-
Posts
2,134 -
Joined
-
Last visited
-
Days Won
42
Community Answers
-
benanamen's post in Get array with local vars only was marked as the answer
I am still not sure what you are doing with out more details, but I am sure that whatever you are attempting to do with the posted code is not the way to do it.
This should be to focus of your post.
More details or some third party example is in order at this point. This just sounds like basic database management.
-
benanamen's post in Help with mysqli_fetch_array was marked as the answer
Is BIN actually a Constant? I suspect it is not.
$owew[BIN]
-
benanamen's post in sending visitors to an error page was marked as the answer
Your "logic" is all over the place.
The bottom line is you want to edit a customers record based on the customer_id. (Which, by the way is the high level overview I was looking for, not the steps you think you should be taking to do it.)
I showed you how to do it. If there are no results to the specific customer_id query, then show your error page or whatever.
You might want to read my signature about the "XY Problem".
-
benanamen's post in error log in Laragon was marked as the answer
Easiest way is from the Laragon menu.
-
benanamen's post in Webserver suggestions and replacement to Laragon was marked as the answer
For anyone following...
I did a screen-share with the OP. The problem was missing files and files in the wrong place. I did a clean install of Laragon and installed (Not upgraded) Mysql 8. All is working.
-
benanamen's post in Download MySQL 8.0.29 was marked as the answer
I wrote step by step instructions a few years ago in the Laragon forum on how to upgrade to Mysql8. I assume Laragon is the actual dev on your system and you are not trying to install Mysql outside of Laragon.
You will need to register on the forum. See instructions here....
https://forum.laragon.org/topic/2017/mysql-8-upgrade-instructions/2
-
benanamen's post in Help with php to display a list from a SQL Query was marked as the answer
NO!, You always select the specific column names you want. DO NOT SELECT *
Modify this to use the results of your query
<!DOCTYPE html> <html> <head> <title></title> </head> <body> <form action="<?= $_SERVER['SCRIPT_NAME'] ?>" method="post"> <select name="sort_by"> <option value="">Select Option</option> <?php $array = array('id' => 'ID', 'name' => 'Name', 'amt' => 'Amount', 'status_filter' => 'Status'); foreach ($array as $key => $value) { $selected = isset($_POST['sort_by']) && $_POST['sort_by'] == $key ? 'selected' : ''; echo "<option value='$key' $selected>$value</option>\n"; } ?> </select> <input name="submit" type="submit" value="Submit"> </form> </body> </html> -
benanamen's post in Run SQL Query via button click on user input was marked as the answer
Your query is not valid. More importantly you are using obsolete mysql code that has been completely removed from Php. You need to use PDO. https://phpdelusions.net/pdo
-
benanamen's post in Datagrid suggestion was marked as the answer
You mean something like this?
https://css-tricks.com/examples/DynamicOrderForm/
-
benanamen's post in if(trim($row->mysql_field == 0)) { Is this a valid construct? was marked as the answer
Forget the author. Just do (True example. Yours is a false example)
If true
if($row->mysql_field){ //Do something } This example is also in the manual. Couldn't find the page at the moment.
if false (Your example)
if(!$row->mysql_field){ //Do something } -
benanamen's post in Need help please was marked as the answer
Look at your first if. Your POST is wrong. $POST should be $_POST
-
benanamen's post in unexpected end of file was marked as the answer
You are missing the closing }
There are other problems. You need to use prepared statements. You never insert user supplied data directly to the DB. Dont SELECT *. Specify the columns you want. You also do not need to manually close the connection. It closes automatically. It would appear your logic is flawed.
You can't throw two query parameters into mysql like that. And don't create variables for no reason. I formatted your code so it is more readable but it still needs fixing aside from the missing bracket I put in.
I would recommend you use PDO. https://phpdelusions.net/pdo
<?php if (isset($_POST['choices']) && !empty($_POST['choices'])) { if ($_POST['choices'] == 'four') { //variables from form entered $username = $_POST['username']; $neptune = $_POST['neptune']; $email = $_POST['useremail']; //connect to the database $dbc = mysqli_connect('localhost', 'root', '', 'happygam_main') or die('Error connecting to MySQL server'); $check = mysqli_query($dbc, "select * from ballot where username='$username' and neptune='$neptune'"); $checkrows = mysqli_num_rows($check); if ($checkrows > 0) { echo "This combination of neptune and username has already been processed"; } else { //insert results from the form input in 2 rows one with neptune one without $query = "INSERT IGNORE INTO ballot(username, useremail, neptune) VALUES('$username', '$email', '$neptune')"; $query1 = "INSERT IGNORE INTO ballot(username, neptune) VALUES('$username', '$neptune')"; $result = mysqli_query($dbc, $query, $query1) or die('Error querying database.'); mysqli_close($dbc); } } } ?> -
benanamen's post in Can not use isset to fix undefined index was marked as the answer
Change
if (isset($_POST['submit']=="Sign Up")) To
if ($_SERVER['REQUEST_METHOD'] == 'POST') You are also trying to use variables in your form without checking if those variables exist.
