PHP - Trouble With Using Serialized Data...

I'm teaching myself a bit of OOP in php.  found that i could pass an object into the SESSION array if i serialize() the object and then unserialize() it where i need it in other page files.  all seems to work well until it comes time for a user to logout from my application and attempt to destroy the session.  at times, when they log back in, this serialized SESSION value seems to still be set while other SESSION values have been cleared.  at least i *thinnk* this is what is going on.   in my logout handler, i have the following:

    $_SESSION = array(); // clear all SESSION vars
    setcookie(); // clear cookies
    session_destroy();

but the above does not seem to be working.  my guess is there is something native to serialized SESSION values that im not yet aware of.  any help here would be much appreciated.

Hello,

I'm having trouble inserting data into a MySQL table.

The user has a form which is HEIGHT and WIDTH and NUMBER_OF_OBSERVATIONS. All these values are stored in the same table. NUMBER_OF_OBSERVATIONS does what it needs to and inserts its calculated results into the database, as does DATE_TIME.

I've been trying for a couple of days to get this done, and I am having no luck in getting it sorted.

Any help is greatly appreciated!

Generator.php
Code: [Select]
$WIDTH = $_POST['WIDTH'];
$HEIGHT = $_POST['HEIGHT'];
$NUMBER_OF_OBSERVATIONS = $_POST['NUMBER_OF_OBSERVATIONS'];

$db1 = new Number_Information();
$db1->openDB();
$OBSERVATION_ID = $db1->insert_Observation();
echo "<br /><br />Success. ID: <strong>$OBSERVATION_ID<strong>";
$db1->closeDB();
Number_Information.php
Code: [Select]
function insert_Observation() {

        //$Date_Now = datetime();
        $sql = "INSERT INTO Observations (DATE_TIME, HEIGHT, WIDTH)
VALUES (NOW(), '{$esc_HEIGHT}','{$esc_WIDTH}' )";
        $result = mysql_query($sql, $this->conn);
        if (!$result) {
            die("SQL Insertion error: " . mysql_error());
        } else {
            return mysql_insert_id($this->conn);
        }
The table name is Observations

Again - Any help is greatly appreciated!

Hi i'm new to PHP/web development but not new to coding.

I have some php code that I grabed from a template where I am selecting data from a file and having it diplay on the screen in a form.  My $query = "select * from file where" statement works and bring the data back to the screen.  However, I want the data to be returned in a textarea instead of a text field that is not big enough to display the 3 paragraph that i need to display. 

Please see code below, thsi code will return the data but the text box only returns the data in a line, I need the data to be returned in a textarea, so I can update it.  I have looked for the correct syntex with no luck, please correct me.

   $row = mysql_fetch_array($result, MYSQL_ASSOC);
   $recordid = $row['recordid'];
   $homepage = $row['homepage'];

   echo "<h2>Update About Us Information</h2>\n";
   echo "<form enctype=\"multipart/form-data\" action=\"admin.php\" method=\"post\">\n";

   echo "<table width=\"100%\" cellpadding=\"1\" border=\"1\">\n";
   echo "<tr><td><h3>Record ID</h3></td><td>$recordid</td></tr>\n";

   echo "<tr><td><h3>Homepage</h3></td><td><input type=\"text\" size=\"100\"  name=\"homepage\" value=\"$homepage\" /></td></tr>\n";

   echo "</table>\n";

   echo "<input type=\"submit\" name=\"button\" value=\"Update\">\n";
   echo "<input type=\"submit\" name=\"button\" value=\"Delete Product\">\n";
   echo "</form>\n";

Hey,

Having some troubles extracting data from simpleXML object.

var_dump outputs all the stuff correctly but when i try access data in the object, it just comes back empty.


