$from = $_POST['from'];
$to = $_POST['to'];
$message = $_POST['message'];
$query = "SELECT * FROM Users WHERE `user_name` = '$from' LIMIT 1";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$fromID = $row['user_id'];
}
I'm trying to have $formID be the user_id for a user in my database. Each row in the Users table is like:
user_id | user_name | user_type
1 | Hristo | Agent
So I want $from = 1 but the above code isn't working. Any ideas why?
Try this:
$from = mysql_real_escape_string($_POST['from']);
$to = mysql_real_escape_string($_POST['to']);
$message = mysql_real_escape_string($_POST['message']);
$query = "SELECT * FROM Users WHERE user_name = '$from' LIMIT 1";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_assoc($result)) {
$fromID = $row['user_id'];
}
Also, make sure that:
You have connected to the database
You do get data from the post, try var_dump with your vars eg var_dump($from)
Use mysql_fetch_assoc instead
while($row =mysql_fetch_assoc($result)){ $fromID = $row['user_id'];
}
though it should.
try this code
$from = mysql_real_escape_string($_POST['from']);
$to = mysql_real_escape_string($_POST['to']);
$message = mysql_real_escape_string($_POST['message']);
$query = "SELECT * FROM Users WHERE `user_name` = '$from' LIMIT 1";
$result = mysql_query($query) or trigger_error(mysql_error().$query);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$fromID = $row['user_id'];
echo $fromID;
if it will throw no errors but still print no id, add this line
var_dump($row);
and post here it's output
not that you shouldn't use a user name but user id to address particular user.
Related
I'm trying to delete one line from a table, however and even following the examples on stackoverflow, I can't reach a solution.
One of the Important things before start, is that I have the url's hidden, so I don't see the Get url, even the splice don't delete the right line on the table.
HTML:
<button id="{{value.username}}" type='button' type="button" ng-click="delete(value.username, $index)" class="btn btn-primary">Delete</button></td>
JS
$scope.delete = function(deletingId, index){
console.log(deletingId);
$http.get("../admin/deleted.php?username=" + deletingId)
.success(function(data){
$scope.data.splice(index, 1);
console.log('dadasdas');
})
}
PHP
$id = $_GET ['username'];
$sql = "SELECT * FROM members";
$records = mysql_query($sql);
if(isset($_GET['username'])){
$id = $_GET ['username'];
$delete = "DELETE FROM members WHERE username= '$id'";
$res = mysql_query($delete) or die ("FAILED" .mysql_error());
}
Am I doing anything wrong ( the scope is working, the php src is correct, but even doing an echo on php it doesn't fulfill nothing) since I've the url's hidden is there anyway to make it as a post?
Thanks in advance
Try this (I will use Mysqli, because I don't use Mysql);
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";
$conn = new mysqli($servername, $username, $password, $dbname);
$id = $_GET['username'];
$sql = "SELECT * FROM users";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
if (strtolower($id) == strtolower($row['username'])) {
$sql = "DELETE FROM users WHERE id=".row['id'];
$conn->query($sql);
}
}
} else {
echo "No accounts registered!";
}
So, deleting stuff with SQL, is case sensitive. So, I hope/think you have a auto increment id in your database. Then this will 100% surely work!
I want to build an array in PHP from SQL query and send it back via ajax to my JS file.
$id = clear(filter_input(INPUT_POST, 'id'));
$sql = 'SELECT * FROM `counties` WHERE `id`="'.$id.'"';
$query = mysqli_query($con, $sql);
$array = array();
while($result = mysqli_fetch_array($query)) {
$id = $result['id'];
$name = $result['name'];
$array[] = array('id' => $id, 'name' => $name);
}
echo json_encode($array);
This is my code. In response I have always just one element. There's a lot of more. How could i do that correctly? I was browsing whole Internet and I didn't find anything useful... :(
$id = $_POST['id'];
$query = mysqli_query($con, "SELECT id,name FROM `counties` WHERE `id`='$id'");
$array = mysqli_fetch_all($query,MYSQLI_ASSOC);
echo json_encode($array);
this may simplified code
i want to fetch data from my database which is linked to the website,i have created a search box,whenever i enter a particular value in search box,it should display all the related content from the database.i have done the following code,it is not fetching the data from the database,it just shows a blank screen.
