http://localhost/?area=characters&name=Michal+Stroganof
$result = mysql_query("SELECT * from players WHERE name = '$_GET[name]'");
while ($row = mysql_fetch_assoc($result)) {
echo "Name: " .$row['name']. "<br>";
echo "Level: " .$row['level']. "<br>";
}
This is all code of my characters.php
If the get variable "name" is not included in the URL i want to show a search form that searches the table players. How would I do this?
Do you mean just to change your SQL string like so?
$sql = 'SELECT * from players';
if (isset($_GET['name'])) {
$safename = mysql_real_escape_string($_GET['name']);
$sql .= " WHERE name='$safename'";
}
$result = mysql_query($sql);
Be sure to sanitize your SQL!
Use isset():
if (isset($_GET['name'])) {
// your above code
} else {
// display form
}
Quick and dirty:
<?php
if (!isset($_GET['name']))
{
echo '<form action="'. $_SERVER['PHP_SELF'] .'" method="GET">'
.'<input type="text" name="name" />'
.'</form>';
}
else
{
// your current code that queries your database here
}
?>
Related
Hi I am trying to do a Registration that the users will put their name password and their answers to some questions and then an admin will manually answer to it if it's accepted.I did the system that loads their name password and answers in the database,and I also ran the things that will show the answers to the admin,but I can't figure a way to change a value just for one user not for all of them,I will leave you my codes and everything over here.
Here is my admin.viewapplications.php code
(Here,it shows everything fine,but I can't figure a way that the button to act just for one id not for all)
<?php
//include(__DIR__ . "/signup.php");
include("../resources/config.php");
//$name = $_POST['Name'];
//$mg = $_POST['MG'];
//$pg = $_POST['PG'];
//$rk = $_POST['RK'];
$sql = "SELECT id, name, tutorial, MG, PG, RK FROM rp_users WHERE tutorial = 2";
//$tutorial = "SELECT tutorial FROM rp_users";
$result = mysql_query($sql);
//$result2 = mysql_query($tutorial);
//$value = mysql_fetch_object($result2)
/*if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}*/
//if($value > 1)
//
while($row = mysql_fetch_array($result))
{
//$tutorial = row["tutorial"];
//f($tutorial == 2)
//}
$id = $row["id"];
$name = $row["name"];
$mg = $row["MG"];
$pg = $row["PG"];
$rk = $row["RK"];
echo "ID: " . $id."<br> <br>";
echo "Nume: " . $name."<br> <br>";
echo "MG: " . $mg."<br> <br>";
echo "PG: " . $pg."<br> <br>";
echo "RK: " . $rk."<br> <br>";
echo '<form action="./?p=applicationaccept" method="POST">';
echo '<input type="submit" name="accept" value="Accepta">';
echo '</form><br>';
echo '<form action="./?p=applicationdeny" method="POST">';
echo '<input type="submit" name="deny" value="Respinge">';
echo '</form><br> <br> <br>';
}
//}
//
?>
And here is my applicationaccept.php
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $id;
$sql = "UPDATE rp_users SET tutorial=0";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
/*while($row = mysql_fetch_array($result))
{
}*/
?>
I think what you want to do is a simple UPDATE to your MySQL database..
but make sure you format the PHP code you're using otherwise it'll give you an ERROR!
Also you have to use 'mysqli' now in PHP!
<?php
$someID = '1';
$sql = "UPDATE `rp_users` SET `tutorial`= '0' WHERE `id` = $someID";
$result = mysqli_query($link, $sql);
if($result)
{
echo "Success";
}
else
{
echo ("Error");
}
?>
BTW I forgot to mntion the '$link' is the connection to your database!
As of my understanding of your question if your form action is applicationaccept.php and you are trying to update for one user in applicationaccept.php file, try this:
<?php
include("../admin/admin.viewapplications.php");
include("../resources/config.php");
$iduser = $_POST["id"]; // pass id as parameter in form
$sql = "UPDATE rp_users SET tutorial=0";// change this line to following line
$sql = "UPDATE rp_users SET tutorial=0 where id=$iduser";
$result = mysql_query($sql);
if($result)
{
echo "Succes";
}
else
{
die(mysql_error());
}
?>
Be aware your code is vulnerable
I was experimenting if I could use a mySQL database to store CSS settings. I set up a simple database "colors" with one table "color" that had simple structure tag and color columns. In that, one row is h1 => red.