$rss = "/data/rss/";
$rss = file_get_contents($rss); // simplexml_load_file() fails
$feed = new SimpleXMLElement($rss);

foreach($feed->item as $news) {
echo $news->title; // returns empty
}

echo $feed->item->title; // also is empty


so var_dump($feed) outputs this, shortened version:


object(SimpleXMLElement)#10 (2) { ["@attributes"]=> array(1) { ["version"]=> string(3) "2.0" } ["channel"]=> object(SimpleXMLElement)#11 (6) { ["title"]=> string(38) "Bradford Bulls Super League Rugby News" ["description"]=> string(75) "RSS Feed for the latest Bradford Bulls Super League rugby news and updates." ["link"]=> string(46) "http://www.superleaguefans.com/bradford-bulls/" ["language"]=> string(2) "en" ["pubDate"]=> string(26) "Sat, 03 Sep 13:42:39 +0100" ["item"]=> array(10){ [0]=> object(SimpleXMLElement)#12 (1) { ["title"]=> string(32) "Briggs and Walker in Bulls squad" } } } } 


so, $feed->item->title  should return the ["title"] contents, but it doesn't, driving me crazy.

what am i doing wrong? Any pointers will be much appreciated, thank you.

I'm having trouble listing the most recent 10 content. How can I solve this problem.

$sorgu = mysqli_query("select * from icerik order by id desc limit 0,10");

while($goster=mysqli_fetch_assoc($sorgu)) {
  echo $goster['baslik'];
  echo $goster['yazi'];
  echo $goster['yazar'];

}

error code:

Fatal error: Uncaught ArgumentCountError: mysqli_query() expects at least 2 arguments, 1 given in C:\xampp\htdocs\blog\orta.php:3 Stack trace: #0 C:\xampp\htdocs\blog\orta.php(3): mysqli_query('select * from i...') #1 C:\xampp\htdocs\blog\index.php(4): include('C:\\xampp\\htdocs...') #2 {main} thrown in C:\xampp\htdocs\blog\orta.php on line 3

Hey guys,

I have a script that grabs data from a separate .txt file which is used to perform certain actions within a user's account. The data I'm having trouble with is user key which is used to authenticate an http header. An example of what the txt file would hold is this:

360235276 PbI1c5+PGHSshccYd58AklmTgf5u+tbWZplMRYYxFSivRYw4AZhaVNHwADozYZhZhPnXRSV1rmsrhf1td7w6bJbySZmPHLl+hleyz/Ht4iM=
477947328 cXTnFEVP74RWtAgqM5BlwtgW2i9rP/v44oANzwF+yJZ+9mpvaschyo/HaYP1qUXgIK8nK7jy74iSCEHAgpPgPdryzpReM5cbnVDjRw7h9S0=
503724987 XXEJsklZTFaTx8MLjuNIz0S65Sn02rgbHl2sahdReQdadKP39 evIXUoYdr5NyQMWDVE7cRpvn+zJ7mteH7WJzVh0U/sOcSG7kfcuaWpAOfo=

The format I have is: account_ID user_key
New account on a fresh line. So in my script I have it grabbing the data as so:


$User_DataFile = "accountdata.txt";

$AccData = file($User_DataFile, FILE_SKIP_EMPTY_LINES);


foreach($AccData as $line_num => $line)
{
$AccData = explode(" ", htmlspecialchars(str_replace("    "," ",$line)));

if(stristr($AccData[1], "\n")) $AccData[1] = substr($AccData[1], 0, strlen($AccData[1])-2);

$AccountID = $AccData[0];
$UserKey = $AccData[1];
echo "Account ID: ".$AccountID."<br/>User Key: ".$UserKey."<br/><br/>";


I have it set to simply echo out the data for debugging which is where I noticed that any slashes or plus or equal signs were not included.
When run in Apache it returns this:

Account ID: 360235276
User Key: PbI1c5+PGHSshccYd58AklmTgf5u+tbWZplMRYYxFSivRYw4AZhaVNHwADozYZhZhPnXRSV1rmsrhf1td7w6bJbySZmPHLl+hleyz/Ht4iM

Account ID: 477947328
User Key: cXTnFEVP74RWtAgqM5BlwtgW2i9rP/v44oANzwF+yJZ+9mpvaschyo/HaYP1qUXgIK8nK7jy74iSCEHAgpPgPdryzpReM5cbnVDjRw7h9S0

Account ID: 503724987
User Key: XXEJsklZTFaTx8MLjuNIz0S65Sn02rgbHl2sahdReQdadKP39 evIXUoYdr5NyQMWDVE7cRpvn+zJ7mteH7WJzVh0U/sOcSG7kfcuaWpAOfo

So as you can see by comparison there is no slashes or plus or equal signs present, which is going to be a major problem. Is there any way of getting around this problem?

Thanks.

Hi:

I am working with a PHP Event Calendar. I am having trouble displaying the data the way I want to.

