I'm a big fat noob learning how to use mysql the stupid way, by trial and error, and by staring at the screen until something clicks.
I have a table with
id next_id bowl (INT) dish (INT)
_____________________________
1 4
2 1
3 2
4 3
All 4 users are admin level, so when any user checks one of the boxes and clicks its "Done" button, their bowl or dish field variable is set to '0', AND the user whose id is 'next_id' has his bowl or dish variable set to '1'.
It works, but it is possible for a user to click the box and hit the "Done" button even when it echoes "You are done," and there is no reason for them to, which sets the next user's bowl or dish variable to '1' before it should be.
What I would like to do is have the checkbox with value <?php echo $rrows['id']; ?> be hidden when the logged-in user's 'bowl' (or 'dish') variable is '0', and visible when it is '1'.
I have searched around and read that it might be possible to use a "PHP session variable check (with an "if" statement) to add style="display:none;" to the tag when that element should be hidden."
Does that sound like the best way? Would that be if($_SESSION... ?
What about an if empty()... ? But where would that go, and what would it look like?
Below is the code, with some formatting tags removed, which I hope will make it quicker to read through.
Thanks for any clues!
Code: Select all
<?php
include 'dbc.php';
page_protect();
if(!checkAdmin()) {
header("Location: login.php");
exit();
}
$page_limit = 10;
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);
$login_path = @ereg_replace('admin','',dirname($_SERVER['PHP_SELF']));
$path = rtrim($login_path, '/\\');
// filter GET values
foreach($_GET as $key => $value) {
$get[$key] = filter($value);
}
foreach($_POST as $key => $value) {
$post[$key] = filter($value);
}
if($_POST['doApprove'] == 'Done') {
if(!empty($_POST['u'])) {
foreach ($_POST['u'] as $uid) {
$id = filter($uid);
list($next_id) = mysql_fetch_row(mysql_query("select next_id from users where id='$id'"));
mysql_query("update users set approved='1' where id='$id'");
mysql_query("update users set next='1' where id='$next_id'");
mysql_query("update users set next='0' where id='$id'");
list($to_email) = mysql_fetch_row(mysql_query("select user_email from users where id='$uid'"));
$message =
"Hello.\n
";
@mail($to_email, "Subject", $message,
"From: \"Me\" <auto-reply@$host>\r\n" .
"X-Mailer: PHP/" . phpversion());
}
}
$ret = $_SERVER['PHP_SELF'] . '?'.$_POST['query_str'];
header("Location: $ret");
exit();
}
if($_POST['doDish'] == 'Done') {
if(!empty($_POST['u'])) {
foreach ($_POST['u'] as $uid) {
$id = filter($uid);
list($next_id) = mysql_fetch_row(mysql_query("select next_id from users where id='$id'"));
mysql_query("update users set approved='1' where id='$id'");
mysql_query("update users set next='1' where id='$next_id'");
mysql_query("update users set next='0' where id='$id'");
list($to_email) = mysql_fetch_row(mysql_query("select user_email from users where id='$uid'"));
$message =
"Hello.\n
";
@mail($to_email, "Subject", $message,
"From: \"Me\" <auto-reply@$host>\r\n" .
"X-Mailer: PHP/" . phpversion());
}
}
$ret = $_SERVER['PHP_SELF'] . '?'.$_POST['query_str'];
header("Location: $ret");
exit();
}
$rs_all = mysql_query("select count(*) as total_all from users where id='$id'") or die(mysql_error());
$rs_active = mysql_query("select count(*) as total_active from users where approved='1'") or die(mysql_error());
$rs_total_pending = mysql_query("select count(*) as tot from users where id='$id'");
list($total_pending) = mysql_fetch_row($rs_total_pending);
list($all) = mysql_fetch_row($rs_all);
list($active) = mysql_fetch_row($rs_active);
?>
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="styles.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
</head>
<body>
<table width="80%" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><form name="form1" method="get" action="admin.php">
<input type="radio" name="qoption" value="pending">
Show my stuff
<input name="doSearch" type="submit" id="doSearch2" value="List">
</form></td>
</tr>
</table>
<?php if ($get['doSearch'] == 'List') {
if($get['qoption'] == 'pending') {
$cond = "where `id`='$_SESSION[user_id]'";
}
if($get['qoption'] == 'pending') {
$sql = "select * from users $cond";
}
else {
$sql = "select * from users where `id` = '$_SESSION[user_id]'";
}
$rs_total = mysql_query($sql) or die(mysql_error());
$total = mysql_num_rows($rs_total);
if (!isset($_GET['page']) )
{ $start=0; } else
{ $start = ($_GET['page'] - 1) * $page_limit; }
$rs_results = mysql_query($sql . " limit $start,$page_limit") or die(mysql_error());
$total_pages = ceil($total/$page_limit);
?>
<?php
// outputting the pages
if ($total > $page_limit)
{
echo "<div><strong>Pages:</strong> ";
$i = 0;
while ($i < $page_limit)
{
$page_no = $i+1;
$qstr = ereg_replace("&page=[0-9]+","",$_SERVER['QUERY_STRING']);
echo "<a href=\"admin.php?$qstr&page=$page_no\">$page_no</a> ";
$i++;
}
echo "</div>";
} ?>
</p>
<form name "searchform" action="admin.php" method="post">
<?php while ($rrows = mysql_fetch_array($rs_results)) {?>
<span id="approve<? echo $rrows['id']; ?>">
<?php if(!$rrows['next']) { echo "You are done"; } else {echo "You must check this box and hit the Done button"; }?>
</span>
<input name="u[]" type="checkbox" value="<?php echo $rrows['id']; ?>" id="u[]">
<input name="doApprove" type="submit" id="doApprove" value="Done">
<input name="query_str" type="hidden" id="query_str" value="<?php echo $_SERVER['QUERY_STRING']; ?>"><span id="approve<? echo $rrows['id']; ?>">
<?php if(!$rrows['dish']) { echo "You are done"; } else {echo "You must check this box and hit the Done button"; }?>
</span>
<input name="u[]2" type="checkbox" value="<?php echo $rrows['id']; ?>" id="u[]2"></td>
<input name="doDish" type="submit" id="doDish" value="Done">
<input name="query_str2" type="hidden" id="query_str2" value="<?php echo $_SERVER['QUERY_STRING']; ?>">
<?php } ?>
</form>
<?php } ?>
</body>
</html>