This is my latest shortened version of the homepage in my reg-login site php.
When you login to your account, your homepage welcomes yuo with your first & surname.
Then it is supposed to show you your bio ($row “bio” in tbl) and show you a url in an iframe ($row “your website” in tbl).
Problem is, the iframe is not showing the data (url) that is in the “your website” in tbl.
I tried escaping, switching to single quote from double but no luck.
What do you think is wrong ?
<html>
<head>
<title>
$user Home Page
</title>
</head>
<body>
<body background=".png">
<?php
session_start();
require "conn.php";
/*Check if user is logged-in or not by checking if session is set or not.
If user is not logged-in then redirect to login page. Else, show user's account homepage.php.*/
if(!isset($_SESSION["user"]))
{
header("location:login.php");
}
else
{
$user = $_SESSION["user"];
$sql = "SELECT * FROM users WHERE Username = '".$user."'";
$result = $conn->query($sql);
while($row = $result->fetch_assoc())
{
$db_id = $row["Id"];
$db_username = $row["Username"];
$db_forename = $row["Forename"];
$db_surname = $row["Surname"];
$db_email = $row["Email"];
$db_bio = $row["Bio"];
$db_your_fav_url = $row["Fav_Url"];
//Welcome user by name.
echo "<center>Welcome <b><h2>$db_forename $db_surname!</center>"?></h2></b>|
<?php
//Display log-out link.
echo "<p align='right'><a href='logout.php'>$user Log Out</a>";?>|</p><br>
<?php
//Display User Bio.
echo "<br><b>Bio:</b><br>
$db_bio";?><br>
<br>
<?php
//Display User's Fav Url in iFrame.?>
<iframe src='$db_your_fav_url'></iframe>
<?php
}
}
?>
</body>
</html>
The “Bio” column shows no data on page even thopugh the column contains data in the db.
I get error:
[16-Mar-2017 15:29:44 UTC] PHP Notice: Undefined index: Your_Fav_Url in /home/sn/public_html/sn/home.php on line 34
Forgive me for going off topic here. But in your other topics you seem very keen on learning only the latest and greatest methods in PHP7 and OOP with complete disregard for any old time methods.
Does this not also extend to modern use of HTML and CSS, as well as programming best practices such as “Separation of Concerns”?
Some of the html you are using there is obsolete and invalid. Presentational elements and attributes have long since been replaced by CSS.
In your SQL query, while you use PDO, which is a good choice, you do not use it to its potential, with prepared statements.
I did wonder about that when I saw it in the code.
When I typed a closing tag into my editor after a comment to test, the closing tag did not display grey, which suggests it still closes. OK it’s not a proper test, as I did not run the code, but anyway, it’s probably best not to have it after a comment anyway, just because…
I’m definitely not gonna forgive you for going offtopic, I’m afraid. Because, there’s nothing to forgive! Lol!
Thank you for drawing my mistake to my attention about the php tags missing within the iframe tags!
You saved me from being gumpy tonight, like I was on my birthday yesterday for failing to finish my social network due to this mistake of mine! I won’t bother re-writing about it. You can read more about it here on what I replied to spaceshiptrooper and you will learn why I fussed about php.net and why I was urgently looking for a php 7 tut site and ignoring php 5 tut sites: Re: Which Php 7 Tutorials Do You Recommend To Complete Beginners? - #28 by uniqueideaman
I’m feeling refreshed now and gonna go out. Tonight will be a better programming night than the last few nights.
PS - I copied those html from youtube video tuts.
PPS - If you really wanto to know how much php I actually know, then glance upto the VARIABLES section here: http://php.net/manual/en/
Only managed to finish the VARIABLES section on mid Jan then moved onto youtube tuts. Now, will return to the php.net and continue my learning php. I only took a shortcut to youtube tuts to find the necessary codes to finish my SN. I think I now pretty much have acquired the most needed ones but that won’t stop me from bugging again on this forum when I encounter more problems. Lol!
Thanks again Samuel or is it Samantha (cheek!). Lol!
I just replaced the Latest_View row label to Your_Fav_Url in this thread. Forgot to correctly replace it in 2nd place. Sorry for the inconvenience. I just thought you guys might be wondering why on earth a row is called Latest_View and so to make things more understanding for you guys I changed it to something that does not seem odd.
