SitePoint Sponsor

User Tag List

Page 1 of 3 123 LastLast
Results 1 to 25 of 126

Hybrid View

  1. #1
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Form submission help and other question

    Hello, i'm working on a "cms" for my website and its supposed to be individual dashboards. Its 3 ranks, admin, partner and trainee. This is for my youtube network and i'm trying to create a form so they can submit videos from there dashboards and then it sends it to my admin panel so I can check it out. I want to have a table display and I want just there submissions they've done displayed and I want it to display like all the fields they have entered and like a status section where i'll like be able to change the status through the admin dashboard. I have no idea how to do the table and have them see just there submissions and me be able to edit it through the admin panel. If any help on that, that would be great. Now i've been working on the form and getting it to submit, but for some reason it won't submit. If any of you can help me out with this it would be great. I'm pretty sure its the query, but not quiet positive. I'm new to php so any help is appreciated.



    php:



    Code:
    <?php
        if(isset($_POST['submit']))
        {
          $c_name = $_POST['channel_username'];
          $v_link = $_POST['video_link'];
          $v_title = $_POST['video_title'];
          $v_desc = $_POST['vido_description'];
          $v_tags = $_POST['video_tags'];
          $m_sources = $_POST['music_sources'];
          $s_requests = $_POST['special_requests'];
        
          if(empty($c_name) or empty($v_link) or empty($v_title) or empty($v_title) or empty($v_desc) or empty($v_tags))
          {
            echo 'You must fill in the first 5 fields.';
          }
          else
          {
            $getRank = $db->query("SELECT * FROM users WHERE username = '".$_SESSION['username']."'");
            while ($row = $getRank->fetch_assoc())
            {
              $usename = $row['username'];
              $rank = $row['rank'];
            }
           $db->query("INSERT INTO submitted_forms (username, rank, channel_username, video_link, video_title, video_description, video_tags, music_sources, special_requests) VALUES ('$username', '$rank', '$c_name', '$v_link', '$v_title', '$v_desc', '$v_tags', '$m_sources', '$s_requests')");
            echo 'Form submitted successfully.';
            }
          }
        ?>

    Html:

    Code:
    <form method="POST">
          <p>Channel name <input type="text" name="channel_name" required>*</p>
          <p>Video Link   <input type="text" name="video_link" required>*</p>
          <p>Video Title  <input type="text" name="video_title" required>*</p>
          <p>Video Description <input type="text" name="video_description" required>*</p>
          <p>Video Tags   <input type="text" name="video_tags" required>*</p>
          <p>Music Sources <input type="text" name="music_sources"></p>
          <p>Special Requests <input type="text" name="special_requests"></p>
          <br></br>
          <p><input type="submit" name="submit" value="Submit"></p>
        </form>

  2. #2
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Check for possible spelling errors.
    $v_desc = $_POST['vido_description'];
    Can I assume you have session_start(); at the top of your page???

    I made a slightly different copy you might try or compare to what you have.
    PHP Code:
    <?php
    session_start
    ();

    $host "localhost"
    //Database user name.    
    $login "";
    //Database Password.
    $dbpass "";
    //Database name.
    $dbname "";
    $PDO = new PDO("mysql:host=localhost;dbname=$dbname""$login""$dbpass");

    $message ""

    if(isset(
    $_POST['submit']))
    {
        
    $c_name trim($_POST['channel_name']);
        
    $v_link trim($_POST['video_link']);
        
    $v_title trim($_POST['video_title']);
        
    $v_desc trim($_POST['video_description']);
        
    $v_tags trim($_POST['video_tags']);
        
    $m_sources trim($_POST['music_sources']);
        
    $s_requests trim($_POST['special_requests']);
        
        
    $username $_SESSION['username'];
        
        if(empty(
    $c_name) || empty($v_link) || empty($v_title) || empty($v_title) || empty($v_desc) || empty($v_tags))
        {
            
    $message 'You must fill in the first 5 fields.';
        }
        else
        {     
            
            try{ 
                
    $getRank $PDO->prepare("SELECT rank FROM users WHERE username = :username");
                
    $getRank->bindParam(":username"$username); 
                
    $getRank->execute();  
                while(
    $row $getRank->fetch(PDO::FETCH_ASSOC)){ 
                    
    $rank $row['rank'];
                }   
                 
            }catch (
    PDOException $e){ 
                echo 
    "Database error: ".$e->getMessage(); 
            }  
            
            try{ 
                
    $query $PDO->prepare("INSERT INTO submitted_forms(`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) 
                VALUES(:username, :rank, :c_name, :v_link, :v_title, :v_desc, :v_tags, :m_sources, :s_requests)"
    );
                
