Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 375
  • Last Modified:

UPDATE mysql

Hello, I want in the following script

<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");

   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=$_GET[id]") or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>       
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>       
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>             
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                     
                   </div>
                   <!-- End Right Column -->                     
                     <div class="clear"></div>                     
         </div>         
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>

add +1 into the views field of my articles table. It should probably be done through UPDATE. Can I do this in the first lines (so after including connect.php and session.php) or do I need to do that somewhere else
0
jvuz
Asked:
jvuz
  • 6
  • 5
  • 5
  • +1
3 Solutions
 
Aamir SaeedCommented:
not sure what do you want exactly?
0
 
jvuzAuthor Commented:
Everytime a page is viewed, I want to add +1 on the views field. So that way, afterwards I can add somewhere else how many times some article has been viewed.
0
 
elfe69Commented:
You can do it at the beginning, before fetching your article category, add the following line:

mysql_query("UPDATE articles SET views = (views + 1) WHERE id=$_GET[id]") or die(mysql_error());
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Aamir SaeedCommented:
mysql_query("UPDATE articles SET views = (views + 1) WHERE id='".$_GET[id]."'") or die(mysql_error());
0
 
Cornelia YoderArtistCommented:
You can do it at any point in the code that you wish.

However, do NOT do this, as a couple of people have said:

mysql_query("UPDATE articles SET views = (views + 1) WHERE id='".$_GET[id]."'") or die(mysql_error());

Using a $_GET value directly in a query opens you wide open to SQL Injection hacking!!!  NEVER EVER use a $_GET or $_POST variable directly in a query.  ALWAYS pass it through a safety value like

$id = htmlentities($_GET["id"], ENT_QUOTES);

Then, you can use it without danger, as

mysql_query("UPDATE articles SET views = views+1 WHERE id='$id') or die(mysql_error());



0
 
jvuzAuthor Commented:
I'm having several problems now:

<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");
mysql_query("UPDATE articles SET views = (views + 1) WHERE id='".$_GET[id]."'") or die(mysql_error());
   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=$_GET[id]") or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>       
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>       
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>             
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author, FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter, views FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6><h6>Viewed:&nbsp;'.$r2['views'].'&nbsp;</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                     
                   </div>
                   <!-- End Right Column -->                     
                     <div class="clear"></div>                     
         </div>         
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>

First I get:
Use of undefined constant id - assumed 'id'
Then I get:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM articles WHERE id = '34'' at line 1
0
 
Aamir SaeedCommented:
try
<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");
mysql_query("UPDATE articles SET views = (views + 1) WHERE id=".$_GET['id']."") or die(mysql_error());
   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=$_GET[id]") or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>      
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>      
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>            
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author, FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter, views FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6><h6>Viewed:&nbsp;'.$r2['views'].'&nbsp;</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                    
                   </div>
                   <!-- End Right Column -->                    
                     <div class="clear"></div>                    
         </div>        
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>
0
 
Aamir SaeedCommented:
try

<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");
mysql_query("UPDATE articles SET views = (views + 1) WHERE id=".$_GET['id']."") or die(mysql_error());
   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=".$_GET['id']."") or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>      
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>      
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>            
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author, FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter, views FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6><h6>Viewed:&nbsp;'.$r2['views'].'&nbsp;</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                    
                   </div>
                   <!-- End Right Column -->                    
                     <div class="clear"></div>                    
         </div>        
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>
0
 
jvuzAuthor Commented:
Sorry, no changes.
0
 
Aamir SaeedCommented:
try
<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");
mysql_query("UPDATE articles SET views = (views + 1) WHERE id=".$_GET['id']."") or die(mysql_error());
   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=".$_GET['id']."") or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>      
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>      
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>            
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author, FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter, views FROM articles WHERE id = '".$_GET['id']."'") or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6><h6>Viewed:&nbsp;'.$r2['views'].'&nbsp;</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                    
                   </div>
                   <!-- End Right Column -->                    
                     <div class="clear"></div>                    
         </div>        
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>
0
 
elfe69Commented:
still the same error ?
0
 
jvuzAuthor Commented:
Now I only get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM articles WHERE id = '34'' at line 1

I already looked at the places where there is FROM articles, but I don't see anything wrong. Do you?
0
 
elfe69Commented:
You have enclosed the id value with ' in your 2 last SELECT statements and id is a numeric field.