-
benanamen's post in Header Vanishes if I remove LIMIT 1 was marked as the answer
Ok, now we are getting somewhere. Let's start from the beginning.
You shouldn't be using sha256. You need to use password_hash.
Line 13 should be if ($_SERVER['REQUEST_METHOD'] == 'POST') Depending on getting the name of a button to be submitted for your script to work can be problematic in certain instances.
Do not SELECT *. Specify the exact columns you want.
$_SERVER['PHP_SELF'] is vulnerable to an XSS Attack. Just leave the action out to submit to the same page.
You need to kill the script at the header redirect.
die(header("Location: index.php"));
You need to use prepared statements
On the index page, there is no need for another query. You have already set the fname session on login. Just use it now.
index.php
<?php session_start(); ?> <p>Hello <?= $_SESSION['fname'] ?> You are logged in as Admin!</p> I highly recommend you use PDO https://phpdelusions.net/pdo
-
benanamen's post in help inserting into database was marked as the answer
You need to use prepared statements. You never ever send user supplied data directly to the database. Your code is just waiting for an SQL Injection Attack. Get rid of all those variables for nothing. Turn on error reporting and check your logs.
I suggest you use PDO instead of Mysqli
https://phpdelusions.net/pdo
* Good job on using if( $_SERVER['REQUEST_METHOD'] == 'POST')
-
benanamen's post in PHP code stopped working was marked as the answer
Of course it's blank. All your doing is setting $error. The script is done by the time you get to this point. Think this through, I am sure you can figure out what needs to be changed.
} else {
$_SESSION['loggedIn'] = false;
$error = "Invalid username and password!";
}
FYI: This is no kind of logging in code you should be using.
-
benanamen's post in mysql_fetch_assoc return null values was marked as the answer
You have a handle of $row but are using $_row.
-
benanamen's post in Hyperlink in PHP (harder than it sounds) was marked as the answer
Are you defining $content before here? Reason is you are doing dot equals. If it is not defined change .= to just =
The image doesn't help. Where is $content first defined? Meaning where is content= without the period?
-
benanamen's post in I need your help applying a script to more databases was marked as the answer
Eric, I have done a quick review of the code in that script. Get your money back and don't use it. There are several serious security issues with it. One of the more glaring ones is that it uses MD5 or SHA256 for password encryption. It will also output the exact server error messages directly to the user providing valuable information to a hacker.
-
benanamen's post in Noob Question.. what does ? character do in this statement was marked as the answer
That is called a Ternary Operator. Same thing as if/else
https://davidwalsh.name/php-shorthand-if-else-ternary-operators
http://php.net/manual/en/language.operators.comparison.php
-
benanamen's post in Data are not inserted into database where is the problem in this code? was marked as the answer
First, you are using obsolete Mysql code that will not work at all in the latest version of Php. You need to use PDO with prepared statements.
Second, get rid of all the @'s. DO NOT SUPPRESS ERRORS. Errors are your friend, they tell you when something is wrong.
And lets not forget about you jumping case all over the place. Always use lower case names.
Why is your table name a variable? Are you going to insert those exact column names into more than one table?
In your error message there is a missing quote.
-
benanamen's post in Defining panel size - help needed was marked as the answer
Just an FYI, you dont have to set both height and width. You can set one or the other. The image will scale proportionally.
-
benanamen's post in mutliple conditions for same join for same column was marked as the answer
Why do you insist on trying to get a bad design to work? Stripped or not, what you have is simply no good.
-
benanamen's post in best way to validate in PHP was marked as the answer
The second way. The first one is a <?= str_rot13('Pyhfgre Shpx') ?>
-
benanamen's post in Cant spot syntax error was marked as the answer
Problem is here
if($_POST){
Delete it.
Your form tables are bad as well. All your tables are missing closing tags No closiing tr or td's, or table. And you shouldnt be using a tables for your forms. Use CSS. And you should probably switch around your if else post to if($_POST) instead of the negative if not post.
Also, there is no need to create all those useless variables.