Done that a couple of times in this forum and so sometimes I have typos in the thread but not in my actual code. Taking care of all this so next time do not have to do all these replacings and get you all confused. Making things easier for everyone to understand.
I tried the following (have removed the opening iframe tag from this post, else the thread shows blank iframes):
iframe src=“<?php echo $db_latest_view;?>”>
iframe src=“<?php echo "$db_latest_view";?>”>
iframe src=“<?php echo \"$db_latest_view\";?>”>
iframe src=“<?=$db_latest_view?>”>
But no luck! I think the 3rd one is invalid but still tried.
[php]
<html>
<head>
<title>
<?php
$user?> Home Page
</title>
</head>
<body>
<body background=".png">
<?php
session_start();
require "conn.php";
/*Check if user is logged-in or not by checking if session is set or not.
If user is not logged-in then redirect to login page. Else, show user's account homepage.*/
if(!isset($_SESSION["user"]))
{
header("location:login.php");
}
else
{
$user = $_SESSION["user"];
$sql = "SELECT * FROM $user WHERE Username = '".$user."'";
$result = $conn->query($sql);
while($row = mysqli_fetch_assoc($result))
{
$db_id = $row["Id"];
$db_username = $row["Username"];
$db_forename = $row["Forename"];
$db_surname = $row["Surname"];
$db_email = $row["Email"];
$db_bio = $row["Bio"];
$db_status_to_friends = $row["Status_To_Friends"];
$db_status_to_public = $row["Status_To_Public"];
$db_latest_view = $row["Latest_View"];
//Welcome user by name.
echo "<center>Welcome <b><h2>$db_forename $db_surname!</center>"?></h2></b>|
<?php
//Display log-out link.
echo "<p align='right'><a href='logout.php'>$user Log Out</a>";?>|</p><br>
<form method="post" action="">
<div class="form-group">
<center><label>Post Status To Friends:</label>
<input type="text" placeholder="Post Status To Friends" name="post_status_to_friends" /></center><br>
<center><button type="submit" class="btn btn-default" name="post_status_to_friends" />Post Status To Friends!</button></center>
</div>
</form><br>
<br>
<form method="post" action="">
<div class="form-group">
<center><label>Post Status To Public:</label>
<input type="text" placeholder="Post Status To Public" name="post_status_to_public" /></center><br>
<center><button type="submit" class="btn btn-default" name="post_status_to_public" />Post Status To Public!</button></center>
</div>
</form>
<?php
//Post User Status To Friends in $user table.
if (isset($_POST['post_status_to_friends']))
{
$status_to_friends = trim($_POST["post_status_to_friends"]);
$status_to_friends = mysqli_real_escape_string($conn,$status_to_friends);
$sql = "UPDATE $user SET Status_To_Friends = "$db_status_to_friends" WHERE Username = '".$user."'";
if($conn->query($sql)===TRUE)
{
echo "posted status for friends to $user table!";
}
else
{
echo "posting status for friends to $user table failed!";
}
//Post User Status To Friends in "users" table.
$sql = "UPDATE users SET Status_To_Friends = "$db_status_to_friends" WHERE Username = '".$user."'";
if($conn->query($sql)===TRUE)
{
echo "posted status for friends to users table!";
}
else
{
echo "posting status for friends to users table failed!";
}
}
?><br>
<br>
<?php
//Post User Status To Public in $user table.
if (isset($_POST['post_status_to_public']))
{
$status_to_public = trim($_POST["post_status_to_public"]);
$status_to_public = mysqli_real_escape_string($conn,$status_to_public);
$sql = "UPDATE $user SET Status_To_Public = "$db_status_to_public" WHERE Username = '".$user."'";
if($conn->query($sql)===TRUE)
{
echo "posted status for public to $user table!";
}
else
{
echo "posting status for public to $user table failed!";
}
//Post User Status To Public in users table.
$sql = "UPDATE users SET Status_To_Public = "$db_status_to_public" WHERE Username = '".$user."'";
if($conn->query($sql)===TRUE)
{
echo "posted status for public to users table!";
}
else
{
echo "posting status for public to users table failed!";
}
}
?><br>
<br>
<?php
//Display User Status To Friends. Search for User's data with $user.