Try this:

<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");
mysql_query("UPDATE articles SET views = (views + 1) WHERE id=".$_GET['id']) or die(mysql_error());
   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=".$_GET['id']) or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>      
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>      
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>            
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author, FROM articles WHERE id = ".$_GET['id']) or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter, views FROM articles WHERE id = ".$_GET['id']) or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6><h6>Viewed:&nbsp;'.$r2['views'].'&nbsp;</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                    
                   </div>
                   <!-- End Right Column -->                    
                     <div class="clear"></div>                    
         </div>        
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>
0
 
jvuzAuthor Commented:
Now, it's You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM articles WHERE id = 34' at line 1
0
 
elfe69Commented:
Remove the comma after author in your second SELECT statement:

<?php
ob_start();
?>
<?php
// include/require hier evt nog andere zaken
require ("../scripts/connect.php");
// we willen op deze pagina gebruik maken van beveiliging mbv sessies,
// dus includen (requiren) we session.php
require("../scripts/session.php");
mysql_query("UPDATE articles SET views = (views + 1) WHERE id=".$_GET['id']) or die(mysql_error());
   // Fetch the article category
   $rsc = mysql_query("SELECT category FROM articles WHERE id=".$_GET['id']) or die(mysql_error());
   $row = mysql_fetch_array($rsc);
      $cat = $row['category'];

  if (($cat == 2) && ((int)$_SESSION['slevel'] < 2)) {
      header("Location:accessdenied.php");
      exit(); //stop the script.
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>KB RBINS</title>
<link rel="stylesheet" type="text/css" href="../main.css" />
<link rel="shortcut icon" href="images/favicon.ico" type="image/x-icon" />
</head>
<body>
   <!-- Begin Wrapper -->
   <div id="wrapper">
         <!-- Begin Header -->
         <div id="header">
                  <h1>Knowledgebase System RBINS</h1>      
             </div>
             <!-- End Header -->
         <!-- Begin Faux Columns -->
             <div id="faux">            
                   <!-- Begin Left Column -->
                   <div id="leftcolumn">      
                     <?php
                            include("../scripts/checkuser.php");
                     ?>      
                   </div>
                   <!-- End Left Column -->
                   <!-- Begin Right Column -->
                   <div id="rightcolumn">      
                     <center><h2>Result</h2></center>            
                       <?php
                  $res=mysql_query("SELECT ID, title, article, author FROM articles WHERE id = ".$_GET['id']) or die(mysql_error()) ;
                  $r = mysql_fetch_array($res);
                  $article = nl2br($r['article']);
                  echo '<div class="result"><h3>KB'.$r['ID'].'&nbsp; - &nbsp;'.$r['title'].'</h3><br />';
                  echo $article;
                  $res2=mysql_query("SELECT score, counter, views FROM articles WHERE id = ".$_GET['id']) or die(mysql_error()) ;
                  $r2 = mysql_fetch_array($res2);
                  if ($r2['counter']=="0") {
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>No grade has been given yet</h6></div>' ;}
                        else {
                        $r3=round ($r2['score']/$r2['counter'],2);//2 or less decimals
                        echo '</div><div class="author"><h5>'.$r['author'].'</h5><h6>Grade:&nbsp;'.$r3.'&nbsp;('.$r2['counter'].'&nbsp;vote(s))</h6><h6>Viewed:&nbsp;'.$r2['views'].'&nbsp;</h6></div>';}
                  ?>      
                  <br />
                  <?php
                        include("../scripts/counting.php");
                  ?>
                  <br />
                  <a href="../index.php">Another search?</a>
                     <div class="clear"></div>                    
                   </div>
                   <!-- End Right Column -->                    
                     <div class="clear"></div>                    
         </div>        
         <!-- End Faux Columns -->
         <!-- Begin Footer -->
         <div id="footer">                  
               <h4>Jo Vanattenhoven&copy;2007</h4>            
         </div>
             <!-- End Footer -->            
   </div>
   <!-- End Wrapper -->
</body>
</html>
<?php
ob_end_flush();
?>
0
 
jvuzAuthor Commented:
Perfect!
0
 
elfe69Commented:
I knew that ;-)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 5
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now