Jump to content


Photo

Probably a broken array

php php array

  • Please log in to reply
2 replies to this topic

#1 maitland

maitland

    Newbie

  • New Members
  • Pip
  • 2 posts

Posted 31 July 2013 - 02:18 PM

I'm trying to build a form for a TCG i run where it allow people to vote for decks they want to see released. It would show in the database by adding 1 for yes and nothing for no. I have it coded but I can't get it to update the database does anyone see where I went wrong?

<?php session_start();
if (isset($_SESSION['USR_LOGIN'])=="") {
	header("Location:http://leisure.day-is-gone.net/login.php");
}
	include("mytcg/settings.php");
	include("$header");

if(!$_SERVER['QUERY_STRING']) {
	$select = mysql_query("SELECT * FROM `$table_members` WHERE name='$_SESSION[USR_LOGIN]'");
	while($row=mysql_fetch_assoc($select)) {
		?>

		<h1>Release Me Form</h1>
Chose an option for all.<Br>
<?php
$select2 = mysql_query("SELECT * FROM `$table_cards` WHERE released='N' AND `voted` NOT LIKE '$_SESSION[USR_LOGIN]' ORDER BY set2, category, deckname");
$count = mysql_num_rows($select2);
if($count==0) {
	echo "There are currently no requested decks.\n";
	echo "<br /><br />\n\n";
}
else {
	echo "<table width=\"100%\">\n";
	echo "<form method=\"post\" action=\"forms_reme2.php?thanks\">
		<input type=\"hidden\" name=\"name\" value=\"$row[name]\" />
		<input type=\"hidden\" name=\"email\" value=\"$row[email]\" />";
	echo "<tr><td width=\"50%\"><b>Deckname</b></td><td width=\"25%\"><b>Category</b></td><td width=\"10%\"><b>Yes</b></td><td width=\"10%\"><b>No</b></td></tr>\n";
	while($row2=mysql_fetch_assoc($select2)) {
		$cat=$row2[category];
		if
($row2[groupmember]=="No") {
echo "		<input type=\"hidden\" name=\"id\" value=\"$row2[id]\" /><tr><td>$row2[deckname]</td><td>$category[$cat]</td><td><input name=\"reme[$row2[id]]\" value=\"1\" type=\"radio\">Yes</td><td><input name=\"reme[$row2[id]]\" value=\"0\" type=\"radio\">No</td></tr>\n";
}
	else {		echo "<input type=\"hidden\" name=\"id\" value=\"$row2[id]\" /><tr><td>$row2[set2]: $row2[deckname]</td><td>$category[$cat]</td><td><input name=\"reme[$row2[id]]\" value=\"1\" type=\"radio\">Yes</td><td><input name=\"reme[$row2[id]]\" value=\"0\" type=\"radio\">No</td></tr>";
		}}
	echo "</table>\n";
	echo "<br /><br />\n";
}

?>
		<tr><td>&nbsp;</td><td><input type="submit" name="submit" value="Release It! " /></td></tr>
		</table>
		</form>

		<?php
	}
}

elseif($_SERVER['QUERY_STRING']=="thanks") {
	if (!isset($_POST['submit']) || $_SERVER['REQUEST_METHOD'] != "POST") {
		exit("<p>You did not press the submit button; this page should not be accessed directly.</p>");
	}
	else {
		$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i";
		$profanity = "/(beastial|bestial|blowjob|clit|cum|cunilingus|cunillingus|cunnilingus|cunt|ejaculate|fag|felatio|fellatio|fuck|fuk|fuks|gangbang|gangbanged|gangbangs|hotsex|jism|jiz|kock|kondum|kum|kunilingus|orgasim|orgasims|orgasm|orgasms|phonesex|phuk|phuq|porn|pussies|pussy|spunk|xxx)/i";
		$spamwords = "/(viagra|phentermine|tramadol|adipex|advai|alprazolam|ambien|ambian|amoxicillin|antivert|blackjack|backgammon|texas|holdem|poker|carisoprodol|ciara|ciprofloxacin|debt|dating|porn)/i";
		$bots = "/(Indy|Blaiz|Java|libwww-perl|Python|OutfoxBot|User-Agent|PycURL|AlphaServer)/i";
		
		if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {
			exit("<h1>Error</h1>\nKnown spam bots are not allowed.<br /><br />");
			}
			foreach ($_POST as $key => $value) {
				$value = trim($value);
				if (empty($value)) {
					exit("<h1>Error</h1>\nEmpty fields are not allowed. Please go back and fill in the form properly.<br /><br />");
				}
				elseif (preg_match($exploits, $value)) {
					exit("<h1>Error</h1>\nExploits/malicious scripting attributes aren't allowed.<br /><br />");
				}
				elseif (preg_match($profanity, $value) || preg_match($spamwords, $value)) {
					exit("<h1>Error</h1>\nThat kind of language is not allowed through our form.<br /><br />");
				}
				
