laflair13

I have searched for this but all I can find is an answer if the site is wordpress. I am trying to convert my site to MySQLi I have 2 roles of users. Admin and SuperAdmin. In my database I have them as roles 1 & 2. I want to hide a menu item based on the role of the user. LoginForm (On the top) <?php session_start(); include "includes/class.users.php"; if(isset($_POST['login'])) { $email = $_POST['email']; $password = $_POST['password']; $users->login($email, $password); } ?> Form Itself <form method="POST" action="" name="login"> <div id="wrappermiddle"> <h2>Login</h2> <div id="username_input"> <div id="username_inputleft"></div> <div id="username_inputmiddle"> <input name="email" type="text" id="myusername" placeholder="Email Address"> <img id="url_user" src="./images/mailicon.png" alt=""> </div><!--ends username_inputmiddle--> <div id="username_inputright"></div> </div><!--ends username_input--> <div id="password_input"> <div id="password_inputleft"></div> <div id="password_inputmiddle"> <input name="password" type="password" id="mypassword" placeholder="Password"> <img id="url_password" src="./images/passicon.png" alt=""> </div><!--ends password_inputmiddle--> <div id="password_inputright"></div> </div><!--ends password_input--> <div id="submit"> <input type="image" src="./images/submit.png" name="login" value="Login"> </form> class.users.php <?php include "class.database.php"; class Users extends Database { public function login($email, $password) { $stmt = $this->mysqli->prepare("SELECT email, password FROM members WHERE email = ? AND password = ? LIMIT 1"); $stmt->bind_param('ss', $email, $password); $stmt->execute(); $stmt->bind_result($email, $password); $stmt->store_result(); if($stmt->num_rows == 1) { while($stmt->fetch()) { session_start(); $_SESSION['loggedin'] = true; header("Location: dashboard.php"); } } else { return false; } $stmt->close(); $stmt->free_result(); } } $users = new users(); ?> Then on my dashboard.php I have this <?PHP session_start(); if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true) { // User still logged $role = $row['role']; // You can then use that variable later in page // If $role == 1, Admin, show menu, prevent function access, ect } else { header ("Location: index.php"); } if ($_SESSION['role'] == '2') { $showdiv = 'super'; } else if ($_SESSION['role'] == '1') { $showdiv = 'admin'; } echo "<script type=\"text/javascript\">document.getElementById('".$showdiv."').style.display = 'block';</script>"; ?> <div class="mainbar"> <div id="super"> <?php include("supernavbar.php"); ?> </div> <div id="admin"> <?php include("navbar.php"); ?> </div> </div> <!-- /.mainbar --> I am not understanding how to get the "User Role" into the session. I might not be doing it right in the first place. Any help would be appreciated.

Well I was able to get that working but now if I edit the item and uncheck the box, it does not change the value in the database from 1 to 0. input for 1 of the checkboxes. I have 10 of them <input type="checkbox" name="showmodel" <?php if ($showmodel == '1') echo "checked='checked'"; ?> /> Here is my update query $query = "UPDATE `new_equip` SET `featured`='1',`showmanu`='1',`showmodel`='1' "WHERE `id`='$id' LIMIT 1";

Sorry guys but I am back with another question. I have tried quite a few different ways and I cannot seem to get this to work. I have checkboxes being stored as 1=checked, 0=not check but when I go to the item page the checkbox isnt checked. Here are some codes that I have tried <input type="checkbox" name="featured" <?php if ($featured == '1') echo "checked='checked'"; ?> class="form-control" /> <input type="checkbox" name="featured" <?php if($var) { echo 'value="checked"'; }?> class="form-control" /> <input type="checkbox" name="featured" value="1" <?php echo ($row1['featured'] == 1) ? 'checked="checked"' : ''; ?> class="form-control" /> (This shows it checked even when its not) Any help would be appreciated.

EditPost2.php is my mysqli test. I am using that until I get it working 100%. EditPost.php is mysql and works good, just trying to convert my site to mysqli

