laflair13

I have searched for this but all I can find is an answer if the site is wordpress. I am trying to convert my site to MySQLi I have 2 roles of users. Admin and SuperAdmin. In my database I have them as roles 1 & 2. I want to hide a menu item based on the role of the user. LoginForm (On the top) <?php session_start(); include "includes/class.users.php"; if(isset($_POST['login'])) { $email = $_POST['email']; $password = $_POST['password']; $users->login($email, $password); } ?> Form Itself <form method="POST" action="" name="login"> <div id="wrappermiddle"> <h2>Login</h2> <div id="username_input"> <div id="username_inputleft"></div> <div id="username_inputmiddle"> <input name="email" type="text" id="myusername" placeholder="Email Address"> <img id="url_user" src="./images/mailicon.png" alt=""> </div><!--ends username_inputmiddle--> <div id="username_inputright"></div> </div><!--ends username_input--> <div id="password_input"> <div id="password_inputleft"></div> <div id="password_inputmiddle"> <input name="password" type="password" id="mypassword" placeholder="Password"> <img id="url_password" src="./images/passicon.png" alt=""> </div><!--ends password_inputmiddle--> <div id="password_inputright"></div> </div><!--ends password_input--> <div id="submit"> <input type="image" src="./images/submit.png" name="login" value="Login"> </form> class.users.php <?php include "class.database.php"; class Users extends Database { public function login($email, $password) { $stmt = $this->mysqli->prepare("SELECT email, password FROM members WHERE email = ? AND password = ? LIMIT 1"); $stmt->bind_param('ss', $email, $password); $stmt->execute(); $stmt->bind_result($email, $password); $stmt->store_result(); if($stmt->num_rows == 1) { while($stmt->fetch()) { session_start(); $_SESSION['loggedin'] = true; header("Location: dashboard.php"); } } else { return false; } $stmt->close(); $stmt->free_result(); } } $users = new users(); ?> Then on my dashboard.php I have this <?PHP session_start(); if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true) { // User still logged $role = $row['role']; // You can then use that variable later in page // If $role == 1, Admin, show menu, prevent function access, ect } else { header ("Location: index.php"); } if ($_SESSION['role'] == '2') { $showdiv = 'super'; } else if ($_SESSION['role'] == '1') { $showdiv = 'admin'; } echo "<script type=\"text/javascript\">document.getElementById('".$showdiv."').style.display = 'block';</script>"; ?> <div class="mainbar"> <div id="super"> <?php include("supernavbar.php"); ?> </div> <div id="admin"> <?php include("navbar.php"); ?> </div> </div> <!-- /.mainbar --> I am not understanding how to get the "User Role" into the session. I might not be doing it right in the first place. Any help would be appreciated.

Well I was able to get that working but now if I edit the item and uncheck the box, it does not change the value in the database from 1 to 0. input for 1 of the checkboxes. I have 10 of them <input type="checkbox" name="showmodel" <?php if ($showmodel == '1') echo "checked='checked'"; ?> /> Here is my update query $query = "UPDATE `new_equip` SET `featured`='1',`showmanu`='1',`showmodel`='1' "WHERE `id`='$id' LIMIT 1";

Sorry guys but I am back with another question. I have tried quite a few different ways and I cannot seem to get this to work. I have checkboxes being stored as 1=checked, 0=not check but when I go to the item page the checkbox isnt checked. Here are some codes that I have tried <input type="checkbox" name="featured" <?php if ($featured == '1') echo "checked='checked'"; ?> class="form-control" /> <input type="checkbox" name="featured" <?php if($var) { echo 'value="checked"'; }?> class="form-control" /> <input type="checkbox" name="featured" value="1" <?php echo ($row1['featured'] == 1) ? 'checked="checked"' : ''; ?> class="form-control" /> (This shows it checked even when its not) Any help would be appreciated.

EditPost2.php is my mysqli test. I am using that until I get it working 100%. EditPost.php is mysql and works good, just trying to convert my site to mysqli

That is at the top of edit-item.php. It grabs the item info from the database and pre-fills the fields on the page. So here is what that file looks like. edit-item.php (on the top) <?PHP session_start(); if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true) { } else { header ("Location: index.php"); } $eid = (int) $_GET['id']; include_once('../mysql_connect.php'); if(isset($_POST['marksold']) && isset($_POST['id'])) { mysql_query("UPDATE new_equip SET sold='1' WHERE id='" . mysql_real_escape_string($_POST['id']) . "'"); } ?> The form (Some fields removed to save room for post) <form method="post" action="EditPost2.php" enctype="multipart/form-data" class="form-horizontal" accept-charset="UTF-8"> <div class="form-group"> <label class="col-md-3">Item ID</label> <div class="col-md-8"> <input type="text" name="EditID" value="<?php echo $row['id']; ?>" class="form-control" /> </div> <!-- /.col --> </div> <!-- /.form-group --> <div class="form-group"> <label class="col-md-3">Item Name</label> <div class="col-md-8"> <input type="text" name="itemname" value="<?php echo $row['itemname']; ?>" class="form-control" /> </div> <!-- /.col --> </div> <!-- /.form-group --> <div class="form-group"> <label class="col-md-3">Manufacture</label> <div class="col-md-8"> <input type="text" name="manufacture" value="<?php echo $row['manufacture']; ?>" class="form-control" /> </div> <!-- /.col --> <input type="checkbox" name="showmanu" value="1" <?php echo ($row['showmanu'] == 1) ? 'checked="checked"' : ''; ?> /> <span style="float:right; font-size: 10px; margin-top: 4px">Check to show</span> </div> <!-- /.form-group --><div class="form-group"> <div class="col-md-7 col-md-push-3"> <button type="submit" name="submit" class="btn btn-primary" >Save Changes</button> <button type="reset" class="btn btn-default">Cancel</button> </div> <!-- /.col --> </div> <!-- /.form-group --> Then of course my EditPost.php (Some fields taken out to save room) <?php error_reporting(E_ALL); $db = new mysqli("localhost","admin","password","database"); if(!$db) { die('sorry we are having some problbems'); } if(isset($_POST['submit'])) { $id = $_POST['EditID']; $itemname = $_POST['itemname']; $manufacture = $_POST['manufacture']; //Below are checkboxes $showpur = $_POST['showpur']; $showsale = $_POST['showsale']; $query = "UPDATE new_equip SET `itemname`=?, `manufacture`=?, `showpur`=?, `showsale`=? WHERE id=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param("ssiii", $itemname, $manufacture, $showpur, $showsale, $EditID); if ($conn->execute()) { header('location: inventory.php?Msg=Update'); } else echo $conn->error; $db->close(); } ?>

