Money88 Posted June 28, 2008 Share Posted June 28, 2008 I have this script a lot of it is probably useless. Well what i am trying to do is have all the rows display in an html table then in the last 2 columns have a drop down box with ACCEPTED, DECLINED, PENDING then when they hit Apply i want it to update the specific field for that row. I used variable variables because i dont know arrays. So please someone help me. I have gotten very close with this crap coding i just cant get it to update the field or if someone would show me how they would accomplish something like this. <html> <head> <title>[MWG] Applicants</title> <head></head> <body> <?php $db_host = 'localhost'; $db_user = 'god_money88'; $db_pwd = '12001200'; $database = 'god_evo'; $table = 'applications'; if (!mysql_connect($db_host, $db_user, $db_pwd)) die(); if (!mysql_select_db($database)) die(); if (isset($_POST['submit'])) { //$insert2 = "INSERT INTO applications (accepted) //$insert2 = "UPDATE application SET accepted='".$_POST['$add']."' WHERE username=$add2"; //INSERT INTO applications (accepted) WHERE id = '$add' VALUES ('".$_POST['$add']."')"; //$add_member2 = mysql_query($insert2); mysql_query("UPDATE application SET accepted='".$_POST['$add']."' WHERE username=$add2"); ?> <h1>Status Changed</h1> <p>Members Status Sucessfully changed. <a href="http://mwgclan.com/apply/admin/index.php">Go Back To Admin Panel</a></p> <?php } else { // sending query $result = mysql_query("SELECT * FROM {$table}"); if (!$result) { die(); } $fields_num = mysql_num_fields($result); ?> <h1><center>Applicants</h1></br> </center> <br> <table align="center" style= cellspacing="0" cellpadding="2" width="100%" background="themes/subBlack/images/bg.png" border="2"> <tbody> <tr> <td width="8%"><b>Username:</b></td> <td width="8%"><b>Name:</b></td> <td width="10%"><b>Email:</b></td> <td width="10"><b>Country:</b></td> <td width="4%"><b>Age:</b></td> <td width="8%"><b>X-Fire:</b></td> <td width="10%"><b>Date Submitted:</b></td> <td width="16%"><b>How You Heard of [MWG]:</b></td> <td width="16%"><b>Reason You Joined:</b></td> <td width="10%"><b>Status:</b></td> <?php $add = ""; // printing table headers for($i=0; $i<$fields_num; $i++) { $row = mysql_fetch_array($result); $id = $row['id']; $idl = strlen($id); $il = strlen($i); $idl = (0 - $idl); $constant = ""; echo "<tr>"; echo "<td>", $row['username'], "</td>"; echo "<td>", $row['name'], "</td>"; echo "<td>", $row['email'], "</td>"; echo "<td>", $row['country'], "</td>"; echo "<td>", $row['age'], "</td>"; echo "<td>", $row['xfire'], "</td>"; echo "<td>", $row['datesubmitted'], "</td>"; echo "<td>", $row['howyouheard'], "</td>"; echo "<td>", $row['reasontojoin'], "</td>"; $us = ""; $usr = $row['username']; $usrl = strlen($user); $$us = $user; $rest2 = substr("$us${$us}", "$usrl"); // returns "username" $$constant2 = $rest2; $add2 = "$constant2${$constant2}"; $$i = $id; $rest = substr("$i${$i}", "$idl"); // returns "$id" $$constant = $rest; $add = "$constant${$constant}"; echo "<td>", $row['accepted']; ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <select name="<?php $add ?>"> <option value="Accepted" selected="selected">Accepted</option> <option value="Declined">Declined</option> <option value="Pending">Pending</option> </td> <td> <input type="submit" name="submit" value="Apply"></form> </td> </tr> <?php } } /* echo "</tr>\n"; // printing table rows while($row = mysql_fetch_row($result)) { echo "<tr>"; // $row is array foreach( .. ) puts every element // of $row to $cell variable foreach($row as $cell) echo "<td>$cell</td>"; echo "</tr>\n"; } mysql_free_result($result); */ ?> </tbody></table></html> Thanks in Advance! Quote Link to comment Share on other sites More sharing options...
br0ken Posted June 29, 2008 Share Posted June 29, 2008 I would personally have a hidden input box holding the amount of rows you want to update. Then for each drop down have it named as 'status_n' where n is a number from 1 to the total you stored in the input box. Then when you process the form, grab the number in the hidden input field and go from 1 to that number and process each row individually. Does this make sense? Also, I should point out that you put a variable directly into a MySQL query which is extremely bad! mysql_query("UPDATE application SET accepted='".$_POST['$add']."' WHERE username=$add2"); With a small Javascript injection on your page a hacker could submit anything they wanted in your query and depending on the user account running the query and the permissions so associated with it, could do some pretty bad damage! When taking input from the user ALWAYS validate it. The following example is a lot better but not perfect. mysql_query("UPDATE application SET accepted='".mysql_real_escape_string(strip_tags($_POST['$add']))."' WHERE username=$add2"); Quote Link to comment Share on other sites More sharing options...
