Jump to content

Make Approve Deny and Delete Queries Work

unemployment

By unemployment
in PHP Coding Help

Recommended Posts

unemployment Advanced Member

unemployment

Posted
Posted

I can't seem to figure this out.  The queries seem to need to be in the foreach loop.  The queries will then work but they update every blog post in my table.  I only want it to update the 1 that has the button associated with it.  So for instance... only delete the blog post where post_id = ${post['id']}

 

Do I make the queries be outside of the foreach?  If I do that then MySQL fails because my foreach is using the $post variable.

 

<?php

if (isset($_POST['approve']))
{
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = 1
			WHERE `post_id` = '${post['id']}'
			";

	mysql_query($sql) or die(mysql_error());
}
else if (isset($_POST['deny']))
{
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = -1
			WHERE `post_id` = '${post['id']}'
			";
}
else if (isset($_POST['delete']))
{
	mysql_query("DELETE FROM `blog_posts` WHERE `post_id` = {$post['id']}") or die(mysql_error());
}

foreach ($posts as $post)
{
	?>
	<div class="post" id="post<?php echo $post['id']; ?>">
		<form action="blog.php" method="post" id="blogform" class="man">
			<fieldset class="mvs buttonfield">
				<span class="button">
					<label>
						<input type="submit" id="starttop" name="approve" class="invis dark_grey" value="Approve" />
					</label>
				</span>
				<span id="smarktop" class="button disabled">
					<label>
						<input type="button" id="marktop" name="deny" class="invis dark_grey" value="Deny" disabled="disabled" />
					</label>
				</span>
				<span id="sdeletetop" class="button disabled">
					<label>
						<input type="submit" id="deletetop" name="delete" class="invis dark_grey" value="Delete" disabled="disabled" />
					</label>
				</span>
			</fieldset>
		</form>
	</div>
	<?php
}

?>

Skewled Member

Skewled

Posted
Posted 

`post_id` = '${post['id']}'

 

I may be way off but where is $post['id'] bieng set?

 

This code seems to be tacked onto your post display code..? If your using a while loop for your post display then you are using a hidden input type in your html form and then a sprint_f to echo the ID for each post? The reason I ask is because in the form here your not setting any inputs to store the id, and I'm guessing this file is included in your output display?

 

I would also add LIMIT 1 to your query so you only effect 1 record no matter what.

jcbones Newbie

jcbones

Posted
Posted

1. You need to decide if you only want to approve, deny, or delete one record at a time.

    A. Current way you have it -> submit buttons.

    B. Multiple at a time -> checkboxes.

2. Either way, you need to define the id of the row you wish to approve, deny, or delete.

    A. Use a hidden input field.

    B. Create a array on the submit buttons, using the row identifier as the array key.

3. Your variables are called wrong.

    A. It should be {$post['id']}, not ${post['id']}.

    B. You are trying to call the variable, before it is declared.  $post isn't declared until the foreach loop, further down the page.

 

unemployment Advanced Member

unemployment

Posted
  • Author
Posted

Post ID is being set at the top of the page with $post = get_blog_post_admin($_GET['post_id']);  Yes, you are correct,  I have dumped this with my display code.  Should I move this to the top of my blog file?  There is only 1 file, aside from library files, that powers the blog. I'm using a hidden input?

unemployment Advanced Member

unemployment

Posted
  • Author
Posted

UPDATED CODE

 

<?php

if (isset($_POST['approve']))
{
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = 1
			WHERE `post_id` = '{$post['id']}'
			";

	mysql_query($sql) or die(mysql_error());
}
else if (isset($_POST['deny']))
{
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = -1
			WHERE `post_id` = '{$post['id']}'
			";
}
else if (isset($_POST['delete']))
{
	mysql_query("DELETE FROM `blog_posts` WHERE `post_id` = '{$post['id']}'") or die(mysql_error());
}

foreach ($posts as $post)
{

	?>
	<div class="post" id="post<?php echo $post['id']; ?>">
		<form action="blog.php" method="post" id="blogform" class="man">
		<input type="hidden" name="action" id="action" value="" />
			<fieldset class="mvs buttonfield">
				<span class="button">
					<label>
						<input type="submit" id="starttop" name="approve" class="invis dark_grey" value="Approve" />
					</label>
				</span>
				<span id="smarktop" class="button disabled">
					<label>
						<input type="button" id="marktop" name="deny" class="invis dark_grey" value="Deny" disabled="disabled" />
					</label>
				</span>
				<span id="sdeletetop" class="button disabled">
					<label>
						<input type="submit" id="deletetop" name="delete" class="invis dark_grey" value="Delete" disabled="disabled" />
					</label>
				</span>
			</fieldset>
		</form>
	<?php
}

?>

 

I'm lost from here. 

 

1.  Yes, I want to use submit buttons not checkboxes

2.  I don't know how to use the sprint_f function at all but I added in the hidden input

3.  I changed my variables {$post['id']} and think they are correct now.

4.  I have no idea how to get the individual ID that I need.

unemployment Advanced Member

unemployment

Posted
  • Author
Posted

EDIT:

 

Before I go trying to explain, how are you sending the variable by GET?

