TechMistress

Ugh, OK - I get the (int) part now. I think the problem seems to be that I don't know how to get the current user's rolename from the database. Here's my latest code. <?php session_start(); require("./init.php"); $user = (int) $_SESSION["userid"]; if (!isset($_SESSION["userid"])) { $template->assign("loginerror", 0); $template->display("login.tpl"); die(); } if($user->rolename){ $sql="SELECT ID, name, rolename FROM user WHERE rolename = 'Case Administrator' ORDER BY name"; } else { $sql="SELECT ID, name, rolename FROM user ORDER BY name"; } $result=mysql_query($sql); $options=""; while ($row=mysql_fetch_array($result)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options.="<OPTION VALUE=\"$ID\">".$name."</OPTION>\n "; } ?> <form name="message" action="messageck.php" method="post"> Subject: <input type="text" name="message_subject"><br> To: <SELECT NAME=message_to> <?php echo" <OPTION VALUE=0>Choose</option> $options </SELECT>"; ?>

Ok, tried this, but then it just shows the first sql query no matter what. if((int) $_SESSION["rolename"] == "User"){ $sql="SELECT ID, name, rolename FROM user WHERE rolename = 'Case Administrator' ORDER BY name"; $result=mysql_query($sql); } else { $sql="SELECT ID, name, rolename FROM user ORDER BY name"; $result=mysql_query($sql); } $options=""; while ($row=mysql_fetch_array($result)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options.="<OPTION VALUE=\"$ID\">".$name."</OPTION>\n "; }

Like I said, I don't know anything about coding, so I'm trying to learn as I go. I wouldn't know how to create a new session with rolename (and would only want it on this page anyway). Then, I wouldn't know how to do the while statements using the query codes you gave me. Getting more buried here, I expect!

Well, I'm getting closer... Realizing that I was using logic that was probably from smarty, I looked at the code again and realized what you said about rolename being a constant. I changed my if/else statement to this: <form name="message" action="messageck.php" method="post"> Subject: <input type="text" name="message_subject"><br> To: <SELECT NAME=message_to> <?php if (isset($_SESSION['userid']) && $_SESSION['rolename'] == $row['User']) { echo" <OPTION VALUE=0>Choose</option> $options </SELECT>"; } else { echo" <OPTION VALUE=0>Choose</option> $options2 </SELECT>"; } ?> Now it always shows $options2, no matter what my rolename - where before it was always showing $options1

No, my session just relates my user id - and rolename is simply a text field in the user table. When I'm logged in, I have to problem calling on other fields by using $user.xxx. I DID try using: $user = (int) $_SESSION["userid"]; $rolename = $user.rolename; (before the queries) and then using $rolename in the if/else statement, but it didn't work either. I have been using smarty templates in the software I'm using for this so perhaps the $user.rolename only applies to that. What is the proper format for an if/else statement like that?

Ok, below is the whole page code. What I want to happen is, if my rolename is "User" (which is just a text title in the db), then the dropdown box I see is options1 (which should be users with a rolename of "Case Administrator"), else, if I am any other rolename, just show all of the users. Right now, it's just always showing all user. <?php require("./init.php"); if (!isset($_SESSION["userid"])) { $template->assign("loginerror", 0); $template->display("login.tpl"); die(); } $user = (int) $_SESSION["userid"]; $sql="SELECT ID, name, rolename FROM user WHERE rolename = 'Case Administrator'"; $result=mysql_query($sql); $options=""; while ($row=mysql_fetch_array($result)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options.="<OPTION VALUE=\"$ID\">".$name."</OPTION>\n "; } $sql2="SELECT ID, name, rolename FROM user"; $result2=mysql_query($sql2); $options2=""; while ($row=mysql_fetch_array($result2)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options2.="<OPTION VALUE=\"$ID\">".$name."</OPTION>\n "; } ?> <form name="message" action="messageck.php" method="post"> Subject: <input type="text" name="message_subject"><br> To: <SELECT NAME=message_to> <?php if ($user.rolename == "User") { echo" <OPTION VALUE=0>Choose</option> $options </SELECT>"; } else { echo" <OPTION VALUE=0>Choose</option> $options2 </SELECT>"; } ?> <br> Message: <br> <textarea rows="20" cols="50" name="message_content"> </textarea> <?php echo '<input type="hidden" name="message_from" value="'.$user.'"><br>'; ?> <input type="submit" value="Submit"> </form>

You'll have to forgive me, because I have never coded in my life - I'm just learning! About the markup, it did return fine, because I caught that </option> thing earlier,so it looks like this: while ($row=mysql_fetch_array($result2)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options2.="<OPTION VALUE=\"$ID\">".$name."</OPTION>\n "; As far as the $user, it's set in the first part of my document with the session: if (!isset($_SESSION["userid"])) $user = (int) $_SESSION["userid"]; I know the user part is working, because I am only seeing MY messages, etc. (this is for a pm system). The 4olename part I thought was set in the queries part, so $user.rolename would be sufficient enough to say if ME, the user had a rolename of ... then do this.

