Jump to content

Recommended Posts

Hi,

 

I have a form which inserts the users ID into 'follow' when they submit a form. However I am now trying to change it so the value of the ID is applied to an image. When the user clicks an image their ID is added to the database.

 

Sounds tricky, can anyone advise how to do this please?

 

 

<?php


if(isset($_POST['followform'])) {

   $follow = $_POST['follow'];

$query_follow ="UPDATE users SET follow = '".$_POST['follow']."'" ;
$result_newUser = mysql_query($query_follow);
    $result = mysql_query($query_follow) or die("An error occurred ".mysql_error());

   }
?>
</div> 


<form class="followform" method="POST" action="">
<div class="forminputcell">
<div class="datainput">
 <div class="forminputleft">
Follow:
</div>
 <div class="forminputright">  
<input   name="follow" type="text" width="10" value="<?php echo $row['id']; ?>" />
</div>
</div>
  <div class="user-area">
  <input type="hidden" name="followform" value="submit" />
<input type="submit" name="submit" value="Submit" class="submit-button" />
 </div>
</div>
</form>

Link to comment
https://forums.phpfreaks.com/topic/272027-click-image-insert-into-database/
Share on other sites

  • Replies 50
  • Created
  • Last Reply

Top Posters In This Topic

Thanks,

 

But Im not sure how to do this. Do I put an image inside a form? How do I set the value of the an image to the ID. I haven't used this process before.

 

Ive tried Googling the issue but all I can find is how to upload an image.

Thanks, I dont know I had to merge the submit button with the submit function!

 

So is the key to this changing the name in the submit button?

 

 

<input type="submit" [b]name="submit"[/b] value="Submit" class="submit-button" />

 

<input type="submit" name="<?php echo $row['id']; ?>" value="Submit" class="submit-button" />

All the examples I cant find involve changing the submit button on a form. With this I dont have a form. Do I just put the image inside the form and apply the ID to the image?

 

Whenever I try a form it creates a form box which I dont want.

All the examples I cant find involve changing the submit button on a form. With this I dont have a form. Do I just put the image inside the form and apply the ID to the image?

 

 

Hi,

 

I have a form which inserts the users ID into 'follow' when they submit a form. However I am now trying to change it so the value of the ID is applied to an image. When the user clicks an image their ID is added to the database.

 

 

Why do you smoke crack?

HI,

 

Any suggestions please. I currently have it like this. If I use a type test it works but I would like to do it with an image.

 

<?php


if(isset($_POST['followform'])) {

   $follow = $_POST['follow'];

$query_follow ="UPDATE users SET follow = '".$_POST['follow']."'" ;
$result_newUser = mysql_query($query_follow);
    $result = mysql_query($query_follow) or die("An error occurred ".mysql_error());

   }
?>
</div> 

<form class="followform" method="POST" action="">
<div class="forminputcell">
<div class="datainput">
 <div class="forminputleft">
Follow:
</div>
 <div class="forminputright">  
<input type="image" img src="/images/logo.png"  name="follow"  value="<?php echo $row['id']; ?>" class="submit-button" />
</div>
</div>
</div>
</form>	
</div>

You haven't explained your issue very well.  Something you need to work on since you ask a lot of questions.

 

Below is my interpretation of what you're looking for.  Could be right, could be wrong... as I don't know what it is you're after, exactly.

 

<?php
if (($_GET['do'] == 'follow') && !empty($_GET['id'])) {
$follow = (int)$_GET['id'];
$query_follow ="UPDATE users SET follow = '". $follow ."'" ;
$result_newUser = mysql_query($query_follow);
//$result = mysql_query($query_follow) or die("An error occurred " . mysql_error()); // why are you hitting this twice?
}
?>
</div> 

<div class="forminputcell">
<div class="datainput">
	<div class="forminputleft">
		Follow:
	</div>
	<div class="forminputright">  
		<a href="<?php echo $_SERVER['PHP_SELF']; ?>?do=follow&id=<?php echo $row['id']; ?>"><img src="/images/logo.png" class="submit-button"/></a>
	</div>
</div>
</div>

By validating that the user submitting the follow is logged in, and using their id.

 

So it will only accept the logged in users ID? Sounds fine. I shall give that a go. I need to change it so that I can view another users profile and follow them. Currently it only allows my to follow myself but its getting there.

So how would I stop someone from saying that someone wants to follow someone when then dont want to?

 

Currently I can make 321 follow 456 when 321 did not click the follow button.

 

Your query should not execute unless the ID of the user is checked against the ID they are logged in as.  That way, the URL cannot be modified for malicious activity.

 

E.g.

 

1. User must be logged in to follow somebody.

 

2. When user clicks 'follow' button/link, have a condition that checks that the user who clicked the follow button is the same user who is logged in, ie.

 

<a href="<?php echo $_SERVER['PHP_SELF']; ?>?do=follow&id=<?php echo $row['id']; ?>&current_user_id=12345"><img src="/images/logo.png" class="submit-button"/></a>

 

3.

if (($_GET['do'] == 'follow') && !empty($_GET['id'])) {
// check if user is logged in
if (($_SESSION['auth']) && !empty($_SESSION['current_user_id'])) { // whatever your $_SESSION variables are for logged in users

	if ($_SESSION['current_user_id'] == $_GET['current_user_id']) { // again, $_SESSION['current_user_id'] is pseudo
		$follow = (int)$_GET['id'];
		$query_follow ="UPDATE users SET follow = '". $follow ."'" ;
		$result_newUser = mysql_query($query_follow);
		//$result = mysql_query($query_follow) or die("An error occurred " . mysql_error()); // why are you hitting this twice?
	}
}
}

 

Your initial logic is out of whack.  How you are currently storing follows (in the users table) is no good.  It limits a users to only being able to follow a single user.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.