				$_POST[$key] = stripslashes(strip_tags($value));
			}
			$name = escape_sql(CleanUp($_POST['name']));
			$email = escape_sql(CleanUp($_POST['email']));
			$reme = escape_sql(CleanUp($_POST['reme']));
if (is_array($reme)) {
if($_POST['submit']){
foreach($_POST["id"] AS $key => $val) {
$id = $val;


$area = $_POST['reme'.$id.''];



$update = "UPDATE cards SET reme='$area' AND voted='$name' WHERE id='$id'";
 

  }
}}

			
				if(mysql_query($update, $connect)) {
					?>
					<h1>Thank You!</h1>
					Thank you for sending in the release it form this helps me decide what upcoming decks to release. Please take what you see below

					<br /><br />
				
					<center>
					<?php

			}
			else {
				?>
				<h1>Error</h1>
				It looks like there was an error in processing your level up form. Send the information to <?php echo $tcgemail; ?> and we will send you your rewards ASAP. Thank you and sorry for the inconvenience.
				<?php
			}
	}
}
include("$footer"); ?>


#2 Psycho

Psycho

    Advanced Member

  • Gurus
  • 10,750 posts
  • LocationCanada

Posted 31 July 2013 - 03:54 PM

I see a many problems. But, I'm not really going to go through line by line since it would take me quire a while.

 

You are trying to get the IDs to update using a hidden field, but  that makes no sense since the user cannot modify those fields (directly).

foreach($_POST["id"] AS $key => $val) {
$id = $val;

 

But, the id field is not an array, so you should get an error on the foreach() loop. Plus, you should not run multiple queries to make the updates. Instead you should do an UPDATE using an IN() listing all the IDs to update.

 

On another note, you need to code more efficiently. For example you have this:

if ($row2[groupmember]=="No")
{
    echo "<input type=\"hidden\" name=\"id\" value=\"$row2[id]\" /><tr><td>$row2[deckname]</td><td>$category[$cat]</td><td><input name=\"reme[$row2[id]]\" value=\"1\" type=\"radio\">Yes</td><td><input name=\"reme[$row2[id]]\" value=\"0\" type=\"radio\">No</td></tr>\n";
}
else
{
    echo "<input type=\"hidden\" name=\"id\" value=\"$row2[id]\" /><tr><td>$row2[set2]: $row2[deckname]</td><td>$category[$cat]</td><td><input name=\"reme[$row2[id]]\" value=\"1\" type=\"radio\">Yes</td><td><input name=\"reme[$row2[id]]\" value=\"0\" type=\"radio\">No</td></tr>";
}

 

The if and else are basically the same with a minor change. You should instead do this

$label = ($row2['groupmember']=="No") ? $row2['deckname'] : "{$row2['set2']}: {$row2['deckname']}";

echo "<tr>";
echo "<td>{$label}<input type=\"hidden\" name=\"id\" value=\"{$row2['id']}\" /></td>";
echo "<td>{$category[$cat]}</td>";
echo "<td><input name=\"reme[{$row2['id']}]\" value=\"1\" type=\"radio\">Yes</td>";
echo "<td><input name=\"reme[{$row2['id']}]\" value=\"0\" type=\"radio\">No</td></tr>\n";
echo "</tr>\n";
echo "</table>\n";

 

Note, I broke up the echo to improve readability and I moved the hidden input into a TD because it creates invalid code to put elements in-between table elements.


The quality of the responses received is directly proportional to the quality of the question asked.

I do not always test the code I provide, so there may be some syntax errors. In 99% of all cases I found the solution to your problem here: http://www.php.net

#3 maitland

maitland

    Newbie

  • New Members
  • Pip
  • 2 posts

Posted 31 July 2013 - 06:50 PM

I'm new to code that's why it's all like that I'm trying to learn as I do this and I got stuck on arrays. thank you for taking time to look at it and for the help






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com