Jump to content

gfoisy

Members
 View Profile  See their activity

  • Posts

    27

  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

gfoisy's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. gfoisy
    My apologies that I am a complete novice at this site, PHP and MYSQL! Below is my entire page code generated from a PHP Code generator. If I want to apply this function to the "Venue" field only, how exactly would I edit the code and where? This php page is a viewing page as well as a form to add and/or edit records. THX for your help!!! <?php session_start(); if (isset($_GET["order"])) $order = @$_GET["order"]; if (isset($_GET["type"])) $ordtype = @$_GET["type"]; if (isset($_POST["filter"])) $filter = @$_POST["filter"]; if (isset($_POST["filter_field"])) $filterfield = @$_POST["filter_field"]; $wholeonly = false; if (isset($_POST["wholeonly"])) $wholeonly = @$_POST["wholeonly"]; if (!isset($order) && isset($_SESSION["order"])) $order = $_SESSION["order"]; if (!isset($ordtype) && isset($_SESSION["type"])) $ordtype = $_SESSION["type"]; if (!isset($filter) && isset($_SESSION["filter"])) $filter = $_SESSION["filter"]; if (!isset($filterfield) && isset($_SESSION["filter_field"])) $filterfield = $_SESSION["filter_field"]; ?> <html> <head> <title>Garry's Gigs</title> <meta name="generator" http-equiv="content-type" content="text/html"> <style type="text/css"> body { background-color: #FFFFFF; color: #004080; font-family: Arial; font-size: 12px; } .bd { background-color: #FFFFFF; color: #004080; font-family: Arial; font-size: 12px; } .tbl { background-color: #FFFFFF; } a:link { color: #FF0000; font-family: Arial; font-size: 12px; } a:active { color: #0000FF; font-family: Arial; font-size: 12px; } a:visited { color: #800080; font-family: Arial; font-size: 12px; } .hr { background-color: #336699; color: #FFFFFF; font-family: Arial; font-size: 12px; } a.hr:link { color: #FFFFFF; font-family: Arial; font-size: 12px; } a.hr:active { color: #FFFFFF; font-family: Arial; font-size: 12px; } a.hr:visited { color: #FFFFFF; font-family: Arial; font-size: 12px; } .dr { background-color: #FFFFFF; color: #000000; font-family: Arial; font-size: 12px; } .sr { background-color: #FFFFCF; color: #000000; font-family: Arial; font-size: 12px; } </style> </head> <body> <table class="bd" width="100%"><tr><td class="hr"><h2>Garry's Gigs</h2></td></tr></table> <?php if (!login()) exit; ?> <div style="float: right"><a href="index.php?a=logout">[ Logout ]</a></div> <br> <?php $conn = connect(); $showrecs = 20; $pagerange = 10; $a = @$_GET["a"]; $recid = @$_GET["recid"]; $page = @$_GET["page"]; if (!isset($page)) $page = 1; $sql = @$_POST["sql"]; switch ($sql) { case "insert": sql_insert(); break; case "update": sql_update(); break; case "delete": sql_delete(); break; } switch ($a) { case "add": addrec(); break; case "view": viewrec($recid); break; case "edit": editrec($recid); break; case "del": deleterec($recid); break; default: select(); break; } if (isset($order)) $_SESSION["order"] = $order; if (isset($ordtype)) $_SESSION["type"] = $ordtype; if (isset($filter)) $_SESSION["filter"] = $filter; if (isset($filterfield)) $_SESSION["filter_field"] = $filterfield; if (isset($wholeonly)) $_SESSION["wholeonly"] = $wholeonly; mysql_close($conn); ?> <table class="bd" width="100%"><tr><td class="hr"> </td></tr></table> </body> </html> <?php function select() { global $a; global $showrecs; global $page; global $filter; global $filterfield; global $wholeonly; global $order; global $ordtype; if ($a == "reset") { $filter = ""; $filterfield = ""; $wholeonly = ""; $order = ""; $ordtype = ""; } $checkstr = ""; if ($wholeonly) $checkstr = " checked"; if ($ordtype == "asc") { $ordtypestr = "desc"; } else { $ordtypestr = "asc"; } $res = sql_select(); $count = sql_getrecordcount(); if ($count % $showrecs != 0) { $pagecount = intval($count / $showrecs) + 1; } else { $pagecount = intval($count / $showrecs); } $startrec = $showrecs * ($page - 1); if ($startrec < $count) {mysql_data_seek($res, $startrec);} $reccount = min($showrecs * $page, $count); ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr><td>Table: gigs</td></tr> <tr><td>Records shown <?php echo $startrec + 1 ?> - <?php echo $reccount ?> of <?php echo $count ?></td></tr> </table> <hr size="1" noshade> <form action="index.php" method="post"> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><b>Custom Filter</b> </td> <td><input type="text" name="filter" value="<?php echo $filter ?>"></td> <td><select name="filter_field"> <option value="">All Fields</option> <option value="<?php echo "Date" ?>"<?php if ($filterfield == "Date") { echo "selected"; } ?>><?php echo htmlspecialchars("Date") ?></option> <option value="<?php echo "Time" ?>"<?php if ($filterfield == "Time") { echo "selected"; } ?>><?php echo htmlspecialchars("Time") ?></option> <option value="<?php echo "City/ST" ?>"<?php if ($filterfield == "City/ST") { echo "selected"; } ?>><?php echo htmlspecialchars("City/ST") ?></option> <option value="<?php echo "Venue" ?>"<?php if ($filterfield == "Venue") { echo "selected"; } ?>><?php echo htmlspecialchars("Venue") ?></option> <option value="<?php echo "Description" ?>"<?php if ($filterfield == "Description") { echo "selected"; } ?>><?php echo htmlspecialchars("Description") ?></option> <option value="<?php echo "Cost" ?>"<?php if ($filterfield == "Cost") { echo "selected"; } ?>><?php echo htmlspecialchars("Cost") ?></option> </select></td> <td><input type="checkbox" name="wholeonly"<?php echo $checkstr ?>>Whole words only</td> </td></tr> <tr> <td> </td> <td><input type="submit" name="action" value="Apply Filter"></td> <td><a href="index.php?a=reset">Reset Filter</a></td> </tr> </table> </form> <hr size="1" noshade> <?php showpagenav($page, $pagecount); ?> <br> <table class="tbl" border="0" cellspacing="1" cellpadding="5"width="100%"> <tr> <td class="hr"> </td> <td class="hr"> </td> <td class="hr"> </td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Date" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Date") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Time" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Time") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "City/ST" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("City/ST") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Venue" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Venue") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Description" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Description") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Cost" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Cost") ?