hoping you can help with what I expected to be a simple function.
I'd like to allow users to remove (i.e. change published=y to published=n) a query result but can't for the life of me figure out how to do it. Here's the query as is:
$result = mysql_query("SELECT * FROM discussion WHERE publish='y' ORDER BY timestamp DESC");
while($row = mysql_fetch_array($result))
{
echo ("<tr><td>" . $row['name'] . "<span class=\"remove\">(REMOVE)</span></td>
<td width=\"300\">" . nl2br($row['question']) . "</td>
<td>" . $row['author'] . "</td>
<td>" . $row['timestamp'] . "</td>
<td>View Discussion</td></tr>");
}
The query I'd like to run when the user clicked 'REMOVE' (within the above query):
mysql_query("UPDATE discussion SET publish='n' WHERE discussionID='XXXXX");
Any ideas from the fine people at SO?
New to php/mysql so forgive the ignorance.
I think the simplest option here would be to insert your remove button into a form.
Try adding this form into your table. I am echoing the discussionID into the checkbox so that you can distinguish between the multiple checkboxes in the table:
<form method="post" action="">
<input type="checkbox" id="removeCheckbox" name="removeCheckbox" value="<?php echo $row['discussionID']; ?>" />
<input id="submit" name="submit" value="Submit" type="submit" />
</form>
And then in your PHP, you update the database with the value of the checkbox:
<?php
if (isset($_POST['removeCheckbox'])) {
$checkboxValue = $_POST['removeCheckbox'];
mysql_query("UPDATE discussion SET publish='y' WHERE discussionID='$checkboxValue'");
}
?>
Does that make sense?
EDIT: This should now work! Also updated to include Dan's suggestion.
the same way you do a link to go to the discussion ( a href=\"discussion.php?discussionID=" . $row['discussionID'] . "\">View Discussion ).
a href=\"delete_discussion.php?discussionID=" . $row[ 'discussionID' ] . "\">REMOVE
and create the delete_discussion.php file to run your update query
Related
I'm making a comment box, in which
Comment box will be under the post
Every comment box has the same id as the post has
That's why i preffered to do a while loop
But, the problem is
As i'm using a fetch_assoc() method, some comment tables will be empty so
i've made a if else code for them
Here is my if else code :
$select_comment_table = "SELECT * FROM feed_comment_" . $row['id'] . "ORDER BY id";
$result_query_select_comment_table = $dbc->query($select_comment_table);
if(!$result_query_select_comment_table) {
$result_select_comment_table = array("full_name" => "", "comment"=> "No comments yet.");
}
else {
$result_select_comment_table = $result_query_select_comment_table->fetch_assoc();
}
If other code is need :
echo '<div id="feed_comment_box_' . $row['id'] . '"' . 'class="feed_comment_box_cl"><div id="add_comment_id" class="add_comment_cl">
<form class="comment_form" method="post" action="' .$_SERVER['PHP_SELF'] . '">
<input name="comment_full_name" type="text" class="input_comment_full_name"> </input>
<textarea name="input_comment_text" type="text" class="input_comment_text" ></textarea><input name="comment_submit" type="submit"></input> <br>
</form>
</div><br>
<div id="comment_box_id" class="comment_box_cl">
<table tabindex="0" class="comment_box">
<tr> <td class="comment_full_name">' . $result_select_comment_table["full_name"] . '</td></tr><br>' .
'<tr> <td class="comment_full_name">' . $result_select_comment_table["comment"] . '</td></tr><br>'
. '</table></div></div>';
echo '</div>';
Problem : As you see the if else code, the php should echo no comments yet when there is no comment. But, even after inserting the comment(i tried manually insert in database) it is showing no comments yet whereas it should show the comments
Note: I am using a while loop that's why the comment div is coming under every post.
It looks like you're missing a space in your query:
$select_comment_table = "SELECT * FROM feed_comment_" . $row['id'] . "ORDER BY id";
should be
$select_comment_table = "SELECT * FROM feed_comment_" . $row['id'] . " ORDER BY id";
The invalid query is causing $result_query_select_comment_table to always be false.
