PythonHelp

Hi, I am back after almost 6 months to continue on this part of the project, using the advice I had from you, I have reached this point where I am still getting all records inserted into the table instead of the selected ones: $checkbox = $_POST['checkbox']; $class_id = trim($_POST['class_id']); foreach ($checkbox as $key => $value) { echo "{$key} => {$value} "; print_r($checkbox); echo '<pre>'; print_r($checkbox); echo '</pre>'; $sql = "INSERT INTO Class_List (user_id,class_id) VALUES (?, ?)"; if($stmt = mysqli_prepare($link, $sql)){ mysqli_stmt_bind_param($stmt, "ii", $value, $class_id); if(mysqli_stmt_execute($stmt)){ echo ""; } else{ echo "ERROR in inserting records: $sql. " . mysqli_error($link); } } else{ echo "ERROR: Could not insert records: $sql. " . mysqli_error($link); } } // Close statement mysqli_stmt_close($stmt); // Close connection mysqli_close($link); echo "The selected students have been added"; ?>

Thank you, When I select three records with user IDs 6, 7 , 8, I get this output and assigns user_id (8) to all the selected records. <td><input type="checkbox" name="checkbox[<?php echo $row['user_id']; ?>]"></td> I am really stuck as I have no worked example to work from.

OK, so I have progressed a little, I am now using Prepared statements and now I can insert the number of rows based on the selections, and it will insert the class ID, however, only the last student's userID gets inserted in each row even when it is not selected. <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); ?> <?php mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); ?> <?php $servername = "xxxxxt"; $username = "webxxxx"; $password = "xxxx!"; $dbname = "xxx"; // Create connection $link = mysqli_connect($servername, $username, $password, $dbname); // Check connection if (!$link) { die("Connection failed: " . mysqli_connect_error()); } $checkbox = $_POST['checkbox']; $user_id = $_POST['user_id']; $class_id = $_POST['class_id']; $count = count($checkbox); for ($i = 0; $i < $count; $i++) { $sql = "INSERT INTO Class_List (user_id,class_id) VALUES (?, ?)"; if($stmt = mysqli_prepare($link, $sql)){ mysqli_stmt_bind_param($stmt, "ss", $user_id, $class_id); if(mysqli_stmt_execute($stmt)){ echo "Success!"; } else{ echo "ERROR in inserting records: $sql. " . mysqli_error($link); } } else{ echo "ERROR: Could not insert records: $sql. " . mysqli_error($link); } } // Close statement mysqli_stmt_close($stmt); // Close connection mysqli_close($link); ?>

My first attempt is in post number 1 My second attempt is is post number 7 after trying to act upon your suggestions with my little PHP coding experience. My third attempt was making the checkbox field an array, with the array index being the user_id value I am not a coder, but I can make some sense from worked examples/tutorials. So now my code is at this stage and really need some guidance: $class_id = $_POST['class_id']; // This value is from a dropdown $checkbox = $_POST['checkbox']; // This is a checkbox next to each record $user_id = $_POST['user_id']; // this is a hidden value output from the database (in a textbox) if (isset($_POST['submit'])) { if(!empty($_POST['checkbox'])) { foreach($_POST['checkbox'] as $i) { $query="INSERT INTO Class_List(user_id, class_id)VALUES('$user_id','$class_id')"; if (mysqli_query($conn, $query)) { echo "The selected records have been added successfully !"; } else { echo "Error: " . $sql . ":-" . mysqli_error($conn); } mysqli_close($conn); } } } ?>

Step 1 completed: Thanks I now need guidance with: - if any of the checkboxes are checked, you will get an array with the indexes being the user_ids (i would use array_keys() to get all of them as an array to loop over). you would then use a prepared query, prepared once before the start of any looping, to insert each row of data.