That is at the top of edit-item.php. It grabs the item info from the database and pre-fills the fields on the page. So here is what that file looks like. edit-item.php (on the top) <?PHP session_start(); if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true) { } else { header ("Location: index.php"); } $eid = (int) $_GET['id']; include_once('../mysql_connect.php'); if(isset($_POST['marksold']) && isset($_POST['id'])) { mysql_query("UPDATE new_equip SET sold='1' WHERE id='" . mysql_real_escape_string($_POST['id']) . "'"); } ?> The form (Some fields removed to save room for post) <form method="post" action="EditPost2.php" enctype="multipart/form-data" class="form-horizontal" accept-charset="UTF-8"> <div class="form-group"> <label class="col-md-3">Item ID</label> <div class="col-md-8"> <input type="text" name="EditID" value="<?php echo $row['id']; ?>" class="form-control" /> </div> <!-- /.col --> </div> <!-- /.form-group --> <div class="form-group"> <label class="col-md-3">Item Name</label> <div class="col-md-8"> <input type="text" name="itemname" value="<?php echo $row['itemname']; ?>" class="form-control" /> </div> <!-- /.col --> </div> <!-- /.form-group --> <div class="form-group"> <label class="col-md-3">Manufacture</label> <div class="col-md-8"> <input type="text" name="manufacture" value="<?php echo $row['manufacture']; ?>" class="form-control" /> </div> <!-- /.col --> <input type="checkbox" name="showmanu" value="1" <?php echo ($row['showmanu'] == 1) ? 'checked="checked"' : ''; ?> /> <span style="float:right; font-size: 10px; margin-top: 4px">Check to show</span> </div> <!-- /.form-group --><div class="form-group"> <div class="col-md-7 col-md-push-3"> <button type="submit" name="submit" class="btn btn-primary" >Save Changes</button> <button type="reset" class="btn btn-default">Cancel</button> </div> <!-- /.col --> </div> <!-- /.form-group --> Then of course my EditPost.php (Some fields taken out to save room) <?php error_reporting(E_ALL); $db = new mysqli("localhost","admin","password","database"); if(!$db) { die('sorry we are having some problbems'); } if(isset($_POST['submit'])) { $id = $_POST['EditID']; $itemname = $_POST['itemname']; $manufacture = $_POST['manufacture']; //Below are checkboxes $showpur = $_POST['showpur']; $showsale = $_POST['showsale']; $query = "UPDATE new_equip SET `itemname`=?, `manufacture`=?, `showpur`=?, `showsale`=? WHERE id=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param("ssiii", $itemname, $manufacture, $showpur, $showsale, $EditID); if ($conn->execute()) { header('location: inventory.php?Msg=Update'); } else echo $conn->error; $db->close(); } ?>

Ok, I was able to get this to come up. Notice: Undefined index: id in /edit-item.php on line 9 This is being used to auto-populate the item data in the fields. $eid = (int) $_GET['id'];

Still comes up a blank page

Edited last post. I had to create one, but it is still coming up blank.

If you mean by adding this code to the .htaccess, it makes my site have a 500 error ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); So I created a php.ini file and added the code above to that. But still all I am getting is a blank EditPost.php page.

I tried that, nothing comes up, just a blank EditPost.php

It still isnt working. Here is what I have for the query. $query = "UPDATE new_equip SET `itemname`=?, `manufacture`=?, `model`=?, `serial`=?, `year`=?, `condition`=?, `category`=?, `desc`=?, `dimension`=?, `location`=?, `price`=?, `purchase`=?, `addedby`=?, `notes`=?, `ran`=?, `electrical`=?, `owner`=?, `featured`=?, `showmanu`=?, `showmodel`=?, `showserial`=?, `showyear`=?, `showdem`=?, `showelec`=?, `showran`=?, `showloca`=?, `showown`=?, `showpur`=?, `showsale`=? WHERE id=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param("sssssssssssssssssiiiiiiiiiiiii", $itemname, $manufacture, $model, $serial, $year, $condition, $category, $desc, $dimension, $location, $price, $purchase, $addedby, $notes, $ran, $electrical, $owner, $featured, $showmanu, $showmodel, $showserial, $showyear, $showdem, $showelec, $showran, $showloca, $showown, $showpur, $showsale, $EditID); if ($conn->execute()) { header('location: inventory.php?Msg=Update'); } $db->close(); } I count 30 on both the placeholder and params And when I click submit it is just showing a blank EditPost.php

I have the checkboxes so that if they are checked they show on the frontend. Thats a whole other issue I cant solve. But it still didnt work even if I checked the box. After doing some research, I seen that another way of doing it was like below. This where I am confused, Seems there are different ways to do this. $query = "UPDATE new_equip SET `itemname`=?, `manufacture`=?, `model`=?, `showmanu`=?, `showmodel`=?, `showserial`=? WHERE `id`=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param('sssiii', $_POST['item'], $_POST['manufacture'], $_POST['model'], $_POST['showmanu'], $_POST['showmodel'], $_POST['showserial']);