Thanks in advance for any light shed.
I have a mysql database consisting of customers with some fields pertaining to each customer. currently running on one of my lamp servers. There is security risks with my code at the moment, but I plan to get the functionality i'm looking for and then reconfigure the code for a tighter security. At the moment I have an html index file that calls on php script to search mysql database by firstname or lastname. Upon this query it displays a list of users and allows me to modify the user. When I click modify it pulls the correct customer id number, but it is not displaying any current information, nor allowing me to update the info.
To summarize, I would like to search a customer, and it pull up selected fields and show the content and allow me to actively change the data and resend it to the database.
My search.html code:
<html>
<body>
<form action="scripts/search.php" method="post">
Firstname: <input type="text" name="firstname">
<input type="submit">
</form>
<form action="scripts/lastnamesearch.php" method="post">
Lastname: <input type="text" name="lastname">
<input type="submit">
</form>
<form action="scripts/phonenumbersearch.php" method="post">
Phone Number: <input type="text" name="phone">
<input type="submit">
</form>
</body>
</html>
MY search.PHP Script:
//this script allows me to search the database by filling out one of the forms and clicking submit. Each of the forms calls upon it's own individual script, I realize that this is probably cumbersome, due to my lack of coding knowledge.
<?php
$con=mysqli_connect("localhost","root","*****","*******");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($con,"SELECT * FROM customers WHERE `firstname` LIKE '$_POST[firstname]'");
echo "<table border='1'>
<tr>
<th>id</th>
<th>firstname</th>
<th>lastname</th>
<th>phone</th>
<th>address</th>
<th>notes</th>
<th>additional notes</th>
<th>passwords</th>
</tr>";
while($row = mysqli_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['firstname'] . "</td>";
echo "<td>" . $row['lastname'] . "</td>";
echo "<td>" . $row['phone'] . "</td>";
echo "<td>" . $row['address'] . "</td>";
echo "<td>" . $row['notes'] . "</td>";
echo "<td>" . $row['addnotes'] . "</td>";
echo "<td>" . $row['passwords'] . "</td>";
echo "Modify User";
echo "</tr>";
}
echo "</table>";
mysqli_close($con);
?>
My modify.php script:
//this is where I believe one of my problems lie. when I click modify user on the search.php script it calls on this script and it loads the correct user/customer id in the address bar, but it doesn't show any existing data, nor does it update the data that I fill in the cells.
<?php
$con=mysqli_connect("localhost","root","crapola1","Computition");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$mysqli_query = "SELECT * FROM customers WHERE ID = $_get[id]";
$mysqli_result = mysqli_query($mysqli_query);
$customer = mysqli_fetch_array($mysqli_result);
?>
<h1> You are modifying a user</h1>
<form action="<?php echo $SERVER['PHP_SELF']; ?>" method="post">
Firstname<input type="text" name="inputFirstname" value="<?php echo $row['firstname']; ?>" /><br />
Notes<input type="text" name="inputNotes" value="<?php echo $row['notes']; ?>" />
<br />
<input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
<input type="submit" name="submit" value="Modify" />
</form>
Thanks again,
I've been searching on this topic for about a week now and have pieced together this much, but can't seem to get over this "hump"
$_GET is a super global array . It should be in UPPERCASE.
Change the query on your modify.php here
SELECT * FROM customers WHERE ID = $_get[id] to upper case.
Must be..
SELECT * FROM customers WHERE ID = ".$_GET['id']
Also, It is strictly not advised to pass the $_GET or $_POST parameters directly to your query as it leads to SQL injection. You need to switch over to PreparedStatements
i would like to ask if someone could help me with a search query and displaying of the results.
Here is the code...