 

I am using a function $post = get_blog_post_admin($_GET['post_id']);.  This is pulling in...

 

// fetches a summery of all the blog posts.
function get_blog_posts_admin($page = 1, $per_page = 10)
{
$per_page	= (int)$per_page;
$start		= (int)($page - 1) * $per_page;

$sql = "SELECT
			`blog_posts`.`post_id` AS `id`,
			`blog_posts`.`posttitle` AS `title`,
			LEFT(`blog_posts`.`postcontent`, 1010) AS `preview`,
			DATE_FORMAT(`blog_posts`.`postdate`, '%D \of %M %Y  %h:%i%p') AS `date`,
			UNIX_TIMESTAMP(`blog_posts`.`postdate`) AS `timestamp`,
			`blog_posts`.`posttags` AS `tags`,
			`blog_posts`.`postimage` AS `image`,
			`blog_comments`.`total_comments`,
			`users`.`firstname`,
			`users`.`lastname`,
			`users`.`username`
		FROM `blog_posts`
		LEFT JOIN (
			SELECT
				`post_id`,
				COUNT(`comment_id`) AS `total_comments`
			FROM `blog_comments`
			GROUP BY `post_id`
		) AS `blog_comments`
		ON `blog_posts`.`post_id` = `blog_comments`.`post_id`
		INNER JOIN `users`
		ON `blog_posts`.`user_id` = `users`.`id`
		ORDER BY `blog_posts`.`post_id` DESC
		LIMIT {$start}, {$per_page}";

$posts = mysql_query($sql);

$rows = array();

while (($row = mysql_fetch_assoc($posts)) !== false)
{
	$rows[] = array(
		'id'				=> $row['id'],
		'title'				=> $row['title'],
		'preview'			=> $row['preview'],
		'date'				=> $row['date'],
		'timestamp'			=> $row['timestamp'],
		'image'				=> $row['image'],
		'total_comments'	=> ($row['total_comments'] === null) ? 0 : $row['total_comments'],
		'firstname'			=> $row['firstname'],
		'lastname'			=> $row['lastname'],
		'username'			=> $row['username'],
	);
}

return $rows;
}

unemployment Advanced Member

unemployment

Posted
  • Author
Posted

I just added in the limits to the queries...

 

if (isset($_POST['approve']))
{
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = 1
			WHERE `post_id` = '{$post['id']}'
			LIMIT 1
			";

	mysql_query($sql) or die(mysql_error());
}
else if (isset($_POST['deny']))
{
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = -1
			WHERE `post_id` = '{$post['id']}'
			LIMIT 1
			";
}
else if (isset($_POST['delete']))
{
	mysql_query("DELETE FROM `blog_posts` WHERE `post_id` = '{$post['id']}' LIMIT 1") or die(mysql_error());
}

jcbones Newbie

jcbones

Posted
Posted

My take:

<?php

if (isset($_POST['approve']))
{
	if(is_array($_POST['approve'])) {
		$keys = array_keys($_POST['approve']);
		$id = $keys[0];

	$sql = "
			UPDATE `blog_posts` SET
				`approved` = 1
			WHERE `post_id` = '$id'
			";
	}
}
else if (isset($_POST['deny']))
{
	if(is_array($_POST['deny'])) {
		$keys = array_keys($_POST['deny']);
		$id = $keys[0];
	$sql = "
			UPDATE `blog_posts` SET
				`approved` = -1
			WHERE `post_id` = '$id'
			";
	}
}
else if (isset($_POST['delete']))
{
	if(is_array($_POST['delete'])) {
		$keys = array_keys($_POST['delete']);
		$id = $keys[0];
	$sql = "DELETE FROM `blog_posts` WHERE `post_id` = '$id'";
	}
}
if(isset($sql) && !empty($sql)) {
	mysql_query($sql) or die(mysql_error());
}
foreach ($posts as $post)
{
	?>
	<div class="post" id="post<?php echo $post['id']; ?>">
		<form action="blog.php" method="post" id="blogform" class="man">
			<fieldset class="mvs buttonfield">
				<span class="button">
					<label>
						<input type="submit" id="starttop" name="approve[<?php echo $post['id']; ?>]" class="invis dark_grey" value="Approve" />
					</label>
				</span>
				<span id="smarktop" class="button disabled">
					<label>
						<input type="button" id="marktop" name="deny[<?php echo $post['id']; ?>]" class="invis dark_grey" value="Deny" disabled="disabled" />
					</label>
				</span>
				<span id="sdeletetop" class="button disabled">
					<label>
						<input type="submit" id="deletetop" name="delete[<?php echo $post['id']; ?>]" class="invis dark_grey" value="Delete" disabled="disabled" />
					</label>
				</span>
			</fieldset>
		</form>
	</div>
	<?php
}

?>

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.