If you only put in the directory name, then that is what it will show.
Seriously, though, it does suggest a configuration problem on your server - you don’t really want to allow directory browsing, and your server will have a way to turn that off. I appreciate you have found the solution to the issue you had, but some people will try browsing based on what they see in the address bar, and you should stop them.
Sir i have a question, suppose if i want a comment section in my view.php where i can reply to comments in each of the input form data using ID’s how could that be?
Add a form for the comment, stick the id of the proposal you’re commenting on as a hidden variable in that form, store the comments in a separate table with that id to reference them.
If it’s a comment field, that would actually be an appropriate place to use a
textarea for multiple rows.
Sir need help on it not being to able do! Can you please show me how to code on the comment and reply section at view.php?
Code here for fetching a link which then clicking on it provides the inner data.
- Dashboard.php
<body>
<?php include('session.php') ?>
<h2 style="text-align:center; color:orangered;">
DASHBOARD
</h2>
<table>
<h3>
<tr style="background-color:#E4EBC5; color:orangered;">
<th>Nearmiss No.</th>
<th>Details</th>
<th>location</th>
<th>Date</th>
<th>Time</th>
<th>Status</th>
</tr>
</h3>
</table>
<?Php
////////////////////////////////////////////
require "dbconfig.php"; // MySQL connection string
$count="SELECT id,details,location,date,time,checkbox,comment,reportedname,status FROM proposals WHERE YEAR(date) = YEAR(CURDATE())";
if($stmt = $connection->query($count)){
while ($nt = $stmt->fetch_assoc()) {
echo "
<body>
<table>
<tr>
<td><a href=view.php?id=$nt[id]>$nt[id] Reporter name:$nt[reportedname]</a></td>
<td>$nt[details]</td>
<td>$nt[location]</td>
<td>$nt[date]</td>
<td>$nt[time]</td>
<td>$nt[status]</td>
</tr>
</table>
</body>
";
}
}else{
echo $connection->error;
}
?>
<style>
table {
font-family: arial, sans-serif;
border-collapse: separate;
width: 100%;
table-layout: fixed;
background-color: #EBFFE3;
overflow: auto;
flex:1;
text-overflow: ellipsis;
}
td, th {
border: 1px solid #90D199;
text-align: left;
padding: 8px;
text-overflow: ellipsis;
overflow: hidden;
white-space: nowrap;
}
tr:nth-child(even) {
background-color: #dddddd;
text-overflow: ellipsis;
}
</style>
</body>
- View.php is where clicked link from dashboard gets you to the full data. Kindly help.
<?Php
////////////////////////////////////////////
// Collecting data from query string
$id=$_GET['id'];
// Checking data it is a number or not
if(!is_numeric($id)){
echo "Data Error";
exit;
}
// MySQL connection string
require "dbconfig.php";
$count="SELECT * FROM proposals where id=?";
if($stmt = $connection->prepare($count)){
$stmt->bind_param('i',$id);
$stmt->execute();
$result = $stmt->get_result();
$row=$result->fetch_object();
}else{
echo $connection->error;
}
?>
<html lang = "en">
<head>
<title>Proposals</title>
<meta charset = "UTF-8" />
</head>
<body><button onclick="myFunction()">Print</button>
<script>
function myFunction() {
window.print();
}
</script>
<h1>Proposal form</h1>
<form>
<fieldset>
<legend>Proposal no</legend>
<p>
<b style="font-size:17px; color:black; position: absolute; top:130px;">Details of incident :</b>
<textarea style="position:relative;" disabled id = "myTextArea"
rows = "5"
cols = "110"><?php echo $row->details?></textarea>
</p><br>
<fieldset style="height:55px; width:848px; border:1px solid #888;">
<p>
<b style="font-size:17px; color:black; position: relative; bottom:-5px;">Location :</b>
<textarea style="position:absolute; left:115px;" disabled id = "myTextArea"
rows="2" cols="56"><?php echo $row->location?></textarea>
</p>
<br>
<p>
<b style="font-size:17px; color:black; position:relative; left:545px; bottom:80px;" >Date :</b><textarea style="position:relative; left:555px; bottom:70px;" disabled id = "myTextArea"
rows="2" cols="10"><?php echo $row->date?></textarea>
