Jump to content

Echoing


Xtremer360

Recommended Posts

This problem is existing on a few pages so I'll be in the clear if I can figure out to solve it on one page. Problem is on form submission its still echoing back that sortorder variable which makes it hard for it to compare on the success function to display the right message because the message should be good, bad1, bad2, ... . So is there anyway around that or do I need to do something on the client side of the form page.

 

<?php

// Include the database page
require ('../inc/dbconfig.php');

if ( isset( $_POST['menuid'] ) ) {
    $menuid = (int)$_POST['menuid'];
    $query = "SELECT COUNT(sortorder) AS numOrder FROM `menuitems` WHERE `menu_id` = '".$menuid."'"; 
    $result = mysqli_query ($dbc, $query);  
    $row = mysqli_fetch_array( $result, MYSQL_ASSOC );
    $sortorder = $row[ 'numOrder' ] + 1; 
    echo $sortorder;
}

if (isset($_POST['submitmenuitem'])) {
    $menuid = mysqli_real_escape_string($dbc, $_POST['menuid']);
    $itemname = mysqli_real_escape_string($dbc, $_POST['itemname']);
    $itemurl = mysqli_real_escape_string($dbc, $_POST['itemurl']);
    $sortorder = mysqli_real_escape_string($dbc, $_POST['sortorder']);
    $contentpage = mysqli_real_escape_string($dbc, $_POST['contentpage']);
    $newscategory = mysqli_real_escape_string($dbc, $_POST['newscategory']);
    $application = mysqli_real_escape_string($dbc, $_POST['application']);

    $query = "SELECT * FROM `menuitems` WHERE (`itemname` = '".$itemname."') OR (`itemurl` = '".$itemurl."') OR (`contentpage_id` = '".$contentpage."') OR (`application_id` = '".$application."') OR (`newscategory_id` = '".$newscategory."') AND `menu_id` = '".$menuid."'";
    $result = mysqli_query ( $dbc, $query ); // Run The Query
    $rows = mysqli_num_rows($result);
    
    if ($rows == 0) {
    
        $query = "INSERT INTO `menuitems` 
                (menu_id, itemname, itemurl, sortorder, contentpage_id, newscategory_id, application_id, creator_id, datecreated, enabled) 
            VALUES 
                ('".$menuid."','".$itemname."','".$itemurl."','".$sortorder."','".$contentpage."', '".$newscategory."', '".$application."', 1, NOW(), 0)";
        
        mysqli_query($dbc, $query);

        echo "good";
    
    } else {
        
        $row = mysqli_fetch_array($result); 
        if (($row['itemname'] == $itemname) && ($row['newscategory_id'] == $newscategory)) echo 'bad9';
        elseif (($row['itemname'] == $itemname) && ($row['application_id'] == $application)) echo 'bad8';  
        elseif (($row['itemname'] == $itemname) && ($row['contentpage_id'] == $contentpage)) echo 'bad7';    
        elseif (($row['itemname'] == $itemname) && ($row['itemurl'] == $itemurl)) echo 'bad6';  
        elseif ($row['newscategory_id'] == $newscategory) echo 'bad5';
        elseif ($row['application_id'] == $application) echo 'bad4';
        elseif ($row['contentpage_id'] == $contentpage) echo 'bad3';
        elseif ($row['itemurl'] == $itemurl) echo 'bad2'; 
        elseif ($row['itemname'] == $itemname) echo 'bad1';    
        
    }
    
}

if (isset($_POST['deletemenuitem'])){

    $menuitemID = (int)$_POST['menuitemID'];

    $query = "UPDATE `menuitems` SET `enabled` = '1' WHERE `id` =  '".$menuitemID."' LIMIT 1"; 

    mysqli_query($dbc,$query);
    
}        
?>

Link to comment
Share on other sites

To be honest I'm not really following you code. Although it is apprently used for an AJAX request - which would have been helpful to know in your original post.

 

Anyway, from what I seem to understand you want that script to return just one value; either "good", "badX" or the sort order variable, correct?

 

If that is the case, then I think there is a simple solution. Instead of directly echoing the output in those specific places set an output variable (e.g. $result) and echo the output at the end. So, you will first define $result as the $sortorder variable. But, if you reach a condition where you want "good" or one of the "badX" responses you will redefine $result as that value. Then when the script gets to the end just echo $result.

 

So, if the conditions for good or bad responses are never met then the script will output the sort order. Is that what you want?

