raymon Posted July 25, 2020 Share Posted July 25, 2020 (edited) I making an web app for teachers to assess their students online. The problems I am currently having are on select only one record is displayed and after update no records are displayed in the form even though it was successfully updated.. The program has two files, index.php and process.php. The problems started when got the class name into the query to search and display the class. $result = $mysqli->query("SELECT * FROM data WHERE classroom = '".$classroom."' ORDER BY '.name';") or die($mysqli->error); The query works but doesn't order by name I would like. I would be grateful if anyone could cast an eye over it and give me some tips. Thanks guys. The beers are on me if anyone can sort it, but you'll have to come to Phnom Penh, Cambodia as that is where I live. Anyway here's the code. process.php <html> <?php session_start(); $mysqli = new mysqli("localhost","ray","password","reports") or die(mysqli_error($mysqli)); $id = 0; $update = false; $name = ''; $classroom = ''; if (isset($_GET['edit'])){ $id = $_GET['edit']; $update = true; $result = $mysqli->query("SELECT * FROM data WHERE id=$id") or die($mysqli->error()); if(isset($result->num_rows) && $result->num_rows > 0) { $row = $result->fetch_array(); $name = $row['name']; $classroom = $row['classroom']; $pacomment = $row['pacomment']; } } if (isset($_POST['update'])){ $id = $_POST['id']; $pacomment = $_POST['pacomment']; $mysqli->query("UPDATE data SET pacomment= '$pacomment' WHERE id=$id") or die($mysqli->error); $_SESSION['message'] = "Record has been updated!"; $_SESSION['msg_type'] = "warning"; header('location: index.php'); } index,php <?php require_once 'process.php'; ?> <!--************************************** Setup Messages **************************************** --> <?php if (isset($_SESSION['message'])): ?> <div class="alert alert-<?=$_SESSION['msg_type']?>"> <?php echo $_SESSION['message']; unset($_SESSION['message']); ?> </div> <?php endif ?> <!--**************************************End Setup Messages *********************************************** --> <?php ?> <!DOCTYPE html> <html> <head> <title>Home of English Reports</title> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css"> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script> <style>= body { margin: 0; font-family: Arial, Helvetica, sans-serif; } .topnav { overflow: hidden; background-color: #008080; } .topnav a { float: left; color: #f2f2f2; text-align: center; padding: 14px 16px; text-decoration: none; font-size: 17px; } .topnav a:hover { background-color: #ddd; color: black; } .topnav a.active { background-color: #4CAF50; color: white; } </style> </head> <body style="background-color:linen;"> <!--************************************** End Setup Page Styles ************************************* --> <div class="container"> <form action="index.php" method = get> <label for="classroom">Class name:</label><br> <input type="text" id="classroom" name="classroom" value="107i am"><br> <input type="submit" value="Submit"> </form> </div> <?php $resultcomment = $mysqli->query("SELECT EnglishComment FROM comments"); ?> <!-- ************************************** Begin Connect DB ************************************************ --> <div class="container" align-content-center> <?php $classroom = (isset($_GET['classroom']) ? $_GET['classroom'] : null); $result = $mysqli->query("SELECT * FROM data WHERE classroom = '".$classroom."' ORDER BY '.name';") or die($mysqli->error); ?> <!-- ************************************** End Connect DB **************************************************** --> <div class="row justify-content-center"> <form action="process.php" method="POST"> <input type="hidden" name="id" value="<?php echo $id; ?>"> <div class="form-group"> <h1><label><?php echo $name?></label></h1> </div> <form action="process.php" method="POST"> <input type="hidden" name="id" value="<?php echo $id; ?>"> <div class="form-group"> <h3><label>PA Teacher's Comment</label></h3> <select name = "pacomment"> <?php while($rows = $resultcomment-> fetch_assoc()) { $EnglishComment = $rows['EnglishComment']; echo "<option value='$EnglishComment'>$name.$EnglishComment</option>"; } ?></h2> </select><br> <p> <div class="form-group"> <?php if ($update == true): ?> <button type="submit" class="btn btn-info" name="update">Update</button> <?php else: ?> <!-- <button type="submit" class="btn btn-primary" name="save">Save</button> --> <?php endif; ?> </div> </form> <!-- ************************************** Begin Setup Table Headers ****************************************** --> <div class="row justify-content-center"> <table class="table" width = "20%" border = "5" cellpadding = "1";> <thead> <tr> <th><center>Action</center></th> <th><center>ID</center></th> <th>Name and Comment</th> </tr> </thead> <!-- ************************************** End Setup Classlist Table Headers ****************************************** --> <!-- ****** Loop thru Every Record From $result Query Variable and get variables and echo each variable into the table rows ********** --> <?php while ($row = $result->fetch_assoc()): ?> <tr> <td> <center><a href="index.php?edit=<?php echo $row['id']; ?>" class="btn btn-info">Assess</a></center> </td> <!-- ************************************** Put data into Classlist table rows ****************************************** --> <td><center><?php echo $row['studentid']; ?></center></td> <td><?php echo $row['name']." ".$row['pacomment'] ?></td> </tr> <?php endwhile; ?> <!-- ****************** End While() Loop **************************** --> </table> <!-- *************** End of Classlist Table ****************************************** --> </div> </div> </div> </body> </html> Edited July 25, 2020 by raymon Quote Link to comment Share on other sites More sharing options...
gw1500se Posted July 25, 2020 Share Posted July 25, 2020 Order by 'name' or order by '.name'? Quote Link to comment Share on other sites More sharing options...
raymon Posted July 26, 2020 Author Share Posted July 26, 2020 I''m pretty sure I have tried both with no change in order. Quote Link to comment Share on other sites More sharing options...
gw1500se Posted July 26, 2020 Share Posted July 26, 2020 Using '.name' is definitely wrong as it looks like 'name' is the column you want. I suspect that is because of a misplaced quote which are unnecessary anyway. You also should not be using 'SELECT *'. List only those those columns you actually need. Your first query is dangerous. You need to use prepared statements. Never use web page data directly into a query as you are at risk of injection attacks. Finally the ';' is not really needed but that is a minor point. $result = $mysqli->query("SELECT studentid,name,pacomment FROM data WHERE classroom = $classroom ORDER BY name") or die($mysqli->error); Quote Link to comment Share on other sites More sharing options...
StevenOliver Posted July 27, 2020 Share Posted July 27, 2020 (edited) And in live (non-development) environment, the die($mysqli->error) should be off for security reasons. If I'm wrong, sorry.... just my two cents worth :-) Edited July 27, 2020 by StevenOliver Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.