Posts by broj1

Put the temporary debug code after the code for constructing SQL:

if ($has_data == true)
{
    $sql = "UPDATE db_purchase_form SET ";
    $sql .= "db_product_name = '" . $product_name . "', ";
    $sql .= "db_actor = '" . $choice_actor . "', ";
    $sql .= "db_user_name = '" . $user_name . "', ";
    $sql .= "db_user_email = '" . $user_email . "', ";
    $sql .= "db_vdo_script = '" . $vdo_script . "', ";
    $sql .= "db_hrt_msg = '" . $hrt_msg . "', ";
    $sql .= "db_port_approval = '" . $portApproval . "', ";
    $sql .= "db_delivery = '" . $delivery . "', ";
    $sql .= "db_price = '" . $net_price . "', ";
    $sql .= "db_date_time = NOW() ";
    $sql .= "WHERE id = '{$id}'";

    // temporary debug code
    die($sql);
}

When you submit the form it should display the SQL and stop the script. Post the output here.

BUT FINALLY WHEN USER CLICKS THE SUBMIT BUTTON [AFTER EDITING THE VALUES IN THE FORM]
THE DATABASE IS NOT UPDATING FOR THE SAME ID, INSTEAD IT IS MAKING A NEW ROW IN THE DB WITH NEW ID,
FOR THE ABOVE EXAMPLE (id 48) WHEN I EDIT THE PAGE AND CLICK ON SUBMIT AGAIN I AM TAKEN TO PAGE2 BUT THE NEW URL IS

OK. The solution is quite simple:

The action attribute of the form is set to:

<form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php">

When the form gets submitted the page is reloaded and you do not have an ID anymore. Therefore you do not read the data and the $has_data variable is set to FALSE. Due to this the INSERT gets carried out instead of UPDATE. All you have to do is add the id into the action URL:

<form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php?id=<?php echo $id;?>">

I am not sure if this is 100% solution since I do not know the rest of the app (maybe you should add other parameters to the querystring). But at least $has_data will be true and it will get to the UPDATE part.

Probably not the most elegant solution either. I would prefer to use ajax on this one but it is up to you (if you want to bother learning ajax approach).

Also, the update query is a mess and it contains errors - mainly the backslashes which act as escape sequences for the double quotes that …

Trying to get through your code. I am affraid your explanation is confusing me a bit. You are talking about page1 and page2 but those pages have filenames (like purchase_form1.php referred to in a form). Can you please post the two scripts as they are and with their proper names. At the moment I can't figure out in which script the form is. Sory about the delay. I will have to go out for a couple of hours now but will be back at the problem later, if this is OK.

however if it not needed we can remove it as well,

No, it is OK, just to know what the output of it is (it is not directly related to the problem).

I'll check your code in next hour (waiting a big download to finish so I can switch to Linux :-). In mean time - I have a question: what is the pSQL function meant to be doing?

One solution:
The form with the button should be within the while loop so each row has additional column containing the form with one button. The button's name should be the ID ($row['id']) so you get the ID in the $_GET array upon clicking (please note that it is more appropriate to use action="post" when changing data on the server).

Another solution:
Each row has additional column with a checkbox so the user can select as many rows as they wish. At the end of the table there is only one submit button to submit all the checked rows at once. In this case you have only one form and the checkbox valuees are the IDs ($row['id']). See this article as an example. Again, note that it is more appropriate to use action="post" when changing data on the server.

Which solution to choose is a matter of how you would like the data to be used.

Also: Your html tags are in wrong places.

Could you post the latest versions of the code for both the form page and the processing page, please.

If array() is displayed that means that the $_POST contains nothing. Have you put the die() statement in the correct script (the snippet from your first post)? I do not know why the form is not displayed. I has got nothing to do with the processing.

Put his code just before line 22:

die(print_r($_POST, 1));

This will display the contents of the $_POST array after submitting the form (don't forget to click on the Submit button). Post the displayed result here.

Glad to hear that. Please mark thread as solved. Happy coding.

Can you put this temporary debug code just before line 27:

die($sql);

This will print the query (on submit) and stop the script. Please post the displayed query here.

Can you post the code for the form also?

What is the output of the echo command on line 17?

And change the query to use escaped values:

$sql="INSERT INTO users(fname,lname) VALUES ('$fname','$lname')";

And to be on safe side put a space after database name:

$sql="INSERT INTO users (fname,lname) VALUES ('$fname','$lname')";

The input name attributes should be the same as indexes in the $_POST array so change the form to:

Firstname: <input type="text" name="firstname" /><br><br>
Lastname: <input type="text" name="lastname" /><br><br>

(or if you prefer change the indexes in the $_POST array).

Can you post the code for the form? There might be an error there.

Then you have to establish similar criteria for other requirements (i.e. if the qualification equals the required degree then rank it with 0 otherwise 1, 2, 3 or so). The ranks for different requirements have to be somehow comparable. Then you can sum up rank values for each person and the one(s) with the lowest value are the best candidates.