<?php
define('db_name','njgh');
define('db_user','root');
define('db_password','');
define('db_host','localhost');
session_start();
$link=mysql_connect(db_host,db_user,db_password);
if(!$link)
{
die('couldnot connetc:'.mysql_error());
}
$db_selected=mysql_select_db(db_name,$link);
if(!$db_selected)
{
die('cant connect to db');
}
function clean($str) {
$str = #trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
$value = clean($_POST['searchtext']);
$qry = "SELECT * FROM database WHERE Site_ID = '$value'";
$result = mysql_query($qry);
print_r($result);
mysql_query function return resource ID not your data , use mysql_fetch_array, mysql_fetch_object to get data
$value = ($_POST['searchtext']);
$result = mysql_query("SELECT * FROM database WHERE Site_ID = '$value'");
while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
printf("ID: %s Name: %s", $row[0], $row[1]);
}
mysql_* has been removed entirely as of PHP 7.0. Prevent SQL injection and use the mysqli statement class.
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "njgh";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$value = $_POST['searchtext'];
/* create a prepared statement */
if($stmt = $conn->prepare("SELECT * FROM database WHERE Site_ID =?")) {
/* bind parameters for markers */
$stmt->bind_param("s", $value);
/* execute query */
$stmt->execute();
$result = $stmt->get_result();
if($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
echo $row['db_table_field_name'];
}
//or
$row = $result->fetch_assoc();
print_r($row);
} else {
}
/* close statement */
$stmt->close();
}
/* close connection */
$con->close();
?>
The original MySQL extension is now deprecated, and will generate E_DEPRECATED errors when connecting to a database. Instead, use the MySQLi or PDO_MySQL extensions.
Hope this will work for you......
<?php
define('db_name','sports');
define('db_user','root');
define('db_password','');
define('db_host','localhost');
$link=mysqli_connect(db_host,db_user,db_password,db_name);
if(!$link)
{
die('couldnot connect:'.mysql_error());
}
function clean($str) {
$link=mysqli_connect(db_host,db_user,db_password,db_name);
$str = #trim($str);
if(get_magic_quotes_gpc())
$str = stripslashes($str);
return mysqli_real_escape_string($link, $str);
}
if(isset($_POST['searchtext'])){
$value = clean($_POST['searchtext']);
$qry = "SELECT * FROM cricket WHERE id = '$value'";
$qrydb = mysqli_query($link, $qry);
while($row=mysqli_fetch_array($qrydb)){
$name = $row['name'];
}
echo $name ;
}
?>
<body>
<form method="post">
<input type="text" name="searchtext">
<input type="submit" name="submit">
</form>
</body>
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 7 years ago.
I am trying to build a click button that increments value of the item in the database. I am using UPDATE method for this.
The problem is that whenever the update query is run, the value it takes from the databse to increment (or decrement) is zero. (0+1 = 1, 0-1 = -1)
require_once("C:/xampp/htdocs/Selfie/database/dbcontroller.php");
$db_handle = new DBController();
$image_id = $_POST["image_id"];
$active_user_id = $_POST["active_user_id"];
$query = "SELECT user_image_id from users where user_id='" . $active_user_id . "'";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
if ($row['user_image_id'] == $image_id) {
echo "own image";
}
else
{
$query = "SELECT image_id from hearts where user_id='" . $active_user_id . "'";
$result = mysql_query($query);
if ($row = mysql_fetch_assoc($result)) {
if ($row['image_id'] == $image_id) {
$query = "UPDATE images SET image_hearts='image_hearts'-1 where image_id=" . $image_id;
$result = mysql_query($query);
$query = "DELETE FROM hearts WHERE user_id=" . $active_user_id;
$result = mysql_query($query);
$query = "UPDATE users SET user_like ='' where user_id=" . $active_user_id;
$result = mysql_query($query);
echo "just unlike";
}
else
{
$query = "DELETE FROM hearts WHERE user_id=" . $active_user_id;
$result = mysql_query($query);
$query = "UPDATE images SET image_hearts='image_hearts'-1 where image_id=" . $row['user_image_id'];
$result = mysql_query($query);
$query = "Select image_path from images where image_id=" . $image_id;
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$query = "UPDATE users SET user_like ='" . $row["image_path"] . " where user_id=" . $active_user_id;
$result = mysql_query($query);
$query = "UPDATE images SET image_hearts='image_hearts'+1 where image_id=" . $image_id;
$result = mysql_query($query);