The html options return perfect - it lists all of the users just fine. I even tested the form, chose one of the options and the form worked, chose that option and everything. Query 1 returns a list of all users in the database with the rolename of "Case Administrator" and Query 2 returns a list of all users in the database. It's when I tried to lay out both queries to address my if/else statement where something happens - instead of treating the queries separately, it's basically just returning query 2 every thime and ignoring query 1.

There are no errors. In the session, I define who I am (my user id). Then in the query I am fetching the rolename from the user table; and in the html form, I am setting an if/else statement saying in $user.rolename equals The only problem is what I stated already, but it's not really an error, it's just not performing correctly - it's not paying attention to my if/else, and just always returning $options2.

That IS all of the relevant code. The page starts with a session/user id. I call on all of the relevant data in the queries. The $rolename determines which user is online at the moment. The html form is spitting out all of the users in the dropdown, all of the time. I want it to show just users who match rolename "Case Administers" in the dropdown, if the current session user has a rolename of "User" - else, show all users from the user table.

Well, the html is fine and it's generating fine. Let me see if I can clarify: I have an if/else statement in my form. It says if I'm a particular user, I should see the query results for $options1 and if I'm else, I should see the query results of $options2. The problem is, no matter how I'm logged in, I'm seeing the results of $options2. So I don't know if this is a query problem or a php problem. Since the html comes out clean, I'm guessing it's not my if/else statement, but a problem with how I'm executing the queries.

Hello smarties! I have some code I've written, and it almost works! The problem is, no matter how I log in, the option selects are simply passing $options2 from my query. I'm sure I've got some bad syntax in here. Anyone here see it??? The Queries: $sql="SELECT ID, name, rolename FROM user WHERE rolename = 'Case Administrator'"; $result=mysql_query($sql); $sql2="SELECT ID, name, rolename FROM user"; $result2=mysql_query($sql2); $options=""; $options2=""; while ($row=mysql_fetch_array($result)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options.="<OPTION VALUE=\"$ID\">".$name; } while ($row=mysql_fetch_array($result2)) { $ID=$row["ID"]; $rolename=$row["rolename"]; $name=$row["name"]; $options2.="<OPTION VALUE=\"$ID\">".$name; } ?> The form: <form name="message" action="messageck.php" method="post"> Subject: <input type="text" name="message_subject"><br> To: <SELECT NAME=message_to> <?php if ($user.rolename == "User") { echo" <OPTION VALUE=0>Choose</option> $options</option> </SELECT>"; } else { echo" <OPTION VALUE=0>Choose</option> $options2</option> </SELECT>"; } ?>

SOLVED: ShortDesc = '".mysql_real_escape_string($_POST[shortDesc])."', DetailedDesc = '".mysql_real_escape_string($_POST[DetailedDesc])."',

Solved: ShortDesc = '".mysql_real_escape_string($_POST[shortDesc])."', DetailedDesc = '".mysql_real_escape_string($_POST[DetailedDesc])."',