Echo the query and test it in phpmyadmin (or post it here). Put this temporary debug line somewhere (like line 11 in your original post):

die("INSERT INTO users(firstname, lastname) VALUES ('$firstname','$lastname')");

This will display the constructed query and stop the script. Now copy it to phpmyadmin and see what happens. You can post the output here.

OK, the quotes are missing in this line also. Try:

if(isset($_POST['firstname']) && isset($_POST['lastname'])) {

What is the code on line 2?

Sory, my mistake, forgot the quotes in array indexes. This is correct:

$firstname = mysql_real_escape_string($_POST['firstname']);
$lastname = mysql_real_escape_string($_POST['lastname']);

Check first whether $_POST values exist (they usually do not on the first page load). And also it is very important to escape the values before inserting into the database.

// check if values exist
if(isset($_POST[firstname]) and isset($_POST[lastname])) {

    $con = mysql_connect("localhost","root","");
    if (!$con)
    {
        die('Could not connect: ' . mysql_error());
    }
    mysql_select_db("mydb", $con);

    // escape the values (to minimize a chance of SQL injection)
    $firstname = mysql_real_escape_string($_POST[firstname]);
    $lastname = mysql_real_escape_string($_POST[lastname]);

   // then use escaped values in your query
   $sql="INSERT INTO users(firstname, lastname) VALUES ('$firstname','$lastname')";
    ...
    ...
    mysql_close($con);
}

Also ASAP switch to more up to date DB extension such as mysqli or PDO.

In your foreach loop I would put applicants' data in an array and add a rank which is just a difference between an applicant's age and advertised required age (assuming that x years older and x years younger candidates rank equally). Then the array should be sorted.

// this will hold data about the applicants
// ID => rank
$aplicants = array();

foreach ($job_advert as $advert) {
    $job_title = $advert->job_title;
    $age = $advert->age;

    $rank = $applicant_age - $age;

    $aplicants[$applicant_id_number] = $rank;
}    

// sort by values and maintain index information (applicant's ID)
asort($aplicants);

// now you can process the applicants array where the first key(s) have the best ranks
...

Firstly, you do not need a form at all if you use links with querystring appended (the links will populate the $_GET array on click).

Secondly: when you first load the script the $_GET array will be empty since no link has been clicked yet. $_GET will get populated only once you click one of the links. So you have to wrap the code with the sorting queries in an if block:

if(isset($_GET['orderBy']) && !empty($_GET['sort'])) {

    $quiz_name = $_GET['sort'];
    ...


}

The same goes for $sort=$_GET['orderBy'].

Line 1 contains an error:

<form action="#" method="set">

It should be:

<form action="#" method="get">

But the main problem is elsewhere. See my next post (I am working on it).

You are welcome. If the problem is solved please mark the thread as solved. Happy coding.

Put this temporary debug code on line 2:

die($_GET['orderBy']);

It should print the sort condition and stop the script. Check it whether is OK or post it here.

Just a thought: maybe you should add a script name to your links:

 <a href="<?php echo __FILE__; ?>?orderBy=date">Type:</a>

This code is encrypted. You will need a key or hash to decrypt, echo will not work.

To my knowledge this code is not encrypted but encoded (translated to different representaton of information). Encryption involves a secret (usually a secret key) whilst encoding involves only an alghoritm or scheme, base64 in the above case. To decode you use base64_decode() function (as in above code).

The above code has been encoded used base64 and additionally compresed using zlib. To run the code you have to decode the above 'gibberish' using base64_decode() and then unzip using gzuncompress() and then run the result using eval() which is the case in above snippets.

I also know this code belongs to : paymentmedium.com

@hallianonline: If this is true then please confirm that you have appropriate licence to use the scripts. Inappropriate use of intelectual property is against the DW rules, I believe.

but he cheated me he said the its an open source but after asking few people its not

It is writen in PHP and PHP is an open source interpreter. Use echo instead of eval and you will see the PHP code. Variable, function, class, method, attribute and other names will look meaningless. If there is not too much code you can do search and replace provided that you understand the whole lot.

This code is first compressed used zlib library and then base64 encoded, probably to obfuscate the original code, or just to simplify transport. There is no encryption key involved. The snippet above is just a reverse of this. The variable and function names are probably also obfuscated in a way (names are somehow 'cryptic'). But the code can be made readable with some effort.

You can use echo instead of eval and might get some idea about it.

so i have add following line below my select query mysql_query('SET CHARACTER SET utf8');

It is actually a good piece of information for other people with similar problems. Please mark as solved (using the nick that opened the thread).

Will you post it (it might help someone else)?

Have you tried the htmlspecialchar function? Do you have any unescaped quotes in the text? Is it a html text? And why are you using two nicks?

Your question is not very clear about what exactly is the problem.

Is the text html? To display html use htmlspecialchars function which will safely display problematic characters (such as < and >). If you have different character sets use mb_encode_numericentity function instead.

