creptor
commented
8 years ago Your issue is not there. Plese post the code for the query.php, or where you upload the información of the form.
Open ishangote opened 8 years ago
creptor
commented
8 years ago Your issue is not there. Plese post the code for the query.php, or where you upload the información of the form.
ishangote
commented
8 years ago @creptor Here is my query.php
<?php
switch ($page) {
case 'dashboard':
break;
case 'pages':
if(isset($_POST['submitted']) == 1) //if form was submitted
{
$title = mysqli_real_escape_string($dbc, $_POST['title']);
$label= mysqli_real_escape_string($dbc, $_POST['label']);
$header = mysqli_real_escape_string($dbc, $_POST['header']);
$body = mysqli_real_escape_string($dbc, $_POST['body']);
if($_POST['id'] != ''){
$action='updated';
$q = "UPDATE pages SET user=$_POST[user], slug = '$_POST[slug]', title='$title', label='$label',header='$header', body='$body' WHERE id = $_GET[id]";
}
else {
$action='added';
$q = "INSERT INTO pages(user, slug, title , label, header, body) VALUES('$_POST[user]', '$_POST[slug]','$title', '$label', '$header', '$body')";
}
if(mysqli_query($dbc, $q)) //Debuging a query
{
$message = '<p class = "bg-success">Page was '.$action.'!</p>';
}
else
{
$message = '<p class = "bg-danger">Page was not '.$action.'!</p> '.mysqli_error($dbc);
$message .= '<p class = "bg-warning">Query: '.$q.'</p>';
}
}
if(isset($_GET['id']))
{
$opened = data_page($dbc, $_GET['id']);
}
break;
case 'users':
if(isset($_POST['submitted']) == 1) //if form was submitted
{
$firstName = mysqli_real_escape_string($dbc, $_POST['firstName']);
$lastName = mysqli_real_escape_string($dbc, $_POST['lastName']);
if($_POST['password'] != '')
{
if($_POST['password'] == $_POST['passwordv']){
$password = " password = sha1('$_POST[password]'),";
$verify=true;
}
else
{
$verify=false;
}
}
else{
$verify=false;
}
if($_POST['id'] != '')
{
$action='updated';
$q = "UPDATE users SET firstName = '$firstName', lastName = '$lastName',email = '$_POST[email]',$password status = $_POST[status] WHERE user_id = $_GET[id]";
$r = mysqli_query($dbc, $q);
}
else
{
$action='added';
$q = "INSERT INTO users(firstName, lastName, email, password , status) VALUES('$firstName', '$lastName', '$_POST[email]', sha1('$_POST[password]'), $_POST[status])";
if($verify == true)
{
$r = mysqli_query($dbc, $q);
}
}
if($r) //Debuging a query //$r = mysqli_query($dbc, $q);
{
$message = '<p class = "alert alert-success">User was '.$action.'!</p>';
}
else
{
$message = '<p class = "alert alert-danger">User was not '.$action.'!'.' because '.'</p>'.mysqli_error($dbc);
if($verify == false){
$message .= '<p>Password fields empty and/or do not match</p>';
}
$message .= '<p class = "alert alert-warning">Query: '.$q.'</p>';
}
}
if(isset($_GET['id']))
{
$opened = data_user($dbc, $_GET['id']);
}
break;
case 'settings':
if(isset($_POST['submitted']) == 1) //if form was submitted
{
$label = mysqli_real_escape_string($dbc, $_POST['label']);
$value = mysqli_real_escape_string($dbc, $_POST['value']);
if($_POST['id'] != '')
{
$action='updated';
$q = "UPDATE settings SET id = '$_POST[id]', label = '$label',value = '$value' WHERE id = '$_POST[openedid]'";
$r = mysqli_query($dbc, $q);
}
if($r) //Debuging a query //$r = mysqli_query($dbc, $q);
{
$message = '<p class = "alert alert-success">Setting was '.$action.'!</p>';
}
else
{
$message = '<p class = "alert alert-danger">Setting was not '.$action.'!'.' because '.'</p>'.mysqli_error($dbc);
$message .= '<p class = "alert alert-warning">Query: '.$q.'</p>';
}
}
break;
default:
break;
} ?>
creptor
commented
8 years ago I'm sorry I was on vacation 😄
I don't see a mistake in your code, but many things in the videos are done incorrectly, I sugest you fix most of the if statements to avoid errors.
For example:
if(isset($_POST['submitted']) == 1)Should be ->
if(isset($_POST['submitted'])&&$_POST['submitted']==1)(but that should work fine though)
And this part:
if($_POST['id'] != ''){Should be ->
if(isset($_POST['id'])&&is_numeric($_POST['id'])){
@thedigicraft This is for the users admin page `
User Manager