    $query->bindParam(":username"$username); 
                
    $query->bindParam(":rank"$rank); 
                
    $query->bindParam(":c_name"$c_name); 
                
    $query->bindParam(":v_link"$v_link); 
                
    $query->bindParam(":v_title"$v_title); 
                
    $query->bindParam(":v_desc"$v_desc); 
                
    $query->bindParam(":v_tags"$v_tags); 
                
    $query->bindParam(":m_sources"$m_sources); 
                
    $query->bindParam(":s_requests"$s_requests); 
                
    $query->execute();    
                 
            }catch (
    PDOException $e){ 
                echo 
    "Database error: ".$e->getMessage(); 
            }  
            
    $message 'Form submitted successfully.';
        }
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
    <html xmlns="http://www.w3.org/1999/xhtml">  
    <head>  
    <title></title>
    <style type="text/css">
    .label {
    float:left;
    clear:left;
    display:inline;
    width:115px;
    }
    .input {
    float:left;
    display:inline;
    width:165px;
    }
    .input input{
    margin-right:3px;
    }
    .submit {
    float:left;
    clear:left;
    margin-top:10px;
    width:280px;
    text-align:center;
    }
    </style> 
    </head> 
    <body> 
        <?php if(isset($message) && !empty($message)){ echo $message; } ?>
        <form action="" method="post">
            <div class="label">Channel name</div><div class="input"><input type="text" name="channel_name" required>*</div>
            <div class="label">Video Link</div><div class="input"><input type="text" name="video_link" required>*</div>
            <div class="label">Video Title</div><div class="input"><input type="text" name="video_title" required>*</div>
            <div class="label">Video Description</div><div class="input"><input type="text" name="video_description" required>*</div>
            <div class="label">Video Tags</div><div class="input"><input type="text" name="video_tags" required>*</div>
            <div class="label">Music Sources</div><div class="input"><input type="text" name="music_sources" ></div>
            <div class="label">Special Requests</div><div class="input"><input type="text" name="special_requests"></div>
            <div class="submit"><input type="submit" name="submit" value="Submit"></div>
        </form>
    </body>
    </html>

  3. #3
    SitePoint Addict Smolf3d's Avatar
    Join Date
    Aug 2004
    Location
    russia
    Posts
    232
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You need add to submitted_forms new row like show_now - enum('yes', 'no')

    Now in the index.php or page where all guests can see the publication, add to WHERE in select query the new row like show_now = 'yes'

    create new or edit page, where you will do the check (Edit Page), out all information for check with while.. and add to select WHERE show_now = 'no'

    add simple html with 2 input type="radio" to change the value.


    sorry for my english

  4. #4
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Smolf3d View Post
    You need add to submitted_forms new row like show_now - enum('yes', 'no')

    Now in the index.php or page where all guests can see the publication, add to WHERE in select query the new row like show_now = 'yes'

    create new or edit page, where you will do the check (Edit Page), out all information for check with while.. and add to select WHERE show_now = 'no'

    add simple html with 2 input type="radio" to change the value.


    sorry for my english
    Please explain more. Are you talking about the table thing? I don't want to display it to guests as you have to login to see the dashboard anyway. I want to show them in there own dashboard only there submissions in a table. I don't want anyone else to see there submissions except the person and admins is all.

  5. #5
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    Check for possible spelling errors.


    Can I assume you have session_start(); at the top of your page???

    I made a slightly different copy you might try or compare to what you have.
    PHP Code:
    <?php
    session_start
    ();

    $host "localhost"
    //Database user name.    
    $login "";
    //Database Password.
    $dbpass "";
    //Database name.
    $dbname "";
    $PDO = new PDO("mysql:host=localhost;dbname=$dbname""$login""$dbpass");

    $message ""

    if(isset(
    $_POST['submit']))
    {
        
    $c_name trim($_POST['channel_name']);
        
    $v_link trim($_POST['video_link']);
        
    $v_title trim($_POST['video_title']);
        
    $v_desc trim($_POST['video_description']);
        
    $v_tags trim($_POST['video_tags']);
        
    $m_sources trim($_POST['music_sources']);
        
    $s_requests trim($_POST['special_requests']);
        
        
    $username $_SESSION['username'];
        
        if(empty(
    $c_name) || empty($v_link) || empty($v_title) || empty($v_title) || empty($v_desc) || empty($v_tags))
        {
            
    $message 'You must fill in the first 5 fields.';
        }
        else
        {     
            
            try{ 
                
    $getRank $PDO->prepare("SELECT rank FROM users WHERE username = :username");
                
