|
PHP - Please Check N Suggest My Update Code
how to update the record of one table in which condition is that the it should similar to the other table feild only. e.g field of table1 will update only when the feild1 of table1 is equal to field2 of table2 in php??
while im using following command mysql_select_db("db1",$con); $query = "SELECT table2.feild1 , table2.feild1 " . "FROM table2, table1 " . "WHERE table1.feild2 = table2.feild1 "; $data = mysql_query($query) or die(mysql_error()); $sql="UPDATE table2 SET feild2='$_POST[value2]', feild3='$_POST[value3]' WHERE table1.feild2 = $data "; Similar Tutorialsim developing a voting system where you can vote for multiple choices using checkboxes.. upon submitting the vote form, votecounts must automatically be updated.. values for votecount will come from the checkbox value 1. ive been having a hard time trying to figure out hot to update multiple rows with checkbox values..any help would be appreciated..thanks in advance! here's the code: Code: [Select] $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form_vote")) $i=1;{ while ($i<= $totalRows_rs_candi) { $updateSQL = "UPDATE tbl_candidates SET votecount={$_POST['votecount']} WHERE user_id={$_POST['candi']}"; mysql_select_db($database_organizazone_db, $organizazone_db); $Result1 = mysql_query($updateSQL, $organizazone_db) or die(mysql_error()); $i++; } if (isset($_SERVER['QUERY_STRING'])) { $updateGoTo = "vote_success.php"; } header(sprintf("Location: %s", $updateGoTo)); } Code: [Select] <form id="form_vote" name="form_vote" method="POST" action="<?php echo $editFormAction; ?>"> <table border="1"> <tr> <td> </td> <td>user_id</td> <td>l_name</td> <td>course_id</td> <td>yearlevel</td> <td>about</td> </tr> <?php $i=1; do { ?> <tr> <td><span id="sprycheckbox1"> <input name="votecount[<?php echo $i ?>]" type="checkbox" id="votecount" value="1" /> <span class="checkboxMinSelectionsMsg">Minimum number of selections not met.</span></span> <label for="votecount[]"></label></td> <td><label for="candi"></label> <input name="candi" type="text" disabled="disabled" id="candi" value="<?php echo $row_rs_candi['user_id']; ?>" readonly="readonly" /></td> <td><?php echo $row_rs_candi['l_name'].' ,'.$row_rs_candi['f_name'].' '.$row_rs_candi['m_name']; ?></td> <td><?php echo $row_rs_candi['course_id']; ?></td> <td><?php echo $row_rs_candi['yearlevel']; ?></td> <td><?php echo $row_rs_candi['about_me']; ?></td> </tr> <?php $i++; ?> <?php } while ($row_rs_candi = mysql_fetch_assoc($rs_candi)); ?> </table> I'm trying to get some code to work that will update a field to show a checkbox either checked or not checked.
The field either uses a Y or N. Y is checked, N not checked. A code that I have tried displays the correct result for the box either checked or not checked.