$query = "SELECT * FROM $user WHERE Username = '".$user."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo "No data!";
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_status_to_friends = $row["Status_To_Friends"];
}
echo "<br><b>$user Status To Friends:</b><br>
$db_status_to_friends";
}
}
?><br>
<br>
<?php
//Display User Status To Public. Search for User's data with $user.
$query = "SELECT * FROM $user WHERE Username = '".$user."'";
$result = mysqli_query($conn,$query);
$numrows = mysqli_num_rows($result);
if($numrows = 0)
{
echo "No data!";
}
else
{
while($row = mysqli_fetch_assoc($result))
{
$db_status_to_public = $row["Status_To_Public"];
}
echo "<br><b>$user Status To Public:</b><br>
$db_status_to_public";
}
?><br>
<br>
<?php
//Display User's Latest View.
echo "<br><b>Latest View:</b><br>";
echo "$db_latest_view";?><br>
<br>
<?php
//Display User's Latest Viewed Url in iFrame.?>
<iframe src='<?php echo $db_latest_view;?>'></iframe>
<?php
//Display User Bio.
echo "<br><b>Bio:</b><br>";
echo "$db_bio";?><br>
<br>
<?php
}
?>
</body>
</html>
[/php]
I get error:
PHP Parse error: syntax error, unexpected '$db_status_to_friends' (T_VARIABLE) in .... on line 69.
How can it be unexpected variable on line 69 since I declare it on line 35 ?
$sql = "UPDATE $user SET Status_To_Friends = "$db_status_to_friends" WHERE Username = '".$user."'";
Because you surround the variable in double quotes, you exit the string, so would need a . to join it. Though with double quotes there is no need to exit the string with quotes.
$sql = "UPDATE $user SET Status_To_Friends = ".$db_status_to_friends." WHERE Username = ".$user ;
or
$sql = "UPDATE $user SET Status_To_Friends = $db_status_to_friends WHERE Username = $user";
should work, but…
I reality you should be using prepared statements and not putting variables directly into a query string.
On my previous post, I tookout the < from the iframe tags so the html code gets visible in the post, else it gets shown as an iframe by the browser to you thread-post readers.
Actually, do you mind showing (like you did just now) an example of a prepared statement ? Edit my code like you did just now to show me that example you just showed me. (I glanced over the tut link but too much for me to understand since I a beginner) but if someone shows me an example how to do it then I should be able to remember and my future codes can be prepared statements and less unlikable to you guys when you checkout my future codes.
$sql = $db->prepare("UPDATE tablename SET Status_To_Friends = :status WHERE Username = :user") ; // prepare the statement
$sql->execute([':status' => $db_status_to_friends, ':user' => $user]) ; // execute the query, passing an array to bind values to the placeholders
There are a few methods for binding parameters.
Here are a couple of simpler introductory PDO tuts that cover the basics of prepared statements which may help:-
Thank you.
So, I guess Preparing Statements is PDO stuffs ?
Anyway, I am saving your links for the future. Let me finish learning the basics of php. Procedural first, then OOP.
Is PDO OOP or can it be both OOP and procedural ?
PS - I am feeling really angry, upset and annoyed right now. Going out in a restaurent to supp. Hopefully, the fresh air would cool my temper down. I just returned to learning php to php.net and find code contributors arguing who is right (that has left me confused who’s code to accept and who’s not) and their complicated code samples just messed my head-up. Feeling really pissed-off at php.net for including those complicated codes by advanced programmers into their beginner tutorial. I have opened another thread asking you guys for a list of deprecated stuff not to learn. Check that thread of mine and contribute there. Thanks! Hoepfully, when I get proper guidance what to learn and what not and get out of the dark and stay no longer confused then I’ll feel better and more motivated to finish learning php.
It is like going into a cinema to watch a movie peacefully only to find 2 idiots sitting next to you arguing what is gonna happen next in the movie and doing your head in from both sides. You feel like punching them and telling them to get lost! I feel like punching someone in the face, right now! That php.net can really be that annoying leaving you confused, drained and frustrated! Never felt like that on other tutorial sites!