Ok, I'm putting in or leaving out a , or a ; or something... Can someone help? Original code, gives me error about having an apostrophe in a couple of fields: $q1 = "insert into listings set ShortDesc ='$_POST[shortDesc]', DetailedDesc = '$_POST[DetailedDesc]', Price = '$_POST[Price]', currencyID = '$_POST[currencyID]', neighbourhood = '$_POST[neighbourhood]', PropertyType = '$_POST[PropertyType]', rooms = '$_POST[rooms]', bathrooms = '$_POST[bathrooms]', fireplace = '$_POST[fireplace]', garage = '$_POST[garage]', SquareFeet = '$_POST[squareFeet]', LotSize = '$_POST[LotSize]', HomeAge = '$_POST[HomeAge]', NearSchool = '$_POST[NearSchool]', NearTransit = '$_POST[NearTransit]', NearPark = '$_POST[NearPark]', OceanView = '$_POST[OceanView]', LakeView = '$_POST[LakeView]', MountainView = '$_POST[MountainView]', OceanWaterfront = '$_POST[OceanWaterfront]', LakeWaterfront = '$_POST[LakeWaterfront]', RiverWaterfront = '$_POST[RiverWaterfront]', image = '$ImageStr', DateAdded = '$t' "; mysql_query($q1) or die(mysql_error()); So, I added the mysql_real_escape_string on the two fields in question: ShortDesc = mysql_real_escape_string($_POST[shortDesc]), DetailedDesc = mysql_real_escape_string($_POST[DetailedDesc]), Price = '$_POST[Price]', currencyID = '$_POST[currencyID]', neighbourhood = '$_POST[neighbourhood]', PropertyType = '$_POST[PropertyType]', rooms = '$_POST[rooms]', bathrooms = '$_POST[bathrooms]', fireplace = '$_POST[fireplace]', garage = '$_POST[garage]', SquareFeet = '$_POST[squareFeet]', LotSize = '$_POST[LotSize]', HomeAge = '$_POST[HomeAge]', NearSchool = '$_POST[NearSchool]', NearTransit = '$_POST[NearTransit]', NearPark = '$_POST[NearPark]', OceanView = '$_POST[OceanView]', LakeView = '$_POST[LakeView]', MountainView = '$_POST[MountainView]', OceanWaterfront = '$_POST[OceanWaterfront]', LakeWaterfront = '$_POST[LakeWaterfront]', RiverWaterfront = '$_POST[RiverWaterfront]', image = '$ImageStr', DateAdded = '$t' "; but, this is breaks the post also. I get this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1235000', currencyID = '1', neighbourhood = '', PropertyType = 'W' at line 14 So now it's allowing the apostrophe, but it messed up the set. How do I use the escape portion, without breaking the set? I've tried so many ways, but it always breaks somewhere.

You can use javascript and the onsubmit function in your submit button to do one of the functions. I'd use it for the targeted page. Something like this: <script type="text/javascript"> function popsubmit(form) { var popName = "formPopUp"; var popStyle = "width=300,height=300,location=yes,resizable=yes"; form.action = "theOthersubmit.php"; form.target = popName; window.open("about:blank",popName,popStyle); } </script> Then your submit button would be something like this: <input type="submit" onclick="popsubmit(this.form);">

thank you, I was able to write a script to do it with your help and using mysql dump!

Ok, I'm putting in or leaving out a , or a ; or something... Can someone help? Original code, gives me error about having an apostrophe in it: $q1 = "insert into listings set AgentID = '$_POST[AgentID]', CategoryID = '$CategoryID', SubcategoryID = '$SubcategoryID', address = '$_POST[address]', city = '$_POST[city]', state = '$_POST[state]', province = '$_POST[province]', zip_code = '$_POST[zip_code]', country = '$_POST[country]', SubdivisionName = '$_POST[subdivisionName]', FeaturedListing = '$_POST[FeaturedListing]', ShortDesc ='$_POST[shortDesc]', DetailedDesc = '$_POST[DetailedDesc]', Price = '$_POST[Price]', currencyID = '$_POST[currencyID]', neighbourhood = '$_POST[neighbourhood]', PropertyType = '$_POST[PropertyType]', rooms = '$_POST[rooms]', bathrooms = '$_POST[bathrooms]', fireplace = '$_POST[fireplace]', garage = '$_POST[garage]', SquareFeet = '$_POST[squareFeet]', LotSize = '$_POST[LotSize]', HomeAge = '$_POST[HomeAge]', NearSchool = '$_POST[NearSchool]', NearTransit = '$_POST[NearTransit]', NearPark = '$_POST[NearPark]', OceanView = '$_POST[OceanView]', LakeView = '$_POST[LakeView]', MountainView = '$_POST[MountainView]', OceanWaterfront = '$_POST[OceanWaterfront]', LakeWaterfront = '$_POST[LakeWaterfront]', RiverWaterfront = '$_POST[RiverWaterfront]', image = '$ImageStr', DateAdded = '$t' "; mysql_query($q1) or die(mysql_error()); So, I added the mysql_real_escape_string on the two fields in question: AgentID = '$_POST[AgentID]', CategoryID = '$CategoryID', SubcategoryID = '$SubcategoryID', address = '$_POST[address]', city = '$_POST[city]', state = '$_POST[state]', province = '$_POST[province]', zip_code = '$_POST[zip_code]', country = '$_POST[country]', SubdivisionName = '$_POST[subdivisionName]', FeaturedListing = '$_POST[FeaturedListing]', ShortDesc = mysql_real_escape_string($_POST[shortDesc]), DetailedDesc = mysql_real_escape_string($_POST[DetailedDesc]), Price = '$_POST[Price]', currencyID = '$_POST[currencyID]', neighbourhood = '$_POST[neighbourhood]', PropertyType = '$_POST[PropertyType]', rooms = '$_POST[rooms]', bathrooms = '$_POST[bathrooms]', fireplace = '$_POST[fireplace]', garage = '$_POST[garage]', SquareFeet = '$_POST[squareFeet]', LotSize = '$_POST[LotSize]', HomeAge = '$_POST[HomeAge]', NearSchool = '$_POST[NearSchool]', NearTransit = '$_POST[NearTransit]', NearPark = '$_POST[NearPark]', OceanView = '$_POST[OceanView]', LakeView = '$_POST[LakeView]', MountainView = '$_POST[MountainView]', OceanWaterfront = '$_POST[OceanWaterfront]', LakeWaterfront = '$_POST[LakeWaterfront]', RiverWaterfront = '$_POST[RiverWaterfront]', image = '$ImageStr', DateAdded = '$t' "; but, this is breaks the post also. I get this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1235000', currencyID = '1', neighbourhood = '', PropertyType = 'W' at line 14 So now it's allowing the apostrophe, but it messed up the set. How do I continue the set? which is each line in single quotes, followed by a comma. I've tried so many ways, but it always breaks somewhere.