    $getRank->bindParam(":username"$username); 
                
    $getRank->execute();  
                while(
    $row $getRank->fetch(PDO::FETCH_ASSOC)){ 
                    
    $rank $row['rank'];
                }   
                 
            }catch (
    PDOException $e){ 
                echo 
    "Database error: ".$e->getMessage(); 
            }  
            
            try{ 
                
    $query $PDO->prepare("INSERT INTO submitted_forms(`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) 
                VALUES(:username, :rank, :c_name, :v_link, :v_title, :v_desc, :v_tags, :m_sources, :s_requests)"
    );
                
    $query->bindParam(":username"$username); 
                
    $query->bindParam(":rank"$rank); 
                
    $query->bindParam(":c_name"$c_name); 
                
    $query->bindParam(":v_link"$v_link); 
                
    $query->bindParam(":v_title"$v_title); 
                
    $query->bindParam(":v_desc"$v_desc); 
                
    $query->bindParam(":v_tags"$v_tags); 
                
    $query->bindParam(":m_sources"$m_sources); 
                
    $query->bindParam(":s_requests"$s_requests); 
                
    $query->execute();    
                 
            }catch (
    PDOException $e){ 
                echo 
    "Database error: ".$e->getMessage(); 
            }  
            
    $message 'Form submitted successfully.';
        }
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
    <html xmlns="http://www.w3.org/1999/xhtml">  
    <head>  
    <title></title>
    <style type="text/css">
    .label {
    float:left;
    clear:left;
    display:inline;
    width:115px;
    }
    .input {
    float:left;
    display:inline;
    width:165px;
    }
    .input input{
    margin-right:3px;
    }
    .submit {
    float:left;
    clear:left;
    margin-top:10px;
    width:280px;
    text-align:center;
    }
    </style> 
    </head> 
    <body> 
        <?php if(isset($message) && !empty($message)){ echo $message; } ?>
        <form action="" method="post">
            <div class="label">Channel name</div><div class="input"><input type="text" name="channel_name" required>*</div>
            <div class="label">Video Link</div><div class="input"><input type="text" name="video_link" required>*</div>
            <div class="label">Video Title</div><div class="input"><input type="text" name="video_title" required>*</div>
            <div class="label">Video Description</div><div class="input"><input type="text" name="video_description" required>*</div>
            <div class="label">Video Tags</div><div class="input"><input type="text" name="video_tags" required>*</div>
            <div class="label">Music Sources</div><div class="input"><input type="text" name="music_sources" ></div>
            <div class="label">Special Requests</div><div class="input"><input type="text" name="special_requests"></div>
            <div class="submit"><input type="submit" name="submit" value="Submit"></div>
        </form>
    </body>
    </html>
    Thanks, i'm going to try yours out and see, i'll update this post if it works.

  6. #6
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by fredrock View Post
    Thanks, i'm going to try yours out and see, i'll update this post if it works.
    This did not work.

  7. #7
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by fredrock View Post
    This did not work.
    Hmm. I just tested my copy and it did work.

    Do you have $_SESSION['username'] defined before using this page?
    Do all DB table fields match what is on the page?
    Are you using the full page copy I made, or just part of it?

  8. #8
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    Hmm. I just tested my copy and it did work.

    Do you have $_SESSION['username'] defined before using this page?
    Do all DB table fields match what is on the page?
    Are you using the full page copy I made, or just part of it?
    Sorry, I forgot to tell you why it doesn't work. Its because its using PDO, my server doesn't have PDO, I use mysqli

  9. #9
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    As I mentioned, if you post the whole code, we could spot errors.
    Where is $db defined?

    This version fixes a number of
    spelling issues ($_POST['vido_description'], $usename or $username)
    and your condition line (removing duplicate $v_title and replacing "or" with ||)
    and escapes data before insert.

    Like I said, you say you're using the code in OP but I've asked if you've fixed issues that have been pointed out to you.

