I have one page where i can Approve or Delete comments which user submitted on my blog (I built the blog without Wordpress with PHP and MySQL) Now everything is working fine and i just need help with one question.
I'm deleting and approving comments from one page means i have separate queries but both are on same page and i want to auto-refresh page only once after submitting of form, below is code which i has.
For approving comment -
<?php
if(isset($_POST['approve_cmt'])) {
$id = $_POST['id'];
$sql = "UPDATE `blog_comments` SET `status` = '1' WHERE comment_id = '$id'";
$res = mysql_query($sql) or die(mysql_error());
if ($res == 1) {
echo "<script type='text/javascript'>alert('Comment approved!') window.location.reload(); </script>";
} else {
echo "<script type='text/javascript'>alert('Failed to approve comment') window.location.reload(); </script>";
}
}
;?>
for deleting comment
<?php
if(isset($_POST['delete_cmt'])) {
$id = $_POST['id'];
$sql = "DELETE FROM `blog_comments` WHERE `comment_id` = '$id'";
$res = mysql_query($sql) or die(mysql_error());
if ($res == 1) {
echo "<script type='text/javascript'>alert('comment deleted') window.location.reload(); </script>";
} else {
echo "<script type='text/javascript'>alert('unable to delete comment') window.location.reload(); </script>";
}
}
;?>
Use redirect('Location: the_same_page_name');
Related
<?php require_once('connection.php');
session_start();
if (isset($_POST['Submit']))
{
$answ = $_POST['answ'];
$email = $_SESSION['email'];
$insert = "INSERT INTO answerList (answ,queID,email) SELECT questionList.queID FROM questionList " ;
$result = mysqli_query($con, $insert);
if (!$result) {
echo "<script>alert('ERROR !!!!! '); location='faq.php';</script>";
}
else {
echo "<script>alert('Successful Post'); location='faq.php'; </script>";
}
}
?>
I have 3 table
table 1: users(email, password)
table 2: question(questionID, questionContent, email)
table 3: answer(answerID, answerContent, questionID, email)
how can i connect questionID into table 3?
i already do the login and add question sql . but how can i add the answer to current question with logged email?
a table have question. and each question have answer button
You could use <input type='hidden' name='questionId' value='<?php echo $value>'>
For each question you'll have to set $value to the questionID.
When the answer is submited you'll do:
if (isset($_POST['Submit']))
{
$answ = $_POST['answ'];
$email = $_SESSION['email'];
$questionId = $_POST['questionId'];
$insert = "INSERT INTO `answerList`(`answer`, `email`, `questionID`) VALUES ('$answ','$email','$questionId[value-3]')" ;
$result = mysqli_query($con, $insert);
if (!$result) {
echo "<script>alert('ERROR !!!!! '); location='faq.php';</script>";
}
else {
echo "<script>alert('Successful Post'); location='faq.php'; </script>";
}
}
so, this implementation worked with an md5 password check but after implementing a password hash check (for a safer password storage in my database) the member is not allowed to log in. The user after typing the correct email and password is only brought back to the index.php page. Any help would be appreciated. this is my session.php code:
<?php
session_start();
//Check whether the session variable SESS_MEMBER_ID is present or not
// do check
if(!isset($_SERVER['HTTP_REFERER'])){
// redirect them to your desired location
header('Location: custom_404.html');
exit;
}
if (!isset($_SESSION['alogin']) || (trim($_SESSION['alogin']) == '')) { ?>
<!-- send to home page -->
<script>
window.location = "../index.php";
</script>
<?php
}
$session_id=$_SESSION['alogin'];
$session_depart = $_SESSION['arole'];
?>
here is what should work within index.php:
<?php
session_start();
include('includes/config.php');
if(isset($_POST['signin']))
{
$username=$_POST['username'];
$username=strtolower($username);
$password=$_POST['password'];
$sql ="SELECT * FROM tblemployees where EmailId = '$username'";
$query= mysqli_query($conn, $sql);
$count = mysqli_num_rows($query);
if($count>0)
{
$passwordCheck = mysqli_fetch_assoc($query)['Password'];
if(!password_verify($password,$passwordCheck)){
echo "<script>alert('Wrong password please try again.');</script>";
}
while ($row = mysqli_fetch_assoc($query)) {
if ($row['role'] == 'Admin') {
$_SESSION['alogin']=$row['emp_id'];
$_SESSION['arole']=$row['Department'];
echo "<script type='text/javascript'> document.location = 'admin/admin_dashboard.php'; </script>";
}
elseif ($row['role'] == 'Staff') {
$_SESSION['alogin']=$row['emp_id'];
$_SESSION['arole']=$row['Department'];
echo "<script type='text/javascript'> document.location = 'staff/index.php'; </script>";
}
else {
$_SESSION['alogin']=$row['emp_id'];
$_SESSION['arole']=$row['Department'];
echo "<script type='text/javascript'> document.location = 'heads/index.php'; </script>";
}
}
}
else{
echo "<script>alert('Wrong email or password please try again.');</script>";
}
}
// $_SESSION['alogin']=$_POST['username'];
// echo "<script type='text/javascript'> document.location = 'changepassword.php'; </script>";
?>
Your login code is wrong. The loop
while ($row = mysqli_fetch_assoc($query))
is never fetching anything, because you already read the row with
$passwordCheck = mysqli_fetch_assoc($query)['Password'];
You should just fetch the row once, and use that for both the password and role checks.
You also should use a prepared statement to prevent SQL injection.
