Moorcam

Hi mate, Not being rude but nobody will go to your site to look for the issue. Not that they just don't want to. Lots of people are nervous of possible infections. Your best bet is to post your code here and also the error you are getting so people who are experienced with the script you are using can help.

Would help to show your PHP code where you are selecting from the db to populate in the first place. All that jazz.

Hi folks, I know people will say, "You should use PDO" but I prefer MySQLi for the time being. I am trying to display data based on its ID from the database by using the following. However, if I use: WHERE id='$id' Nothing appears. Basically, what I am doing is, when someone clicks a link, it will open a new page displaying the content related to the link they clicked. The URL will show the ID, which works fine, such as: domain.com/details.php?id=245 If I remove the WHERE clause, all rows are shown. If I use the WHERE clause, nothing is shown. No errors either. Here is the code in question: <?php $id = mysqli_real_escape_string($mysqli, $row['id']); $sql = "SELECT * FROM tours WHERE id = '" . $id. "'"; $result = $mysqli->query($sql); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { ?> <h3><?php echo $row['tour_name']; ?></h3> <?php } } ?> Any help would be appreciated. Cheers Danno

Thanks for that. Well, it looks like PDO is the way to go then. It had been suggested before by bananamen but never got round to using it. Will be away for a few days but will have the laptop so if I get a few hours on New Years Day will change to PDO. Thanks again and Happy New Year.

Thanks for the feedback and input guys. I really appreciate it. I haven't used php and mysql for a lifetime. Recently just started to get back into it. So a bit of a learning curve with a dash of hit and miss as I go. So I really appreciate the guidance. People are raving about this PDO thingy. Will this work on MySQL servers? I have been told it is a lot more secure than MySQLi etc. I really need to find the time (between work etc) to sit down and actually read up on all of these changes that were made since I did it around 2005 lol

Silly Irish man. I forgot to set a Unique key in the database. Works fine now. Sorry for the hassle and thanks again.

Hi all, In a pickle again. I am trying to update a database from a html table, which I will post below. The issue is, if I have more than one entry in the table, clicking update will change all entries with the changes mate. Here is the update code along with the HTML table: <div class="panel-body"> <div class="table-responsive"> <form role="form" action="" method="post"> <?php if(isset($_POST['Submit'])){//if the submit button is clicked $id = mysqli_real_escape_string($mysqli, $_POST['id']); $fname = mysqli_real_escape_string($mysqli, $_POST['fname']); $lname = mysqli_real_escape_string($mysqli, $_POST['lname']); $email = mysqli_real_escape_string($mysqli, $_POST['email']); $phone = mysqli_real_escape_string($mysqli, $_POST['phone']); $sql="UPDATE clients SET fname='$fname', lname='$lname', email='$email', phone='$phone'"; $mysqli->query($sql) or die(mysqli_error($mysqli));//update or error } ?> <table class="table table-striped table-bordered table-hover" id="tab_logic"> <thead> <tr> <th>Client ID</th> <th>First Name</th> <th>Last Name</th> <th>Email</th> <th>Phone</th> </tr> </thead> <?php if (isset($_POST['Delete'])){ $checkbox = $_POST['checkbox']; $count = count($checkbox); for($i=0;$i<$count;$i++){ if(!empty($checkbox[$i])){ /* CHECK IF CHECKBOX IS CLICKED OR NOT */ $id = mysqli_real_escape_string($mysqli,$checkbox[$i]); /* ESCAPE STRINGS */ mysqli_query($mysqli,"DELETE FROM clients WHERE id = '$id'"); /* EXECUTE QUERY AND USE ' ' (apostrophe) IN YOUR VARIABLE */ } /* END OF IF NOT EMPTY CHECKBOX */ } /* END OF FOR LOOP */ } /* END OF ISSET DELETE */ $sql = "SELECT id, fname, lname, email, phone FROM clients"; $result = $mysqli->query($sql); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $id = mysqli_real_escape_string($mysqli, $row['id']); ?> <tbody> <tr id='addr0'> <td> <input type="text" size="5" name='id' placeholder='01' class="form-control" value="<?php echo $row['id']; ?>"/> </td> <td> <input type="text" name='fname' placeholder='First Name' class="form-control" value="<?php echo $row['fname']; ?>"/> </td> <td> <input type="text" name='lname' placeholder='Last Name' class="form-control" value="<?php echo $row['lname']; ?>"/> </td> <td> <input type="text" name='email' placeholder='Email' class="form-control" value="<?php echo $row['email']; ?>"/> </td> <td> <input type="text" name='phone' placeholder='Phone' class="form-control" value="<?php echo $row['phone']; ?>"/> </td> <td> <input name="checkbox" value="0" type="hidden"> <?php echo "<td><input type='checkbox' name='checkbox[]' value='$id'></td>"; ?> </td> </tr> <tr id='addr1'></tr> </tbody> <?php } } $mysqli->Close(); ?> </table> <a href="new-client.php" type="submit" class="pull-left btn btn-success">Add New Client</a><button type="submit" name="Submit" class="btn btn-success">Save Changes</button> <input type="submit" name="Delete" class="pull-center btn btn-success" value="Delete Selected" /> </form> </div> </div> </div> </div> </div> </div> Please note that deleting works fine. Adding is done from a separate file. Any help would be appreciated. Cheers, Dan

