Form is submitting multiple entries to the database instead of single
Question
my code basically override requests (for classes that are full in capacity) submitted by students to specific professors. Let's say 2 students have requested an override to the same class, when a professor is logged in, the code fetches the two override requests with an option of accepting/denying, when i as a professor accept/deny a single override request, it does the action for both the override requests instead of the one i chose.
Basically it's not accepting/denying the requests as selected, its doing the same action for all overrides.
Code:
<?php
} else if ($usertype == 1) {
$server = "";
$user = "";
$pass = "";
$db = "";
$db2 = "";
$db3 = "";
$user1 = $_SESSION['username'];
$mysqli = new Mysqli($server, $user, $pass, $db) or mysqli_error($mysqli);
$mysqli2 = new Mysqli($server, $user, $pass, $db2) or mysqli_error($mysqli);
$mysqli3 = new Mysqli($server, $user, $pass, $db3) or mysqli_error($mysqli);
$status= $mysqli->query("SELECT status FROM Overrides WHERE professor = '$user1'")->fetch_object()->status;
$overrides = $mysqli->query("SELECT * FROM Overrides WHERE professor = '$user1'");
$num_rows = mysqli_num_rows($overrides);
?>
<form method="post" action="dbheads.php" name="HF" id="HF" autocomplete="off">
<script type="text/javascript">
function submitForm(action)
{
document.getElementById('HF').action = action;
document.getElementById('HF').submit();
}
</script>
<?php if ($status == 1) {
echo " Overrides today: " . $num_rows;
?>
<?php
while($row = mysqli_fetch_array($overrides)) { ?>
<fieldset> <?php
echo "First Name: " . $row['name'] . "<br />";
echo "<br />Mid. Name: " . $row['mname'] . "<br />";
echo "<br />Fam. Name: " . $row['fname'] . "<br />";
echo "<br />Student ID: " . $row['sid'] . "<br />";
echo "<br />Scolarship: " . $row['sc'] . "<br />";
echo "<br />Phone No: " . $row['phone'] . "<br />";
echo "<br />Email: " . $row['email'] . "<br />";
echo "<br />Subject: " . $row['subject'] . "<br />";
echo "<br />Section: " . $row['section'] . "<br />";
echo "<br />Semester: " . $row['semester'] . "<br />";
$name = $row['name'];
echo "<input type='hidden' name='name' value='$name'>";
$mname = $row['mname'];
echo "<input type='hidden' name='mname' value='$mname'>";
$fname = $row['fname'];
echo "<input type='hidden' name='fname' value='$fname'>";
$sid = $row['sid'];
echo "<input type='hidden' name='sid' value='$sid'>";
$sc = $row['sc'];
echo "<input type='hidden' name='sc' value='$sc'>";
$phone = $row['phone'];
echo "<input type='hidden' name='phone' value='$phone'>";
$email = $row['email'];
echo "<input type='hidden' name='email' value='$email'>";
$subject = $row['subject'];
echo "<input type='hidden' name='subject' value='$subject'>";
$section = $row['section'];
echo "<input type='hidden' name='section' value='$section'>";
$semester = $row['semester'];
echo "<input type='hidden' name='semester' value='$semester'>";
?>
<br />
<div>
<label for="comments" accesskey="c">Notes & Comments:</label><br />
<input type="textarea" name="comments" id="comments" cols="35" rows="10">
<br>
</div>
<br>
<script type="text/javascript">
function submitForm(action)
{
document.getElementById('HF').action = action;
document.getElementById('HF').submit();
}
</script>
...
<input type="button" onclick="submitForm('dbheads.php')" value="Accept" />
<input type="button" onclick="submitForm('dbheads2.php')" value="Deny" /></form>
</fieldset>
<br>
<?php } }
?>
<br />
dbheads.php
<?php
include_once 'includes/db_connect.php';
include_once 'includes/functions.php';
sec_session_start();
?>
<html>
<?php
$mysql_host = "";
$mysql_username = "";
$mysql_password = "r!~";
$mysql_database = "";
$user = $_SESSION['username'];
if (login_check($mysqli) == true) : ?>
<p>Welcome <?php echo htmlentities($user); ?>!</p>
<?php
$mysqli = new Mysqli($mysql_host, $mysql_username, $mysql_password, $mysql_database) or die(mysqli_error());
$status = 2;
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE username='$user'");
$stmt->bind_param("s", $status);
$stmt->execute();
echo htmlentities(accepted);
?>
<?php else : ?>
<p>
<span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login</a>.
</p>
<?php endif; ?>
</html>
bheads2.php
<html>
<?php
$mysql_host = "";
$mysql_username = "";
$mysql_password = "";
$mysql_database = "";
$user = $_SESSION['username'];
if (login_check($mysqli) == true) : ?>
<p>Welcome <?php echo htmlentities($user); ?>!</p>
<?php
$mysqli = new Mysqli($mysql_host, $mysql_username, $mysql_password, $mysql_database) or die(mysqli_error());
$status = 5;
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE username='$user'");
$stmt->bind_param("s", $status);
$stmt->execute();
echo htmlentities(denied);
?>
<?php else : ?>
<p>
<span class="error">You are not authorized to access this page.</span> Please <a href="index.php">login</a>.
</p>
<?php endif; ?>
</html>
Any help on how can i fix this? I'm a beginner so ignore the messy code.
1 answers
solution1
0 2015-05-09 15:57:20
It seems you are updating the database with the following query
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE username='$user'")
Which is simply saying where the username is the person logged in or using the page will be updated to the status of your choosing, do you have a unique identifier for each row of overrides? Override_ID maybe.
If so I would fetch that data on your first page and put it into a hidden input like the other data and then use the following query:
$ovid = $_POST['ovid'];
$stmt = $mysqli->prepare("UPDATE Overrides SET status=? WHERE override_id='$ovid'")
EDIT:
You also seem to be updating WHERE username='$user' as opposed to WHERE professor='$user' on your update pages
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.