$query = "INSERT INTO hearts (image_id , user_id) VALUES ('$image_id','$active_user_id')";
$result = mysql_query($query);
echo "unlike then like";
}
}
else
{
$query = "INSERT INTO hearts (image_id , user_id) VALUES ('$image_id','$active_user_id')";
$result = mysql_query($query);
$query = "UPDATE images SET image_hearts='image_hearts'+1 where image_id=" . $image_id;
$result = mysql_query($query);
$query = "Select image_path from images where image_id=" . $image_id;
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$query = "UPDATE users SET user_like ='" . $row["image_path"] . "' where user_id=" . $active_user_id;
$result = mysql_query($query);
echo "image liked successfully.";
}
}
This is my jQuery code:
function test_click(i_image_id, i_heart_id, i_active_user_id) {
var active_user_id = i_active_user_id;
var image_id = i_image_id;
var heart_id = i_heart_id;
jQuery.ajax({
url: "../Selfie/validations/add_like.php",
data: {
active_user_id: active_user_id,
image_id: image_id
},
type: "POST",
success: function(data) {
if (data == "own image")
{
alert('You are trying to like your own image You NARCISSIST');
}
else if (data == "just unlike")
{
$("*").removeClass("btn-heart-red animated bounce fa-heart-red");
alert('just unlike');
}
else
{
$("*").removeClass("btn-heart-red animated bounce fa-heart-red");
$("#" + heart_id).removeClass("animated rubberBand");
$("#" + heart_id).toggleClass("btn-heart-red animated bounce fa-heart-red");
}
alert(data);
}
});
}
This image_hearts='image_hearts'+1 remove the quotes; that's a column you're wanting to update and not the string literal. The same thing goes for 'image_hearts'-1
Check for errors on your queries, which would have helped you here.
http://php.net/manual/en/function.mysql-error.php
Plus, your present code is open to SQL injection. Use mysqli with prepared statements, or PDO with prepared statements.
mysql_* functions deprecation notice:
http://www.php.net/manual/en/intro.mysql.php
This extension is deprecated as of PHP 5.5.0 and removed as of PHP 7.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.
These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.
Documentation for MySQL can be found at » http://dev.mysql.com/doc/.
Footnotes:
If I may quote Marc's comment:
"in other words. 'image_hearts' + 1 is string literal plus integer, and unless that string literal contains digits at the start of it, will simply become 0 + 1 – Marc B"
So I have a basic php page and it calls another php page that contains my mysql query and output. Pretty simple. I am using a jquery refresh statement below to auto refresh the div that the query is in:
<script type="text/javascript">
var auto_refresh = setInterval(
function ()
{
$('#records').load('user_records.php').fadeIn("slow");
}, 30000); // refresh every 30 seconds
</script>
Here is my user_records.php file:
<?php
$username = $_GET['user'];
include('connect.php');
$did = array();
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = mysqli_query($link, $sql, MYSQLI_STORE_RESULT);
while($row = $result->fetch_assoc()){
$user_id = $row['id'];
}
$sql = "SELECT * FROM assign_did WHERE user_id = '$user_id'";
$result = mysqli_query($link, $sql, MYSQLI_STORE_RESULT);
while($row = $result->fetch_assoc()){
$did_id = $row['did_id'];
$sql1 = "SELECT did FROM did WHERE id = '$did_id'";
$result1 = mysqli_query($link, $sql1, MYSQLI_STORE_RESULT);
while($row1 = $result1->fetch_row()){
$did[] = $row1[0];
}
}
$did_arr = array();
foreach($did as $newdid){
$did_arr[] = '`extension` LIKE \'%'.$newdid.'\'';
}
echo "<div id='records'><h1 align='center'>Today's Transfers</h1>
<table cellspacing='0' cellpadding='0'>
<tr>
<th> Customer Name</th><th>Phone Number</th><th>Disposition</th><th>DID</th><th>Date Called</th>
</tr>
";
$sql3 = 'SELECT * FROM `vicidial_did_log` WHERE ('.implode(" OR ", $did_arr) . ')';
$result3 = mysqli_query($link, $sql3, MYSQLI_STORE_RESULT);
while($row3 = $result3->fetch_assoc()){
$caller_id_number = $row3['caller_id_number'];
$extension = $row3['extension'];
...echo the rows into rows and columns...
?>
So it refreshes user_records.php that has a div with id 'records'. That div performs the mysql query and echos is. My problem is that when it does the refresh, the query just goes blank. It refreshes the div, because I have a few things that echo/output before the query starts and starts outputting. Not sure what I am doing wrong here or what code you guys need to see. I hope someone can help. Thank you.