API tools faq
paste
Guest User

Untitled

a guest
Oct 18th, 2017
126
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.73 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. include ('databaseconnect1.php');
  4.  
  5. $sql1= "SELECT Categoryid, Categoryname, Categorydescription
  6. FROM Categories";
  7. $result1 = mysqli_query($db,$sql1);
  8.  
  9. if (!$result1){
  10. echo "<font color = 'Green' .<p> No Category Found, Contact the
  11. administrator </p> </font>";
  12. }
  13.  
  14. function getPosts()
  15. {
  16. $posts = array();
  17. $posts[0] = $_POST['topic_subject'];
  18. $posts[1] = $_POST['date'];
  19. $posts[2] = $_POST['topic_category'];
  20. $posts[3] = $_SESSION['userid'];
  21. return $posts;
  22. }
  23.  
  24. if (isset($_POST['createtopicbutton']))
  25. {
  26. $data = getPosts();
  27.  
  28. $sql2 = "INSERT INTO Topics(Topic_subject, Topic_date,
  29. Topic_category, Topic_by)
  30. VALUES('$data[0]','$data[1]', '$data[2]', '$data[3]')";
  31.  
  32. $result2 = mysqli_query($db,$sql2);
  33.  
  34. if ($result2){
  35. echo "<font color = 'Green' .<p> Topic Successfully Created </p>
  36. </font>";
  37. }else{
  38. echo "<font color = 'Green' .<p> Topic NOT! Successfully Created </p>
  39. </font>"; //This is the result I am getting specifically
  40. }
  41. }
  42. ?>
  43.  
  44. <form method = "post" action = "" >
  45. <table cellspacing="15">
  46.  
  47. <tr>
  48. <th>Subject </th>
  49. <td><input type = "text" name = "topic_subject" /> </td>
  50. </tr>
  51.  
  52. <tr>
  53. <th>Category </th>
  54. <?php echo '<td> <select name="topic_category"> ';
  55.  
  56. while($row = mysqli_fetch_assoc($result1))
  57. {
  58. echo '<option value="' . $row['Categoryid'] . '">' .
  59. $row['Categoryname'] . '</option>';
  60. }
  61. echo '</select></td>';
  62. ?>
  63. </tr>
  64.  
  65. <tr>
  66. <th>Current Date </th>
  67. <td><input type = "text" name = "date" /> </td>
  68. </tr>
  69.  
  70. <tr>
  71. <th> </th>
  72. <td> <input type = "submit" value = "Create Topic!" name =
  73. "createtopicbutton" /> </td>
  74. </tr>
  75.  
  76. </table>
  77. </form>
  78.  
  79. <?php Topic NOT! Successfully Created?>
  80.  
  81. <?php
  82. @session_start();
  83. $_SESSION['userid'] = 1;
  84. $servername = "localhost";
  85. $username = "root";
  86. $password = "";
  87. $dbname = "stack";
  88.  
  89. // Create connection
  90. $db = mysqli_connect($servername, $username, $password, $dbname);
  91.  
  92. // Check connection
  93. if (!$db) {
  94. die("Connection failed: " . mysqli_connect_error());
  95. }
  96. $sql1= "SELECT Categoryid, Categoryname, Categorydescription
  97. FROM Categories";
  98. $result1 = mysqli_query($db,$sql1);
  99.  
  100. if (!$result1){
  101. echo "<font color = 'Green' .<p> No Category Found, Contact the
  102. administrator </p> </font>";
  103. }
  104.  
  105. function safe_insert($data)
  106. {
  107. $data = trim($data);
  108. $data = stripslashes($data);
  109. $data = htmlspecialchars($data);
  110. return $data;
  111. }
  112. /*
  113. you can validate more than this such as the following
  114. string length
  115. use preg match to only validate number but l used is_numeric ie
  116. if (!preg_match("/^[0-9]*$/",$data)) {
  117. return false;
  118. }
  119. limit post based on day
  120. re structure and change mysql to date .
  121. table name ie tbl_topic category_id category_description ... you get the idea
  122. and many more
  123. ................. happy coding
  124. */
  125. if (isset($_POST['createtopicbutton']))
  126. {
  127. if(isset($_POST['topic_subject']) && isset($_POST['date']) && isset($_POST['topic_category'])){
  128. $state = true;
  129. $errors = '';
  130. if(trim($_POST['topic_subject']) == ''){
  131. $errors .= "subject is empty";
  132. $state = false;
  133. }
  134. if(trim($_POST['date']) == ''){
  135. $errors .= "date is empty";
  136. $state = false;
  137. }
  138. if(!is_numeric(trim($_POST['topic_category']))){
  139. $errors .= "topic category is should be number";
  140. $state = false;
  141. }
  142.  
