Php and Msql (help solve a coding error somewhere...)

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    help Php and Msql (help solve a coding error somewhere...)

    Hi ive tried to modify this script to add a new field named Title into the table via the install.php
    Code:
    <?php
include "admin/connect.php";
$createquotes="CREATE TABLE rquote_quotes (
  ID bigint(21) NOT NULL auto_increment,
  Title mediumtext NOT NULL,
  quote mediumtext NOT NULL,
  PRIMARY KEY  (ID)
)";
mysql_query($createquotes) or die("Could not create quotes");
$createadmins="CREATE TABLE rquote_login (
  ID int(10) NOT NULL auto_increment,
  username varchar(255) NOT NULL default '',
  password varchar(255) NOT NULL default '',
  PRIMARY KEY  (ID)
)";
mysql_query($createadmins) or die("Could not create admins");

print "Installed";
?>
    I think here aint a problem in the above modification...

    But then I modified then I started modifing the Addqoute.php file

    Code:
    <?
include "connect.php";
session_start();
if (isset($_SESSION['username']))
 {
      print "<A href='addquote.php'>Add a quote</a> | <A href='deletequote.php'>Delete a quote</a>|<A href='search.php'>Search</a><br><br>";
     if(isset($add))
      {
        $addquote="Insert into rquote_quotes (quote) values ('$Title','$quote')";
        $r=mysql_query($addquote) or die("Could not insert quote");
        if($r)
           {
             print "Quote added successfully";
           }
       }
     else
      {
        print "<form action='addquote.php' method='post'>";
        print "Type quote here<br>";
        print "<textarea name='Title' rows='3' cols='20'></textarea><br>";
print "<textarea name='quote' rows='3' cols='20'></textarea><br>";

        print "<input type='submit' name='add' value='add quote'></form>";
      }
   
     
 }

else   
  {
    print "Not logged in as Administrator, please <A href='login.php'>Login</a>";
  }

?>
    by adding the lines
    Code:
    $addquote="Insert into rquote_quotes (quote) values ('$Title','$quote')";
    and also

    Code:
    print "<textarea name='Title' rows='3' cols='20'></textarea><br>";
    im not sure if this modifications is done correctly.

    then in the deletequote.php file
    Code:
    <?
include "connect.php";
session_start();
if (isset($_SESSION['username']))
 {
      print "<A href='addquote.php'>Add a quote</a> | <A href='deletequote.php'>Delete a quote</a>|<A href='search.php'>Search</a><br><br>";
     if(isset($delete))
      {
        $ID=$_GET[ID];
        $deletequote="Delete from rquote_quotes where ID='$ID'";
        $r=mysql_query($deletequote) or die("Could not delete quote");
        if($r)
           {
             print "Quote delete successfully";
           }
       }
     else
      { 
        $quotedelete="SELECT * from rquote_quotes";
        $quotedelete2=mysql_query($quotedelete) or die("Could not select");
        while($r3=mysql_fetch_array($quotedelete2))
         {
           print "$r3[Title]<br>";
        print "$r3[quote]<br>";
           print "<form action='deletequote.php?ID=$r3[ID]' method='post'>";
           print "<input type='hidden' name='ID' value='$r3[ID]'>";
           print "<input type='submit' name='delete' value='delete quote'><br>";   
           print "</form>";        
        }
   
     }
}

else   
  {
    print "Not logged in as Administrator, please <A href='login.php'>Login</a>";
  }

?>
    i added the lines
    Code:
    print "$r3[Title]<br>";
    on the index.php
    Code:
    <?
include "admin/connect.php";
$randomize="SELECT*FROM rquote_quotes";
$randomize2=mysql_query($randomize);
$numrow=mysql_num_rows($randomize2);

$j=RAND()%$numrow+1;

$r="SELECT * FROM rquote_quotes where ID='$j' LIMIT 1";
$r2=mysql_query($r);
while($r3=mysql_fetch_array($r2))
{
print "$r3[Title]<br>";
print "$r3[quote]";
}
?>
    I added the line
    Code:
    print "$r3[Title]<br>";
    I'm not sure where I did what wrong can you help me solve my problem please?
    Tags: None
    #2

    ('$Title','$quote')"; if you're mysql starts $quote, $title ?
    Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
    Visit: WapMasterz Coming Back Soon!
    _______
    SCRIPTS FOR SALE BY SUBZERO
    Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
    FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
    _______
    Info & Tips
    php.net
    w3schools.com

    Comment

      #3
      Originally posted by subzero View Post
      ('$Title','$quote')"; if you're mysql starts $quote, $title ?
      $addquote="Insert into rquote_quotes (Title, quote) values (mysql_real_escape_string($_POST['Title']),mysql_real_escape_string($_POST['quote']))";

      ///////////////////////////
      if(isset($add)) should be: if(isset($_POST['add'))

      ///////////////////////////
      $ID=$_GET[ID]; should be $ID=$_GET['ID']; to avoid errors, better still: $ID = mysql_real_escape_string($_GET['ID']);

      ///////////////////////////
      print "$r3[quote]<br>"; should be on the lines of: print $r3['quote']."<br/>";