If a person clicks on a number/date in the calendar (17, for example) the data will display fine below the calendar.\

However, I want to display only the Event Title ("calName") in the date box as a link, and allow the user to click the title to go to a new page to see the full Event info.

I can not get any of the data to display and hope someone can tell me what I'm doing wrong.

This is the code:
Code: [Select]
<script>
function goLastMonth(month, year){
// If the month is January, decrement the year
if(month == 1){
--year;
month = 13;
}
document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month-1)+'&year='+year;
}
//next function
function goNextMonth(month, year){
// If the month is December, increment the year
if(month == 12){
++year;
month = 0;
}
document.location.href = '<?=$_SERVER['PHP_SELF'];?>?month='+(month+1)+'&year='+year;
}

function remChars(txtControl, txtCount, intMaxLength)
{
if(txtControl.value.length > intMaxLength)
txtControl.value = txtControl.value.substring(0, (intMaxLength-1));
else
txtCount.value = intMaxLength - txtControl.value.length;
}

function checkFilled() {
var filled = 0
var x = document.form1.calName.value;
//x = x.replace(/^\s+/,""); // strip leading spaces
if (x.length > 0) {filled ++}

var y = document.form1.calDesc.value;
//y = y.replace(/^s+/,""); // strip leading spaces
if (y.length > 0) {filled ++}

if (filled == 2) {
document.getElementById("Submit").disabled = false;
}
else {document.getElementById("Submit").disabled = true} // in case a field is filled then erased

}

</script>

...............

<p>

<div id="legend">
<img src="images/Cal-Icon.jpg" style="padding: 0 15px 15px 0;" /> Today is:
<? $today = date("F j, Y, g:i a");
echo " $today "
?>
</div>
<?php
//$todaysDate = date("n/j/Y");
//echo $todaysDate;
// Get values from query string
$day = (isset($_GET["day"])) ? $_GET['day'] : "";
$month = (isset($_GET["month"])) ? $_GET['month'] : "";
$year = (isset($_GET["year"])) ? $_GET['year'] : "";


//comparaters for today's date
//$todaysDate = date("n/j/Y");
//$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";
//$what = (isset($_GET["what"])) ? $_GET['what'] : "";

//$day = (!isset($day)) ? $day = date("j") : $day = "";





//comparaters for today's date
//$todaysDate = date("n/j/Y");
//$sel = (isset($_GET["sel"])) ? $_GET['sel'] : "";
//$what = (isset($_GET["what"])) ? $_GET['what'] : "";

//$day = (!isset($day)) ? $day = date("j") : $day = "";




if(empty($day)){ $day = date("j"); }

if(empty($month)){ $month = date("n"); }

if(empty($year)){ $year = date("Y"); }
//set up vars for calendar etc
$currentTimeStamp = strtotime("$year-$month-$day");
$monthName = date("F", $currentTimeStamp);
$numDays = date("t", $currentTimeStamp);
$counter = 0;
//$numEventsThisMonth = 0;
//$hasEvent = false;
//$todaysEvents = "";
//run a selec statement to hi-light the days
function hiLightEvt($eMonth,$eDay,$eYear){
//$tDayName = date("l");
$todaysDate = date("n/j/Y");
$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
if($todaysDate == $dateToCompare){
//$aClass = '<span>' . $tDayName . '</span>';
$aClass='class="today"';
}else{
//$dateToCompare = $eMonth . '/' . $eDay . '/' . $eYear;
//echo $todaysDate;
//return;
$sql="select count(calDate) as eCount from calTbl where calDate = '" . $eMonth . '/' . $eDay . '/' . $eYear . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
while($row= mysql_fetch_array($result)){
if($row['eCount'] >=1){
$aClass = 'class="event"';
}elseif($row['eCount'] ==0){
$aClass ='class="normal"';
}
}
}
return $aClass;
}
?>
<table width="900" cellpadding="0" cellspacing="0">
<tr>
<td width="50" colspan="1">
<input type="button" value=" &lt; " onClick="goLastMonth(<?php echo $month . ", " . $year; ?>);">
</td>
<td width="250" colspan="5">
<span class="title"><?php echo $monthName . " " . $year; ?></span><br>
</td>
<td width="50" colspan="1" align="right">
<input type="button" value=" &gt; " onClick="goNextMonth(<?php echo $month . ", " . $year; ?>);">
</td>
</tr>
<tr>
<th>S</th>
<th>M</th>
<th>T</th>
<th>W</th>
<th>T</th>
<th>F</th>
<th class="lastOne">S</th>
</tr>
<tr>
<?php
for($i = 1; $i < $numDays+1; $i++, $counter++){
$dateToCompare = $month . '/' . $i . '/' . $year;
$timeStamp = strtotime("$year-$month-$i");
//echo $timeStamp . '<br/>';
if($i == 1){
// Workout when the first day of the month is
$firstDay = date("w", $timeStamp);
for($j = 0; $j < $firstDay; $j++, $counter++){
echo "<td>&nbsp;</td>";
}
}
if($counter % 7 == 0){
?>
</tr><tr>
<?php
}
?>
<!--right here--><td width="128" <?=hiLightEvt($month,$i,$year);?>><a href="<?=$_SERVER['PHP_SELF'] . '?month='. $month . '&day=' . $i . '&year=' . $year;?>&v=1"><?=$i;?></a>



