Jump to content

view specific id record issue


ianhaney50

Recommended Posts

Hi
 
I just found another little issue, not sure why it is outputting all the records as before it just outputted the id record I click on
 
The code for the specific id record is below
 
<?php
ini_set('display_startup_errors',1);
ini_set('display_errors',1);
error_reporting(-1);
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>IT Done Right Admin View Repair Tracking</title>

<link rel="stylesheet"href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/blitzer/jquery-ui.css"/>
<script src="//code.jquery.com/jquery-1.10.2.js"></script>
<script src="//code.jquery.com/ui/1.11.2/jquery-ui.js"></script>

<link rel="stylesheet" type="text/css" media="screen" href="css/styles.css" />

<link rel="stylesheet" href="css/print.css" type="text/css" media="print">

</head>
<body>

<script>
var t;
window.onload=resetTimer;
document.onkeypress=resetTimer;

function logout()
{
alert("You are now logged out.")
location.href='../logout.php'
}
function resetTimer()
{
clearTimeout(t);
t=setTimeout(logout,1800000) //logs out in 30 minutes
}
</script>

<?
session_start();
if($_SESSION['user']==''){
 header("Location:../index.php");
}else{
 include("../config.php");
 $sql=$dbh->prepare("SELECT * FROM users WHERE id=?");
 $sql->execute(array($_SESSION['user']));
 while($r=$sql->fetch()){
  echo "<div class='home-content'>";
  echo "<center><h2>Hello, ".$r['username']."</h2>";
  echo "<a href='../logout.php'>Log Out</a>";
  echo "<br><br>";
  echo "<a href='../home.php'>Home</a></center>";
  echo "</div>";
 }
}
?>

<div class="print">

<div id="logo">
<img src="images/logo/it-done-right.jpg" alt="" title="">
</div>

<div style="clear: both;">

<?php
                        // connect to the database
                        include('connect-db.php');
                        
                        // get the records from the database
                        if ($result = $mysqli->query("SELECT id, customer_name, customer_email, customer_phone, computer_make, computer_model, technician, status, DATE_FORMAT(exrdate,'%d/%m/%Y') AS exrdate, exrtime, DATE_FORMAT(exstdate,'%d/%m/%Y') AS exstdate, exstime, deltype, comments, cost FROM repairs ORDER BY id"))
                        {
                                // display records if there are records to display
                                if ($result->num_rows > 0)
                                {
                                        // display records in a table
                                        
                                        while ($row = $result->fetch_object())
                                        {
echo "<strong>Repair ID</strong>: " . $row->id;
echo "<br><br>";
                                                echo "<strong>Customer Name</strong>: " . $row->customer_name;
echo "<br><br>";
                                                echo "<strong>Customer Email</strong>: " . $row->customer_email;
echo "<br><br>";
echo "<strong>Customer Phone</strong>: " . $row->customer_phone;
echo "<br><br>";
echo "<strong>Computer Make</strong>: " . $row->computer_make;
echo "<br><br>";
echo "<strong>Computer Model</strong>: " . $row->computer_model;
echo "<br><br>";
echo "<strong>Assigned to Technician</strong>: " . $row->technician;
echo "<br><br>";
echo "<strong>Repair Status</strong>: " . $row->status;
echo "<br><br>";
echo "<strong>Expected Repair Date</strong>: " . $row->exrdate;
echo "<br><br>";
echo "<strong>Expected Repair Time</strong>: " . $row->exrtime;
echo "<br><br>";
echo "<strong>Expected Start Date</strong>: " . $row->exstdate;
echo "<br><br>";
echo "<strong>Expected Start Time</strong>: " . $row->exstime;
echo "<br><br>";
echo "<strong>Delivery Type</strong>: " . $row->deltype;
echo "<br><br>";
echo "<strong>Comments</strong>: " . $row->comments;
echo "<br><br>";
echo "<strong>Repair Cost</strong>: " . '£' . $row->cost;
echo "</div>";
echo "</div>";
echo "<br><br>";
                                                echo "<td><a href='repairs-tracking.php?id=" . $row->id . "'>Edit</a></td>";
                                                echo "<br><br>";
                                        }
                                        
                                }
                                // if there are no records in the database, display an alert message
                                else
                                {
                                        echo "No results to display!";
                                }
                        }
                        // show an error if there is an issue with the database query
                        else
                        {
                                echo "Error: " . $mysqli->error;
                        }
                        
                        // close database connection
                        $mysqli->close();
                
                ?>
                
                <a href="view-repairs-tracking.php">Back to view all repairs tracking</a> | <a href="#" onclick="window.print();return false;">Print this page</a> | <a href="repairs-tracking.php">Add New Repair For Tracking</a>
                
        </body>
</html>

 

Link to comment
Share on other sites

In your main mysql query where you are getting the records from the database, there doesn't appear to be any restriction against it getting all the records .. if you are looking for one specific record, your query should end something like " ..... WHERE id = '$_GET[id]'"  

Link to comment
Share on other sites

Additionally you should be doing the logic above and html below.

 

You can't use header() if is any output on the page.

 

Also $_SESSION['user'] could be undefined because does not always exist.

Check for a session and if $_SESSION['user'] is actually set

 

Not sure why are using js to log out, use the default session handler settings to expire or unset the users session

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.