Hi bananamen, Thank you so much. I really appreciate you taking the time to help. The issues of html vanishing has been resolved as is the correct name being displayed, thanks to your instructions. Regarding PDO and password_hash, I will be changing over to these when I get home later. Thanks so much again. You are a legend. Cheers, Danno

As I said, the above code is not the login. This is the Index after login is completed. Here is the login code: <?php // Coach Manager // Version 0.0.0.1 // Author Dan O'Riordan session_start(); if (isset($_SESSION['id'])) { header("Location: index.php"); } include_once 'includes/config.php'; include_once 'includes/db_connect.php'; //check if form is submitted if (isset($_POST['login'])) { $email = mysqli_real_escape_string($mysqli, $_POST['email']); $password = mysqli_real_escape_string($mysqli, $_POST['password']); $psalt = 'eghriwugfro78974togfg0487tr'; $password = hash('sha256', $password); $result = mysqli_query($mysqli, "SELECT * FROM admin_users WHERE email = '" . $email. "' and password = '" .$password . "'"); if ($row = mysqli_fetch_array($result)) { $_SESSION['id'] = $row['id']; $_SESSION['fname'] = $row['fname']; header("Location: index.php"); } else { $errormsg = "Incorrect Email or Password Combination!"; } } ?> <!DOCTYPE html> <html > <head> <meta charset="UTF-8"> <title>Tour Manager | Login</title> <!-- FONTAWESOME STYLES--> <link rel="stylesheet" href="assets/font-awesome/css/font-awesome.min.css" rel="stylesheet" /> <link rel='stylesheet prefetch' href='http://netdna.bootstrapcdn.com/bootstrap/3.0.2/css/bootstrap.min.css'> <link href="css/styles.css" rel="stylesheet"> </head> <body> <div id="loginModal" class="modal show" tabindex="-1" role="dialog" aria-hidden="true"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-header"> <h1 class="text-center">Tour Manager</h1> </div> <div class="modal-body"> <form class="form-signin" role="form" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform"> <div class="form-group"> <input type="text" name="email" required class="form-control input-lg" placeholder="Email"> </div> <div class="form-group"> <input type="password" name="password" required class="form-control input-lg" placeholder="Password"> </div> <div class="form-group"> <button class="btn btn-primary btn-lg btn-block" name="login">Sign In</button> <span class="text-danger"><strong><?php if (isset($errormsg)) { echo $errormsg; } ?></strong></span> </div> </form> </div> <div class="modal-footer"> <div class="col-md-12"> Powered by <a href="http://www.danethical.com" target="_blank">Tour Manager</a> </div> </div> </div> </div> </div> <!-- script references --> <script src="//ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script> <script src="js/bootstrap.min.js"></script> </body> </html> <?php Exit(); ?> Cheers

Hi. Thanks for the reply. I have tried even putting WHERE id = $_SESSION['id']; And that also makes the html vanish. Also note, login is working fine. The OP shows the code from the start of index.php after login.

Hi folks, This issue has me baffled with days. I have a query string which works fine. The idea is to display the name of the logged in user, with SESSION. However, if I use the query string without LIMIT 1 on the end, the header area vanishes. If I put it back in, it appears again. Also, I have 2 users registered for testing. But no matter what account I login with, it still shows the same name. Here is the area of code that is playing up, including the HTML area where the name of the logged in user is displayed. include 'templates/header.php'; $result = mysqli_query($mysqli, "SELECT * FROM admin_users LIMIT 1"); if ($row = mysqli_fetch_array($result)) { include 'templates/navbar.php'; $_SESSION['fname'] = $row['fname']; ?> <div class="dcm-content-wrapper"> <div class="dcm-content"> <h1><i class="fa fa-home"></i> Dashboard</h1> <p>Hello <?php echo $_SESSION['fname']; ?> You are logged in as Admin!</p> <?php } ?> Please note that SESSION_START() is in the header.php file. Any help is greatly appreciated.