// TRYING TO DISPLAY CALENDAR EVENTS HERE

<?php
$sql="select calName,calDesc, DATE_FORMAT(calStamp, '%a %b %e %Y') as calStamp from calTbl where calDate = '" . $month . '/' . $day . '/' . $year . "'";
//echo $sql;
//return;
$result = mysql_query($sql);
$numRows = mysql_num_rows($result);
?>

<?
while($row = mysql_fetch_array($result)){
?>

<div class="output">
<h5><?=$row['calName'];?></h5>
<?=$row['calDesc'];?><br/>
Listed On: <?=$row['calStamp'];?>
</div>


</td>
</table>


// END OF TRYING TO DISPLAY CALENDAR EVENTS HERE


<?php
}

}
?>

</p>


Can anyone tell me what is wrong?

Thanks!

I'm trying to create a script to use PDO prepared statements to enter data from a post form using functions to perform the PDO required statements.  But, it's not working.  When I execute it, it enters null in all the fields.

I'm hoping someone can tell me why this is not working.

I think the functions output what PDO is looking for.

I'm not sure how to do this otherwise without writing a lot of code like

$site_name= $_POST['site_name'];

and entering all of that in the PDO statments.  It seemed like it made sense to create the statements from the post array.

My code is included below and after that is some output I used to monitor what is going on that shows the output of the functions in the script.

Am I doing this all wrong.  Is another approach that I haven't discovered?

Thanks

--Kenoli

<?php

if(isset($_POST['submit'])){
    
    /** Establish DB connection.  Not real data, of course. */    
        
    $conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
      // set the PDO error mode to exception
      $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

    /** Remove empty $_POST elements. */
    
    $insert_array = array_filter($_POST);
        
    /** Whitelists input to identify columns to which changes are allowed */
 
    $whitelist = array('site_name' =>'', 'site_address' =>'', 'description' =>'', 'surface' =>'', 'tio_contact' =>'', 'site_contact' =>'', 'contact_phone' =>'', 'contact_email' =>'', 'contact_date' =>'', 'comments' =>'');
 
    $insert_array = array_intersect_key($insert_array,$whitelist);
    
    /************/
    
    /** Create query from $insert_array. */
  
  foreach($insert_array as $key => $value) {  
        $col .= $key . ', ';  
        $val .= ':' .$key . ', ';
    }
    
    /** Remove ', " from end of each array. */
    /* For use with update actions to prevent deleting data from fields that contain data. */
    
    $col = substr_replace($col ,"",-2);
    $val = substr_replace($val ,"",-2);
    
    $sql = "INSERT INTO Sites ($col) VALUES ($val)";
    
    /* The result is:  INSERT INTO Sites (site_name, site_address, description, contact_phone) VALUES (:site_name, :site_address, :description, :contact_phone)*/
    
    /************/
    
    /** Prepared statement functions */
    
    $stmt = $conn->prepare($sql);
    
    foreach($insert_array as $key => $value) {
        $param = ':' . $key;
        $stmt->bindParam($param, $$value);
        echo '$' . "stmt->bindParam($param, $$key)<br>"; // Monitor output
    }
    
    foreach($insert_array as $key => $value) {
        $$key = $value;
        echo "$$key = $value<br>";     // Monitor output
    }
    