<?php
//function to dynamically change CSS
$tag = 'h1';
$q = "SELECT * FROM `colors` WHERE `tag`='" . $tag . "'" ;
echo $q . "<br>";
$query = mysqli_query($link, $q);
if ($row = mysqli_fetch_assoc($query))
{
echo $row['color'];
} else
{
echo "error - no such tag";
}
?>
When I tried to convert to a function, the code does not work at all.
<?php
//function to dynamically change CSS
function getCSS($tag)
{
$tag = 'h1';
$q = "SELECT * FROM `colors` WHERE `tag`='" . $tag . "'" ;
echo $q . "<br>";
$query = mysqli_query($link, $q);
if ($row = mysqli_fetch_assoc($query))
{
echo $row['color'];
} else
{
echo "error - no such tag";
}
}
getCSS('h1');
?>
Help please?
My guess is that in
$query = mysqli_query($link, $q);
$link goes out of scope and is empty. You should pass it to the function as well.
For the record: using $tag without escaping could be an sql injection attack possibility.
in function, there is no $link, you shoud define it as a global variable.
At the start of your function add a reference to your global DB link:
function getCSS($tag) {
global $link;
...
This should work:
<?php
$link = mysqli_connect('server_host', 'user', 'password', 'database') OR die('Could not connect because: '.mysqli_connect_error());
//function to dynamically change CSS
function getCSS($link, $tag){
$q = 'SELECT * FROM colors WHERE tag = "' . $tag . '"' ;
$r = mysqli_query($link, $q);
if(mysqli_num_rows($r)>0){ // check if there are results
while($row = mysqli_fetch_assoc($r)){
//echo '<pre>';
//print_r($row); // print the result array for debugging
//echo '</pre>';
echo $row['color'] . '<br />';
}
return $row;
} else { // if no result is found
echo 'No such tag';
}
}
// test it:
echo '<br />if tag is h1<br />';
getCSS($link, 'h1');
echo '<br />if tag is h2<br />';
getCSS($link, 'h2');
?>
I want to perform a search from the database using php in which when i enter name arun it should search for name arun and display the result with name arun and when i enter name and email it should search for name and email and should display single result since the email is unique field i have written the following code but it is not working can someone help me?
Please add a comment if any one gives Downvote and Why?
<?php
if (isset($_SESSION['message11'])) {
echo $_SESSION['message11'];
unset($_SESSION['message11']);
}
?>
<?php
include('connection.php');
$name = $_POST['name'];
$email = $_POST['email'];
$qualification = $_POST['qualify'];
$sql = "SELECT * FROM form WHERE Name ='$name' OR EmailAddress = '$email' OR Qualification = '$qualification' ";
$result = $conn->query($sql);
if (!empty($_POST)) {
if ($result->num_rows === 0) {
echo '<p style="margin-left:340px">no records</p>';
}
}
while ($row = $result->fetch_assoc()) {
$_SESSION["snum"] = $row['sno'];
$_SESSION["nam"] = $row['Name'];
$_SESSION["quali"] = $row['Qualification'];
$_SESSION["emai"] = $row['EmailAddress'];
echo '<br>';
echo '<form name="friend" action="received.php" method="post">';
echo '<input style="margin-left:340px;padding-bottom:10px" type="checkbox" value="' . $row['sno'] . '" name="friend[]"> user Details</input>';
echo '<br>';
echo '<br>';
echo '<div class="container" style="border-style:solid; border-width:medium;width: 550px;">';
echo '<br>';
echo 'Name: ' . $row['Name'];
echo '<br /> EmailAddress: ' . $row['EmailAddress'];
echo '<br /> Qualification: ' . $row['Qualification'];
echo '<br /> DOB: ' . $row['DOB'];
echo '<br/>';
echo '<br/>';
echo '<br/>';
echo '<br/>';
echo '</div>';
echo '<br/>';
}
if (!empty($_POST)) {
echo '<button style="margin-left:340px" type=""submit">invite</button>';
}
echo '</form>';
$conn->close();
?>
You are adding OR condition to three fields even if they are not entered by the user.
Use conditions so that sql should search only entered fields.