input type="checkbox" name="obcDisplay" value="Y" <?=($r['obcDisplay'] == 'Y') ? 'checked="checked"' : ''; ?>/>But I want the ability to change when the form is submitted. so if I bring up a page and the checkbox is checked (Y) and I submint, I want the database to update to N and the other way around. Hi, I joined new here, and I am really having hard time figuring out what's wrong with the code below which isn't working. if (isset($_POST['privacy_submit'])) { if (($_SERVER['REQUEST_METHOD'] == "POST")) { $privacy_upd = mysql_query("UPDATE clf_privacy_terms SET 'p_bannerads' = '".$_POST['p_bannerads']."', 'p_shareinfo' = '".$_POST['p_shareinfo']."', 'p_crossmarketing' = '".$_POST['p_crossmarketing']."', 'p_tacking' = '".$_POST['p_tacking']."', 'p_sendcommunication' = '".$_POST['p_sendcommunication']."', 'p_under13' = '".$_POST['p_under13']."', 'p_internationally' = '".$_POST['p_internationally']."', 'p_discloselegal' = '".$_POST['p_discloselegal']."', 'p_server_country' = '".$_POST['p_server_country']."', 'p_forums' = '".$_POST['p_forums']."', 'p_newslettermodule' = '".$_POST['p_newslettermodule']."', 'p_membershipmodule' = '".$_POST['p_membershipmodule']."' ") or die(mysql_error()); $msg="Successfully Updated!"; } } else { $msg="<font color=\"red\">Incorrect method of submission.</font> Please try again."; } ?> <h2>Privacy Policy</h2> <?php if ($privacy_upd) { echo ($msg); } ?> <form class="box" name="privacy_upd" action="gen.php" method="post"> ......................................................................................... ........................ MySQL Error returns the following: Code: [Select] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''p_bannerads' = 'do not', 'p_shareinfo' = 'do not', 'p_cross' at line 2 Let me know if any of your guys can solve it for me, I would appreciate since I am not able to solve it for last two days already. Thank you... Right I want to make a request to my db to check the no. of rows it has. If it has changed, refresh the chat page. else wait. I have tried to check for last db update, that never worked as well. Well here is my code. Code: [Select] //this is my refresh script below $result = mysql_query("SELECT * FROM chatmessages"); $num_rows = mysql_num_rows($result); echo "$num_rows Rows\n"; while(0){ $num_rows_temp = mysql_num_rows($result); if ($num_rows != $num_rows_temp){ $$num_rows=$num_rows_temp; echo "<script>"; echo "window.location.replace('chatlog.php')"; echo "</script>"; }else{ sleep(2); } } I assume $num_rows != $num_rows_temp is wrong as it does not seem to do anything. Any help would be welcome. thanks. Hi, I need to insert some code into my current form code which will check to see if a username exist and if so will display an echo message. If it does not exist will post the form (assuming everything else is filled in correctly). I have tried some code in a few places but it doesn't work correctly as I get the username message exist no matter what. I think I am inserting the code into the wrong area, so need assistance as to how to incorporate the username check code. $sql="select * from Profile where username = '$username'; $result = mysql_query( $sql, $conn ) or die( "ERR: SQL 1" ); if(mysql_num_rows($result)!=0) { process form } else { echo "That username already exist!"; } the current code of the form <?PHP //session_start(); require_once "formvalidator.php"; $show_form=true; if (!isset($_POST['Submit'])) { $human_number1 = rand(1, 12); $human_number2 = rand(1, 38); $human_answer = $human_number1 + $human_number2; $_SESSION['check_answer'] = $human_answer; } if(isset($_POST['Submit'])) { if (!isset($_SESSION['check_answer'])) { echo "<p>Error: Answer session not set</p>"; } if($_POST['math'] != $_SESSION['check_answer']) { echo "<p>You did not pass the human check.</p>"; exit(); } $validator = new FormValidator(); $validator->addValidation("FirstName","req","Please fill in FirstName"); $validator->addValidation("LastName","req","Please fill in LastName"); $validator->addValidation("UserName","req","Please fill in UserName"); $validator->addValidation("Password","req","Please fill in a Password"); $validator->addValidation("Password2","req","Please re-enter your password"); $validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!"); $validator->addValidation("email","email","The input for Email should be a valid email value"); $validator->addValidation("email","req","Please fill in Email"); $validator->addValidation("Zip","req","Please fill in your Zip Code"); $validator->addValidation("Security","req","Please fill in your Security Question"); $validator->addValidation("Security2","req","Please fill in your Security Answer"); if($validator->ValidateForm()) { $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("beatthis_beatthis") or die(mysql_error()); $FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file $LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file $UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file $Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file $Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file $email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file $Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file $Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file $Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file $Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file $sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')"; //echo $sql; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body); echo "<h3>Your profile information has been submitted successfully.</h3>"; } mysql_close($con); $show_form=false; } else { echo "<h3 class='ErrorTitle'>Validation Errors:</h3>"; $error_hash = $validator->GetErrors(); foreach($error_hash as $inpname => $inp_err) { echo "<p class='errors'>$inpname : $inp_err</p>\n"; } } } if(true == $show_form) { ?> Hello can anyone tell me why this function don't return anything ? <?php include_once('./header.php'); ?> <?php $var = Array(); $data = $db->get("omnot", "fullname"); foreach($data as $var){ $var = $data; } $input = strtolower( $_GET['input'] ); // the input is ok $len = strlen($input); $aResults = array(); if ($len) { for ($i=0;$i<2;$i++) { if (strtolower(substr(utf8_decode($var),0,$len)) == $input) $aResults[] = array( "id"=>($i+1) ,"value"=>htmlspecialchars($var[$i])); } } from the database i get the values: "roey" , "rrr" , "try" input == r why the function don't go to the line: Code: [Select] $aResults[] = array( "id"=>($i+1) ,"value"=>htmlspecialchars($var[$i])); whats wrong with the IF ? I have the following form (attached to this post as a Thumbnail).