 

<?php

// Include the database page
require ('../inc/dbconfig.php');

if ( isset( $_POST['menuid'] ) )
{
    $menuid = (int) $_POST['menuid'];
    $query = "SELECT COUNT(sortorder) AS numOrder FROM `menuitems` WHERE `menu_id` = '{$menuid}'"; 
    $result = mysqli_query ($dbc, $query);  
    $row = mysqli_fetch_assoc( $result );
    $sortorder = $row[ 'numOrder' ] + 1; 
    $result = $sortorder;
}

if (isset($_POST['submitmenuitem']))
{
    $menuid       = mysqli_real_escape_string($dbc, $_POST['menuid']);
    $itemname     = mysqli_real_escape_string($dbc, $_POST['itemname']);
    $itemurl      = mysqli_real_escape_string($dbc, $_POST['itemurl']);
    $sortorder    = mysqli_real_escape_string($dbc, $_POST['sortorder']);
    $contentpage  = mysqli_real_escape_string($dbc, $_POST['contentpage']);
    $newscategory = mysqli_real_escape_string($dbc, $_POST['newscategory']);
    $application  = mysqli_real_escape_string($dbc, $_POST['application']);

    $query = "SELECT *
              FROM `menuitems`
              WHERE (`itemname` = '{$itemname}') OR (`itemurl` = '{$itemurl}')
                 OR (`contentpage_id` = '{$contentpage}') OR (`application_id` = '{$application}')
                 OR (`newscategory_id` = '{$newscategory}')
                AND `menu_id` = '{$menuid}'";
    $result = mysqli_query ( $dbc, $query ); // Run The Query
     
    if (mysqli_num_rows($result) == 0)
    {
        $query = "INSERT INTO `menuitems`
                      (menu_id, itemname, itemurl, sortorder, contentpage_id, newscategory_id,
                       application_id, creator_id, datecreated, enabled)
                  VALUES 
                      ('{$menuid}, {$itemname}, {$itemurl}, {$sortorder}, {$contentpage}',
                       '{$newscategory}, {$application}, 1, NOW(), 0)";
        mysqli_query($dbc, $query);
        $result = "good";
    }
    else
    {
        $row = mysqli_fetch_array($result); 
        if (($row['itemname'] == $itemname) && ($row['newscategory_id'] == $newscategory)) $result = 'bad9';
        elseif (($row['itemname'] == $itemname) && ($row['application_id'] == $application)) $result = 'bad8';  
        elseif (($row['itemname'] == $itemname) && ($row['contentpage_id'] == $contentpage)) $result = 'bad7';    
        elseif (($row['itemname'] == $itemname) && ($row['itemurl'] == $itemurl)) $result = 'bad6';  
        elseif ($row['newscategory_id'] == $newscategory) $result = 'bad5';
        elseif ($row['application_id'] == $application) $result = 'bad4';
        elseif ($row['contentpage_id'] == $contentpage) $result = 'bad3';
        elseif ($row['itemurl'] == $itemurl) $result = 'bad2'; 
        elseif ($row['itemname'] == $itemname) $result = 'bad1';    
    }
}

if (isset($_POST['deletemenuitem']))
{
    $menuitemID = (int)$_POST['menuitemID'];
    $query = "UPDATE `menuitems` SET `enabled` = '1' WHERE `id` =  '".$menuitemID."' LIMIT 1"; 
    mysqli_query($dbc,$query);
}

//Output the result
echo $result;
?>

Link to comment
Share on other sites

Also, for the sake of readability, you could always rewrite all those elseif statements as a switch

       switch(true)
        {
            case (($row['itemname'] == $itemname) && ($row['newscategory_id'] == $newscategory)):
                $result = 'bad9';
                break;
            case (($row['itemname'] == $itemname) && ($row['application_id'] == $application)):
                $result = 'bad8'; 
                break; 
            case (($row['itemname'] == $itemname) && ($row['contentpage_id'] == $contentpage)):
                $result = 'bad7';
                break;    
            case (($row['itemname'] == $itemname) && ($row['itemurl'] == $itemurl)):
                $result = 'bad6'; 
                break; 
            case ($row['newscategory_id'] == $newscategory):
                $result = 'bad5';
                break;
            case ($row['application_id'] == $application):
                $result = 'bad4';
                break;
            case ($row['contentpage_id'] == $contentpage):
                $result = 'bad3';
                break;
            case ($row['itemurl'] == $itemurl):
                $result = 'bad2'; 
                break;
            case ($row['itemname'] == $itemname):
                $result = 'bad1';  
                break;  
        }

 

Although, if it were my code I would use a bitwise operator for the return value. Have each bit represent a different error condition (e.g. ($row['itemname'] == $itemname) could be bit in position 1) and set each bit to true if that error condition is met. The value would equal 0 if there were no errors, otherwise you would have a bitwise number to pass that can be used to determine all of the error conditions