></b></a></td> </tr> <?php for ($i = $startrec; $i < $reccount; $i++) { $row = mysql_fetch_assoc($res); $style = "dr"; if ($i % 2 != 0) { $style = "sr"; } ?> <tr> <td class="<?php echo $style ?>"><a href="index.php?a=view&recid=<?php echo $i ?>">View</a></td> <td class="<?php echo $style ?>"><a href="index.php?a=edit&recid=<?php echo $i ?>">Edit</a></td> <td class="<?php echo $style ?>"><a href="index.php?a=del&recid=<?php echo $i ?>">Delete</a></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Date"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Time"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["City/ST"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Venue"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Description"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Cost"]) ?></td> </tr> <?php } mysql_free_result($res); ?> </table> <br> <?php showpagenav($page, $pagecount); ?> <?php } ?> <?php function login() { global $_POST; global $_SESSION; global $_GET; if (isset($_GET["a"]) && ($_GET["a"] == 'logout')) $_SESSION["logged_in"] = false; if (!isset($_SESSION["logged_in"])) $_SESSION["logged_in"] = false; if (!$_SESSION["logged_in"]) { $login = ""; $password = ""; if (isset($_POST["login"])) $login = @$_POST["login"]; if (isset($_POST["password"])) $password = @$_POST["password"]; if (($login != "") && ($password != "")) { if (($login == "name") && ($password == "1234")) { $_SESSION["logged_in"] = true; } else { ?> <p><b><font color="-1">Sorry, the login/password combination you've entered is invalid</font></b></p> <?php } } }if (isset($_SESSION["logged_in"]) && (!$_SESSION["logged_in"])) { ?> <form action="index.php" method="post"> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td>Login</td> <td><input type="text" name="login" value="<?php echo $login ?>"></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password" value="<?php echo $password ?>"></td> </tr> <tr> <td><input type="submit" name="action" value="Login"></td> </tr> </table> </form> <?php } if (!isset($_SESSION["logged_in"])) $_SESSION["logged_in"] = false; return $_SESSION["logged_in"]; } ?> <?php function showrow($row, $recid) { ?> <table class="tbl" border="0" cellspacing="1" cellpadding="5"width="50%"> <tr> <td class="hr"><?php echo htmlspecialchars("Date")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Date"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Time")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Time"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("City/ST")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["City/ST"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Venue")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Venue"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Description")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Description"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Cost")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Cost"]) ?></td> </tr> </table> <?php } ?> <?php function showroweditor($row, $iseditmode) { global $conn; ?> <table class="tbl" border="0" cellspacing="1" cellpadding="5"width="50%"> <tr> <td class="hr"><?php echo htmlspecialchars("Date")." " ?></td> <td class="dr"><input type="text" name="Date" value="<?php echo str_replace('"', '"', trim($row["Date"])) ?>"></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Time")." " ?></td> <td class="dr"><input type="text" name="Time" maxlength="10" value="<?php echo str_replace('"', '"', trim($row["Time"])) ?>"></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("City/ST")." " ?></td> <td class="dr"><input type="text" name="City/ST" maxlength="45" value="<?php echo str_replace('"', '"', trim($row["City/ST"])) ?>"></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Venue")." " ?></td> <td class="dr"><font face="MS Sans Serif"> <textarea cols="35" rows="4" name="Venue" maxlength="100" style="font-family: MS Reference Sans Serif"><?php echo str_replace('"', '"', trim($row["Venue"])) ?></textarea></font></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Description")." " ?></td> <td class="dr"> <textarea cols="35" rows="4" name="Description" maxlength="100" style="font-family: MS Reference Sans Serif"><?php echo str_replace('"', '"', trim($row["Description"])) ?></textarea></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Cost")." " ?></td> <td class="dr"><input type="text" name="Cost" maxlength="10" value="<?php echo str_replace('"', '"', trim($row["Cost"])) ?>"></td> </tr> </table> <?php } ?> <?php function showpagenav($page, $pagecount) { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php?a=add">Add Record</a> </td> <?php if ($page > 1) { ?> <td><a href="index.php?page=<?php echo $page - 1 ?>"><< Prev</a> </td> <?php } ?> <?php global $pagerange; if ($pagecount > 1) { if ($pagecount % $pagerange != 0) { $rangecount = intval($pagecount / $pagerange) + 1; } else { $rangecount = intval($pagecount / $pagerange); } for ($i = 1; $i < $rangecount + 1; $i++) { $startpage = (($i - 1) * $pagerange) + 1; $count = min($i * $pagerange, $pagecount); if ((($page >= $startpage) && ($page <= ($i * $pagerange)))) { for ($j = $startpage; $j < $count + 1; $j++) { if ($j == $page) { ?> <td><b><?php echo $j ?></b></td> <?php } else { ?> <td><a href="index.php?page=<?php echo $j ?>"><?php echo $j ?></a></td> <?php } } } else { ?> <td><a href="index.php?page=<?php echo $startpage ?>"><?php echo $startpage ."..." .$count ?></a></td> <?php } } } ?> <?php if ($page < $pagecount) { ?> <td> <a href="index.php?page=<?php echo $page + 1 ?>">Next >></a> </td> <?php } ?> </tr> </table> <?php } ?> <?php function showrecnav($a, $recid, $count) { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php">Index Page</a></td> <?php if ($recid > 0) { ?