I want to make it user-friendly, specifically, bring it up to the modern web standards, namely, I am looking for things that that I think are modern and are user friendly and are great when considered by themselves, but together they may even conflict. And I need some help figuring out what will work best for my situation and what is technically possible.
Right now the user enteres fields into the form, into the editable fields on the left. Then user can save the fields by clicking Save, or click Del to delete the row. User can Add a new row at the bottom.
The things I think will improve the form a * implement a double-click feature on the editable fields to make them editable, and save them automatically upon `blur` event * user can use `Tab` key to navigate from one `<input>` field to the next, normally, as before, and edit values inside. * user can save all fields entered so far, and restore them via some mechanism (i.e. either to web page or to clipboard, and restore via direct paste for example, or file upload..) * Maybe I can use DataTables, but I have never used it so I don't know what could be done Can you help suggest form or UI improvements for the current form that I have? I may also have some questions on first steps or first examples of implementing particular ones (possibly making a separate post for those) Attached Files form.png 7.94KB 0 downloads I think it would be interesting and useful to many to make a do and don't section or pinned post for most sections.
Editable by admins and mods to keep organized
Like the phpfreaks bible of coding, best practices.
A lot of members post some valuable information that gets lost old posts or too hard to search for.
Everyone repeating themselves on bad practices or deprecated code, turning on error reporting and such.
I am new to PHP. I developed this class, I wonder if there's anything wrong or that I can improve. I could not test it because I'm in school. Thanks in advance. Code: [Select] <? class user { var $userID, $schoolID, $userName, $userPass, $dbHost, $dbUser, $dbName, $dbPass, $dbUserTable; $dbSchoolTable; function dbInfo() { $this->dbHost = 'localhost'; $this->dbUser = ''; $this->dbName = ''; $this->dbPass = ''; $this->dbUserTable = ''; $this->dbSchoolTable = ''; } function registerUser($userName, $userPass) { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "INSERT INTO $this->dbUserTable VALUES (NULL, \"$userName\", \"$userPass\")"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { $this->userID = mysql_insert_id(); } mysql_close($dbLink); $this->userName = $userName; $this->userPass = $userPass; } function registerSchool($schoolName) { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "INSERT INTO $this->dbSchoolTable VALUES (NULL, \"$schoolName\")"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { $this->schoolID = mysql_insert_id(); } mysql_close($dbLink); $this->schoolName = $schoolName; } function userLogin() { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "SELECT * FROM $this->dbUserTable WHERE userName = \"$this->userName\" AND userPass = \"$this->userPass\" LIMIT 1"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { while($row = mysql_fetch_array($result)) { session_start(); $_SESSION['userID'] = $row['userID']; session_write_close(); } } mysql_close($dbLink); } function changePass($newPass) { $dbLink = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass); if(!$dbLink) die("Could not connect to database: " . mysql_error()); mysql_select_db($this->dbName); $query = "SELECT * FROM $this->dbUserTable WHERE userName = \"$this->userName\" LIMIT 1"; $result = mysql_query($query); if(!$result) { echo "Fail."; } else { $query = "UPDATE $this->dbUserTable SET userPass = \"$newPass\" WHERE userName = \"$this->userName\""; $result = mysql_query($query); if(!$result) { echo "Fail"; } else { $this->userPass = $newPass; } } mysql_close($dbLink); } } ?> basically this is a search function <form method="post" action="test1.php"> <input type = "hidden" name="submitted" value ="true" /> <label>TYPE: <select name="field"> <option value = "sid">StudentID</option> <option value = "sname">StudentName</option> </select> </label> <label>WORD: <input type="text" name="searchword" /> </label> <input type="submit" /> </form> ------------- <?php if (isset($_POST['submitted'])){ $con = mysql_connect("localhost","root",""); mysql_select_db("uni", $con); $field= $_POST['field']; $searchword = $_POST['searchword']; $query = "SELECT* FROM student WHERE $field = '$searchword'"; $result = mysqli_query($con,$query) or die ('error data'); //-----------> error line echo"<table>"; echo "<tr><th>StudentID</th><th>StudentName</th></tr>"; while($row = mysqli_fetch_array($result)){ echo "<tr><td>"; echo "$row ['sid']"; echo "</td><td>"; echo "$row ['sname']"; echo "</td></tr>"; } echo"</table>"; } mysql_close($con); ?