 

As it is right now, you have no specific error condition for something such as

$row['itemname'] == $itemname)
&& $row['newscategory_id'] == $newscategory
&& $row['application_id'] == $application

Link to comment
Share on other sites

Thank you very much. It works, however there's something I want to add onto the check. At one submission there's only going to be a value for either the itemurl, newscategory, contentpage, or application. Whichever doesn't have an actual value that isn't 0 will have 0 for their values. The check is I want whichever of those 4 has a value then to check that and only that against the database that way i can't have it spitting back errors because say submission one didn't put a value for itemurl and submission two didn't have a value for it either. I don't want it to bother with the check with those.

Link to comment
Share on other sites

Huh?

Whichever doesn't have an actual value that isn't 0 will have 0 for their values.

 

According to that statement you want any value that isn't already 0 to be changed to 0 - in other words you want all the values to be 0.

 

I will try to provide help based upon what I *think* you are asking for. I think you are saying that you want the query to only be run against those individual four fields where a seach value has been passed in the POST data.

 

In that case, you should check the POST values and use those to dynamically create the query. The sample code below assumes that the values will be empty if you don't want them checked - as opposed to not being set.

 

Use the following to generate your query:

    //Prepare POST data
    $menuid       = mysqli_real_escape_string($dbc, trim($_POST['menuid']));
    $itemname     = mysqli_real_escape_string($dbc, trim($_POST['itemname']));
    $sortorder    = mysqli_real_escape_string($dbc, trim($_POST['sortorder']));
    $itemurl      = mysqli_real_escape_string($dbc, trim($_POST['itemurl']));
    $contentpage  = mysqli_real_escape_string($dbc, trim($_POST['contentpage']));
    $newscategory = mysqli_real_escape_string($dbc, trim($_POST['newscategory']));
    $application  = mysqli_real_escape_string($dbc, trim($_POST['application']));
  
    //Create dynamic query
    $query  = "SELECT *
               FROM `menuitems`
               WHERE (`itemname` = '{$itemname}')\n";
    $query .= (!empty($itemurl)) ? " OR `itemurl` = '{$itemurl}'"              : '';
    $query .= (!empty($itemurl)) ? " OR `contentpage_id` = '{$contentpage}'"   : '';
    $query .= (!empty($itemurl)) ? " OR `application_id` = '{$application}'"   : '';
    $query .= (!empty($itemurl)) ? " OR `newscategory_id` = '{$newscategory}'" : '';
    $query .= "  AND `menu_id` = '{$menuid}'";
    $result = mysqli_query ( $dbc, $query ); // Run The Query

Link to comment
Share on other sites

After working wit it a little more this is the correct way that I needed it to be but thanks for helping out however there is one last little problem. Its echoing the wrong error message back like bad1...bad9 for what was actual the problem. Anyone notice the issue here?

 

if (isset($_POST['submitmenuitem']))
{
    $menuid       = (int) $_POST['menuid'];
    $itemname     = mysqli_real_escape_string($dbc, $_POST['itemname']);
    $itemurl      = mysqli_real_escape_string($dbc, $_POST['itemurl']);
    $sortorder    = (int) $_POST['sortorder'];
    $contentpage  = (int) $_POST['contentpage'];
    $newscategory = (int) $_POST['newscategory'];
    $application  = (int) $_POST['application'];

    $query  = "SELECT *
               FROM `menuitems`
               WHERE (`itemname` = '".$itemname."')\n";
    $query .= (!empty($itemurl)) ? " OR `itemurl` = '".$itemurl."'"              : '';
    $query .= (!empty($contentpage)) ? " OR `contentpage_id` = '".$contentpage."'"   : '';
    $query .= (!empty($application)) ? " OR `application_id` = '".$application."'"   : '';
    $query .= (!empty($newscategory)) ? " OR `newscategory_id` = '".$newscategory."'" : '';
    $query .= "  AND `menu_id` = '".$menuid."'";
    $result = mysqli_query ( $dbc, $query ); // Run The Query
     