    $stmt->execute();  // Execute insert


?>

The result with dummy data:

$insert_array

(
    [site_name] => asdfasdf
    [site_address] => Asdffads
    [description] => Asdfs
    [contact_phone] => Asdfsdaf
)
Here is the prepared statement:
INSERT INTO Sites (site_name, site_address, description, contact_phone) VALUES (:site_name, :site_address, :description, :contact_phone)

$stmt->bindParam(:site_name, $site_name)
$stmt->bindParam(:site_address, $site_address)
$stmt->bindParam(:description, $description)
$stmt->bindParam(:contact_phone, $contact_phone)

$site_name = asdfasdf
$site_address = Asdffads
$description = Asdfs
$contact_phone = Asdfsdaf

Everything looks right but  NULLs are inserted in all fields.

 

Am new here - looks like a great foru!

I would sincerely appreciate any help anyone can give me. I have been
trying to solve my problem for hours and I am not having any luck, so I
thought I would post and see if anyone can help. I am very stuck and am
not making much progress on this project, and I am certain the answer is
very simple.

I am constructing a form to collect data for a specialized purpose. 

The form and program actually work for its intended function, but I am
trying to enhance the user experience by preventing customers from
having to reenter all of their data should there be a problem with any
of the data submitted.

I have been able to do that with the contact form portion, but what I am
having trouble with is the portion which has as many as 400 possible
entries.

So, in a nutshell, if the customers contact data is incomplete or in
error, the form will ask them to return to the page and correct things.
The previous data entered has been saved in the session and the input
value will equal the previous entry.

i.e.

<tr>
  <td align="right" class="infoBox"><?php echo ENTRY_EMAIL_ADDRESS; ?></td>
  <td align=left><?php echo "<input type=text name='cemail' value=\"$cemail\" size=35 maxlength=35>" ?></td>
</tr>

Works perfectly, all well and good there.

On the other 400 more or less entries, I am having a difficult time
tweaking the string concatenation to work to achieve similar results.

There are 4 columns each with $points entries asking for a dimension in
either feet or inches. 

The <input name=>  is one of ptaf,ptai,ptbf,ptbi, appended programatically with the corresponding
row number or data point.  i.e. "ptaf1", "ptai1", etc...  This is produced by the example
below and works perfectly also.

<?php {
$points=100;
$i=1;
while ($i <= $points)
{echo '
  <tr><td align="center" width="6"><b>  ' .$i . '</b></td>
     <td align="right" NOWRAP>A' .$i . ' (ft) <input type="text" name="ptaf'.$i.'" size=4 maxlength=3> </td>
      <td align="right" NOWRAP>A' .$i . ' (in) <input type="text" name="ptai'.$i.'" size=4 maxlength=4> </td>
     <td align="right" NOWRAP>B' .$i . ' (ft) <input type="text" name="ptbf'.$i.'" size=4 maxlength=3> </td>
      <td align="right" NOWRAP>B' .$i . ' (in) <input type="text" name="ptbi'.$i.'" size=4 maxlength=4> </td>

';

     $i++;
}   
}
?>


I am trying to add <input value=$ptai.$i> for each field but as I mentioned I
am not having any luck.  It seems as if I have tried every combination
imagineable, but still no luck. My head is spinning!

The closest I seem to have gotten was with this:

<td align="right" NOWRAP>A' .$i . ' (ft) <input type="text" size=6 maxlength=3 name="ptaf'.$i.'"  value="' . "$ptaf" . $i . '" ></td>

But line 17 for example returns this:

<input type="text" value="17" name="ptaf17" maxlength="3" size="6">

To recap, I am trying to have the value set to whatever the customer may
have entered previously.

Again, I would most appreciate any help anyone can give me. If you need
 clarification on anything please let me know.

Thanks

AJ

 

Hello to all,

I have problem figuring out how to properly display data fetched from MySQL database in a HTML table.

In the below example I am using two while loops, where the second one is nested inside first one, that check two different expressions fetching data from tables found in a MySQL database. The second expression compares the two tables IDs and after their match it displays the email of the account holder in each column in the HTML table.

The main problem is that the 'email' row is displayed properly while its while expression is not nested and alone(meaning the other data is omitted or commented out), but either nested or neighbored to the first while loop, it is displayed horizontally and the other data ('validity', 'valid_from', 'valid_to') is not displayed.'

