".$id."";
mysql_query($query);
header("location:product.php");
}
?>
Why I can't change name, developer, or price even I already give the action in form? And why if I delete the name, developer, and price to know wether the validation works or not, it said that Undefined index in edit.php $id= (int)$_GET['id']; ?
You are trying to get $_REQUEST['id'] in doUpdate.php but there is no such field in the form.
You have to add it as a hidden field.
Also you have to format your strings.
Every string you're gonna put into query you have to escape special characters in.
I would like a change from the drop down to the checkbox, I want to change it because I want firstly select the list in the array can be selected before store to database via the checkbox, so the dropdown script was as follows
<?php
session_start();
define('DEFAULT_SOURCE','Site_A');
define('DEFAULT_VALUE',100);
define('DEFAULT_STC','BGS');
include('class/stockconvert_class.php');
$st = new st_exchange_conv(DEFAULT_SOURCE);
if(isset($_GET['reset'])) {
unset($_SESSION['selected']);
header("Location: ".basename($_SERVER['PHP_SELF']));
exit();
}
?>
<form action="do.php" method="post">
<label for="amount">Amount:</label>
<input type="input" name="amount" id="amount" value="1">
<select name="from">
<?php
$stocks = $st->stocks();
asort($stocks);
foreach($stocks as $key=>$stock)
{
if((isset($_SESSION['selected']) && strcmp($_SESSION['selected'],$key) == 0) || (!isset($_SESSION['selected']) && strcmp(DEFAULT_STC,$key) == 0))
{
?>
<option value="<?php echo $key; ?>" selected="selected"><?php echo $stock; ?></option>
<?php
}
else
{
?>
<option value="<?php echo $key; ?>"><?php echo $stock; ?></option>
<?php
}
}
?>
</select>
<input type="submit" name="submit" value="Convert">
</form>
and i Changed it to the checkbox as follows
<?php
session_start();
define('DEFAULT_SOURCE','Site_A');
define('DEFAULT_VALUE',100);
define('DEFAULT_STC','BGS');
include('class/stockconvert_class.php');
$st = new st_exchange_conv(DEFAULT_SOURCE);
if(isset($_GET['reset'])) {
unset($_SESSION['selected']);
header("Location: ".basename($_SERVER['PHP_SELF']));
exit();
}
?>
<form action="do.php" method="post">
<label for="amount">Amount:</label>
<input type="input" name="amount" id="amount" value="1"><input type="submit" name="submit" value="Convert">
<?php
$stocks = $st->stocks();
asort($stocks);
foreach($stocks as $key=>$stock)
{
if((isset($_SESSION['selected']) && strcmp($_SESSION['selected'],$key) == 0) || (!isset($_SESSION['selected']) && strcmp(DEFAULT_STC,$key) == 0))
{
?>
<br><input type="checkbox" id="scb1" name="from[]" value="<?php echo $key; ?>" checked="checked"><?php echo $stock; ?>
<?php
}
else
{
?>
<br><input type="checkbox" id="scb1" name="from[]" value="<?php echo $key; ?>"><?php echo $stock; ?>
<?php
}
}
?>
</form>
but does not work, am I need to display Other codes related?
Thanks if some one help, and appreciated it
UPDATED:
ok post the first apparently less obvious, so I will add the problem of error
the error is
Fatal error: Call to undefined method st_exchange_conv::convert() in C:\xampp\htdocs\test\do.php on line 21
line 21 is $st->convert($from,$key,$date);
session_start();
if(isset($_POST['submit']))
{
include('class/stockconvert_class.php');
$st = new st_exchange_conv(DEFAULT_SOURCE);
$from = mysql_real_escape_string(stripslashes($_POST['from']));
$value = floatval($_POST['amount']);
$date = date('Y-m-d H:i:s');
$_SESSION['selected'] = $from;
$stocks = $st->stocks();
asort($stocks);
foreach($stocks as $key=>$stock)
{
$st->convert($from,$key,$date);
$stc_price = $st->price($value);
$stock = mysql_real_escape_string(stripslashes($stock));
$count = "SELECT * FROM oc_stock WHERE stock = '$key'";
$result = mysql_query($count) or die(mysql_error());
$sql = '';
if(mysql_num_rows($result) == 1)
{
$sql = "UPDATE oc_stock SET stock_title = '$stock', stc_val = '$stc_price', date_updated = '$date' WHERE stock = '$key'";
}
else
{
$sql = "INSERT INTO oc_stock(stock_id,stock_title,stock,decimal_place,stc_val,date_updated) VALUES ('','$stock','$key','2',$stc_price,'$date')";
}
$result = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
}
header("Location: index.php");
exit();
}
Why I want to change it from dropdown to checkbox?
because with via checkbox list I will be able to choose which ones I checked it was the entrance to the database, then it seem not simple to me, I looking for some help< thanks So much For You mate.
You have not removed the opening <select> tag.
But you removed the <submit> button.
You changed the name from "from" to "from[]".
EDIT: After your additions:
Using the dropdown list you were only able to select one value for from. Now you changed it to checkboxes and thus are able to select multiple entries. This results in receiving an array from[] in your script in do.php. Your functions there are not able to handle arrays or multiple selections in any way.
You have to re-design do.php, change your form back to a dropdown list or use ratio buttons instead.