> <td><a href="index.php?a=<?php echo $a ?>&recid=<?php echo $recid - 1 ?>">Prior Record</a></td> <?php } if ($recid < $count - 1) { ?> <td><a href="index.php?a=<?php echo $a ?>&recid=<?php echo $recid + 1 ?>">Next Record</a></td> <?php } ?> </tr> </table> <hr size="1" noshade> <?php } ?> <?php function addrec() { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php">Index Page</a></td> </tr> </table> <hr size="1" noshade> <form enctype="multipart/form-data" action="index.php" method="post"> <p><input type="hidden" name="sql" value="insert"></p> <?php $row = array( "Date" => "", "Time" => "", "City/ST" => "", "Venue" => "", "Description" => "", "Cost" => ""); showroweditor($row, false); ?> <p><input type="submit" name="action" value="Post"></p> </form> <?php } ?> <?php function viewrec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("view", $recid, $count); ?> <br> <?php showrow($row, $recid) ?> <br> <hr size="1" noshade> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php?a=add">Add Record</a></td> <td><a href="index.php?a=edit&recid=<?php echo $recid ?>">Edit Record</a></td> <td><a href="index.php?a=del&recid=<?php echo $recid ?>">Delete Record</a></td> </tr> </table> <?php mysql_free_result($res); } ?> <?php function editrec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("edit", $recid, $count); ?> <br> <form enctype="multipart/form-data" action="index.php" method="post"> <input type="hidden" name="sql" value="update"> <input type="hidden" name="xDate" value="<?php echo $row["Date"] ?>"> <input type="hidden" name="xTime" value="<?php echo $row["Time"] ?>"> <input type="hidden" name="xCity/ST" value="<?php echo $row["City/ST"] ?>"> <input type="hidden" name="xCost" value="<?php echo $row["Cost"] ?>"> <?php showroweditor($row, true); ?> <p><input type="submit" name="action" value="Post"></p> </form> <?php mysql_free_result($res); } ?> <?php function deleterec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("del", $recid, $count); ?> <br> <form action="index.php" method="post"> <input type="hidden" name="sql" value="delete"> <input type="hidden" name="xDate" value="<?php echo $row["Date"] ?>"> <input type="hidden" name="xTime" value="<?php echo $row["Time"] ?>"> <input type="hidden" name="xCity/ST" value="<?php echo $row["City/ST"] ?>"> <input type="hidden" name="xCost" value="<?php echo $row["Cost"] ?>"> <?php showrow($row, $recid) ?> <p><input type="submit" name="action" value="Confirm"></p> </form> <?php mysql_free_result($res); } ?> <?php function connect() { $conn = mysql_connect("localhost", "username", "1234"); mysql_select_db("database"); return $conn; } function sqlvalue($val, $quote) { if ($quote) $tmp = sqlstr($val); else $tmp = $val; if ($tmp == "") $tmp = "NULL"; elseif ($quote) $tmp = "'".$tmp."'"; return $tmp; } function sqlstr($val) { return mysql_real_escape_string($val); } function sql_select() { global $conn; global $order; global $ordtype; global $filter; global $filterfield; global $wholeonly; $filterstr = sqlstr($filter); if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%"; $sql = "SELECT `Date`, `Time`, `City/ST`, `Venue`, `Description`, `Cost` FROM `gigs`"; if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') { $sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'"; } elseif (isset($filterstr) && $filterstr!='') { $sql .= " where (`Date` like '" .$filterstr ."') or (`Time` like '" .$filterstr ."') or (`City/ST` like '" .$filterstr ."') or (`Venue` like '" .$filterstr ."') or (`Description` like '" .$filterstr ."') or (`Cost` like '" .$filterstr ."')"; } if (isset($order) && $order!='') $sql .= " order by `" .sqlstr($order) ."`"; if (isset($ordtype) && $ordtype!='') $sql .= " " .sqlstr($ordtype); $res = mysql_query($sql, $conn) or die(mysql_error()); return $res; } function sql_getrecordcount() { global $conn; global $order; global $ordtype; global $filter; global $filterfield; global $wholeonly; $filterstr = sqlstr($filter); if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%"; $sql = "SELECT COUNT(*) FROM `gigs`"; if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') { $sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'"; } elseif (isset($filterstr) && $filterstr!='') { $sql .= " where (`Date` like '" .$filterstr ."') or (`Time` like '" .$filterstr ."') or (`City/ST` like '" .$filterstr ."') or (`Venue` like '" .$filterstr ."') or (`Description` like '" .$filterstr ."') or (`Cost` like '" .$filterstr ."')"; } $res = mysql_query($sql, $conn) or die(mysql_error()); $row = mysql_fetch_assoc($res); reset($row); return current($row); } function sql_insert() { global $conn; global $_POST; $sql = "insert into `gigs` (`Date`, `Time`, `City/ST`, `Venue`, `Description`, `Cost`) values (" .sqlvalue(@$_POST["Date"], true).", " .sqlvalue(@$_POST["Time"], true).", " .sqlvalue(@$_POST["City/ST"], true).", " .sqlvalue(@$_POST["Venue"], true).", " .sqlvalue(@$_POST["Description"], true).", " .sqlvalue(@$_POST["Cost"], true).")"; mysql_query($sql, $conn) or die(mysql_error()); } function sql_update() { global $conn; global $_POST; $sql = "update `gigs` set `Date`=" .sqlvalue(@$_POST["Date"], true).", `Time`=" .sqlvalue(@$_POST["Time"], true).", `City/ST`=" .sqlvalue(@$_POST["City/ST"], true).", `Venue`=" .sqlvalue(@$_POST["Venue"], true).", `Description`=" .sqlvalue(@$_POST["Description"], true).", `Cost`=" .sqlvalue(@$_POST["Cost"], true) ." where " .primarykeycondition(); mysql_query($sql, $conn) or die(mysql_error()); } function sql_delete() { global $conn; $sql = "delete from `gigs` where " .primarykeycondition(); mysql_query($sql, $conn) or die(mysql_error()); } function primarykeycondition() { global $_POST; $pk = ""; $pk .= "(`Date`"; if (@$_POST["xDate"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xDate"], true); }; $pk .= ") and "; $pk .= "(`Time`"; if (@$_POST["xTime"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xTime"], true); }; $pk .= ") and "; $pk .= "(`City/ST`"; if (@$_POST["xCity/ST"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xCity/ST"], true); }; $pk .= ") and "; $pk .= "(`Cost`"; if (@$_POST["xCost"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xCost"], true); }; $pk .= ")"; return $pk; } ?>
  2. gfoisy
    What section should I be in?