</p>
<p>
<b style="font-size:17px; color:black; position:relative; left:708px; bottom:135px;" >Time :</b><textarea style="position:relative; left:715px; bottom:125px;" disabled id = "myTextArea"
rows="2" cols="10"><?php echo $row->time?></textarea>
</p>
</fieldset>
<p><b>Classification(Tick the appropriate one, Leave blank if you find it difficulty)</b><br>
<label style="font-size:16px;color:black;">Selected Classification :</label>
<textarea style="position:relative; bottom:-3px;" disabled id = "myTextArea"
rows="1" cols="47"><?php echo $row->checkbox?></textarea>
</p>
<p>
<b style="font-size:17px;color:black;">Details of Injured :</b><br>
<b>Name:</b>
<textarea style="position:relative; bottom:-5px;" disabled name="name" cols="25" rows="1" class="form-control"> <?php echo $row->injured?></textarea>
</p>
<p style="position:relative; left:280px; bottom:35px;">
<b style="position:relative; bottom:4px;">Age/Gender :</b>
<textarea disabled name="agegender" cols="3" rows="1"><?php echo $row->agegender?></textarea>
</p>
<p style="position:relative; left:435px; bottom:75px;">
<b style="position:relative; bottom:4px;">Contact :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $row->contact?></textarea>
</p>
<p style="position:relative; left:600px; bottom:115px;">
<b style="position:relative; bottom:4px;">Organization :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $row->organization?></textarea>
</p>
<p style="position:relative; left:0px; bottom:125px;">
<b style="position:relative; bottom:4px;">Department :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $row->dept?></textarea>
</p>
<p style="position:relative; left:226px; bottom:165px;">
<b style="position:relative; bottom:4px;">Employee ID :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $row->empid?></textarea>
</p><br>
<p>
<b style="font-size:17px; color:black; position: relative; bottom:204px;">summary of Incident :</b>
<textarea style="position:absolute; left:25px; top:525px;" disabled id = "myTextArea"
rows="8" cols="110"><?php echo $row->summary?></textarea>
</p>
<div class="form-group">
<label style="position:absolute; left:82%; top:505px;">Uploaded Images Here :</label><b style="position:relative; left:88%; bottom:198px;"><?php echo "<a href='uploads/" . $row->image . "'><img src='uploads/" . $row->image . "'height='105' width='120'></a>";?> </b>
</div>
</fieldset>
</form>
</body>
</html>
- This is my database in text file!
===Database registration
== Table structure for table proposals
|------
|Column|Type|Null|Default
|------
|//**id**//|int(11)|No|
|details|varchar(1200)|Yes|NULL
|location|varchar(100)|Yes|NULL
|date|date|Yes|current_timestamp()
|time|time|Yes|current_timestamp()
|checkbox|text|No|
|injured|varchar(50)|Yes|NULL
|agegender|varchar(50)|Yes|NULL
|contact|varchar(20)|No|
|empid|varchar(20)|No|
|dept|text|No|
|organization|varchar(50)|Yes|NULL
|summary|text|No|
|image|text|No|
|outcome|text|No|
|cause|text|No|
|action|text|No|
|reportedname|text|No|
|position|text|No|
|organisation|varchar(50)|No|
|reportedcontact|varchar(20)|No|
|reporteddept|varchar(100)|No|
|status|enum('pending', 'approved', 'rejected', 'completed')|No|pending
|comment|varchar(500)|No|
|department|enum('MMD', 'O&M', 'Civil', 'C&M', 'Logistics', 'HR & ADMIN', 'Fire & Safety', 'IT & MIS', 'F&M', 'EMD', 'C&I', 'Store', 'EHS', 'Tech Cell', 'Operation', 'Chemist', 'Selectdept')|No|Selectdept
You already have a form to submit each new proposal, all you need is a much shorter version of that form, containing the single comment field and the hidden proposal id.
Have a go at coding it, and post your code if you run into trouble.
Sir after i have tried cannot seem to solve again sigh! please help?? The code i have used
at the bottom of this page ehsdetail.php. (This page is the viewpage of each posts which then clicked at a link it brings me here at ehsdetail.php and now i want to implement the comment section with reply on this page). Kindly help.