Hi, Thank you. I am trying to follow what you advised, I am not a programmer and new to PHP, I did some further research and tried to apply to what you said: HTML: <?php $outcome = ''; $count=1; $sel_query="SELECT * FROM User_Accounts_"; $stmt = $conn->prepare($sel_query); $stmt->execute(); $result = $stmt->get_result(); // get the mysqli result if($result->num_rows === 0) exit('No Users'); $i = 0; while($row = $result->fetch_assoc()) { ?> <td><input name="checkbox[]" type="checkbox" value="Yes" value=<?php echo $i++;?>></td> <td><input name="user_id" type="text" size="2" value="<?php echo $row["user_id"]; ?>" /></td> <td><?php echo $row["username"]; ?></td> <td><?php echo $row["firstname"]; ?></td> <td><?php echo $row["lastname"]; ?></td> <td><?php echo $row["School"]; ?></td> <td><?php echo $row["Year"]; ?></td> <td><?php echo $row["Form"]; ?></td> PHP <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); ?> <?php mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); ?> <?php $servername = "xxx"; $username = "xxx"; $password = "xxx"; $dbname = "xxx"; // Create connection $conn = mysqli_connect($servername, $username, $password, $dbname); // Check connection if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } $class_id = $_POST['class_id']; // This value is from a dropdown $checkbox = $_POST['checkbox']; // This is a checkbox next to each record $user_id = $_POST['user_id']; // this is a hidden value output from the database (in a textbox) $i=0 if (isset($_POST['submit'])) { foreach($_POST['checkbox'] as $i) { $query="INSERT INTO Class_List(user_id, class_id)VALUES('{$_POST['user_id'][$i]}', '{$_POST['class_id'][$i]}')"; if (mysqli_query($conn, $query)) { echo "The selected records have been added successfully !"; } else { echo "Error: " . $sql . ":-" . mysqli_error($conn); } mysqli_close($conn); } } ?> Now, I am getting an error: Notice: Uninitialized string offset: 1 (at the line foreach($_POST['checkbox'] as $i) { )

<td><input name="checkbox" type="checkbox" value="Yes"></td> <td><input name="user_id" type="text" size="2" value="<?php echo $row["user_id"]; ?>" /></td> <td><?php echo $row["username"]; ?></td> <td><?php echo $row["firstname"]; ?></td> <td><?php echo $row["lastname"]; ?></td> <td><?php echo $row["School"]; ?></td> <td><?php echo $row["Year"]; ?></td> <td><?php echo $row["Form"]; ?></td>

OK great, I found that at the EOF there was a curly bracket missing. So now, the append is working but it only adds the last row in the table, even if the others are selected and the last row isn't.

<?php $servername = "xxx"; $username = "xxxx"; $password = "xxxx"; $dbname = "web216-admin-6d5"; // Create connection $conn = mysqli_connect($servername, $username, $password, $dbname); // Check connection if (!$conn) { die("Connection failed: " . mysqli_connect_error()); } $class_id = $_POST['class_id']; // This value is from a dropdown $checkbox = $_POST['checkbox']; // This is a checkbox next to each record $user_id = $_POST['user_id']; // this is a hidden value output from the database (in a textbox) if(isset($_POST['submit'])) { for($i=0;$i<count($checkbox);$i++){ $query="INSERT INTO Class_List(user_id,class_id)VALUES('".$user_id[$i]."','".$class_id."')"; if (mysqli_query($conn, $query)) { echo "The selected records have been added successfully !"; echo "<meta http-equiv=\"refresh\" content=\"2;url=search_courses.php\"/>"; } else { echo "Error: " . $sql . ":-" . mysqli_error($conn); } mysqli_close($conn); } ?> Hi, I am trying to figure out how to insert the following values into another table if they have a checked box: $class_id = $_POST['class_id']; // This value is from a dropdown on the top of the page $checkbox = $_POST['checkbox']; // This is a checkbox next to each row $user_id = $_POST['user_id']; // this is a hidden value output from the database (in a textbox) in each row basically, each row in the table has a checkbox If the checkbox is checked then it should insert the user_id field from the checked rows and the value from a drop down (class_id) at the top of a page into another table. I have managed the code up to here but I need a tutorial or guidance to do the rest. At the moment I am getting error HTTP 500 I understand that the code is subject to sql injection, but will sort that out later

Thank you! (A silly mistake 🙉) Yes, on login, the user level is checked and the user is re-directed to the relevant page! so non admin will not see the admin options.