  3. gfoisy
    I am using a PHP form to enter information into a text field and simply want the users to press the enter key as they would normally type a paragraph. I then need this information to display the line breaks as they were typed versus as all in one row. I am a complete novice in PHP and MySQL. Is there a simple way to code this so it happens automatically? I found a reference to nl2br but don't know where to place the code or if that's the answer. HELP! THX
  4. gfoisy
    Not sure what happened, but now it works! I can edit and add new records and just type normally with apostrophes and it works perfectly. No clue. BUT.... THANKS!!! You ROCK!
  5. gfoisy
    It read like this, so I turned off the first one: ; Magic quotes ; ; Magic quotes for incoming GET/POST/Cookie data. magic_quotes_gpc = On ; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. magic_quotes_runtime = Off ; Use Sybase-style magic quotes (escape ' with '' instead of \'). magic_quotes_sybase = Off
  6. gfoisy
    I went into the server side php.ini and turned it off there. Only the first one was on... the other two related ones were off. Make sense?
  7. gfoisy
    I inserted that code at the top of my php page and published it and ran it. Now at the top of my form page, it says: Magic Quotes Enabled". The form comes up fine.... but when I edit a record and put the apostrophe back in and then post it, it returns the data with a \ before the apostrophe still. Ex: O\'Brien
  8. gfoisy
    Not aware of Magic Quotes on... although I don't know anything about it either, other than what I just read from your link you sent.
  9. gfoisy
    Just to clarify..... I'm not receiving any errors anymore. It just inserts a \ infront of the apostrophe. For example: O\'Brien looks like this versus - O'Brien
  10. gfoisy
    Here's the entire page code: THANKS FOR YOUR HELP! <?php session_start(); if (isset($_GET["order"])) $order = @$_GET["order"]; if (isset($_GET["type"])) $ordtype = @$_GET["type"]; if (isset($_POST["filter"])) $filter = @$_POST["filter"]; if (isset($_POST["filter_field"])) $filterfield = @$_POST["filter_field"]; $wholeonly = false; if (isset($_POST["wholeonly"])) $wholeonly = @$_POST["wholeonly"]; if (!isset($order) && isset($_SESSION["order"])) $order = $_SESSION["order"]; if (!isset($ordtype) && isset($_SESSION["type"])) $ordtype = $_SESSION["type"]; if (!isset($filter) && isset($_SESSION["filter"])) $filter = $_SESSION["filter"]; if (!isset($filterfield) && isset($_SESSION["filter_field"])) $filterfield = $_SESSION["filter_field"]; ?> <html> <head> <title>Garry's Gigs</title> <meta name="generator" http-equiv="content-type" content="text/html"> <style type="text/css"> body { background-color: #FFFFFF; color: #004080; font-family: Arial; font-size: 12px; } .bd { background-color: #FFFFFF; color: #004080; font-family: Arial; font-size: 12px; } .tbl { background-color: #FFFFFF; } a:link { color: #FF0000; font-family: Arial; font-size: 12px; } a:active { color: #0000FF; font-family: Arial; font-size: 12px; } a:visited { color: #800080; font-family: Arial; font-size: 12px; } .hr { background-color: #336699; color: #FFFFFF; font-family: Arial; font-size: 12px; } a.hr:link { color: #FFFFFF; font-family: Arial; font-size: 12px; } a.hr:active { color: #FFFFFF; font-family: Arial; font-size: 12px; } a.hr:visited { color: #FFFFFF; font-family: Arial; font-size: 12px; } .dr { background-color: #FFFFFF; color: #000000; font-family: Arial; font-size: 12px; } .sr { background-color: #FFFFCF; color: #000000; font-family: Arial; font-size: 12px; } </style> </head> <body> <table class="bd" width="100%"><tr><td class="hr"><h2>Garry's Gigs</h2></td></tr></table> <?php if (!login()) exit; ?> <div style="float: right"><a href="index.php?a=logout">[ Logout ]</a></div> <br> <?php $conn = connect(); $showrecs = 20; $pagerange = 10; $a = @$_GET["a"]; $recid = @$_GET["recid"]; $page = @$_GET["page"]; if (!isset($page)) $page = 1; $sql = @$_POST["sql"]; switch ($sql) { case "insert": sql_insert(); break; case "update": sql_update(); break; case "delete": sql_delete(); break; } switch ($a) { case "add": addrec(); break; case "view": viewrec($recid); break; case "edit": editrec($recid); break; case "del": deleterec($recid); break; default: select(); break; } if (isset($order)) $_SESSION["order"] = $order; if (isset($ordtype)) $_SESSION["type"] = $ordtype; if (isset($filter)) $_SESSION["filter"] = $filter; if (isset($filterfield)) $_SESSION["filter_field"] = $filterfield; if (isset($wholeonly)) $_SESSION["wholeonly"] = $wholeonly; mysql_close($conn); ?> <table class="bd" width="100%"><tr><td class="hr"> </td></tr></table> </body> </html> <?php function select() { global $a; global $showrecs; global $page; global $filter; global $filterfield; global $wholeonly; global $order; global $ordtype; if ($a == "reset") { $filter = ""; $filterfield = ""; $wholeonly = ""; $order = ""; $ordtype = ""; } $checkstr = ""; if ($wholeonly) $checkstr = " checked"; if ($ordtype == "asc") { $ordtypestr = "desc"; } else { $ordtypestr = "asc"; } $res = sql_select(); $count = sql_getrecordcount(); if ($count % $showrecs != 0) { $pagecount = intval($count / $showrecs) + 1; } else { $pagecount = intval($count / $showrecs); } $startrec = $showrecs * ($page - 1); if ($startrec < $count) {mysql_data_seek($res, $startrec);} $reccount = min($showrecs * $page, $count); ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr><td>Table: gigs</td></tr> <tr><td>Records shown <?php echo $startrec + 1 ?