<?php
mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);
$conn = mysqli_connect("localhost","root", "","registration");
//
// PROCESS POSTED DATA
//
if ($_SERVER['REQUEST_METHOD']=='POST') {
$stmt = $conn->prepare("UPDATE proposals
SET
comment = ?,
department = ?,
status = ?
WHERE id = ?
");
$stmt->bind_param('sssi', $_POST['comment'], $_POST['department'], $_POST['status'], $_POST['id']);
($stmt->execute());
}
if (!isset($_GET['id']) || trim($_GET['id'])=='') {
header("Location: ");
exit;
}
$res = $conn->prepare("SELECT id
, details
, location
, date
, time
, checkbox
, injured
, agegender
, contact
, empid
, dept
, organization
, summary
, image
, outcome
, cause
, action
, reportedname
, position
, organisation
, reportedcontact
, reporteddept
, status
, comment
, department
FROM proposals
WHERE id = ?
");
$res->bind_param('i', $_GET['id']);
$res->execute();
$res->bind_result($id,$details,$location,$date,$time,$checkbox,$injured,$agegender,$contact,$empid,$dept,$organization,$summary,$image,$outcome,$cause,$action,$reportedname,$position,$organisation,$reportedcontact,$reporteddept,$status,$comment,$department);
$res->fetch();
$res->close();
//
// status-dependent processing
//
$buttons = "<div class='data'>
<button name='status' class='w3-button w3-khaki' value='$status'>Update</button>
</div>";
switch ($status) {
case 'approved':
$cls1 = 'class="w3-green data"';
$buttons = "<div class='data'>
<button name='status' class='w3-button w3-khaki' value='completed'>Complete</button>
</div>";
break;
case 'completed':
$cls1 = 'class="w3-pale-green data"';
case 'pending':
$cls1 = 'class="w3-dark-gray data"';
}
?>
<html lang = "en">
<head>
<title>Proposals</title>
<meta charset = "UTF-8" />
</head>
<body><button onclick="myFunction()">Print</button>
<script>
function myFunction() {
window.print();
}
</script>
<h1>Proposal form</h1>
<form method='POST' id='formId'>
<input type='hidden' name='id' value='<?=$id?>'>
<fieldset>
<legend>Proposal no</legend>
<p>
<b style="font-size:17px; color:black; position: absolute; top:130px;">Details of incident :</b>
<textarea style="position:relative;" disabled id = "myTextArea"
rows = "5"
cols = "110"><?php echo $details ?></textarea></p><br>
<fieldset style="height:55px; width:848px; border:1px solid #888;">
<p>
<b style="font-size:17px; color:black; position: relative; bottom:-5px;">Location :</b>
<textarea style="position:absolute; left:115px;" disabled id = "myTextArea"
rows="2" cols="56"><?php echo $location ?></textarea>
</p>
<br>
<p>
<b style="font-size:17px; color:black; position:relative; left:545px; bottom:80px;" >Date :</b><textarea style="position:relative; left:555px; bottom:70px;" disabled id = "myTextArea"
rows="2" cols="10"><?php echo $date ?></textarea>
</p>
<p>
<b style="font-size:17px; color:black; position:relative; left:708px; bottom:135px;" >Time :</b><textarea style="position:relative; left:715px; bottom:125px;" disabled id = "myTextArea"
rows="2" cols="10"><?php echo $time ?></textarea>
</p>
</fieldset>
<p><b>Classification(Tick the appropriate one, Leave blank if you find it difficulty) :</b><br>
<label style="font-size:16px;color:black;">Selected Classification :</label>
<textarea style="position:relative; bottom:-3px;" disabled id = "myTextArea"
rows="1" cols="47"><?php echo $checkbox ?></textarea>
</p>
<p>
<b style="font-size:17px;color:black;">Details of Injured(IP)(if any) :NA</b><br>
<b>Name:</b>
<textarea style="position:relative; bottom:-5px;" disabled name="name" cols="25" rows="1" class="form-control"> <?php echo $injured ?></textarea>
</p>
<p style="position:relative; left:280px; bottom:35px;">
<b style="position:relative; bottom:4px;">Age/Gender :</b>
<textarea disabled name="agegender" cols="3" rows="1"><?php echo $agegender ?></textarea>
</p>
<p style="position:relative; left:435px; bottom:75px;">
<b style="position:relative; bottom:4px;">Contact :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $contact ?></textarea>
</p>
<p style="position:relative; left:600px; bottom:115px;">
<b style="position:relative; bottom:4px;">Organization :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $organization ?></textarea>
</p>
<p style="position:relative; left:0px; bottom:125px;">
<b style="position:relative; bottom:4px;">Department :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $dept ?></textarea>
</p>
<p style="position:relative; left:226px; bottom:165px;">
<b style="position:relative; bottom:4px;">Employee ID :</b>
<textarea disabled name="agegender" cols="9" rows="1"><?php echo $empid ?></textarea>
</p><br>
<p>
<b style="color:black; position: relative; bottom:204px;">Summary of Incident(Attach Photographs, if any, as Annexure1) :</b>
<textarea style="position:absolute; left:25px; top:525px;" disabled id = "myTextArea"
rows="8" cols="110"><?php echo $summary ?></textarea>
</p>
<div class="form-group">
<label style="position:absolute; left:82%; top:505px;">Uploaded Images Here :</label><b style="position:relative; left:88%; bottom:198px;"><?php echo "<a href='uploads/" . $image . "'><img src='uploads/" . $image . "'height='105' width='120'></a>" ?> </b>
</div>
<p>
<b style="color:black; position: relative; bottom:186px;">Potential outcome(Incase of Near Miss Case or Potential incident only) :</b>
<textarea style="position:absolute; left:27px; top:700px;" disabled id = "myTextArea"
rows="8" cols="110"><?php echo $outcome ?></textarea>
</p>
<p>
<b style="color:black; position: relative; bottom:146px;">Likely cause(s) :</b>
<textarea style="position:relative; right:112px; top:-10px;" disabled id = "myTextArea"
rows="8" cols="110"><?php echo $cause ?></textarea>
</p><br>
<p>
<b style="position: absolute; top:1032px;">Immediate action(s) taken :</b>
<textarea style=" float:left; position:relative; bottom:14px;" disabled id = "myTextArea"
rows="8" cols="110"><?php echo $action ?></textarea></p>
<br><br><br><br><br><br><br>
<p style="float:left;">
<b style="font-size:17px;color:black;">Incident reported by :</b><br><br>
<b>Name:</b>
<input type="text" disabled value="<?php echo $reportedname ?>">
<b>Position:</b>
<input type="text" disabled value="<?php echo $position ?>">
<b>Organisation:</b>
<input type="text" disabled value="<?php echo $organisation ?>"><br><br>
<b>Reporter contact no:</b>
<input type="text" disabled value="<?php echo $reportedcontact ?>">
<b>Reporter department:</b>
<input type="text" disabled name="name" value= "<?php echo $reporteddept ?>">
</p>
<div>
<label>Status :</label>
<div <?=$cls1?>><?=$status?></div>
</div>
<div class="data">
<label>Select Department :</label>
<input type='hidden' name='department'>
<tr>
<td><select name='department'>
<option value='' selected>Select Department</option>
<option value='Civil'>Civil</option>
<option value='O&M'>O&M</option>
<option value='C&M'>C&M</option>
<option value='MMD'>MMD</option>
<option value='Logistics'>Logistics</option>
<option value='HR&ADMIN'>HR&ADMIN</option>
<option value='Fire & Safety'>Fire & Safety</option>
<option value='IT & MIS'>IT & MIS</option>
<option value='F&M'>F&M</option>
<option value='EMD'>EMD</option>
<option value='C&I'>C&I</option>
<option value='Store'>Store</option>
<option value='EHS'>EHS</option>
<option value='Tech Cell'>Tech Cell</option>
<option value='Operation'>Operation</option>
</select></td>
</tr>
</div>
<div>
<label>Slected Dept :</label>
<div class="data"><?=$department?></div>
</div>
<div>
<label>Comment :</label>
<div class="data"><textarea name='comment' class='w3-input w3-border' rows='5'><?=$comment?></textarea></div>
</div>
</fieldset>
<div style="display: flex; justify-content: center;">
<?=$buttons?>
</div>
</form> </body></html>
<div>
<form action="ehscomment.php" method="post">
<input type="hidden" name="id" value="">
<div>
<label>Add comment</label>
<div>
<textarea rows="6" cols="110" name="comment" placeholder="comment"></textarea>
</div>
</div>
<input type="submit" name="postcomment" value="comment"><a href="ehsdetail.php">Back</a></form>
</div>
This is ehscomment.php for the insert part in my new comments table:
<?php include('ehssession.php') ?>
<?php include('ehsdbconfig.php') ?>
<?php
if(isset($_POST['postcomment'])){
$comment = $_POST['comment'];
$query = "INSERT INTO comments(comment) VALUES ('$comment')";
$res=mysqli_query($conn,$query);
if($res){
header("header:ehsdetail.php");
}else{
echo "<script>alert('Proposal not applied!');</script>";
}
}
?>
Database i have only two cols ID and comment. Please help sir.
In this line
<input type="hidden" name="id" value="">
you have a blank value. You need to echo out the value of the ID that you are storing the comment against. You already echo other stuff like the status, position, organisation and so on, so it’s just like that.
In your second code, you then need to use that ID in the query so that you can tie the comment to a specific proposal ID.
this is my ehscomment.php sir and it works like a charm thanks alot.
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "registration";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['postcomment'])){
$id = $_POST['id'];
$comment = $_POST['comment'];
$sql = "INSERT INTO comments (id,comment)
VALUES ('$id','$comment')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();}
?>
And this is the input form:
<div>
<form action="ehscomment.php" method="post">
<input type="hidden" name="id" value="<?php echo $id ?>">
<div>
<label>Add comment</label>
<div>
<textarea rows="6" cols="110" name="comment" placeholder="comment"></textarea>
</div>
</div>
<input type="submit" name="postcomment" value="comment"></form>
</div>
Appreciate your help thanks again sir.
But sir how do i reply to that comment if needed? i have tried commenting but it says duplicate entry on the comment! Do i need another table for replies?
What says that? There’s nothing in your code that outputs that message. Have you created the
comments table so that the proposal id must be unique? If you have, that would be causing it, so just remove that constraint, and that should allow multiple rows for the same proposal id. When you display them, you’ll need to sort by something to get them in order, so either store a timestamp for the comment, or rely on the auto-incrementing id column to sort them properly.
It’s a different thing again, though, to support hierarchical comments, where you can see that the second comment is a response to the first, rather than just a separate comment.
okay so i have remove the unique id feature and changed it into auto increment primary but still the same error! Message: Error: INSERT INTO comments (id,comment) VALUES (‘242’,‘rnon ronel ff f’)
Duplicate entry ‘242’ for key ‘PRIMARY’
I can insert only once with same proposal ID but not insert multiple times with the same ID?
okay so i took out the primary as well and it works fine now thank you sir.
Sir this is what i did but it only shows single comment but not the other comments with the same id’s? please help me again!
<?php
mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);
$conn = mysqli_connect("localhost","root", "","registration");
if (!isset($_GET['id']) || trim($_GET['id'])=='') {
header("Location: ");
exit;
}
$res = $conn->prepare("SELECT id
, comment
FROM comments
WHERE id = ?
");
$res->bind_param('i', $_GET['id']);
$res->execute();
$res->bind_result($id,$comment);
$res->fetch();
$res->close();
?>
<div>
<b>Comments :</b>
<div class="data"><?php echo $comment ?></div>
</div>
No, you need two IDs in the table:
commentid auto-inc unique the ID of each individual comment
propid the ID of the proposal that the comment refers to
text the comment text
Well, you only retrieve a single row, so it will only show a single comment. You need to have your
fetch() inside a loop:
while ($res->fetch()) {
echo $comment;
}
to retrieve more than one row from your query.
okay got it sir thanks alot
Sir i have a question incase i want to send a mail from localhost to gmail or other mail apps after the user submits its new proposal how would that be?
There are plenty of topics on this board showing how to send mail from PHP. Do a search for “PHPMailer” and you’ll find some - that’s the library generally suggested as being more reliable than the PHP in-build
mail() function.
If you have any trouble implementing it, I’d suggest you open a new thread rather than adding to this one.
