pcw Posted April 6, 2009 Share Posted April 6, 2009 Hi, I have the following script where I can approve/disapprove members. It is meant to show whether each user is approved/dissaproved once the appropriate button has been clicked, however it only modifies one users details in the mysql database, and on the table displayed on the admin.php?cmd=approve page. This is the script I have got case "approve": if(isset($_COOKIE['sbadmin'])) { include("data/required.php"); mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error()); mysql_select_db("$db") or die(mysql_error()); $query = "SELECT username, firstname, surname, approved FROM profiles"; $result=mysql_query($query) or die(mysql_error()."<br /><br />".$query); admin_header(); echo "<br>"; echo "<table width=100% border=0> <tr class=style8> <td align=center bgcolor='#0066FF'><b>Username</b></td> <td align=center bgcolor='#0066FF'><b>Name</b></td> <td align=center bgcolor='#0066FF'><b>Surname</b></td> <td align=center bgcolor='#0066FF'><b>Approved</b></td> <td align=center bgcolor='#0066FF'><b>Approve</b></td> <td align=center bgcolor='#0066FF'><b>Disapprove</b></td> </tr>"; while($row = mysql_fetch_array($result)){ print "<form method='POST' action='admin.php?cmd=approve'> <input type='hidden' name='username' value=".$row['username']."> <tr> <td align=center bgcolor='#0099FF'>".$row['username']."</td> <td align=center bgcolor='#0099FF'>".$row['firstname']."</td> <td align=center bgcolor='#0099FF'>".$row['surname']."</td> <td align=center bgcolor='#0099FF'>".$row['approved']."</td> <td align=center bgcolor='#0099FF'> <input type='submit' name='approve' value='Approve'> </td> <td align=center bgcolor='#0099FF'> <input type='submit' name='disapprove' value='Disapprove'> </td> </tr>"; } echo "</table></form></center>"; if(isset($_POST['approve'])) { mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error()); mysql_select_db( $db) or die(mysql_error()); $username = mysql_real_escape_string($_POST['username']); mysql_query("UPDATE profiles SET approved = 'yes' WHERE username='$username'"); } elseif(isset($_POST['disapprove'])) { mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error()); mysql_select_db( $db) or die(mysql_error()); $username = mysql_real_escape_string($_POST['username']); mysql_query("UPDATE profiles SET approved = 'no' WHERE username='$username'"); } } else { admin_header(); print "<p class=style2>You are not authorised to access this page</p>"; } break; Any help is much appreciated Thanks Quote Link to comment Share on other sites More sharing options...
Brian W Posted April 6, 2009 Share Posted April 6, 2009 Is your intent to approve multiple at once? Quote Link to comment Share on other sites More sharing options...
pcw Posted April 6, 2009 Author Share Posted April 6, 2009 nope, I just want the approve or disapprove the user that is in that row. Each row has a approve or disapprove button, and I want those buttons to only be relevant to that row. Quote Link to comment Share on other sites More sharing options...
revraz Posted April 6, 2009 Share Posted April 6, 2009 Instead of using a form, why not just have the word APPROVE be a URL, so when you click on it, it updates that row (and if it already is APPROVED, have it say DISAPPROVE instead). Quote Link to comment Share on other sites More sharing options...
revraz Posted April 6, 2009 Share Posted April 6, 2009 Also, I don't see where you set $username from the $_POST['username'] array Quote Link to comment Share on other sites More sharing options...
pcw Posted April 6, 2009 Author Share Posted April 6, 2009 Hi revraz, Thanks for your reply, but how would I do this? Thanks Quote Link to comment Share on other sites More sharing options...
revraz Posted April 6, 2009 Share Posted April 6, 2009 Depends on which post you are referencing, I'll assume the URL one. You need t create a row for each record you want to have the APPROVE/DISAPPROVE link on. Have two words in that same table, and create URLs out of them. Have each URL set the field to approve/disapprove as desired, and as you build the URL, include the ROW ID as part of it. One easy way would be a URL that is something like http://mysite.com/page.php?action=approve&rowid=1 And secure that page with sessions so only the appropriate person can take that action. On your page.php file, make sure you sanitize your $_GET statements. Quote Link to comment Share on other sites More sharing options...
pcw Posted April 6, 2009 Author Share Posted April 6, 2009 Hi revraz, Im not entirely sure I understand what you are saying. How do I create a row for each record? I think this is why I have the problem using the form How do i create a row for each record? Thanks Quote Link to comment Share on other sites More sharing options...
Brian W Posted April 6, 2009 Share Posted April 6, 2009 I'd use links... Try: case "approve": if(isset($_COOKIE['sbadmin'])) { include("data/required.php"); mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error()); mysql_select_db("$db") or die(mysql_error()); $query = "SELECT username, firstname, surname, approved FROM profiles"; $result=mysql_query($query) or die(mysql_error()."<br /><br />".$query); admin_header(); echo "<br>"; echo "<table width=100% border=0> <tr class=style8> <td align=center bgcolor='#0066FF'><b>Username</b></td> <td align=center bgcolor='#0066FF'><b>Name</b></td> <td align=center bgcolor='#0066FF'><b>Surname</b></td> <td align=center bgcolor='#0066FF'><b>Approved</b></td> <td align=center bgcolor='#0066FF'><b>Approve</b></td> <td align=center bgcolor='#0066FF'><b>Disapprove</b></td> </tr>"; while($row = mysql_fetch_array($result)){ print " <tr> <td align=center bgcolor='#0099FF'>".$row['username']."</td> <td align=center bgcolor='#0099FF'>".$row['firstname']."</td> <td align=center bgcolor='#0099FF'>".$row['surname']."</td> <td align=center bgcolor='#0099FF'>".$row['approved']."</td> <td align=center bgcolor='#0099FF'> <a href="?approve&username=".$row['username']."'>Approve</a> </td> <td align=center bgcolor='#0099FF'> <a href="?disapprove&username=".$row['username']."'>Disapprove</a> </td> </tr>"; } echo "</table></center>"; if(isset($_GET['approve'])) { mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error()); mysql_select_db( $db) or die(mysql_error()); $username = mysql_real_escape_string($_GET['username']); mysql_query("UPDATE profiles SET approved = 'yes' WHERE username='$username'"); } elseif(isset($_GET['disapprove'])) { mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error()); mysql_select_db( $db) or die(mysql_error()); $username = mysql_real_escape_string($_GET['username']); mysql_query("UPDATE profiles SET approved = 'no' WHERE username='$username'"); } } else { admin_header(); print "<p class=style2>You are not authorised to access this page</p>"; } break; Quote Link to comment Share on other sites More sharing options...
pcw Posted April 6, 2009 Author Share Posted April 6, 2009 Hi Brian, Thats great, thank you. I have done this and it successfully modifies the mysql table with approved/dissaproved which is great. There is one problem, and that is the approved column of the page approve does not update with the change unless it is refreshed, or you click the approved or disapproved link twice. How can I get it to automatically refresh the page once the link has been clicked? Thanks Quote Link to comment Share on other sites More sharing options...
revraz Posted April 6, 2009 Share Posted April 6, 2009 Put a HTML refresh after the querry is performed. Quote Link to comment Share on other sites More sharing options...
pcw Posted April 6, 2009 Author Share Posted April 6, 2009 Thanks for all your help guys Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.