> - <?php echo $reccount ?> of <?php echo $count ?></td></tr> </table> <hr size="1" noshade> <form action="index.php" method="post"> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><b>Custom Filter</b> </td> <td><input type="text" name="filter" value="<?php echo $filter ?>"></td> <td><select name="filter_field"> <option value="">All Fields</option> <option value="<?php echo "Date" ?>"<?php if ($filterfield == "Date") { echo "selected"; } ?>><?php echo htmlspecialchars("Date") ?></option> <option value="<?php echo "Time" ?>"<?php if ($filterfield == "Time") { echo "selected"; } ?>><?php echo htmlspecialchars("Time") ?></option> <option value="<?php echo "City/ST" ?>"<?php if ($filterfield == "City/ST") { echo "selected"; } ?>><?php echo htmlspecialchars("City/ST") ?></option> <option value="<?php echo "Venue" ?>"<?php if ($filterfield == "Venue") { echo "selected"; } ?>><?php echo htmlspecialchars("Venue") ?></option> <option value="<?php echo "Description" ?>"<?php if ($filterfield == "Description") { echo "selected"; } ?>><?php echo htmlspecialchars("Description") ?></option> <option value="<?php echo "Cost" ?>"<?php if ($filterfield == "Cost") { echo "selected"; } ?>><?php echo htmlspecialchars("Cost") ?></option> </select></td> <td><input type="checkbox" name="wholeonly"<?php echo $checkstr ?>>Whole words only</td> </td></tr> <tr> <td> </td> <td><input type="submit" name="action" value="Apply Filter"></td> <td><a href="index.php?a=reset">Reset Filter</a></td> </tr> </table> </form> <hr size="1" noshade> <?php showpagenav($page, $pagecount); ?> <br> <table class="tbl" border="0" cellspacing="1" cellpadding="5"width="100%"> <tr> <td class="hr"> </td> <td class="hr"> </td> <td class="hr"> </td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Date" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Date") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Time" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Time") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "City/ST" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("City/ST") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Venue" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Venue") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Description" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Description") ?></b></a></td> <td class="hr"><a class="hr" href="index.php?order=<?php echo "Cost" ?>&type=<?php echo $ordtypestr ?>"> <b><?php echo htmlspecialchars("Cost") ?></b></a></td> </tr> <?php for ($i = $startrec; $i < $reccount; $i++) { $row = mysql_fetch_assoc($res); $style = "dr"; if ($i % 2 != 0) { $style = "sr"; } ?> <tr> <td class="<?php echo $style ?>"><a href="index.php?a=view&recid=<?php echo $i ?>">View</a></td> <td class="<?php echo $style ?>"><a href="index.php?a=edit&recid=<?php echo $i ?>">Edit</a></td> <td class="<?php echo $style ?>"><a href="index.php?a=del&recid=<?php echo $i ?>">Delete</a></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Date"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Time"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["City/ST"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Venue"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Description"]) ?></td> <td class="<?php echo $style ?>"><?php echo htmlspecialchars($row["Cost"]) ?></td> </tr> <?php } mysql_free_result($res); ?> </table> <br> <?php showpagenav($page, $pagecount); ?> <?php } ?> <?php function login() { global $_POST; global $_SESSION; global $_GET; if (isset($_GET["a"]) && ($_GET["a"] == 'logout')) $_SESSION["logged_in"] = false; if (!isset($_SESSION["logged_in"])) $_SESSION["logged_in"] = false; if (!$_SESSION["logged_in"]) { $login = ""; $password = ""; if (isset($_POST["login"])) $login = @$_POST["login"]; if (isset($_POST["password"])) $password = @$_POST["password"]; if (($login != "") && ($password != "")) { if (($login == "test") && ($password == "test1234")) { $_SESSION["logged_in"] = true; } else { ?> <p><b><font color="-1">Sorry, the login/password combination you've entered is invalid</font></b></p> <?php } } }if (isset($_SESSION["logged_in"]) && (!$_SESSION["logged_in"])) { ?> <form action="index.php" method="post"> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td>Login</td> <td><input type="text" name="login" value="<?php echo $login ?>"></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password" value="<?php echo $password ?>"></td> </tr> <tr> <td><input type="submit" name="action" value="Login"></td> </tr> </table> </form> <?php } if (!isset($_SESSION["logged_in"])) $_SESSION["logged_in"] = false; return $_SESSION["logged_in"]; } ?> <?php function showrow($row, $recid) { ?> <table class="tbl" border="0" cellspacing="1" cellpadding="5"width="50%"> <tr> <td class="hr"><?php echo htmlspecialchars("Date")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Date"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Time")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Time"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("City/ST")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["City/ST"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Venue")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Venue"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Description")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Description"]) ?