      ///////////////////////////
      $randomize="SELECT*FROM rquote_quotes";
      $randomize2=mysql_query($randomize);
      $numrow=mysql_num_rows($randomize2);
      $j=RAND()%$numrow+1;
      $r="SELECT * FROM rquote_quotes where ID='$j' LIMIT 1";

      can be less calls to database:

      $r="SELECT * FROM rquote_quotes where ORDER BY RAND LIMIT 1";

      ///////////////////////////
      print "<textarea name='Title' rows='3' cols='20'></textarea><br>"; maybe better as: print '<input type="text" name="Title"/><br>';
      • Likes 1

      Comment

        #4
        I have optimize,modify & rewrite

        install.php
        PHP Code:
        <?php
        include 'admin/connect.php';

        $tables = array(
                    'quotes' => 'CREATE TABLE rquote_quotes (ID bigint(21) NOT NULL auto_increment,Title mediumtext NOT NULL,quote mediumtext NOT NULL,PRIMARY KEY  (ID))',
                    'admins' => 'CREATE TABLE rquote_login (ID int(10) NOT NULL auto_increment,username varchar(255) NOT NULL default \'\',password varchar(255) NOT NULL default \'\',PRIMARY KEY  (ID))'
        );


        foreach(        $tables as $table=>$query) {
            if(         mysql_query($query) {
                echo         '<pre>'.$table.'succesfully created</pre>';
            } else {
                echo         '<pre>'mysql_error() .'</pre>';
            }
        }
        ?>
        addquote.php
        PHP Code:
        <?
        include 'connect.php';

        session_start();

        if (isset($_SESSION['username'])) {
            
            print '<a href="addquote.php">Add a quote</a> | <a href="deletequote.php">Delete a quote</a>|<a href="search.php">Search</a><br><br>';

            if (isset($_POST['title'], $_POST['quote'])) {
                $title = mysql_real_escape_string($_POST['title']);
                $quote = mysql_real_escape_string($_POST['quote']);
                
                if (mysql_query("INSERT INTO rquote_quotes(`title`,`quote`) values ('{$title}','{$quote}')")) {
                    echo 'Quote added successfully"';
                } else {
                    echo '<pre>'. mysql_error() .'</pre>';
                }
            } else {
                echo '<form action="addquote.php" method="post">';
                echo '<div>Type quote here</div>';
                echo '<div><textarea name="title" rows="3" cols="20"></textarea></div>';
                echo '<div><textarea name="quote" rows="3" cols="20"></textarea></div>';
                echo '<input type="submit" name="add" value="add quote">';
                echo '</form>';
            } else{
                echo '<p>Not logged in as Administrator, please <a href="login.php">Login</a></p>';
            }
        ?>
        deletequote.php
        PHP Code:
        <?
        include "connect.php";

        session_start();

        if (isset($_SESSION['username'])) {
            print "<p><A href='addquote.php'>Add a quote</a> | <A href='deletequote.php'>Delete a quote</a>|<A href='search.php'>Search</a></p>";

            if(isset($_GET['ID'], $_GET['delete'])) {
                $ID = (int) $_GET[ID];
                
                if ( mysql_query("DELETE FROM rquote_quotes where ID={$ID}") {
                    print "Quote delete successfully";
                } else {
                    echo '<p>Error: '. mysql_error() .'</p>';
                }
            } else {
                $query = mysql_query(SELECT * from rquote_quotes) or die('Error:' .mysql_error());
                    
                while($row = mysql_fetch_assoc($query)) {
                    echo '<h3>'. $r3[Title] .'</h3>';
                    echo '<div>'. $r3[quote] .'</div>';
                    
                    echo "<form action='deletequote.php?ID=$r3[ID]' method='post'>";
                    echo "<input type='hidden' name='ID' value='$r3[ID]'>";
                    echo "<input type='submit' name='delete' value='delete quote'><br>";
                    echo "</form>";
                }
            }
        } else {
            print "Not logged in as Administrator, please <A href='login.php'>Login</a>";
        }
        ?>
        index.php
        PHP Code:
        <?
        include "connect.php";

        session_start();

        if (isset($_SESSION['username'])) {
            print "<p><A href='addquote.php'>Add a quote</a> | <A href='deletequote.php'>Delete a quote</a>|<A href='search.php'>Search</a></p>";

            if(isset($_GET['ID'], $_GET['delete'])) {
                $ID = (int) $_GET[ID];
                
                if ( mysql_query("DELETE FROM rquote_quotes where ID={$ID}") {
                    print "Quote delete successfully";
                } else {
                    echo '<p>Error: '. mysql_error() .'</p>';
                }
            } else {
                $query = mysql_query(SELECT * from rquote_quotes) or die('Error:' .mysql_error());
                    
                while($row = mysql_fetch_assoc($query)) {
                    echo '<h3>'. $r3[Title] .'</h3>';
                    echo '<div>'. $r3[quote] .'</div>';
                    
                    echo "<form action='deletequote.php?ID=$r3[ID]' method='post'>";
                    echo "<input type='hidden' name='ID' value='$r3[ID]'>";
                    echo "<input type='submit' name='delete' value='delete quote'><br>";
                    echo "</form>";
                }
            }
        } else {
            print "Not logged in as Administrator, please <A href='login.php'>Login</a>";
        }
        ?>
        • Likes 1

        Comment

        Previous template Next
        Working...
        X