    PHP Code:
    <?php
        
    if(isset($_POST['submit']))
        {
            
    $c_name $_POST['channel_username'];
            
    $v_link $_POST['video_link'];
            
    $v_title $_POST['video_title'];
            
    $v_desc $_POST['video_description'];
            
    $v_tags $_POST['video_tags'];
            
    $m_sources $_POST['music_sources'];
            
    $s_requests $_POST['special_requests'];
            
    $username $_SESSION['username'];
            
            if(empty(
    $c_name) || empty($v_link) || empty($v_title) || empty($v_desc) || empty($v_tags))
            {
                echo 
    'You must fill in the first 5 fields.';
            }
            else
            {    
                
    $username mysqli_real_escape_string ($db$username);
                
    $getRank $db->query("SELECT rank FROM users WHERE username = '$username'");
                while (
    $row $getRank->fetch_assoc())
                {
                    
    $rank $row['rank'];
                }
                
                
    $rank mysqli_real_escape_string ($db$rank);
                
    $c_name mysqli_real_escape_string ($db$c_name);
                
    $v_link mysqli_real_escape_string ($db$v_link);
                
    $v_title mysqli_real_escape_string ($db$v_title);
                
    $v_desc mysqli_real_escape_string ($db$v_desc);
                
    $v_tags mysqli_real_escape_string ($db$v_tags);
                
    $m_sources mysqli_real_escape_string ($db$m_sources);
                
    $s_requests mysqli_real_escape_string ($db$s_requests);
                
                
    $db->query("INSERT INTO submitted_forms (`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) VALUES ('$username','$rank','$c_name','$v_link','$v_title','$v_desc','$v_tags','$m_sources','$s_requests')");
                echo 
    'Form submitted successfully.';
            }
        }
    ?>

  10. #10
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    As I mentioned, if you post the whole code, we could spot errors.
    Where is $db defined?

    This version fixes a number of
    spelling issues ($_POST['vido_description'], $usename or $username)
    and your condition line (removing duplicate $v_title and replacing "or" with ||)
    and escapes data before insert.

    Like I said, you say you're using the code in OP but I've asked if you've fixed issues that have been pointed out to you.

    PHP Code:
    <?php
        
    if(isset($_POST['submit']))
        {
            
    $c_name $_POST['channel_username'];
            
    $v_link $_POST['video_link'];
            
    $v_title $_POST['video_title'];
            
    $v_desc $_POST['video_description'];
            
    $v_tags $_POST['video_tags'];
            
    $m_sources $_POST['music_sources'];
            
    $s_requests $_POST['special_requests'];
            
    $username $_SESSION['username'];
            
            if(empty(
    $c_name) || empty($v_link) || empty($v_title) || empty($v_desc) || empty($v_tags))
            {
                echo 
    'You must fill in the first 5 fields.';
            }
            else
            {    
                
    $username mysqli_real_escape_string ($db$username);
                
    $getRank $db->query("SELECT rank FROM users WHERE username = '$username'");
                while (
    $row $getRank->fetch_assoc())
                {
                    
    $rank $row['rank'];
                }
                
                
    $rank mysqli_real_escape_string ($db$rank);
                
    $c_name mysqli_real_escape_string ($db$c_name);
                
    $v_link mysqli_real_escape_string ($db$v_link);
                
    $v_title mysqli_real_escape_string ($db$v_title);
                
    $v_desc mysqli_real_escape_string ($db$v_desc);
                
    $v_tags mysqli_real_escape_string ($db$v_tags);
                
    $m_sources mysqli_real_escape_string ($db$m_sources);
                
    $s_requests mysqli_real_escape_string ($db$s_requests);
                
                
    $db->query("INSERT INTO submitted_forms (`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) VALUES ('$username','$rank','$c_name','$v_link','$v_title','$v_desc','$v_tags','$m_sources','$s_requests')");
                echo 
    'Form submitted successfully.';
            }
        }
    ?>
    I did fix the issues and $db is defined in my config, which i'm including at the top. The error here is that fatal error which needs fixed. I never saw it before. I guess when it refreshed it was there so i think thats been the error all along. It was hidden because the page is black so I never saw it. Guess its not the query.

  11. #11
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    I did fix the issues and $db is defined in my config, which i'm including at the top. The error here is that fatal error which needs fixed. I never saw it before. I guess when it refreshed it was there so i think thats been the error all along. It was hidden because the page is black so I never saw it. Guess its not the query.
    Yet once again you haven't posted your latest code. Guess we can't help you.

  12. #12
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    Yet once again you haven't posted your latest code. Guess we can't help you.
    Ok one second, geez.