></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Cost")." " ?></td> <td class="dr"><?php echo htmlspecialchars($row["Cost"]) ?></td> </tr> </table> <?php } ?> <?php function showroweditor($row, $iseditmode) { global $conn; ?> <table class="tbl" border="0" cellspacing="1" cellpadding="5"width="50%"> <tr> <td class="hr"><?php echo htmlspecialchars("Date")." " ?></td> <td class="dr"><input type="text" name="Date" value="<?php echo str_replace('"', '"', trim($row["Date"])) ?>"></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Time")." " ?></td> <td class="dr"><input type="text" name="Time" maxlength="10" value="<?php echo str_replace('"', '"', trim($row["Time"])) ?>"></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("City/ST")." " ?></td> <td class="dr"><input type="text" name="City/ST" maxlength="45" value="<?php echo str_replace('"', '"', trim($row["City/ST"])) ?>"></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Venue")." " ?></td> <td class="dr"><font face="MS Sans Serif"> <textarea cols="35" rows="4" name="Venue" maxlength="100" style="font-family: MS Reference Sans Serif"><?php echo str_replace('"', '"', trim($row["Venue"])) ?></textarea></font></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Description")." " ?></td> <td class="dr"> <textarea cols="35" rows="4" name="Description" maxlength="100" style="font-family: MS Reference Sans Serif"><?php echo str_replace('"', '"', trim($row["Description"])) ?></textarea></td> </tr> <tr> <td class="hr"><?php echo htmlspecialchars("Cost")." " ?></td> <td class="dr"><input type="text" name="Cost" maxlength="10" value="<?php echo str_replace('"', '"', trim($row["Cost"])) ?>"></td> </tr> </table> <?php } ?> <?php function showpagenav($page, $pagecount) { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php?a=add">Add Record</a> </td> <?php if ($page > 1) { ?> <td><a href="index.php?page=<?php echo $page - 1 ?>"><< Prev</a> </td> <?php } ?> <?php global $pagerange; if ($pagecount > 1) { if ($pagecount % $pagerange != 0) { $rangecount = intval($pagecount / $pagerange) + 1; } else { $rangecount = intval($pagecount / $pagerange); } for ($i = 1; $i < $rangecount + 1; $i++) { $startpage = (($i - 1) * $pagerange) + 1; $count = min($i * $pagerange, $pagecount); if ((($page >= $startpage) && ($page <= ($i * $pagerange)))) { for ($j = $startpage; $j < $count + 1; $j++) { if ($j == $page) { ?> <td><b><?php echo $j ?></b></td> <?php } else { ?> <td><a href="index.php?page=<?php echo $j ?>"><?php echo $j ?></a></td> <?php } } } else { ?> <td><a href="index.php?page=<?php echo $startpage ?>"><?php echo $startpage ."..." .$count ?></a></td> <?php } } } ?> <?php if ($page < $pagecount) { ?> <td> <a href="index.php?page=<?php echo $page + 1 ?>">Next >></a> </td> <?php } ?> </tr> </table> <?php } ?> <?php function showrecnav($a, $recid, $count) { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php">Index Page</a></td> <?php if ($recid > 0) { ?> <td><a href="index.php?a=<?php echo $a ?>&recid=<?php echo $recid - 1 ?>">Prior Record</a></td> <?php } if ($recid < $count - 1) { ?> <td><a href="index.php?a=<?php echo $a ?>&recid=<?php echo $recid + 1 ?>">Next Record</a></td> <?php } ?> </tr> </table> <hr size="1" noshade> <?php } ?> <?php function addrec() { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php">Index Page</a></td> </tr> </table> <hr size="1" noshade> <form enctype="multipart/form-data" action="index.php" method="post"> <p><input type="hidden" name="sql" value="insert"></p> <?php $row = array( "Date" => "", "Time" => "", "City/ST" => "", "Venue" => "", "Description" => "", "Cost" => ""); showroweditor($row, false); ?> <p><input type="submit" name="action" value="Post"></p> </form> <?php } ?> <?php function viewrec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("view", $recid, $count); ?> <br> <?php showrow($row, $recid) ?> <br> <hr size="1" noshade> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php?a=add">Add Record</a></td> <td><a href="index.php?a=edit&recid=<?php echo $recid ?>">Edit Record</a></td> <td><a href="index.php?a=del&recid=<?php echo $recid ?>">Delete Record</a></td> </tr> </table> <?php mysql_free_result($res); } ?> <?php function editrec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("edit", $recid, $count); ?> <br> <form enctype="multipart/form-data" action="index.php" method="post"> <input type="hidden" name="sql" value="update"> <input type="hidden" name="xDate" value="<?php echo $row["Date"] ?>"> <input type="hidden" name="xTime" value="<?php echo $row["Time"] ?>"> <input type="hidden" name="xCity/ST" value="<?php echo $row["City/ST"] ?>"> <input type="hidden" name="xCost" value="<?php echo $row["Cost"] ?>"> <?php showroweditor($row, true); ?> <p><input type="submit" name="action" value="Post"></p> </form> <?php mysql_free_result($res); } ?> <?php function deleterec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("del", $recid, $count); ?> <br> <form action="index.php" method="post"> <input type="hidden" name="sql" value="delete"> <input type="hidden" name="xDate" value="<?php echo $row["Date"] ?