Can someone help me on this, I guess the problem lies in the while loop?
Here is part of the HTML code:

<thead>
 <tr>
 <th data-column-id="id" data-type="numeric">ID</th>
 <th data-column-id="email">Subscriber's Email</th>
 <th data-column-id="validity">Validity</th>
<th data-column-id="valid_from">Valid From</th>
 <th data-column-id="valid_to">Valid To</th>
</tr>
</thead>

Here is part of the PHP code:

 

    <?php
    while($row = $stmt->fetch(PDO::FETCH_ASSOC))
    {
        echo '
            <tr>
                <td>'.$row["id"].'</td>
        ';
        while ($row1 = $stmt1->fetch(PDO::FETCH_ASSOC)) {
        echo '
                <td>'.$row1["email"].'</td>
        ';
        }
        if($row["validity"] == 1) {
            echo '<td>'.$row["validity"].' month</td>';
        }else{
            echo '<td>'.$row["validity"].' months</td>';
        }
        echo '  <td>'.$row["valid_from"].'</td>
                <td>'.$row["valid_to"].'</td>
        </tr>';
    }
    ?>

P.S. Please know that I have purposely omitted the connection part and the methods in the class that are used in this code to keep the spot of the problem as clean as possible. If you need me to rephrase the question, please ask.

Thank you.

Here's the code that deals with the client side:

<?php 
session_start(); 
if(!isset($_SESSION['Logged_in'])){
header("Location: /page.php?page=login");
}
?>
<!DOCTYPE Html>
<html>
<head>
<!--Connections made and head included-->
<?php require_once("../INC/head.php"); ?>
<?php require_once("../Scripts/DB/connect.php"); ?>
<!--Asynchronously Return User Names-->
<script>
$(document).ready(function(){
function search(){
        var textboxvalue = $('input[name=search]').val();
        $.ajax(
        {
            type: "GET",
            url: 'search.php',
            data: {Search: textboxvalue},
            success: function(result)
            {
                $("#results").html(result);
            }
        });
};​
</script>
</head>
<body>
<div id="header-wrapper">
<?php include_once("../INC/nav2.php"); ?>
</div>
<div id="content">
<h1 style="color: red; text-align: center;">Member Directory</h1>
<form onsubmit="search()">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<label for="search">Search for User:</label>
<input type="text" size="70px" id="search" name="search">
</form>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="index.php?do=">Show All Users</a>|<a href="index.php?do=ONLINE">Show All Online Users</a>
<div id="results">
<!--Results will be returned HERE!-->
</div>

  search.php 

<?php
//testing if data is sent ok
echo "<h1>Hello</h1><br>" . $_GET['search'];
?>

This is the link I get after sending foo.    http://www.family-li...php?&search=foo   Is that mean it was sent, but I'm not processing it correctly? I'm new to the whole AJAX thing. 

I have two tables.

Table Name:Users

Fields:

User_name
user_email
user_level
pwd


2.Reference

Fields:

refid
username
origin
destination

user_name in the users table and the username field in reference fields are common fields.



There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be
provided with an refid

Steps:

1.User needs to log in with a valid user id and pwd
2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement.
3.Now User is able to view all the details for any refid
3.Up to this we have completed.

Query:

Now we need to retrieve the details based on the user logged in.

For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement
user 'USER B' has been provided with the referenceid '2468' during the time of order placement

When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him.



<?php


session_start();

if (!$_SESSION["user_name"])


      

{
        // User not logged in, redirect to login page
        Header("Location: login.php");
     }
$con = mysql_connect('localhost','root','');
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("login", $con);
$user_name = $_POST['user_name'];
$refid = $_POST['refid'];
$query = "SELECT * from reference,users WHERE reference.username=users.user_name AND reference.refid='$refid' AND ";

$result = mysql_query($query) or trigger_error('MySQL encountered a problem<br />Error: '  . mysql_error() . '<br />Query: ' . $query);

 while($row = mysql_fetch_array($result))
  {
  echo $row['refid'];
  echo $row['origin'];
  echo $row['dest'];
  echo $row['date'];
  echo $row['exdate'];
  echo $row['username'];
  }
echo "<p><a href=\"logout.php\">Click here to logout!</a></p>";
?>

 <html>
<form method="post" action="final.php">
Ref Id:<input type="text" name="refid">
<input type="submit" value="submit" name="submit">
</html> 

This could be PHP or MySql so putting it in PHP forum for now...
I have code below (last code listed) which processes a dynamically created Form which could have anywhere from 0 to 6 fields.  So I clean all fields whether they were posted or not and then I update the mySQL table.