Ok, I was able to get this to come up. Notice: Undefined index: id in /edit-item.php on line 9 This is being used to auto-populate the item data in the fields. $eid = (int) $_GET['id'];

Still comes up a blank page

Edited last post. I had to create one, but it is still coming up blank.

If you mean by adding this code to the .htaccess, it makes my site have a 500 error ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); So I created a php.ini file and added the code above to that. But still all I am getting is a blank EditPost.php page.

I tried that, nothing comes up, just a blank EditPost.php

It still isnt working. Here is what I have for the query. $query = "UPDATE new_equip SET `itemname`=?, `manufacture`=?, `model`=?, `serial`=?, `year`=?, `condition`=?, `category`=?, `desc`=?, `dimension`=?, `location`=?, `price`=?, `purchase`=?, `addedby`=?, `notes`=?, `ran`=?, `electrical`=?, `owner`=?, `featured`=?, `showmanu`=?, `showmodel`=?, `showserial`=?, `showyear`=?, `showdem`=?, `showelec`=?, `showran`=?, `showloca`=?, `showown`=?, `showpur`=?, `showsale`=? WHERE id=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param("sssssssssssssssssiiiiiiiiiiiii", $itemname, $manufacture, $model, $serial, $year, $condition, $category, $desc, $dimension, $location, $price, $purchase, $addedby, $notes, $ran, $electrical, $owner, $featured, $showmanu, $showmodel, $showserial, $showyear, $showdem, $showelec, $showran, $showloca, $showown, $showpur, $showsale, $EditID); if ($conn->execute()) { header('location: inventory.php?Msg=Update'); } $db->close(); } I count 30 on both the placeholder and params And when I click submit it is just showing a blank EditPost.php

I have the checkboxes so that if they are checked they show on the frontend. Thats a whole other issue I cant solve. But it still didnt work even if I checked the box. After doing some research, I seen that another way of doing it was like below. This where I am confused, Seems there are different ways to do this. $query = "UPDATE new_equip SET `itemname`=?, `manufacture`=?, `model`=?, `showmanu`=?, `showmodel`=?, `showserial`=? WHERE `id`=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param('sssiii', $_POST['item'], $_POST['manufacture'], $_POST['model'], $_POST['showmanu'], $_POST['showmodel'], $_POST['showserial']);

I am trying to convert my site to mysqli and I cannot get the databse to update or the results to show on the site. If you could look at my code and please advise to what I could be doing wrong I would greatly appreciate it. <?php $db = new mysqli("localhost","admin","password","database"); if(!$db) { die('sorry we are having some problbems'); } if ($_POST['submit']) { $id = $_POST['id']; $itemname = $_POST['itemname']; $manufacture = $_POST['manufacture']; $model = $_POST['model']; //below are checkboxes $showmanu = $_POST['showmanu']; $showmodel = $_POST['showmodel']; $showserial = $_POST['showserial']; $query = "UPDATE new_equip SET itemname=?, manufacture=?, model=?, showmanu=?, showmodel=?, showserial=? WHERE id=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param("sssiii", $item, $manufacture, $model, $showmanu, $showmodel, $showserial, $id); if ($conn->execute()) { header('location: inventory.php?Msg=Update'); } $db->close(); } ?> This is the tutorial and code I was using as reference. http://coderlearner.com/PHP_MySQLi_Example_Update_Record

Can anyone else give some advice on this?

Well after A LOT of trial and error I figured out how to make it work in mysqli. If you could, please double check my work to make sure it is a good way to do it? form <form id="search-form123" action='results.php' method="GET"><input type="text" name='keyword' id="search-area123" value="" autocomplete="off" placeholder="Search Here..."/> <input type="submit" name='Submit' value="Search" id="search-area123" /> <input type="hidden" name='Submit' value="com_search" /> </form> Top of results.php <?php $db = new mysqli("localhost","admin","pass","database"); if(!$db) { die('sorry we are having some problbems'); } // SET GETTER AS A VARIABLE $searchTerm = mysqli_real_escape_string($db,$_GET['keyword']); if ( empty($searchTerm)) { echo("no key words searched please try again"); } else { $sql = mysqli_query( $db, sprintf( "SELECT * FROM new_equip WHERE itemname LIKE '%s'", '%'. $searchTerm .'%' ) ); } ?> where results are displayed <?php while($ser = mysqli_fetch_array($sql)) { echo "<p><a href='new-product.php?Item=$ser[id]'>$ser[itemname]</a></p>"; } ?> I want to say thank you to everyone who took the time with the help on this. I as lost.