>"> <input type="hidden" name="xTime" value="<?php echo $row["Time"] ?>"> <input type="hidden" name="xCity/ST" value="<?php echo $row["City/ST"] ?>"> <input type="hidden" name="xCost" value="<?php echo $row["Cost"] ?>"> <?php showrow($row, $recid) ?> <p><input type="submit" name="action" value="Confirm"></p> </form> <?php mysql_free_result($res); } ?> <?php function connect() { $conn = mysql_connect("localhost", "username", "password"); mysql_select_db("database_name"); return $conn; } function sqlvalue($val, $quote) { if ($quote) $tmp = sqlstr($val); else $tmp = $val; if ($tmp == "") $tmp = "NULL"; elseif ($quote) $tmp = "'".$tmp."'"; return $tmp; } function sqlstr($val) { return mysql_real_escape_string($val); } function sql_select() { global $conn; global $order; global $ordtype; global $filter; global $filterfield; global $wholeonly; $filterstr = sqlstr($filter); if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%"; $sql = "SELECT `Date`, `Time`, `City/ST`, `Venue`, `Description`, `Cost` FROM `gigs`"; if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') { $sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'"; } elseif (isset($filterstr) && $filterstr!='') { $sql .= " where (`Date` like '" .$filterstr ."') or (`Time` like '" .$filterstr ."') or (`City/ST` like '" .$filterstr ."') or (`Venue` like '" .$filterstr ."') or (`Description` like '" .$filterstr ."') or (`Cost` like '" .$filterstr ."')"; } if (isset($order) && $order!='') $sql .= " order by `" .sqlstr($order) ."`"; if (isset($ordtype) && $ordtype!='') $sql .= " " .sqlstr($ordtype); $res = mysql_query($sql, $conn) or die(mysql_error()); return $res; } function sql_getrecordcount() { global $conn; global $order; global $ordtype; global $filter; global $filterfield; global $wholeonly; $filterstr = sqlstr($filter); if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%"; $sql = "SELECT COUNT(*) FROM `gigs`"; if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') { $sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'"; } elseif (isset($filterstr) && $filterstr!='') { $sql .= " where (`Date` like '" .$filterstr ."') or (`Time` like '" .$filterstr ."') or (`City/ST` like '" .$filterstr ."') or (`Venue` like '" .$filterstr ."') or (`Description` like '" .$filterstr ."') or (`Cost` like '" .$filterstr ."')"; } $res = mysql_query($sql, $conn) or die(mysql_error()); $row = mysql_fetch_assoc($res); reset($row); return current($row); } function sql_insert() { global $conn; global $_POST; $sql = "insert into `gigs` (`Date`, `Time`, `City/ST`, `Venue`, `Description`, `Cost`) values (" .sqlvalue(@$_POST["Date"], true).", " .sqlvalue(@$_POST["Time"], true).", " .sqlvalue(@$_POST["City/ST"], true).", " .sqlvalue(@$_POST["Venue"], true).", " .sqlvalue(@$_POST["Description"], true).", " .sqlvalue(@$_POST["Cost"], true).")"; mysql_query($sql, $conn) or die(mysql_error()); } function sql_update() { global $conn; global $_POST; $sql = "update `gigs` set `Date`=" .sqlvalue(@$_POST["Date"], true).", `Time`=" .sqlvalue(@$_POST["Time"], true).", `City/ST`=" .sqlvalue(@$_POST["City/ST"], true).", `Venue`=" .sqlvalue(@$_POST["Venue"], true).", `Description`=" .sqlvalue(@$_POST["Description"], true).", `Cost`=" .sqlvalue(@$_POST["Cost"], true) ." where " .primarykeycondition(); mysql_query($sql, $conn) or die(mysql_error()); } function sql_delete() { global $conn; $sql = "delete from `gigs` where " .primarykeycondition(); mysql_query($sql, $conn) or die(mysql_error()); } function primarykeycondition() { global $_POST; $pk = ""; $pk .= "(`Date`"; if (@$_POST["xDate"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xDate"], true); }; $pk .= ") and "; $pk .= "(`Time`"; if (@$_POST["xTime"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xTime"], true); }; $pk .= ") and "; $pk .= "(`City/ST`"; if (@$_POST["xCity/ST"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xCity/ST"], true); }; $pk .= ") and "; $pk .= "(`Cost`"; if (@$_POST["xCost"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xCost"], true); }; $pk .= ")"; return $pk; } ?>
  11. gfoisy
    OR, is it more this area? <?php function addrec() { ?> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php">Index Page</a></td> </tr> </table> <hr size="1" noshade> <form enctype="multipart/form-data" action="index.php" method="post"> <p><input type="hidden" name="sql" value="insert"></p> <?php $row = array( "Date" => "", "Time" => "", "City/ST" => "", "Venue" => "", "Description" => "", "Cost" => ""); showroweditor($row, false); ?> <p><input type="submit" name="action" value="Post"></p> </form> <?php } ?> <?php function viewrec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("view", $recid, $count); ?> <br> <?php showrow($row, $recid) ?> <br> <hr size="1" noshade> <table class="bd" border="0" cellspacing="1" cellpadding="4"> <tr> <td><a href="index.php?a=add">Add Record</a></td> <td><a href="index.php?a=edit&recid=<?php echo $recid ?>">Edit Record</a></td> <td><a href="index.php?a=del&recid=<?php echo $recid ?>">Delete Record</a></td> </tr> </table> <?php mysql_free_result($res); } ?> <?php function editrec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("edit", $recid, $count); ?> <br> <form enctype="multipart/form-data" action="index.php" method="post"> <input type="hidden" name="sql" value="update"> <input type="hidden" name="xDate" value="<?php echo $row["Date"] ?