Use array()
$sql = "SELECT * FROM form WHERE ";
$conditions = array();
if (! empty($name)) {
$conditions[] = "Name ='$name'";
}
if (! empty($email)) {
$conditions[] = "EmailAddress ='$email'";
}
if (! empty($qualification)) {
$conditions[] = "Qualification ='$qualification'";
}
$sql .= ! empty($conditions) ? implode(' OR ', $conditions) : '1';
$result=$conn->query($sql);
Try this LIKE will be effective for searching stuffs.
Simple and best practice.
SELECT * FROM form WHERE Name LIKE '%".$name."%' OR EmailAddress LIKE '%".$email."%' OR Qualification LIKE '%".$qualification."%'
I am currently trying to create a search menu, and display it's result in a form of table. I managed to get the search result only as a string, but unable to use it to display a full row in the table.
Here is my code :
- Creating the Form :
<form action = "profile.php" method = "post">
<input type="text" name="search" placeholder = "Search">
<input type="submit" value = "SEARCH"><br>
</form>
This is the php to get search result
if(isset($_POST['search']))
{
$searchq = $_POST['search'];
$searchq = preg_replace("#[^0-9a-z]#i","",$searchq);
$query = mysql_query("SELECT * FROM identity WHERE fullname LIKE '%$searchq%'") or die("Could not Find!");
$count = mysql_num_rows($query);
if($count == 0)
{
$output = 'There is no result';
}
else
{
while($row = mysql_fetch_array($query))
{
$fullname = $row['fullname'];
$output .= '<div> '.$fullname.' </div>';
$records = mysql_query("SELECT * FROM identitas_pengadu WHERE fullname='$output'");
}
}
}
This is the code I used to display the result in a database :
while($identity = mysql_fetch_assoc($records))
{
echo "<tr>";
echo "<td>".$identity['fullname']."</td>";
echo "<td>".$identity['nip']."</td>";
echo "<td>".$identity['email']."</td>";
echo "<td>".$identity['position']."</td>";
echo "<td>".$identity['status']."</td>";
echo "<td>EDIT</td>";
echo "</tr>";
}
It works fine if the value of $records does not use the WHERE function. Please help.
Thank You
I have a table
Now.i have a function in my JS
function add()
{
<?php
include('conn.php');
$rs = mysql_query("select * from position");
$row = mysql_fetch_array($rs);
$ss=$row['Name'];
$sss=$row['nowb'];
$ssss=$row['totalb'];
$sssss=$row['nowc'];
$ssssss=$row['totalc'];
echo "add2()";
?>}
function add2(){
AddAddress("<?php echo $ss;?>","<?php echo $sss;?>/<?php echo $ssss;?><br /><?php echo $sssss;?>/<?php echo $ssssss;?>");
}
How to get the every date from my table?
Something like this?
function add() {
<?php
include('conn.php');
$rs = mysql_query("select * from position");
while ( $row = mysql_fetch_array($rs) ) {
$ss=$row['Name'];
$sss=$row['nowb'];
$ssss=$row['totalb'];
$sssss=$row['nowc'];
$ssssss=$row['totalc'];
echo 'AddAddress("' . $ss . '","' . $sss . '/' . $ssss . '<br />' . $sssss . '/' . $ssssss . '");';
}
?>
}
Didn't text the echo 'AddAddress....' line so I hop eI got all the single and double quotes in the right place??
Performing POST requests using Ajax here is an example of sending data from js to php.
also stop naming your vars s,ss,sss,ssss you will have no idea what they mean when you read your code tomorrow..
and try not to use mysql_* functions they have been deprecated switch to mysqli or pdo
I got what would you like to do. In your PHP file:
function add(){
<?php
include('conn.php');
$rs = mysql_query("select * from position");
echo "var data = [] ; "
while($row = mysql_fetch_assoc($rs)){
echo "
data.push({
name: '{$row['Name']}',
nowb: '{$row['nowb']}',
totalb: '{$row['totalb']}',
nowc: '{$row['nowc']}',
totalc: '{$row['totalc']}'
}); \n\r " ;
}
?>
add2(data);
}
function add2(data){
for (var i in data){
var row = data[i] ;
AddAddress(row.name, row.nowb, row.totalb, row.nowc, row.totalc);
}
}
If I understand the question correctly you want to know how to loop through an array in php.
$row = mysql_fetch_array($rs);
foreach($row as $value){
//Do something
}
Read up on it in the docs
http://php.net/manual/en/control-structures.foreach.php