Hi, I am trying to get this script to execute as an administrator of an online system. If a user has forgotten their password, I enter their username and enter a new password which they can update later. I am not sure why this is not updating the password for the username entered? <?php // Initialize the session session_start(); // Check if the user is logged in, if not then redirect to login page if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){ header("location: login.php"); exit; } // Include config file require_once "config.php"; // Define variables and initialize with empty values $new_password = $confirm_password = ""; $new_password_err = $confirm_password_err = ""; // Processing form data when form is submitted if($_SERVER["REQUEST_METHOD"] == "POST"){ // Validate new password if(empty(trim($_POST["new_password"]))){ $new_password_err = "Please enter the new password."; } elseif(strlen(trim($_POST["new_password"])) < 6){ $new_password_err = "Password must have atleast 6 characters."; } else{ $new_password = trim($_POST["new_password"]); } // Validate confirm password if(empty(trim($_POST["confirm_password"]))){ $confirm_password_err = "Please confirm the password."; } else{ $confirm_password = trim($_POST["confirm_password"]); if(empty($new_password_err) && ($new_password != $confirm_password)){ $confirm_password_err = "Password did not match."; } } // Check input errors before updating the database if(empty($new_password_err) && empty($confirm_password_err)){ // Prepare an update statement $sql = "UPDATE User_Accounts_ SET password = ? WHERE username = ?"; if($stmt = mysqli_prepare($link, $sql)){ // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "ss", $param_password, $username); // Set parameters $param_password = password_hash($new_password, PASSWORD_DEFAULT); $username = $_POST['username']; // Attempt to execute the prepared statement if(mysqli_stmt_execute($stmt)){ // Password updated successfully. Destroy the session, and redirect to login page session_destroy(); header("location: login.php"); exit(); } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement mysqli_stmt_close($stmt); } } // Close connection mysqli_close($link); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Reset Password</title> <style type="text/css"> body{ font: 14px sans-serif; } .wrapper{ width: 350px; padding: 20px; } </style> </head> <body> <div class="wrapper"> <h2>Reset Password</h2> <p>Please fill out this form to reset your password.</p> <p><strong>Username</strong> <input type="text" name="username" class="form-control"> </p> <p>&nbsp;</p> <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post"> <div class="form-group <?php echo (!empty($new_password_err)) ? 'has-error' : ''; ?>"> <label>New Password</label> <input type="password" name="new_password" class="form-control" value="<?php echo $new_password; ?>"> <span class="help-block"><?php echo $new_password_err; ?></span> </div> <div class="form-group <?php echo (!empty($confirm_password_err)) ? 'has-error' : ''; ?>"> <label>Confirm Password</label> <input type="password" name="confirm_password" class="form-control"> <span class="help-block"><?php echo $confirm_password_err; ?></span> </div> <div class="form-group"> <input type="submit" class="btn btn-primary" value="Submit"> <a class="btn btn-link" href="welcome.php">Cancel</a> </div> </form> </div> </body> </html>

I didn't seem to locate the missing curly brace

Hi ! I am trying to translate my mysqli count query that works perfectly into prepared statements. Unfortunately, after playing around and using my knowledge of PS, I have come up with this script which fails to execute and returns a http 500 error. I may have missed something very silly, I require some guidance on fixing the error. <?php $conn = mysqli_connect("xxxx", "xxxx", "xxxx", "xxx"); $sel_query = "SELECT S1, B1 COUNT(IF(S1 = ?, 1, NULL)) 'Accepted', COUNT(IF(S1 = ?, 1, NULL)) 'Rejected', COUNT(IF(S1 = ?, 1, NULL)) 'Under_Review' FROM Enrol"; $stmt = $conn->prepare($sel_query); $Accepted="Accepted"; $Rejected="Rejected"; $Under_Review="Under Review"; $stmt->bind_param("sss",$Accepted, $Rejected, $Under_Review); $stmt->execute(); $result = $stmt->get_result(); // get the mysqli result if($result->num_rows === 0) exit('No records found!'); while($row = $result->fetch_assoc()) { ?> <tr> <td><?php echo $row["Accepted"]; ?></td> <td><?php echo $row["Rejected"]; ?></td> <td><?php echo $row["Under_Review"]; ?></td> </tr> </table>

I have but not sure which section can help me. Guidance needed please.

Thank you so much, with your support, I am learning as well as becoming a step closer to the end result. So, after looking at the PHP manual, I have altered the script , but now it is producing the error ""Notice: Undefined index for the following lines: <td><?php echo $row['Form_Group']; ?></td> <td><?php echo $row['Present']; ?></td> <td><?php echo $row['Absent']; ?></td> Here is the entire code <?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); ?> <?php mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); ?> <?php //Connection for database $conn = mysqli_connect("xxx", "xxxxxxxxxx", "xxxxxxxxxx", "xxxxxxx"); if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); exit(); } $sql = "SELECT Form_Group, COUNT(Presence LIKE '/') AS Present, COUNT(Presence LIKE 'N') AS Absent FROM attendance"; ?> <!doctype html> <html> <body> <h1 align="center">Summary</h1> <table border="1" align="center" style="line-height:25px;"> <tr> <th>Form</th> <th>Present</th> <th>Absent</th> </tr> <?php //Fetch Data form database if ($result = mysqli_query($conn, $sql)) { while ($row = mysqli_fetch_row($result)) { ?> <tr> <td><?php echo $row['Form_Group']; ?></td> <td><?php echo $row['Present']; ?></td> <td><?php echo $row['Absent']; ?></td> </tr> <?php } mysqli_free_result($result); } mysqli_close($conn); ?> </table> </body> </html>