It might be that the existing jobs you had in the database don't have an id yet. It may apply only to new jobs. Look at the table and see if there is an id on those. If not, you can always add it for now and see (1, 2, 3). And then modify my code above to look like this: <td width="60%"><?php mysql_connect("localhost", "root", "") or die(mysql_error()); $result = @mysql_query("SELECT jobID,jobs FROM time_sheets.jobs"); print "<select name=\"Jobs\">\n"; print "<option selected value=\"Select a Job\">Select A Job</option>\n"; while ($row = mysql_fetch_assoc($result)) { $jobs = $row['jobs']; print "<option value=$jobs[jobID]>$jobs[jobs]</option>\n"; } print "</select>\n"; print "</p>\n"; ?></td>

Hi all, I'm hoping there's an answer to this! I would like to export all of my databases. In phpMyAdmin, I selected the export, then chose all of the databases and of course then chose the standard filename structure. It exported them all in one big file. Is there a way to export them all at once, but as individual .sql files (without doing it one by one). Thanks!

Thank you very much for the reply! The error message worked fine. It took me a little bit, but I also figured out the unlink function to delete temp file. else { echo "You have tried to upload an invalid file type, <a href=\"javascript:history.go(-1)\">Please try again.</a>"; unlink($_FILES['images']['tmp_name'][$key]); }

What I would do is to add an extra field to your jobs table and call it JobID, and make it a primary, auto_increment field. If you have phpMyAdmin, you can do this. You'll want these criteria: Field Name: jobID Type: INT Length: 5 Not Null Extra: auto_increment then make that field the primary/index field This way, your jobs will have an id and a name. You shouldn't have to alter how you add jobs to the database, an auto_increment index field should do it automatically.

Aha, ok. I see what's going on here. You have a value, but not a name. Sorry I missed it the first time. What are the columns in your table? Do you have a job id, job name, etc? What it needs to look like is something like this: print "<option value=$jobs[id]>$jobs[name]</option>\n"; that way, the value of the selector is the job id, and what shows on the form is the job name. In addition, your select box name shouldn't have any spaces; so it should be like: print "<select name=\"JobName\">\n"; When you put "select a job", you probably meant for that to be the first item they see in the drop down, which would mean it would be like this: print "<select name=\"JobName\">\n"; print "<option selected value="Select a Job">Select a Job</option>\n";

Ok, but if there is enough for 2-4 digits, you would at least see a letter or two, right? If it is just white space, then it's a problem with the query or the database. If you can see any letters in there, then it's something else. Do you have a screen shot or a place to go look at the page? Also, if you're working live, view the page source and see if you see the list of jobs there.

The code looks pretty good. I'm no expert, just trying to help, but you have select jobs from jobs. try select jobs FROM time_sheets.jobs and get rid of the whole line: mysql_select_db I'm assuming you have a column named jobs in a table named jobs in a database named time_sheets, right? Are there not any entries showing up at all, or are they there, but you can't see them off to the right?