> NB: the error message "Warning: mysqli_query() expects parameter 1 to be mysqli, resource given in C:\wamp\www\test1.php on line 21 error data" try { $sql = "SELECT StudentID,CourseID FROM student,course WHERE StudentID =" . $_POST['sid'] AND CourseID =".$_POST['cid'] ; //-----> error line $query = mysql_query($sql) or trigger_error('MySQL error: ' . mysql_error()); if (mysql_num_rows($query) > 0) { throw new Exception('StudentID already taken'); } } NB: basicaly im inserting data into a table from another two table field. Can someone advise me how to check for malicious PHP code? If I download a script from somewhere, how can I make sure it's not malicious? If bad, maybe it could delete files?? Or send spam? Or EVEN 'send home' code - so that they can track your usage - OK if I consent - not OK if haven't consented and they're doing it sneakily! Sending spam has been a problem when installing Joomla plugins Are there specific commands I should watch out for in PHP scripts? Like send mail or something? I'm sure the baddies would be clever and maybe use IP numbers to send out to instead of domain names? Is there a PHP code checker online? Something that tells you what your PHP script does? Simple things: like tell you if it sends out mail or makes contact outside or deletes files This would be great - it would save a lot of time going through hundreds/thousands of lines of code Thanks OM will this code check if value is null Code: [Select] if($_SESSION["cart"] != null) can someone check if what the problem with my code Code: [Select] $avatar2 = mysql_query("SELECT `users`.`imagelocation' FROM `users` `forum_replies` WHERE `users`.`id`= `forum_replies`.`uid`")or die(mysql_error()); I have a download youtube site http://downloadvideoasmp3.com/ I would like to review an tell me what can be done to be improved. I have several registration systems that were designed some time ago running mysql. How long do I have until I have to competely move to mysqli? I am working on recoding them, but it is taking some time. Does anyone know when it will become an issue?
When I log in on my web-site it takes me to a php login-check page This is the error code that I am getting; Quote Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\login-check.php on line 26 This is the php code that i am using; Code: [Select] <?php $host="localhost"; // Host name $username="root"; // Mysql username $password=""; // Mysql password $db_name="deliverpizza"; // Database name $tbl_name="customer, admin, staff"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_privelage.php"); } else { } ?> I wish to use the code from the following page that can be used to check if an uploaded image is an animated GIF: http://stackoverflow.com/questions/280658/can-i-detect-animated-gifs-using-php-and-gd Here is the function: function is_ani($filename) { if(!($fh = @fopen($filename, 'rb'))) return false; $count = 0; //an animated gif contains multiple "frames", with each frame having a //header made up of: // * a static 4-byte sequence (\x00\x21\xF9\x04) // * 4 variable bytes // * a static 2-byte sequence (\x00\x2C) // We read through the file til we reach the end of the file, or we've found // at least 2 frame headers while(!feof($fh) && $count < 2) $chunk = fread($fh, 1024 * 100); //read 100kb at a time $count += preg_match_all('#\x00\x21\xF9\x04.{4}\x00\x2C#s', $chunk, $matches); fclose($fh); return $count > 1; } Am I right in saying that there are curly brackets missing after the while line? The indenting indicates that both of the 2 following lines should be included in the while loop, but the lack of curly brackets mean that only the line beginning with $chunk is included in the loop. The code actually seems to work with and without the curly brackets. Does anyone understand this code well enough to know whether or not the curly brackets should be included? Thanks in advance. This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=306339.0 |
|||||||