    PHP:

    Code:
    <?php session_start();
    
    if(isset($_SESSION['rank']) and $_SESSION['rank'] == "partner")
      {
      $_SESSION['username'];
    
      } else {
      header("location: ../index.php");
      }
    
            include "menu.php";
            include "header.php";
            ?>
      
    
    <?php
            if(isset($_POST['submit']))
        {
          $c_name = $_POST['channel_username'];
          $v_link = $_POST['video_link'];
          $v_title = $_POST['video_title'];
          $v_desc = $_POST['video_description'];
          $v_tags = $_POST['video_tags'];
          $m_sources = $_POST['music_sources'];
          $s_requests = $_POST['special_requests'];
        
          if(empty($c_name) or empty($v_link) or empty($v_title) or empty($v_title) or empty($v_desc) or empty($v_tags))
          {
            echo 'You must fill in the first 5 fields.';
          }
          else
          {
            $getRank = $db->query("SELECT * FROM users WHERE username = '".$_SESSION['username']."'");
            while ($row = $getRank->fetch_assoc())
            {
              $usename = $row['username'];
              $rank = $row['rank'];
            }
           $db->query("INSERT INTO submitted_forms (username, rank, channel_username, video_link, video_title, video_description, video_tags, music_sources, special_requests) VALUES ('$username', '$rank', '$c_name', '$v_link', '$v_title', '$v_desc', '$v_tags', '$m_sources', '$s_requests')");
            echo 'Form submitted successfully.';
            }
          }
        ?>
    HTML:

    Code:
    <?php if(isset($message) && !empty($message)){ echo $message; } ?> 
        <form action="" method="POST"> 
            <label Channel Name></label><div class="input"><input type="text" name="channel_username" required>*</div> 
            <div class="label">Video Link</div><div class="input"><input type="text" name="video_link" required>*</div> 
            <div class="label">Video Title</div><div class="input"><input type="text" name="video_title" required>*</div> 
            <div class="label">Video Description</div><div class="input"><input type="text" name="video_description" required>*</div> 
            <div class="label">Video Tags</div><div class="input"><input type="text" name="video_tags" required>*</div> 
            <div class="label">Music Sources</div><div class="input"><input type="text" name="music_sources" ></div> 
            <div class="label">Special Requests</div><div class="input"><input type="text" name="special_requests"></div> 
            <div class="submit"><input type="submit" name="submit" value="Submit"></div> 
        </form>

  13. #13
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Notice anything wrong here?
    PHP Code:
     $usename $row['username'];
              
    $rank $row['rank'];
            }
           
    $db->query("INSERT INTO submitted_forms (username, rank, channel_username, video_link, video_title, video_description, video_tags, music_sources, special_requests) VALUES ('$username', '$rank', '$c_name', '$v_link', '$v_title', '$v_desc', '$v_tags', '$m_sources', '$s_requests')"); 

  14. #14
    SitePoint Enthusiast scout1idf's Avatar
    Join Date
    Nov 2009
    Location
    Ohio
    Posts
    85
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't know if this is the only error, but you misspelled $username......


    $getRank = $db->query("SELECT * FROM users WHERE username = '".$_SESSION['username']."'");
    while ($row = $getRank->fetch_assoc())
    {
    $usename = $row['username'];
    $rank = $row['rank'];
    }

  15. #15
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by scout1idf View Post
    I don't know if this is the only error, but you misspelled $username......


    $getRank = $db->query("SELECT * FROM users WHERE username = '".$_SESSION['username']."'");
    while ($row = $getRank->fetch_assoc())
    {
    $usename = $row['username'];
    $rank = $row['rank'];
    }
    Oh thank you, I didn't catch that at all, the e and n looked like an r together.

  16. #16
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    I did mention that on post #15 I also didn't mean to sound rude, but you kept saying you have fixed the issues that are mentioned but wouldn't post latest code version.
    Is it working now?

    Note: OR really should be || in an IF statement. See Logical Operators. User input should be escaped.
    PHP Code:
    $c_name mysqli_real_escape_string ($db$c_name); 

  17. #17
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    I did mention that on post #15 I also didn't mean to sound rude, but you kept saying you have fixed the issues that are mentioned but wouldn't post latest code version.
    Is it working now?

    Note: OR really should be || in an IF statement. See Logical Operators. User input should be escaped.
    PHP Code:
    $c_name mysqli_real_escape_string ($db$c_name); 
    Its fine haha, understandable, this is very frustrating, just want this fixed. I also still need to do that table I mentioned in the OP and fix other bugs I have with other forms like the profile update form so i'm getting very frustrated with all of this.

  18. #18
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    So you've fixed all errors...
    usename = username
    channel_name = channel_username
    Duplicate empty($v_title)
    Changed OR to ||

    Established the $db is resource
    Escaped all data before insert into database
    Checked that all database field names match.