    if (mysqli_num_rows($result) == 0)
    {
        $query = "INSERT INTO `menuitems`
                      (menu_id, itemname, itemurl, sortorder, contentpage_id, newscategory_id,
                       application_id, creator_id, datecreated, enabled)
                  VALUES 
                      ('".$menuid."', '".$itemname."', '".$itemurl."', '".$sortorder."', '".$contentpage."',
                       '".$newscategory."', '".$application."', 1, NOW(), 0)";
        mysqli_query($dbc, $query);
        $result = "good";
    }
    else
    {
        $row = mysqli_fetch_array($result); 
        if (($row['itemname'] == $itemname) && ($row['newscategory_id'] == $newscategory)) $result = 'bad9';
        elseif (($row['itemname'] == $itemname) && ($row['application_id'] == $application)) $result = 'bad8';  
        elseif (($row['itemname'] == $itemname) && ($row['contentpage_id'] == $contentpage)) $result = 'bad7';    
        elseif (($row['itemname'] == $itemname) && ($row['itemurl'] == $itemurl)) $result = 'bad6';  
        elseif ($row['newscategory_id'] == $newscategory) $result = 'bad5';
        elseif ($row['application_id'] == $application) $result = 'bad4';
        elseif ($row['contentpage_id'] == $contentpage) $result = 'bad3';
        elseif ($row['itemurl'] == $itemurl) $result = 'bad2'; 
        elseif ($row['itemname'] == $itemname) $result = 'bad1';    
    }
}

Link to comment
Share on other sites

The error conditions are exactly what YOU set them to. Without specifying the input, the expected output and the actual output I can't say whether your error conditions are correct or not.

 

But...I think I know what the error may be. I just noticed that you are defining the variables $itemname and $itemurl after modifying the input with mysql_real_escape_string()! Since I assume the url has slashes in the input they are likely getting escaped for into the database. But, you are trying to compare escaped input from the user to the unescaped value from the database and they are not equal.

 

To solve that define one variable for the user input and a different, escaped value, one for the query. Then compare the results of the query to the user input - not the escaped value. Also, your list of conditions for errors has no final "ELSE" condition. It is possible that the "good" condition is not met, yet none of the current bad conditions are met either. I'd put a final else condition with "bad0" just in case those erros ever occur.

if (isset($_POST['submitmenuitem']))
{
    $menuid       = (int) $_POST['menuid'];
    $itemname     = trim($_POST['itemname']);
    $itemnameSQL  = mysqli_real_escape_string($dbc, $itemname);
    $itemurl      = trim($_POST['itemurl']);
    $itemurlSQL   = mysqli_real_escape_string($dbc, $_POST['itemurl']);
    $sortorder    = (int) $_POST['sortorder'];
    $contentpage  = (int) $_POST['contentpage'];
    $newscategory = (int) $_POST['newscategory'];
    $application  = (int) $_POST['application'];

    $query  = "SELECT *
               FROM `menuitems`
               WHERE (`itemname` = '{$itemnameSQL}')\n";
    $query .= (!empty($itemurl))      ? " OR `itemurl`         = '{$itemurlSQL}'"   : '';
    $query .= (!empty($contentpage))  ? " OR `contentpage_id`  = '{$contentpage}'"  : '';
    $query .= (!empty($application))  ? " OR `application_id`  = '{$application}'"  : '';
    $query .= (!empty($newscategory)) ? " OR `newscategory_id` = '{$newscategory}'" : '';
    $query .= "  AND `menu_id` = '{$menuid}'";
    $result = mysqli_query ( $dbc, $query ); // Run The Query
     
    if (mysqli_num_rows($result) == 0)
    {
        $query = "INSERT INTO `menuitems`
                      (menu_id, itemname, itemurl, sortorder, contentpage_id, newscategory_id,
                       application_id, creator_id, datecreated, enabled)
                  VALUES 
                      ('{$menuid}', '{$itemname}', '{$itemurl}', '{$sortorder}', '{$contentpage}',
                       '{$newscategory}', '{$application}', 1, NOW(), 0)";
        mysqli_query($dbc, $query);
        $result = "good";
    }
    else
    {
        $row = mysqli_fetch_array($result); 
        if (($row['itemname'] == $itemname) && ($row['newscategory_id'] == $newscategory)) $result = 'bad9';
        elseif (($row['itemname'] == $itemname) && ($row['application_id'] == $application)) $result = 'bad8';  
        elseif (($row['itemname'] == $itemname) && ($row['contentpage_id'] == $contentpage)) $result = 'bad7';    
        elseif (($row['itemname'] == $itemname) && ($row['itemurl'] == $itemurl)) $result = 'bad6';  
        elseif ($row['newscategory_id'] == $newscategory) $result = 'bad5';
        elseif ($row['application_id'] == $application) $result = 'bad4';
        elseif ($row['contentpage_id'] == $contentpage) $result = 'bad3';
        elseif ($row['itemurl'] == $itemurl) $result = 'bad2'; 
        elseif ($row['itemname'] == $itemname) $result = 'bad1';
        else $result = 'bad0';
    }
}

 

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.