The problem with this code below is that if, say, $cextra was not posted (i.e. it wasnt on the dynamically created form), then this code would enter a blank into the table for $cextra (i.e. if there was already a value in the table for $cextra, it gets overwritten, which is bad).

What is the best way to handle this?  I'm thinking i have to break my SQL query into a bunch of if/else statements like this...

Code: [Select]
$sql = "UPDATE cluesanswers SET ";
if (isset($_POST['ctext'])){
echo "ctext='$ctext',";
} else {
//do nothing
}
and so on 5 more times....

That seems horribly hackish/inefficient.  Is there a better way?

Code: [Select]
if (isset($_POST['hidden']) && $_POST['hidden'] == "edit") {

$cimage=trim(mysql_prep($_POST['cimage']));
$ctext=trim(mysql_prep($_POST['ctext']));
$cextra=trim(mysql_prep($_POST['cextra']));
$atext=trim(mysql_prep($_POST['atext']));
$aextra=trim(mysql_prep($_POST['aextra']));
$aimage=trim(mysql_prep($_POST['aimage']));


//update the answer edits
$sql = "UPDATE cluesanswers SET ctext='$ctext', cextra='$cextra', cimage='$cimage', atext='$atext', aextra='$aextra', aimage='$aimage'";
$result = mysql_query($sql, $connection);
if (!$result) {
die("Database query failed: " . mysql_error());
} else {
}

Hi, after banging my head against the wall for a while thinking this would be a simple task, I'm discovering that this is more complicated than I thought.

Basically what I have is a link table linking together source_id and subject_id.   For each subject there are multiple sources associated with each.

I had created a basic listing of sources by subject... no problem.   I now need a way of having a form to create an ordered list in a user-specified way.  In other words, I can currently order by id or alphabetically (subject name lives on a different table), but I need the option of choosing the order in which they display.  I added another row to this table called order_by.  No problem again, and I can manage all of this in the database, however I want to create a basic form where I can view sources by subject and then enter a number that I can use for sorting.

I started off looping through each of the entries and the database (with a where), and creating a foreach like so (with the subject_id being grabbed via GET from the URL on a previous script)
Code: [Select]
while($row = mysqli_fetch_array($rs)) {


//update row order
if (isset($_POST['submit']))  {

//get variables, and assign order

$subject_id = $_GET['subject_id'];
$order_by = $_POST['order_by'];
$source_id = $row['source_id'];


//echo 'Order by entered as ' . $order_by . '<br />';

foreach ($_POST['order_by'] as $order_by) {

$qorder = "UPDATE source_subject set order_by = '$order_by'
WHERE source_id = '$source_id'
AND subject_id = '$subject_id'";

mysqli_query($dbc, $qorder)
or die ('could not insert order');

// echo $subject_id . ', ' . $order_by . ', ' . $source_id;
// echo '<br />';
} 
}
else {
$subject_id = $_GET['subject_id'];
$order_by = $row['order_by'];
$source_id = $row['source_id'];

}

And have the line in the form like so:
Code: [Select]
echo '<input type="text" id="order_by" name="order_by[]" size="1" value="'. $order_by .'"/>

(yes I know I didn't escape the input field... it's all stored in an htaccess protected directory;  I will clean it up later once I get it to work)

This, of course, results in every source_id getting the same "order_by" no matter what I put into each field.

I'm thinking that I need to do some sort of foreach where I go through foreach source_id and have it update the "order_by" field for each one, but I must admit I'm not sure how to go about this (the flaws of being self-taught I suppose;  I don't have anyone to go to on this).

I'm hoping someone here can help?

Thanks a ton in advance

Say there is a complex opt in process where people start to enter their data but certain questions stop them where they close out of the page. They already entered their data and I feel there is a way to grab it and post it to mysql even though they do not click submit.   How would this be done?   A super simple example (proof of concept) or a link to a tutorial would be very useful.
Edited by brentman, 23 September 2014 - 10:42 AM.