I am trying to convert my site to mysqli and I cannot get the databse to update or the results to show on the site. If you could look at my code and please advise to what I could be doing wrong I would greatly appreciate it. <?php $db = new mysqli("localhost","admin","password","database"); if(!$db) { die('sorry we are having some problbems'); } if ($_POST['submit']) { $id = $_POST['id']; $itemname = $_POST['itemname']; $manufacture = $_POST['manufacture']; $model = $_POST['model']; //below are checkboxes $showmanu = $_POST['showmanu']; $showmodel = $_POST['showmodel']; $showserial = $_POST['showserial']; $query = "UPDATE new_equip SET itemname=?, manufacture=?, model=?, showmanu=?, showmodel=?, showserial=? WHERE id=? LIMIT 1"; $conn = $db->prepare($query); $conn->bind_param("sssiii", $item, $manufacture, $model, $showmanu, $showmodel, $showserial, $id); if ($conn->execute()) { header('location: inventory.php?Msg=Update'); } $db->close(); } ?> This is the tutorial and code I was using as reference. http://coderlearner.com/PHP_MySQLi_Example_Update_Record

Can anyone else give some advice on this?

Well after A LOT of trial and error I figured out how to make it work in mysqli. If you could, please double check my work to make sure it is a good way to do it? form <form id="search-form123" action='results.php' method="GET"><input type="text" name='keyword' id="search-area123" value="" autocomplete="off" placeholder="Search Here..."/> <input type="submit" name='Submit' value="Search" id="search-area123" /> <input type="hidden" name='Submit' value="com_search" /> </form> Top of results.php <?php $db = new mysqli("localhost","admin","pass","database"); if(!$db) { die('sorry we are having some problbems'); } // SET GETTER AS A VARIABLE $searchTerm = mysqli_real_escape_string($db,$_GET['keyword']); if ( empty($searchTerm)) { echo("no key words searched please try again"); } else { $sql = mysqli_query( $db, sprintf( "SELECT * FROM new_equip WHERE itemname LIKE '%s'", '%'. $searchTerm .'%' ) ); } ?> where results are displayed <?php while($ser = mysqli_fetch_array($sql)) { echo "<p><a href='new-product.php?Item=$ser[id]'>$ser[itemname]</a></p>"; } ?> I want to say thank you to everyone who took the time with the help on this. I as lost.

Form code <form id="search-form123" action='results.php' method="POST"> <div class="offlajn-ajax-search-inner"> <input type="text" name='keyword' id="search-area123" value="" autocomplete="off" placeholder="Search Here..."/> <input type="submit" name='Submit' value="Search" id="search-area123" /> <input type="hidden" name='Submit' value="com_search" /> <div id="search-area-close123"></div> <div id="ajax-search-button123"><div class="magnifier"></div></div> <div class="ajax-clear"></div> </div> </form> Top of results.php <?php include_once('mysql_connect.php'); if (isset($_POST['keyword'])) { //add brace $keyword = $_POST['keyword']; $search_sql="SELECT * FROM new_equip WHERE itemname LIKE '%" .$keyword. "%'"; $search_query=mysql_query($search_sql); if(mysql_num_rows($search_query)!=0) { $search_rs=mysql_fetch_assoc($search_query); } $eid = $row['id']; $itemname = $row['itemname']; } //add brace ?> Where results are displayed <?php if (mysql_num_rows($search_query)!=0){ do {?> <p><a href="new-product.php?Item=<?php echo $search_rs['id']; ?>"><?php echo $search_rs ['itemname']?></a></p> <?php } while ($search_rs=mysql_fetch_assoc($search_query)) ; } else { echo "No Results Found"; } ?>

Warning: mysql_num_rows() expects parameter 1 to be resource, null given in results.php on line 255 No Results Found if (mysql_num_rows($search_query)!=0){ When I add the debugging code I get Array ( )

Still getting all the items showing up. <?php include_once('mysql_connect.php'); if (isset($_POST['keyword'])) $keyword = $_POST['keyword']; $search_sql="SELECT * FROM new_equip WHERE itemname LIKE '%" .$keyword. "%'"; $search_query=mysql_query($search_sql); if(mysql_num_rows($search_query)!=0) { $search_rs=mysql_fetch_assoc($search_query); } $eid = $row['id']; $itemname = $row['itemname']; ?>

Ok, I just changed the method="POST" to method="$_GET" and I got this in the url results.php?keyword=capper&Submit=Search&Submit=com_search

Appreciate it. I was just wondering why I seen people always saying we should convert to MySQLi or PDO. Thanks for the explination.

I tried changing it and it is still displaying all the items. form <input type="text" name='keyword' id="search-area123" value="" autocomplete="off" placeholder="Search Here..."/> <input type="submit" name='Submit' value="Search" id="search-area123" /> <input type="hidden" name='Submit' value="com_search" /> results.php if (!isset($_POST['keyword'])) $keyword = $_POST['keyword']; $search_sql="SELECT * FROM new_equip WHERE itemname LIKE '%" .$keyword. "%'"; $search_query=mysql_query($search_sql); if(mysql_num_rows($search_query)!=0) { $search_rs=mysql_fetch_assoc($search_query); }

Thank you for your response but wouldnt this get passed as the input search? on form <input type="text" name='keyword' id="search-area123" value="" autocomplete="off" placeholder="Search Here..."/> Then on results.php if (!isset($_POST['search'])) $keyword = $_POST['search'];

I know, I stated that I am learning it and I will convert the site in a whole when I get it. I dont want to just do a few pages here and there.