<?php
// Change the fields below as per the requirements
$db_host="localhost";
$db_username="dasi";
$db_password="**************";
$db_name="dasi";
$db_tb_name="test";
$db_tb_atr_price="price_vat";
$db_tb_atr_cur="currency";
//Now we are going to write a script that will do search task
// leave the below fields as it is except while loop, which will display results on screen
mysql_connect("$db_host","$db_username","$db_password");
mysql_select_db("$db_name");
$query=mysql_real_escape_string($_GET['query']);
$query_for_result=mysql_query("SELECT * FROM $db_tb_name WHERE code like '%".$query."%'");
echo "<h2>Search Results</h2><ol>";
while($data_fetch=mysql_fetch_array($query_for_result))
{
echo "<table border=1>";
echo "<tr><td>" . $data_fetch['code'] . "</td><td>" . $data_fetch['price_vat'] . "</td><td>" . $data_fetch['currency'] . "</td></tr>";
echo "</table>";
}
echo "</ol>";
mysql_close();
?>
In content i added the form ...
<form action="search.php" method="post">
<label>Search For: </label><input name="query" type="text" /><input name="submit" type="submit" value="Start Search" />
</form>
So ... all is working normaly.. i am getting the results, everything is fine. Problem is:
i want to have results displayed below the form itself, not in a new page.
If anyone could help me that would be great. Thank you in advance
P.S.
Well i have no idea how it works actualy but was thinking, isnt there a way where the result can be added into empty div below the form or something like this? I tryed the options above but it dosnt helped.
Save your table in to a variable:
$table = "<h2>Search Results</h2><ol>";
while($data_fetch=mysql_fetch_array($query_for_result))
{
$table .= "<table border=1>";
$table .= "<tr><td>" . $data_fetch['code'] . "</td><td>" . $data_fetch['price_vat'] . "</td><td>" . $data_fetch['currency'] . "</td></tr>";
$table .= "</table>";
}
$table .= "</ol>";
And print it in your template:
<form action="search.php" method="post">
<label>Search For: </label><input name="query" type="text" /><input name="submit" type="submit" value="Start Search" />
</form>
<?php echo $table ?>
Just embed your form code in your search.php and then check for isset($submit) and you are good to go.
<?php
?>
<form action="" method="post">
<label>Search For: </label><input name="query" type="text" /><input name="submit" type="submit" value="Start Search" />
</form>
<?php
if(isset($submit))
{
// Change the fields below as per the requirements
$db_host="localhost";
$db_username="dasi";
$db_password="**************";
$db_name="dasi";
$db_tb_name="test";
$db_tb_atr_price="price_vat";
$db_tb_atr_cur="currency";
//Now we are going to write a script that will do search task
// leave the below fields as it is except while loop, which will display results on screen
mysql_connect("$db_host","$db_username","$db_password");
mysql_select_db("$db_name");
$query=mysql_real_escape_string($_POST['query']);
$query_for_result=mysql_query("SELECT * FROM $db_tb_name WHERE code like '%".$query."%'");
echo "<h2>Search Results</h2><ol>";
while($data_fetch=mysql_fetch_array($query_for_result))
{
echo "<table border=1>";
echo "<tr><td>" . $data_fetch['code'] . "</td><td>" . $data_fetch['price_vat'] . "</td><td>" . $data_fetch['currency'] . "</td></tr>";
echo "</table>";
}
echo "</ol>";
mysql_close();
}
?>
You've got two choices,
Use AJAX to actually get the results to 'collect' the PHP Generated Content and use JavaScript to append it to somewhere on the page.
Place the Search Algorithm and PHP Code at the top of the same page of the form, then use an isset() $_GET or $_POST to check if it's been submitted successfully, save the results & content to be later printed elsewhere.
I am trying to create a table that will allow me to delete a row by clicking a delete button. I did find an article on here at the following link that did provide some help but I am still unable to get it to work: Show all rows in mysql table then give option to delete specific ones .I have written most of the code but I am having problem with line 10 on the delete.php page. Ideas?