If the text is plain text your only option for formatting is existence of escape sequences \t, \r, \n and some others.

The other thing you have to be careful is to not run out of memory on your server.

Your code has a few errors:

$amount= mysql_real_escape_string("£59.99");

echo $first= $amount[1];

    if( ($first=="$")||($first=="£") ) {
    $amount =substr($amount,1);
    $amount="£".$amount;
}

1. do the escaping at the end
2. first letter has index 0: $first= $amount[0];
3. I advise you not to store the pound sign into the database. The money values should be stored as DECIMAL

So in my view the code should be:

$amount= '$59.99';
$first= $amount[0];

// ASCII 36 = dollar sign, ASCII 163 = pound sign
if( ($first == chr(36)) || ($first== chr(163)) ) {
    $amount = substr($amount,1);
}

// store this value in database
$safe_amount= mysql_real_escape_string($amount);

You can change the existing values in the database with a query like this:

UPDATE `test` SET amount = 
IF(
    SUBSTRING(`amount`, 1, 1) = '$', 
    CAST(SUBSTRING(`amount`, 2) AS DECIMAL(10,2)), 
    CAST(`amount` AS DECIMAL(10,2))
)

I am assuming that you have the amount column of type DECIMAL which I think is appropriate for money. You might have to create a temporary column if transformation can not be done in the same column.

It seems that the SQL statement the $sql variable does not get constructed properly. In the lines below you can see how it gets built up up to the VALUES part. But where are the actual values added to it then? Is there any more code you did not post?

Line  26: $sql = "INSERT INTO ".$table." (";
...
Line 205: $sql.= strtolower($column) . ",";
...
Line 208: $sql = rtrim($sql, ", ").", created_date ) VALUES ( ";
...

It is in the code that follows you should use the mb_substr function.

Have you tried the mb_substr function (see above post)?

I think in the database you should have only the number without any sign (provided that all the values are in same currency). You should get rid of the pound symbol i.e. using the mb_substr function, something like:

$trimmedAmount = mb_substr($amount, 1);

But I am not sure if this will work correctly since it depends on how the amount is read, what the encoding is and what the database column type for the amount is. Let me know the result.

Is there an attribute in the excel reader class that keeps the currency setting?

maybe the ajax part is playing up. Can you test it by inserting this between lines 31 and 32:

alert(data);

It should display an alert box with the html code for options.

You could also check the generated code for the subcategories dropdown with web developer add-on for Firefox (or similar dev tool).

If this is OK we'll go further.

And consider this: to access a mysql database you use a php database extension such as mysql, mysqli or PDO. If you are starting to learn please do not use the oldest mysql extension since it is being phased out. It is OK if you use newer mysqli extension but in my opinion PDO is the best option.

I am posting this just to give you some guidance before you start to learn how to access databases. There are still so many programmers that use the old and deprecated mysql since no-one told them what is the right thing to use.

Line 13:

<?php echo $op;?>

should probably create the html for options for the categories dropdown. But I can't find where $op is defined. Have you checked the generated code for the categoties dropdown?

What are the date values that yield unwanted results?

Pass the above function the appropriate element of the array, containing the excel data. Maybe something like this:

$correctDate = reformatDate($this->spreadsheet_excel_reader->sheets[0]['cells'][1]['sale_date']);

I am just guessing this since I do not know the structure of the excel reader class.

If dates in Excel are formatted as dd/mm/yy (allways) you can use the following function on each date during the import or write to database:

function reformatDate($theDate) {

    // get the parts of the date
    $day = substr($theDate, 0, 2);
    $month = substr($theDate, 3, 2);
    $year = substr($theDate, 6, 2);

    // return the parts in different order and separated by dash
    return "$month-$day-$year";
}

[EDIT] or even better:

function reformatDate($theDate) {

    // explode date string into array
    $dateArr = explode('/', $theDate);

    // return string with reordered elements
    return "{$dateArr[1]}-{$dateArr[0]}-{$dateArr[2]}";
}

OK, how is the date written in Excel and how you want to have it written in mysql? Post an example if possible.

Hang on. You said in your previous post that you have data in mysql table which you want to update, or have I missunderstood the question.

So do you want to update a row in an excel sheet? I do not hink you could do that. You have to read in the whole file, find the row to change and write the whole file back, as far as I know. But I could be werong so maybe anyone else knows?

I just need to update only the date field curresponding customer account number.

Where do you get the customer account number from?

Use UPDATE ... WHERE ... syntax. If you want more detailed help post the code you already have and be as specific as possible with your question.

Read this.

You could use session to store your previous page. Something like:

session_start();
if(isset($_SESSION['current_page'])) {
    $_SESSION['prev_page'] = $_SESSION['current_page'];
}
$_SESSION['current_page'] = $_SERVER["SCRIPT_NAME"];

if(isset($_SESSION['prev_page'])) {  
    $link = '<a href="' . $_SESSION['prev_page'] . '">Go to previous page</a>';
} else {
    $link = '';
}
echo $link;