    Then I would suggest adding mysqli_error($db) to your query.
    PHP Code:
    $sql ="INSERT INTO submitted_forms (`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) VALUES ('$username','$rank','$c_name','$v_link','$v_title','$v_desc','$v_tags','$m_sources','$s_requests')";
    echo 
    $sql;
    $db->query($sql) or die(mysqli_error($db)); 
    EDIT: echo $sql; //added

  19. #19
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    So you've fixed all errors...
    usename = username
    channel_name = channel_username
    Duplicate empty($v_title)
    Changed OR to ||

    Established the $db is resource
    Escaped all data before insert into database
    Checked that all database field names match.

    Then I would suggest adding mysqli_error($db) to your query.
    PHP Code:
    $db->query("INSERT INTO submitted_forms (`username`,`rank`,`channel_username`,`video_link`,`video_title`,`video_description`,`video_tags`,`music_sources`,`special_requests`) VALUES ('$username','$rank','$c_name','$v_link','$v_title','$v_desc','$v_tags','$m_sources','$s_requests')") or die(mysqli_error($db)); 
    I still have this error "Call to a member function query() on a non-object on line 37" And its this
    Code:
    $getRank = $db->query("SELECT * FROM users WHERE username = '".$_SESSION['username']."'");
            while ($row = $getRank->fetch_assoc())

  20. #20
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    And how about with this.
    PHP Code:
    $username mysqli_real_escape_string ($db$_SESSION['username']);
    $query "SELECT rank FROM users WHERE username = '$username'";
    $getRank $db->query($query) or die(mysqli_error($db));
    while (
    $row $getRank->fetch_assoc())
    {    
        
    $rank $row['rank'];

    And you shouldn't need a WHILE loop here.
    PHP Code:
    $username mysqli_real_escape_string ($db$_SESSION['username']);
    $query "SELECT rank FROM users WHERE username = '$username'";
    $getRank $db->query($query) or die(mysqli_error($db));
    $row $getRank->fetch_assoc();
        
    $rank $row['rank']; 

  21. #21
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Looking back on POST #18 I'm not sure I like the format of the top section.
    PHP Code:
    <?php 
    session_start
    ();

    if(isset(
    $_SESSION['rank']) && $_SESSION['rank'] == "partner"){}else{
        
    header("location: ../index.php");
        exit;
    }
    include 
    "menu.php";
    include 
    "header.php";
    ?>
    Can I assume your connection is in menu.php or header.php?

    Anyway, I don't like how you've got $_SESSION['username']; just sitting there, using header("location:") without exit; and using "AND" instead of &&.

    Also, it does seems a bit odd that you are saying here that $_SESSION['rank'] MUST be set and that the value must be partner and then you go and query the DB to get the username and rank, when both these values must already be set to session.

  22. #22
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    Looking back on POST #18 I'm not sure I like the format of the top section.
    PHP Code:
    <?php 
    session_start
    ();

    if(isset(
    $_SESSION['rank']) && $_SESSION['rank'] == "partner"){}else{
        
    header("location: ../index.php");
        exit;
    }
    include 
    "menu.php";
    include 
    "header.php";
    ?>
    Can I assume your connection is in menu.php or header.php?

    Anyway, I don't like how you've got $_SESSION['username']; just sitting there, using header("location:") without exit; and using "AND" instead of &&.

    Also, it does seems a bit odd that you are saying here that $_SESSION['rank'] MUST be set and that the value must be partner and then you go and query the DB to get the username and rank, when both these values must already be set to session.
    Ok, to be honest. I didn't really do to much of this code and don't know much about it. Someone did most of it so i'm trying to fix the errors they've done and finish everything else I need. I really appreciate your help and i'll see if your codes in the above posts work because this is really stressful haha, but thank you for all the help you've been giving me.

  23. #23
    SitePoint Enthusiast
    Join Date
    Feb 2014
    Posts
    67
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Drummin View Post
    Looking back on POST #18 I'm not sure I like the format of the top section.
    PHP Code:
    <?php 
    session_start
    ();

    if(isset(
    $_SESSION['rank']) && $_SESSION['rank'] == "partner"){}else{
        
    header("location: ../index.php");
        exit;
    }
    include 
    "menu.php";
    include 
    "header.php";
    ?>
    Can I assume your connection is in menu.php or header.php?

    Anyway, I don't like how you've got $_SESSION['username']; just sitting there, using header("location:") without exit; and using "AND" instead of &&.

    Also, it does seems a bit odd that you are saying here that $_SESSION['rank'] MUST be set and that the value must be partner and then you go and query the DB to get the username and rank, when both these values must already be set to session.
    Also, the connection is in the config file, but I took it out by accident when I pasted it, don't know why.

  24. #24
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Very rough...