Although I am very new to php, I did notice you didnt wrap the function in <?php FUNCTION CODE ?> here is the code with it >>>>>>>>CONTENT AREA>>>>>>>>>>> <?php require_once("includes/connection.php"); ?> <?php require_once("includes/functions.php"); ?> <?php find_selected_page(); ?> <?php include("includes/header.php"); ?> <table id="structure"> <tr> <td id="navigation"> <?php echo navigation($sel_subject, $sel_page); ?> <br/> <a href="new_subject.php">+ Add a new subject</a> </td> <td id="page"> <?php if (!is_null($sel_subject)) {//subject selected ?> <h2><?php echo $sel_subject['menu_name']; ?></h2> <?php } elseif (!is_null($sel_page)) { // page selected ?> <h2><?php echo $sel_page['menu_name']; ?></h2> <div class="page-content"> <?php echo $sel_page['content']; ?> </div> <?php } else { // nothing selected ?> <h2>Select a subject or page edit</h2> <?php }?> </td> </tr> </table> <?php require("includes/footer.php"); ?> >>>>>>>>>FUNCTION<<<<<<<<<<<< <?php function get_pages_for_subject($subject_id){ global $connection; $query = "SELECT * FROM pages WHERE subject_id = ($subject_id ) ORDER BY position ASC"; $page_set = mysqli_query( $connection, $query); confirm_query($page_set); return $page_set; } function get_subject_by_id($subject_id) { global $connection; $query = " SELECT * "; $query .= " FROM subjects "; $query .= " WHERE id=" . $subject_id ." "; $query .= " LIMIT 1"; $result_set = mysqli_query($connection, $query); confirm_query($result_set); if($subject = mysqli_fetch_array($result_set)){ return $subject; }else { return NULL; } } function get_page_by_id($page_id) { global $connection; $query = " SELECT * "; $query .= " FROM pages "; $query .= " WHERE id=" . $page_id ." "; $query .= " LIMIT 1"; $result_set = mysqli_query($connection, $query); confirm_query($result_set); //REMEMBER: // if no rows are returned, fetch_array will return false //** return $page;** on line 58 was bring error instead if($subject = mysqli_fetch_array($result_set)){ }else { return NULL; } } function find_selected_page(){ global $sel_subject; global $sel_page; if (isset($_GET['subj'])) { $sel_subject = get_subject_by_id($_GET['subj']); $sel_page = NULL; } elseif (isset($_GET['page'])) { $sel_subject = NULL; $sel_page = get_page_by_id($_GET['page']); } else { $sel_subject = NULL; $sel_page = NULL; } } ?>

This has me pulling my hair out! I have tried everything I could find and it is still displaying all the items in the database. I have a search area on my site and when I put in a search keyword, the results.php page has every item on it. I have searched and searched and I cannot figure out why it is doing it. Any help would be greatly appreciated. My search form <form id="search-form123" action="results.php" method="POST"> <div class="offlajn-ajax-search-inner"> <input type="text" name="keyword" id="search-area123" value="" autocomplete="off" placeholder="Search Here..."> <input type="submit" name="Submit" value="Search" id="search-area123"> <input type="hidden" name="Submit" value="com_search"> </form> results.php ( on the top of page ) <?php include_once('mysql_connect.php'); if (!isset($_POST['search'])) $keyword = $_POST['search']; $search_sql="SELECT * FROM new_equip WHERE itemname LIKE '%" .$keyword. "%'"; $search_query=mysql_query($search_sql); if(mysql_num_rows($search_query)!=0) { $search_rs=mysql_fetch_assoc($search_query); } $eid = $row['id']; $itemname = $row['itemname']; ?> results.php ( where the items are displayed ) <?php if (mysql_num_rows($search_query)!=0){ do {?> <p><a href="new-product.php?Item=<?php echo $search_rs['id']; ?>"><?php echo $search_rs ['itemname']?></a></p> <?php } while ($search_rs=mysql_fetch_assoc($search_query)) ; } else { echo "No Results Found"; } ?> And I will say that I am learning mysqli to convert my site over. I am just wanting to do it all at once so there are no issues. If anyone can help with that, I would greatly appreciate it because again I have search and tried everything and I cant get it working.