Money88 Posted June 30, 2008 Author Share Posted June 30, 2008 I would personally have a hidden input box holding the amount of rows you want to update. Then for each drop down have it named as 'status_n' where n is a number from 1 to the total you stored in the input box. Then when you process the form, grab the number in the hidden input field and go from 1 to that number and process each row individually. Does this make sense? So how would you go about doing this? wouldnt you still need a variable variable? Quote Link to comment Share on other sites More sharing options...
br0ken Posted June 30, 2008 Share Posted June 30, 2008 Here is a thread where I helped someone accomplish something similar. See if it can help you. http://www.phpfreaks.com/forums/index.php?topic=204309 Quote Link to comment Share on other sites More sharing options...
Money88 Posted June 30, 2008 Author Share Posted June 30, 2008 I tried all that for some reason my fields just wont update. I can output $add to show the row number but how can i determine which drop down box it is calling that from? Please help I cannot get this working for my life. The Testing Page you can see here Http://www.Mwgclan.com/apply/admin/ Quote Link to comment Share on other sites More sharing options...
br0ken Posted June 30, 2008 Share Posted June 30, 2008 I'm not sure what to say. The information is there for you to extract and use. The link I gave you should have everything you need. Show me your code based on the link I gave you and I'll see if I can help you. Quote Link to comment Share on other sites More sharing options...
Money88 Posted June 30, 2008 Author Share Posted June 30, 2008 i have resolved it ill post the code here in an hour or so for others that may have the same problem Quote Link to comment Share on other sites More sharing options...
br0ken Posted June 30, 2008 Share Posted June 30, 2008 Yeah good idea! Also, after you've posted could you hit the 'Topic Solved' link in the bottom left hand corner please? Quote Link to comment Share on other sites More sharing options...
Money88 Posted July 1, 2008 Author Share Posted July 1, 2008 SOLUTION: <html> <head> </head> <body> <?php // set server access variables $host = "localhost"; $user = "DATABASE USER"; $pass = "DATABASE PASS"; $db = "DATABASE NAME"; // create mysqli object // open connection $mysqli = new mysqli($host, $user, $pass, $db); // check for connection errors if (mysqli_connect_errno()) { die("Unable to connect!"); } // if id provided, then Update that record if (isset($_GET['ac'])) { // create query to delete record $query = "UPDATE applications SET accepted='Accepted' WHERE id = ".$_GET['ac']; // execute query if ($mysqli->query($query)) { // print number of affected rows echo $mysqli->affected_rows." row(s) affected"; } else { // print error message echo "Error in query: $query. ".$mysqli->error; } } elseif (isset($_GET['pe'])) { // create query to delete record $query = "UPDATE applications SET accepted='Pending' WHERE id = ".$_GET['pe']; // execute query if ($mysqli->query($query)) { // print number of affected rows echo $mysqli->affected_rows." row(s) affected"; } else { // print error message echo "Error in query: $query. ".$mysqli->error; } } elseif (isset($_GET['de'])) { // create query to delete record $query = "UPDATE applications SET accepted='Declined' WHERE id = ".$_GET['de']; // execute query if ($mysqli->query($query)) { // print number of affected rows echo $mysqli->affected_rows." row(s) affected"; } else { // print error message echo "Error in query: $query. ".$mysqli->error; } } // query to get records $query = "SELECT * FROM applications"; // execute query if ($result = $mysqli->query($query)) { // see if any rows were returned if ($result->num_rows > 0) { // yes // print them one after another echo "<center><h1>Page Name</h1></center>"; echo "<table width=100% cellpadding=10 border=1>"; echo "<tr><td><b>ID:</b></td><td><b>Username:</b></td><td><b>Name:</b></td>"; echo "<td><b>Email:</b></td><td><b>Date Submitted:</b></td><td><b>Country</b></td>"; echo "<td><b>Age:</b></td><td><b>XFire:</b></td><td><b>How you heard:</b></td>"; echo "<td><b>Reason to join:</b></td><td><b>Status:</b></td><td><b>Click to change:</b></td></tr>"; while($row = $result->fetch_array()) { echo "<tr>"; echo "<td>".$row[0]."</td>"; echo "<td>".$row[1]."</td>"; echo "<td>".$row[2]."</td>"; echo "<td>".$row[3]."</td>"; echo "<td>".$row[4]."</td>"; echo "<td>".$row[5]."</td>"; echo "<td>".$row[6]."</td>"; echo "<td>".$row[7]."</td>"; echo "<td>".$row[8]."</td>"; echo "<td>".$row[9]."</td>"; echo "<td>".$row[10]."</td>"; echo "<td><a href=".$_SERVER['PHP_SELF']."?ac=".$row[0].">Accepted</a><br />"; echo "<a href=".$_SERVER['PHP_SELF']."?de=".$row[0].">Declined</a><br />"; echo "<a href=".$_SERVER['PHP_SELF']."?pe=".$row[0].">Pending</a></td>"; /*<td> <input type="submit" name="submit" value="Apply"></form> </td>*/ echo "</tr>"; } } // free result set memory $result->close(); } else { // print error message echo "Error in query: $query. ".$mysqli->error; } // close connection $mysqli->close(); ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.