    Admin
    PHP Code:
    <?php
    session_start
    ();
    include (
    "config.php");

    if(isset(
    $_SESSION['rank']) && ($_SESSION['rank'] == "partner" || $_SESSION['rank'] == "admin")){}else{
        
    header("location: ../index.php");
        exit;
    }
    //Show all or single id
    if(isset($_GET['id'])){
        
    $id mysqli_real_escape_string ($db$_GET['id']);
        
    $condition "WHERE u.user_id = '$id'";
    }else{ 
        
    $condition "ORDER BY u.name ASC";
    }
    $sql "SELECT 
    `sf`.`id`,
    `u`.`name`,
    `sf`.`rank`,
    `sf`.`channel_username`,
    `sf`.`video_link`,
    `sf`.`video_title`,
    `sf`.`video_description`,
    `sf`.`video_tags`,
    `sf`.`music_sources`,
    `sf`.`special_requests`
    FROM `users` AS u 
    LEFT JOIN `submitted_forms` AS sf
    ON sf.username = u.username 
    $condition";
    $result $db->query($sql) or die(mysqli_error($db));
    ?>
    <?xml version
    ="1.0" encoding="windows-1252"?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
        "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title></title>
    <style type="text/css">
    .display {
      width:100%;
      background-color:#E5E5E5;
      color:#000000;  
      font-family: Arial;
      font-size: 13px;
    }
    .display th{
      background-color:#84848E;
      color:#FFF;
      font-size: 12px;
      font-weight:bold;
      text-align:center;
    }
    .display td{
      background-color:#FFF;
      color:#00000;
      font-weight:normal;
    }
    .display .head td{
      background-color:#B1B1BE;
      color:#00000;
      font-weight:bold;
    }
    </style>
    </head>
    <body>
    <table border=0 summary="" cellspacing="1" cellpadding="1" class="display">
    <?php
    $headrows 
    = array();
    while (
    $row $result->fetch_assoc()){
        if(!
    in_array($row['name'],$headrows)){
            echo 
    '<tr>
                    <th colspan="6">'
    .$row['name'].' (Rank: '.$row['rank'].')</th>
                </tr>
                <tr class="head">
                    <td>Channel Name</td>
                    <td>Title</td>
                    <td>Description</td>
                    <td>Video Tags</td>
                    <td>Music Sources</td>
                    <td>Special Requests</td>
                </tr>'
    ;         
            
    $headrows[] = $row['name'];
        }
            
        echo 
    '<tr>
                <td>'
    .$row['channel_username'].'</td>
                <td><a href="'
    .$row['video_link'].'">'.$row['video_title'].'</a></td>
                <td>'
    .$row['video_description'].'</td>
                <td>'
    .$row['video_tags'].'</td>
                <td>'
    .$row['music_sources'].'</td>
                <td>'
    .$row['special_requests'].'</td>
            </tr>'
    ;
    }
    ?>
    </table>
    </body>
    </html>
    Logged in user
    PHP Code:
    <?php
    session_start
    ();
    include (
    "config.php");

    if(isset(
    $_SESSION['username'])){}else{
        
    header("location: ../index.php");
        exit;
    }

    $username mysqli_real_escape_string ($db$_SESSION['username']); 
    $sql "SELECT 
    `sf`.`id`,
    `u`.`name`,
    `sf`.`rank`,
    `sf`.`channel_username`,
    `sf`.`video_link`,
    `sf`.`video_title`,
    `sf`.`video_description`,
    `sf`.`video_tags`,
    `sf`.`music_sources`,
    `sf`.`special_requests`
    FROM `users` AS u 
    LEFT JOIN `submitted_forms` AS sf
    ON sf.username = u.username 
    WHERE u.username = '
    $username'";
    $result $db->query($sql) or die(mysqli_error($db));
    ?>
    <?xml version
    ="1.0" encoding="windows-1252"?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
        "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title></title>
    <style type="text/css">
    .display {
      width:100%;
      background-color:#E5E5E5;
      color:#000000;  
      font-family: Arial;
      font-size: 13px;
    }
    .display th{
      background-color:#84848E;
      color:#FFF;
      font-size: 12px;
      font-weight:bold;
      text-align:center;
    }
    .display td{
      background-color:#FFF;
      color:#00000;
      font-weight:normal;
    }  
    .display .head td{
      background-color:#B1B1BE;
      color:#00000;
      font-weight:bold;
    }
    </style>
    </head>
    <body>
    <table border=0 summary="" cellspacing="1" cellpadding="1" class="display">
    <?php
    $headrows 
    = array();
    while (
    $row $result->fetch_assoc()){
        if(!
    in_array($row['name'],$headrows)){
            echo 
    '<tr>
                    <th colspan="6">'
    .$row['name'].' (Rank: '.$row['rank'].')</th>
                </tr>
                <tr class="head">
                    <td>Channel Name</td>
                    <td>Title</td>
                    <td>Description</td>
                    <td>Video Tags</td>
                    <td>Music Sources</td>
                    <td>Special Requests</td>
                </tr>'
    ;         
            
