PDA

View Full Version : Little php help


iGoD ReLeNtLeS
20-11-10, 16:46
Im currently making an attendance type script which can be used in the staff forums which will display a users ForumName, GameName and the Count. However i've got that far and have also coded a form to allow anyone who has access to the script to add records into the database, but i currently have no way of increasing the count. I would like to use a + and - button that simply adds 1 or removes 1 from the count. But have yet to discover any method :o What would be the best way.

I currently have this:

the form:


<html>
<head>
<title>Forum</title>
<head>
<body>
<form action="eventscount.php" method="get">
Forum Name: <input type="text" name="fname" />
GameName: <input type="text" name="gamename" />
<input type="submit" />
</form>
</body>
</html>

and this which adds the data into the MySQL database from the form


<html>
<head>
<title>Basic</title>
<head>
<body>
<?php
$fname = $_GET["fname"];
$gamename = $_GET["gamename"];

$con = mysql_connect("","","");
if (!con)
{
die('There Was An Error Connecting To The MySQL Database. Reason: ' . mysql_error());
}

mysql_select_db("event_attendance", $con);

$sql="INSERT INTO counter (ForumName, GameName, Count)
VALUES ('$fname', '$gamename', '0')";

if (!mysql_query($sql,$con)) {
die('There Was An Error Writing The Record To The MySQL Database. Reason: ' . '<br />' . mysql_error());
}
else {
echo 'Success! The Record Of Forum Name: <b>' . $fname . '</b> And GameName: <b>' . $gamename . '</b> Were Added To The Database! <br />';
echo 'Click <a href="">Here</a> To Add Another Record!';
}

mysql_close($con);
?>
</body>
</html>


then here i have the MySQL data display into a table


<html>
<head>
<title>Test</title>
<head>
<body>
<?php
$con = mysql_connect("","","");
if (!con) {
die ('Error Connecting To The Database! Reason: ' . mysql_error());
}

mysql_select_db("event_attendance", $con);

$result = mysql_query("SELECT * FROM counter");

echo '<table style="width:"300px", border="1">';
while($row = mysql_fetch_array($result)) {
echo "<tr><td>";
echo $row['ForumName'];
echo "</td><td>";
echo $row['GameName'];
echo "</td><td>";
echo $row['count'];
echo "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con);
?>
</body>
</html>


as you can see there is no way to add or subtract from the count. I would like there to be a + and - button which simply add or subtracts 1 which is independent from each record.

So i could have something like this:

iGoD_ReLeNtLeS iGoD 29 + -
Example_2 Mr.Example 9 + -

within a table, however what im confused about is how to make the buttons add or subtract because it would need to be a different line of code for each record :confused:

side note: im planning to have all the scripts linked on 1 page using iframes.

Any help is appreciated

~iGod
Peter
20-11-10, 17:44
This isn't a solution to your actual problem but please, please, please secure your code or you're just asking for trouble.



<html>
<head>
<title>Basic</title>
<head>
<body>
<?php

$con = mysql_connect("","","");
if (!con)
{
die('There Was An Error Connecting To The MySQL Database. Reason: ' . mysql_error());
}

mysql_select_db("event_attendance", $con);

$fname = mysql_real_escape_string($_GET["fname"]);
$gamename = mysql_real_escape_string($_GET["gamename"]);

$sql="INSERT INTO counter (ForumName, GameName, Count)
VALUES ('$fname', '$gamename', '0')";

if (!mysql_query($sql,$con)) {
die('There Was An Error Writing The Record To The MySQL Database. Reason: ' . '<br />' . mysql_error());
}
else {
echo 'Success! The Record Of Forum Name: <b>' . $fname . '</b> And GameName: <b>' . $gamename . '</b> Were Added To The Database! <br />';
echo 'Click <a href="">Here</a> To Add Another Record!';
}

mysql_close($con);
?>
</body>
</html>



<html>
<head>
<title>Test</title>
<head>
<body>
<?php
$con = mysql_connect("","","");
if (!con) {
die ('Error Connecting To The Database! Reason: ' . mysql_error());
}

mysql_select_db("event_attendance", $con);

$result = mysql_query("SELECT * FROM counter");

echo '<table style="width:"300px", border="1">';
while($row = mysql_fetch_array($result)) {
echo "<tr><td>";
echo htmlspecialchars($row['ForumName']);
echo "</td><td>";
echo htmlspecialchars($row['GameName']);
echo "</td><td>";
echo $row['count'];
echo "</td>";
echo "</tr>";
}
echo "</table>";
mysql_close($con);
?>
</body>
</html>

By the sound of it, what you should do is check a get parameter for information about whether you should add or subtract.

The problem is that you've used names as primary keys, when really you should have used a unique ID (just an incrementing number) as the unique ID for each record, which would have made incrementing or decrementing the counts for certain records very easy. You may have already done this (I can't tell from your MySQL queries), but if so, you should just create a new script, which takes 2 parameters, ID and Action, where ID is the record ID, and the Action is whether to add or subtract from the count.
Smifis
20-11-10, 22:18
Ideally, this could all be put into on single php document.

SQL injection comes into mind but Peter has already covered this, what you need to do is either look into AJAX or have a form to increase/decrease the count. In this frm you have a hidden field with idealy the records unique ID, but in this case, forumname, and two submit buttons with different values, lets say one is inc and the other is dec,

When the form is submited, you then check to see what values are sent and if they are valid.
You then find out what the current count is, check to see if you need to increse or decrease it, save the value and go back a page.

Simples.

PM me if you need some help