  143. if($state){
  144. $subject = mysqli_real_escape_string($db , safe_insert($_POST['topic_subject']));
  145. $date = mysqli_real_escape_string($db , safe_insert($_POST['date']));
  146. $topic= mysqli_real_escape_string($db , safe_insert($_POST['topic_category']));
  147. $user_id = mysqli_real_escape_string($db , safe_insert($_SESSION['userid']));
  148. $sql2 = "INSERT INTO Topics(Topic_subject, Topic_date, Topic_category, Topic_by) VALUES('$subject','$date', '$topic', '$user_id')";
  149.  
  150. $result2 = mysqli_query($db,$sql2);
  151.  
  152. if ($result2){
  153. echo "<font color = 'Green' .<p> Topic Successfully Created </p> </font>";
  154. }else{
  155. echo "<font color = 'Green' .<p> Topic NOT! Successfully Created </p>
  156. </font>"; //This is the result I am getting specifically
  157. }
  158. }else{
  159. echo $errors;
  160. }
  161. }
  162. else{
  163. echo 'Something fishy';
  164. }
  165. }
  166. ?>
  167.  
  168. <form method = "post" action = "" >
  169. <table cellspacing="15">
  170. <tr>
  171. <th>Subject </th>
  172. <td><input type = "text" name = "topic_subject" /> </td>
  173. </tr>
  174. <tr>
  175. <th>Category </th>
  176. <?php echo '<td> <select name="topic_category"> ';
  177.  
  178. while($row = mysqli_fetch_assoc($result1))
  179. {
  180. echo '<option value="' . $row['Categoryid'] . '">' .
  181. $row['Categoryname'] . '</option>';
  182. }
  183. echo '</select></td>';
  184. ?>
  185. </tr>
  186. <tr>
  187. <th>Current Date </th>
  188. <td><input type = "text" name = "date" /> </td>
  189. </tr>
  190. <tr>
  191. <th> </th>
  192. <td> <input type = "submit" value = "Create Topic!" name =
  193. "createtopicbutton" /> </td>
  194. </tr>
  195. </table>
  196. </form>
  197.  
  198. <?php
  199. // sample data //
  200.  
  201. /*
  202.  
  203. CREATE TABLE `categories` (
  204. `Categoryid` int(11) NOT NULL,
  205. `Categoryname` varchar(255) NOT NULL,
  206. `Categorydescription` varchar(255) NOT NULL
  207. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
  208.  
  209. INSERT INTO `categories` (`Categoryid`, `Categoryname`, `Categorydescription`) VALUES
  210. (1, 'fake 1', 'lprem,djbch schjcwdc k'),
  211. (2, 'fake 2', 'kjdncsjkc dcjdjkds dskjsdkj');
  212.  
  213.  
  214. CREATE TABLE `topics` (
  215. `topic_id` int(11) NOT NULL,
  216. `topic_subject` varchar(255) NOT NULL,
  217. `topic_date` varchar(255) NOT NULL,
  218. `topic_category` int(11) NOT NULL,
  219. `topic_by` int(11) NOT NULL
  220. ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
  221.  
  222. --
  223. -- Dumping data for table `topics`
  224. --
  225.  
  226. INSERT INTO `topics` (`topic_id`, `topic_subject`, `topic_date`, `topic_category`, `topic_by`) VALUES
  227. (1, 'sweet', 'chiil', 1, 1),
  228. (8, 'jkfdjk', 'kjkjd', 1, 1),
  229. (31, 'klds', 'los', 2, 1),
  230. (32, 'suceess topic', 'date', 1, 1),
  231. (33, 'ksdl', 'sdlksda', 1, 1),
  232. (34, 'melody', 'sdjsjssj', 2, 1);
  233.  
  234. --
  235. -- Indexes for dumped tables
  236. --
  237.  
  238. --
  239. -- Indexes for table `topics`
  240. --
  241. ALTER TABLE `topics`
  242. ADD PRIMARY KEY (`topic_id`);
  243.  
  244. --
  245. -- AUTO_INCREMENT for dumped tables
  246. --
  247. */
  248. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!