>"> <input type="hidden" name="xTime" value="<?php echo $row["Time"] ?>"> <input type="hidden" name="xCity/ST" value="<?php echo $row["City/ST"] ?>"> <input type="hidden" name="xCost" value="<?php echo $row["Cost"] ?>"> <?php showroweditor($row, true); ?> <p><input type="submit" name="action" value="Post"></p> </form> <?php mysql_free_result($res); } ?> <?php function deleterec($recid) { $res = sql_select(); $count = sql_getrecordcount(); mysql_data_seek($res, $recid); $row = mysql_fetch_assoc($res); showrecnav("del", $recid, $count); ?> <br> <form action="index.php" method="post"> <input type="hidden" name="sql" value="delete"> <input type="hidden" name="xDate" value="<?php echo $row["Date"] ?>"> <input type="hidden" name="xTime" value="<?php echo $row["Time"] ?>"> <input type="hidden" name="xCity/ST" value="<?php echo $row["City/ST"] ?>"> <input type="hidden" name="xCost" value="<?php echo $row["Cost"] ?>"> <?php showrow($row, $recid) ?> <p><input type="submit" name="action" value="Confirm"></p> </form> <?php mysql_free_result($res); } ?>
  12. gfoisy
    I guess I don't know..... Here's the code from that point down: function sqlvalue($val, $quote) { if ($quote) $tmp = sqlstr($val); else $tmp = $val; if ($tmp == "") $tmp = "NULL"; elseif ($quote) $tmp = "'".$tmp."'"; return $tmp; } function sqlstr($val) { return mysql_real_escape_string($val); } function sql_select() { global $conn; global $order; global $ordtype; global $filter; global $filterfield; global $wholeonly; $filterstr = sqlstr($filter); if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%"; $sql = "SELECT `Date`, `Time`, `City/ST`, `Venue`, `Description`, `Cost` FROM `gigs`"; if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') { $sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'"; } elseif (isset($filterstr) && $filterstr!='') { $sql .= " where (`Date` like '" .$filterstr ."') or (`Time` like '" .$filterstr ."') or (`City/ST` like '" .$filterstr ."') or (`Venue` like '" .$filterstr ."') or (`Description` like '" .$filterstr ."') or (`Cost` like '" .$filterstr ."')"; } if (isset($order) && $order!='') $sql .= " order by `" .sqlstr($order) ."`"; if (isset($ordtype) && $ordtype!='') $sql .= " " .sqlstr($ordtype); $res = mysql_query($sql, $conn) or die(mysql_error()); return $res; } function sql_getrecordcount() { global $conn; global $order; global $ordtype; global $filter; global $filterfield; global $wholeonly; $filterstr = sqlstr($filter); if (!$wholeonly && isset($wholeonly) && $filterstr!='') $filterstr = "%" .$filterstr ."%"; $sql = "SELECT COUNT(*) FROM `gigs`"; if (isset($filterstr) && $filterstr!='' && isset($filterfield) && $filterfield!='') { $sql .= " where " .sqlstr($filterfield) ." like '" .$filterstr ."'"; } elseif (isset($filterstr) && $filterstr!='') { $sql .= " where (`Date` like '" .$filterstr ."') or (`Time` like '" .$filterstr ."') or (`City/ST` like '" .$filterstr ."') or (`Venue` like '" .$filterstr ."') or (`Description` like '" .$filterstr ."') or (`Cost` like '" .$filterstr ."')"; } $res = mysql_query($sql, $conn) or die(mysql_error()); $row = mysql_fetch_assoc($res); reset($row); return current($row); } function sql_insert() { global $conn; global $_POST; $sql = "insert into `gigs` (`Date`, `Time`, `City/ST`, `Venue`, `Description`, `Cost`) values (" .sqlvalue(@$_POST["Date"], true).", " .sqlvalue(@$_POST["Time"], true).", " .sqlvalue(@$_POST["City/ST"], true).", " .sqlvalue(@$_POST["Venue"], true).", " .sqlvalue(@$_POST["Description"], true).", " .sqlvalue(@$_POST["Cost"], true).")"; mysql_query($sql, $conn) or die(mysql_error()); } function sql_update() { global $conn; global $_POST; $sql = "update `gigs` set `Date`=" .sqlvalue(@$_POST["Date"], true).", `Time`=" .sqlvalue(@$_POST["Time"], true).", `City/ST`=" .sqlvalue(@$_POST["City/ST"], true).", `Venue`=" .sqlvalue(@$_POST["Venue"], true).", `Description`=" .sqlvalue(@$_POST["Description"], true).", `Cost`=" .sqlvalue(@$_POST["Cost"], true) ." where " .primarykeycondition(); mysql_query($sql, $conn) or die(mysql_error()); } function sql_delete() { global $conn; $sql = "delete from `gigs` where " .primarykeycondition(); mysql_query($sql, $conn) or die(mysql_error()); } function primarykeycondition() { global $_POST; $pk = ""; $pk .= "(`Date`"; if (@$_POST["xDate"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xDate"], true); }; $pk .= ") and "; $pk .= "(`Time`"; if (@$_POST["xTime"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xTime"], true); }; $pk .= ") and "; $pk .= "(`City/ST`"; if (@$_POST["xCity/ST"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xCity/ST"], true); }; $pk .= ") and "; $pk .= "(`Cost`"; if (@$_POST["xCost"] == "") { $pk .= " IS NULL"; }else{ $pk .= " = " .sqlvalue(@$_POST["xCost"], true); }; $pk .= ")"; return $pk; } ?>
  13. gfoisy
    Not using: $user_name = mysql_real_escape_string ($_POST['user_name']);
  14. gfoisy
    function sqlvalue($val, $quote) { if ($quote) $tmp = sqlstr($val); else $tmp = $val; if ($tmp == "") $tmp = "NULL"; elseif ($quote) $tmp = "'".$tmp."'"; return $tmp; } function sqlstr($val) { return mysql_real_escape_string($val); }
  15. gfoisy
    Ok.... it posts with no errors, however, it returns a "\" before the apostrophe, like this: O\'Brien ??
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.