Main.php
$result = mysqli_query($con,"SELECT * FROM cs_general_info");
echo "<table><tr><td>Delete</td><td>First Name</td><td>Last Name</td><td>Address</td>td>Phone</td><td>E-Mail Address</td></tr>";
while($row = mysqli_fetch_array($result)) {
?>
<tr>
<td>
<form action="delete.php" method="POST">
<input type="hidden" name="delete_id" value="<?php echo $row['id']; ?>">
<input type="Submit" value="Delete"></form>
</td>
<?php
echo "<td>" . $row['id'] ."</td>";
echo "<td>" . $row['first_name'] . "</td>";
echo "<td>" . $row['last_name'] . "</td>";
echo "<td>" . $row['address'] . "</td>";
echo "<td>" . $row['phone'] . "</td>";
echo "<td>" . $row['email'] . "</td></tr>";
}
echo "</table>";
Delete.php
"DELETE FROM cs_general_info WHERE id=".mysql_real_escape_string($delete_id);
Hopefully delete.php is more than that single line. In delete.php you will want to catch the POST method and the $row[id]; bind it, then delete it.
To get the id of the row you want to delete in your delete.php file, you need to get the variable, like this:
$delete_id = $_POST['delete'];
WARNING: This is the very basic functionality you need to get this to work. However, you will need to implement many other levels of security before this should ever go into any production code.
If that is your delete.php, then you are missing a lot. You need a database connection and you need to execute the SQL command against the database. But that is the least of your worries until you get your parameters via $_POST.
Here is the PDO Manual for the database connection and SQL execution.
And here is the manual for $_POST.
You want to either put a link or inline form within each of your table’s rows, and then have a script that deletes the specified row and returns the user to your page.
<table>
<tbody>
<?php foreach ($results as $result): ?>
<tr>
<td><?php echo $result->title; ?></td>
<td>
<form action="delete.php" method="post">
<input type="hidden" name="id" value="<?php echo $result->id; ?>" />
<input type="submit" value="Delete" />
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
And then delete.php:
<?php
if (isset($_POST['id']) && intval($_POST['id']) > 0) {
// create PDO instance; assign it to $db variable
$sql = "DELETE FROM `table` WHERE `id` = :id LIMIT 1";
$smt = $db->prepare($sql);
$smt->bindParam(':id', $_POST['id'], PDO::PARAM_INT);
$smt->execute();
}
header('Location: index.php');
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I simply just want a button in my table to delete the specific row but everything I search for ends up being some completely different way compared to how I have set it up.
<?php
// Connects to your Database and if it cant it dies
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
// this selects the db
mysql_select_db("test", $con);
// this passes the query into the variable result
$result = mysql_query("SELECT * FROM items");
echo "<table border='1'>
<tr>
<th>ID</th>
<th>Name</th>
<th>Quantity</th>
<th>Delete</th>
<tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['ID'] . "</td>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['quantity'] . "</td>";
echo "<td>" . 'Delete' . "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con);
//end php
?>
<html>
<body>
<form action="insert.php" method="post">
Name: <input type="text" name="Name" />
Quantity: <input type="text" name="Quantity" />
<input type='submit' name='add' value='add' />
</form>
</body>
</html>
i would like the hyperlink to delete the row is contained in.
You need to add the ID of the record you want to delete to the delete url, e.g.:
echo "<td>Delete</td>";
Then, in your delete.php script, you'd do:
<?php
$id = intval($_GET['id']);
$sql = "DELETE FROM yourtable WHERE id=$id";
$result = mysql_query(sql);
Of course, that's not a full script, but shows you the basics of what needs to be done. Be careful with using the passed-in value in your query - don't want to let an SQL injection hole ruin your day.
However, be aware that using a 'GET' type query for this sort of thing is generally a bad idea. If this page gets spidered by Google (for one), you'll find that the simple act of spidering has nuked ALL of your records.
You need to pass the ID of the row as paramter to the delete.php script
echo "<td>" . 'Delete' . "</td>";
you can use the id of the current row and send it to delete.php:
echo "<td>" . 'Delete' . "</td>";
then in delete.php get the id by $deleteId = $_GET['id'] and use it...
Try changine the URL to something like echo '<a href="delete.php?ID=' . $row['ID'] . '">'
BTW - Not a good idea to use root!