    $headrows[] = $row['name'];
        }
            
        echo 
    '<tr>
                <td>'
    .$row['channel_username'].'</td>
                <td><a href="'
    .$row['video_link'].'">'.$row['video_title'].'</a></td>
                <td>'
    .$row['video_description'].'</td>
                <td>'
    .$row['video_tags'].'</td>
                <td>'
    .$row['music_sources'].'</td>
                <td>'
    .$row['special_requests'].'</td>
            </tr>'
    ;
    }
    ?>
    </table>
    </body>
    </html>

  25. #25
    SitePoint Guru bronze trophy
    Join Date
    Feb 2013
    Posts
    772
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    This version of "Admin" turns username into a link to show just records by this user. Be sure to edit the page name variable line 5.
    PHP Code:
    <?php
    session_start
    ();
    include (
    "config.php");
    // page name
    $pagename "mypage.php";

    if(isset(
    $_SESSION['rank']) && ($_SESSION['rank'] == "partner" || $_SESSION['rank'] == "admin")){}else{
        
    header("location: ../index.php");
        exit;
    }
    //Show all or single id
    if(isset($_GET['id'])){
        
    $id mysqli_real_escape_string ($db$_GET['id']);
        
    $condition "WHERE u.user_id = '$id'";
    }else{ 
        
    $condition "ORDER BY u.name ASC";
    }
    $sql "SELECT 
    `sf`.`id`,
    `u`.`user_id`,
    `u`.`name`,
    `sf`.`rank`,
    `sf`.`channel_username`,
    `sf`.`video_link`,
    `sf`.`video_title`,
    `sf`.`video_description`,
    `sf`.`video_tags`,
    `sf`.`music_sources`,
    `sf`.`special_requests`
    FROM `users` AS u 
    LEFT JOIN `submitted_forms` AS sf
    ON sf.username = u.username 
    $condition";
    $result $db->query($sql) or die(mysqli_error($db));
    ?>
    <?xml version
    ="1.0" encoding="windows-1252"?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
        "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title></title>
    <style type="text/css">
    .display {
      width:100%;
      background-color:#E5E5E5;
      color:#000000;  
      font-family: Arial;
      font-size: 13px;
    }
    .display th{
      background-color:#84848E;
      color:#FFF;
      font-size: 12px;
      font-weight:bold;
      text-align:center;
    }
    .display th i{
      font-weight:normal;
      font-style:normal;
    }
    .display td{
      background-color:#FFF;
      color:#000000;
      font-weight:normal;
    }
    .display .head td{
      background-color:#B1B1BE;
      color:#00000;
      font-weight:bold;
    }
    .display th a:link{
      padding: 0 8px;
      color:#FFF;
      text-decoration:none;
    }
    .display th a:hover{
      text-decoration:underline;
    }
    </style>
    </head>
    <body>
    <table border=0 summary="" cellspacing="1" cellpadding="1" class="display">
    <?php
    $headrows 
    = array();
    while (
    $row $result->fetch_assoc()){
        if(!
    in_array($row['name'],$headrows)){
            echo 
    '<tr>
                    <th colspan="6"><a href="'
    .$pagename.'?id='.$row['user_id'].'">'.$row['name'].'</a><i>(Rank: '.$row['rank'].')</i><a href="'.$pagename.'">Show All</a></th>
                </tr>
                <tr class="head">
                    <td>Channel Name</td>
                    <td>Title</td>
                    <td>Description</td>
                    <td>Video Tags</td>
                    <td>Music Sources</td>
                    <td>Special Requests</td>
                </tr>'
    ;         
            
    $headrows[] = $row['name'];
        }
            
        echo 
    '<tr>
                <td>'
    .$row['channel_username'].'</td>
                <td><a href="'
    .$row['video_link'].'">'.$row['video_title'].'</a></td>
                <td>'
    .$row['video_description'].'</td>
                <td>'
    .$row['video_tags'].'</td>
                <td>'
    .$row['music_sources'].'</td>
                <td>'
    .$row['special_requests'].'</td>
            </tr>'
    ;
    }
    ?>
    </table>
    </body>
    </html>


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •