Member Avatar for jotapx

Hey! I am a newbie to php, but very interested in. I am currently on highschool and i am trying to make an appointment SQL table that could be managed, in a simple way, via browser that my sister could use. I was getting some results but then i messed up.. :(
i been smashing my head on this:

<?php

   session_start();
   define('ADMIN_PASS', 'password');
   $mysql_server = '------';
   $mysql_nome = '--------';
   $mysql_password = '---------';
   $mysql_database = '-----------';
   $mysql_table = '----------';
   $admin_password = isset($_COOKIE['admin_password']) ? $_COOKIE['admin_password'] : '';
   if (empty($admin_password))
   {
      if (isset($_POST['admin_password']))
      {
         $admin_password = md5($_POST['admin_password']);
         if ($admin_password == md5(ADMIN_PASS))
         {
            setcookie('admin_password', $admin_password);
         }
      }
   }
   $id = isset($_POST['id']) ? $_POST['id'] : '';
   $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
   $nome = isset($_POST['nome']) ? $_POST['nome'] : '';
   $dia = isset($_POST['dia']) ? $_POST['dia'] : '';
   $email = isset($_POST['email']) ? $_POST['email'] : '';
   $estado = isset($_POST['estado']) ? $_POST['estado'] : 0;
   $telefone = isset($_POST['telefone']) ? $_POST['telefone'] : '';
   $hora = isset($_POST['hora']) ? $_POST['hora'] : '';
   $db = mysql_connect($mysql_server, $mysql_nome, $mysql_password);
   if (!$db)
   {
      die('Failed to connect to database server!<br>'.mysql_error());
   }
   mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error());
   if (!empty($action))
   {
      if ($action == 'delete')
      { 

         $sql = "DELETE FROM `marcacao` WHERE `marcacao`.`id` = `id`";
         mysql_query($sql, $db);
         mysql_close($db);
         header('Location: '.basename(__FILE__));
         exit;
      }
      else
      if ($action == 'update')
      {
         $sql = "UPDATE `".$mysql_table."` SET id = '$id', ";
         if (!empty($_POST['password']))
         {
            $crypt_pass = md5($_POST['password']);
            $sql = $sql . "`password` = '$crypt_pass',";
         }
         $sql = $sql . " `dia` = '$dia', `email` = '$email', `estado` = $estado, `telefone` = '$telefone', `hora` = '$hora', `nome` = '$nome' WHERE `id` = '$id'";
         mysql_query($sql, $db);
         mysql_close($db);
         header('Location: '.basename(__FILE__));
         exit;
      }
      else
      if ($action == 'create')
      {
         $sql = "SELECT id FROM ".$mysql_table." WHERE id = '".$_POST['id']."'";
         $result = mysql_query($sql, $db);
         if ($data = mysql_fetch_array($result))
         {
            echo 'User already exists!';
            exit;
         }
         $crypt_pass = md5($_POST['password']);
         $sql = "INSERT `".$mysql_table."` (`id`, `nome`, `dia`, `hora`, `telefone`, `email`, `estado`) VALUES ('$id', '$nome', '$dia', '$hora', '$email', '$telefone', '$estado')";
         mysql_query($sql, $db);
         mysql_close($db);
         header('Location: '.basename(__FILE__));
         exit;
      }
      else
      if ($action == 'logout')
      {
         session_unset();
         session_destroy();
         setcookie('admin_password', '', time() - 3600);
         header('Location: '.basename(__FILE__));
         exit;
      }
   }
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>User administrator</title>
<style type="text/css">
<!--
p
{
   font-size: 13px;
   font-family: Arial;
   font-weight: normal;
   text-decoration: none;
   color: #000000;
}
th
{
   font-size: 13px;
   font-family: Arial;
   font-weight: normal;
   text-decoration: none;
   background-color: #878787;
   color: #FFFFFF;
   text-align: left;
}
td
{
   font-size: 13px;
   font-family: Arial;
   font-weight: normal;
   text-decoration: none;
   color: #000000;
}
input, select
{
   font-size: 13px;
   font-family: Arial;
   font-weight: normal;
   text-decoration: none;
   color: #000000;
   border:1px #000000 solid;
}
-->
</style>
</head>
<body bgcolor="#FFFFFF" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
<?php
   if ($admin_password != md5(ADMIN_PASS))
   {
      echo "<center>\n";
      echo "<p>User administrator login</p>\n";
      echo "<form method=\"post\" action=\"" .basename(__FILE__) . "\">\n";
      echo "<input type=\"password\" name=\"admin_password\" size=\"20\" />\n";
      echo "<input type=\"submit\" value=\"Login\" name=\"submit\" />\n";
      echo "</form>\n";
      echo "</center>\n";
   }
   else
   {
      if (!empty($action))
      {
         if (($action == 'edit') || ($action == 'new'))
         {
            $nome_value = '';
            $dia_value = '';
            $email_value = '';
            $estado_value = '';
            $telefone_value = '';
            $hora_value = '';
            $sql = "SELECT * FROM ".$mysql_table." WHERE id = '".$id."'";
            $result = mysql_query($sql, $db);
            if ($data = mysql_fetch_array($result))
            {
               $id_value = $data['id'];
               $nome_value = $data['nome'];
               $dia_value = $data['dia'];
               $email_value = $data['email'];
               $estado_value = $data['estado'];
               $telefone_value = $data['telefone'];
               $hora_value = $data['hora'];
            }
            echo "<center>\n";
            echo "<form action=\"" . basename(__FILE__) . "\" method=\"post\">\n";
            echo "<table border=\"0\">\n";
            if ($action == 'new')
            {
               echo "<input type=\"hidden\" name=\"action\" value=\"create\">\n";
            }
            else
            {
               echo "<input type=\"hidden\" name=\"action\" value=\"update\">\n";
            }
            echo "<input type=\"hidden\" name=\"id\" value=\"". $id_value . "\">\n";
            echo "<tr><td>nome:</td>\n";
            echo "<td><input type=\"text\" size=\"50\" name=\"nome\" value=\"" . $nome_value . "\"></td></tr>\n";
            echo "<tr><td>dia:</td>\n";
            echo "<td><input type=\"text\" size=\"50\" name=\"dia\" value=\"" . $dia_value . "\"></td></tr>\n";
            echo "<tr><td>Email:</td>\n";
            echo "<td><input type=\"text\" size=\"50\" name=\"email\" value=\"" . $email_value . "\"></td></tr>\n";
            echo "<tr><td>campo1</td>\n";
            echo "<td style=\"text-align:left\"><input type=\"text\" size=\"50\" name=\"telefone\" value=\"" . $telefone_value . "\"></td></tr>\n";
            echo "<tr><td>campo2</td>\n";
            echo "<td style=\"text-align:left\"><input type=\"text\" size=\"50\" name=\"hora\" value=\"" . $hora_value . "\"></td></tr>\n";
            echo "<tr><td>estado:</td>\n";
            echo "<td style=\"text-align:left\"><select name=\"estado\" size=\"1\"><option " . ($estado_value == "0" ? "selected " : "") . "value=\"0\">Pendente</option><option " . ($estado_value != "0" ? "selected " : "") . "value=\"1\">Confirmado</option></select></td></tr>\n";
            echo "<tr><td>&nbsp;</td><td style=\"text-align:left\"><input type=\"submit\" name=\"cmdSubmit\" value=\"Save\">";
            echo "&nbsp;&nbsp;";
            echo "<input type=\"reset\" name=\"cmdReset\" value=\"Reset\">&nbsp;&nbsp;";
            echo "<input type=\"button\" name=\"cmdBack\" value=\"Back\" onclick=\"location.href='" . basename(__FILE__) . "'\"></td></tr>\n";
            echo "</table>\n";
            echo "</form>\n";
            echo "</center>\n";
         }
      }
      else
      {
         echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"2\">\n";
         echo "<tr><th>ID</th>\n";
         echo "<th>Nome</th>\n";
         echo "<th>Dia</th>\n";
         echo "<th>Hora</th>\n";
         echo "<th>Telefone</th>\n";
         echo "<th>Email</th>\n";
         echo "<th>Estado</th>\n";
         echo "<th>Opcoes</th></tr>\n";
         $sql = "SELECT * FROM ".$mysql_table." ORDER BY nome ASC";
         $result = mysql_query($sql, $db);
         while ($data = mysql_fetch_array($result))
         {
            echo "<tr>\n";
            echo "<td>" . $data['id'] . "</td>\n";
            echo "<td>" . $data['nome'] . "</td>\n";
            echo "<td>" . $data['dia'] . "</td>\n";
            echo "<td>" . $data['hora'] . "</td>\n";
            echo "<td>" . $data['telefone'] . "</td>\n";
            echo "<td>" . $data['email'] . "</td>\n";
            echo "<td>" . ($data['estado'] == "0" ? "Pendente" : "Confirmado") . "</td>\n";
            echo "<td>\n";
            echo "   <a href=\"" . basename(__FILE__) . "?action=edit&id=" . $data['id'] . "\">Editar</a> | \n";
            echo "   <a href=\"" . basename(__FILE__) . "?action=delete&id=" . $data['id'] . "\">Apagar</a>\n";
            echo "</td>\n";
            echo "</tr>\n";
         }
         echo "</table>\n";
         echo "<p><a href=\"" . basename(__FILE__) . "?action=new\">Agendar Marcacao</a>&nbsp;&nbsp;<a href=\"" . basename(__FILE__) . "?action=logout\">Logout</a></p>\n";
      }
   }
?>
</body>
</html>

been around this for a couple of weeks. Can anyone PLZ help me?

  • 4 Contributors
  • 4 Replies
  • 520 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by EvolutionFallen

Recommended Answers

All 4 Replies

Member Avatar for pritaeas

What exactly messed up?

Line 41 should be:

$sql = "DELETE FROM `marcacao` WHERE `marcacao`.`id` = `$id`"; // note the dollar sign to indicate the variable $id

Line 56: I think $estado should have single quotes: '$estado'

Edited by pritaeas
Member Avatar for jotapx

MANY THANKS for your reply!

Not quite sure :(

But for instance: when i try to delete a line via browser from the table, it deletes all existing lines on it. It suposed to delete that specified line.
Tried, on line 41, with "", .., '' and `` notations and nothing seams to work anymore.

Runned with your sugestions, same result still, but closer to the end result

Member Avatar for AARTI SHRIVAS

first fetch all recoed and in loop give a url and pass id in that url redirect url to another page and on that page delete perticular record that match to link id.
for example:-

<a href='anotherpage.php?id=<?php echo $id?>'>delete</a>
Member Avatar for EvolutionFallen

pritaeas, is the variable in your response supposed to have backticks? I've never indicated values using them. Shouldn't it be

$sql = "DELETE FROM `marcacao` WHERE `marcacao`.`id` = $id";

?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.