<?php
session_start();
include('includes/config.php');
if(isset($_POST['signin']))
{
$username=$_POST['username'];
$username=strtolower($username);
$password=$_POST['password'];
$sql ="SELECT * FROM tblemployees where EmailId = ?";
$stmt= mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
$query = mysqli_stmt_get_result($stmt);
$row = mysqli_fetch_assoc($query);
if($row)
{
$passwordCheck = $row['Password'];
if(!password_verify($password,$passwordCheck)){
echo "<script>alert('Wrong email or password please try again.');</script>";
} else {
if ($row['role'] == 'Admin') {
$_SESSION['alogin']=$row['emp_id'];
$_SESSION['arole']=$row['Department'];
echo "<script type='text/javascript'> document.location = 'admin/admin_dashboard.php'; </script>";
}
elseif ($row['role'] == 'Staff') {
$_SESSION['alogin']=$row['emp_id'];
$_SESSION['arole']=$row['Department'];
echo "<script type='text/javascript'> document.location = 'staff/index.php'; </script>";
}
else {
$_SESSION['alogin']=$row['emp_id'];
$_SESSION['arole']=$row['Department'];
echo "<script type='text/javascript'> document.location = 'heads/index.php'; </script>";
}
}
}
else{
echo "<script>alert('Wrong email or password please try again.');</script>";
}
}
// $_SESSION['alogin']=$_POST['username'];
// echo "<script type='text/javascript'> document.location = 'changepassword.php'; </script>";
?>
I new in programming. Currently, I develop a system that registration part. The registration part is successfully saved to the database. What I want to know is how to popup an alert dialog with one button e.g "Ok" after registration was successful and redirect to another page, such as home page. Now I only echo "successfully saved"
Below is my current code
<?php
require "DbConnect.php";
$name = $_POST['name'];
$badgeid = $_POST['badgeid'];
$position = $_POST['position'];
$department = $_POST['department'];
$factory = $_POST['factory'];
$reviewer = $_POST['reviewer'];
$title = $_POST['title'];
$year = $_POST['year'];
$month = $_POST['month'];
$suggestionwill = $_POST['suggestionwill'];
$present = $_POST['present'];
$details = $_POST['details'];
$benefit = $_POST['benefit'];
$sql_query = "INSERT INTO topsuggest (name,badgeid,position,department,factory,
reviewer,title,year,month,suggestionwill,present,details,benefit) VALUES('$name','$badgeid','$position','$department','$factory','$reviewer','$title','$year','$month','$suggestionwill','$present','$details','$benefit')";
if(mysqli_query($conn,$sql_query))
{
echo "<p id='msg'></p>";
}
else
{
echo "Error!! Not Saved".mysqli_error($con);
}
?>
Just use php header and use javascript to alert a message .
if(mysqli_query($conn,$sql_query))
{
echo "<script>alert('Successfuly Saved');</script>";
header('Location: PATH TO BE REDIRECTED');
}
For a example
if(mysqli_query($conn,$sql_query))
{
echo "<script>alert('Successfuly Saved');</script>";
header('Location: ../Insert/Index.php');
}
Please note that space between Location: is compulsory
After inserting data you can simply redirect to your interested page with a success message like:
header("location:page_of_interest.php?msg=Record Inserted");
and on page_of_interest.php you can simply check for msg and show if it is set like:
if(isset($_GET['msg'])){
echo $_GET['msg'];
}
This is my deleteriddle.php but it doesn't work. Please help me
<?php
require("dbcon.php");
$ridid = isset ($_GET['riddleid'])?$_GET['riddleid']:"";
$query = sprintf("DELETE FROM riddle WHERE riddleid= '$ridid'");
$result = mysql_query($query);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
else {
echo '<script type="text/javascript">
alert("Riddle successfully delete");
window.location.href = "viewriddle.php";
</script>';
}
mysql_close($dbcon);
?>
Try this :
$query = sprintf("DELETE FROM riddle WHERE riddleid= %u", $ridid);
Good Day!
I'd like to ask something. I have a link named "delete" at the index file. Now, I want to confirm from a user before doing the delete operation. However, I'd like to put the script for confirmation to the delete file. I've tried multiple ways, yet it's useless. But it can delete actually, my problem exactly is that, the confirmation box does not prompt. Kinda' stock in here. Please help.
Heres my code at index.php (link to delete):
`<p><strong>Country: </strong> <?php echo $country['countries'];?>   |
  Edit |
<a href="deletecountry.php?id=<?php echo $country['id']; ?>"
class="confirmation">Delete</a></p>`
And here's my delete.php file:
`<?php
require 'dbconnect.php';
$id = $_GET['id']; ?>
<script>
function confirmationDelete(){
var conf = confirm('Are you sure want to delete this record?');
if(conf==true){
<?php
$sql = "DELETE countries FROM countries WHERE id=$id";
if (mysqli_query($connect, $sql)) { ?>
alert("Record Deleted!");
<?php }
else { ?>
alert("Error Deleting Record!");
<?php } ?>
}
return conf;
}
</script>`
in
Delete
then in your deletecountry.php
<?php
session_start();
require 'dbconnect.php';
$id = $_GET['id']; ?>
$sql = "DELETE countries FROM countries WHERE id=$id";
if (mysqli_query($connect, $sql)) {
$_SESSION['msg'] = 'Successfully Deleted';
}
else {
$_SESSION['msg'] = 'Error Deleting';
}
// redirect to somewhereelse.php
then in your somewhereelse.php
<?php
session_start();
if(isset($_SESSION['msg']))
{
echo '<script>alert("'. $_SESSION['msg'] .'")</script>';
session_unset('msg');
}
?>
<a onclick='javascript:confirmationDelete($(this));return false;' href="delete.php?id=1">Delete</a>
and create javascript function
function confirmationDelete(anchor)
{
var conf = confirm('Are you sure want to delete this record?');
if(conf)
window.location=anchor.attr("href");
}
or
delete