g0mab2
asked on
user's link to user's data
I have a datagrid that has the name of the user and a few pieces of their data displaying (currently working correctly).
Within this datagrid, I made the users name a link so you can select it, a pop-up appears with all their data (currently somewhat working correctly).
The problem is, no matter what name you select you get the user data from the last entry in the sql db rather then the name you selected.
I am guessing I need to pass along the variable ('fb_name') of the selected link name from the datagrid to the pop-up?
Within this datagrid, I made the users name a link so you can select it, a pop-up appears with all their data (currently somewhat working correctly).
The problem is, no matter what name you select you get the user data from the last entry in the sql db rather then the name you selected.
I am guessing I need to pass along the variable ('fb_name') of the selected link name from the datagrid to the pop-up?
<?php //THIS IS JUST THE POP-UP CODE
include_once "../connection/connect_to_mysql.php";
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_array($result))
{
$fb_friends_count = $row["fb_friends_count"];
$fb_name = $row["fb_name"];
$fb_count = $row["fb_count"];
$fb_last_post = $row["fb_last_post"];
$fb_likes = $row["fb_likes"];
$current_value = $row["current_value"];
$fb_likes_pop = $row["fb_likes_pop"];
$fb_status = $row["fb_status"];
$fb_pic = $row["fb_pic"];
$rank = $row["rank"];
}
?>
<?php //THIS IS THE LINE OF CODE THAT CALLS THE POP-UP FILE
case self::TYPE_HREF:
if ($value)
$value = '<a href="javascript:popcontact(\'pop-up.php\')"' . $this->parseVariables($row, $criteria) . '">' . $value . '</a>';
break;
?>
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
And I changed this (from the pop-up php file):
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17";
to this:
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17 WHERE id='$id'";
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17";
to this:
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17 WHERE id='$id'";
You may be getting a javascript error there. Try this:
$value = '<a href="javascript:popcontac
then in the pop-up.php file, you can access the query string parameter with:
$id = $_REQUEST['id'];
Pete
$value = '<a href="javascript:popcontac
then in the pop-up.php file, you can access the query string parameter with:
$id = $_REQUEST['id'];
Pete
ASKER
okay,
so here is the new pop-up.php file:
<?php
include_once "../connection/connect_to_
$id = $_REQUEST['id'];
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17 WHERE id='$id'";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_array($result)
{
$fb_friends_count = $row["fb_friends_count"];
$fb_name = $row["fb_name"];
$fb_count = $row["fb_count"];
$fb_last_post = $row["fb_last_post"];
$fb_likes = $row["fb_likes"];
$current_value = $row["current_value"];
$fb_likes_pop = $row["fb_likes_pop"];
$fb_status = $row["fb_status"];
$fb_pic = $row["fb_pic"];
$rank = $row["rank"];
}
?>
And I added the following line to the datagrid php file:
$value = '<a href="javascript:popcontac
And the end result is the pop-up is not displaying any data.
so here is the new pop-up.php file:
<?php
include_once "../connection/connect_to_
$id = $_REQUEST['id'];
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17 WHERE id='$id'";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_array($result)
{
$fb_friends_count = $row["fb_friends_count"];
$fb_name = $row["fb_name"];
$fb_count = $row["fb_count"];
$fb_last_post = $row["fb_last_post"];
$fb_likes = $row["fb_likes"];
$current_value = $row["current_value"];
$fb_likes_pop = $row["fb_likes_pop"];
$fb_status = $row["fb_status"];
$fb_pic = $row["fb_pic"];
$rank = $row["rank"];
}
?>
And I added the following line to the datagrid php file:
$value = '<a href="javascript:popcontac
And the end result is the pop-up is not displaying any data.
what happens if you call pop-up.php?id=INSERT_VALUE
Also, can you execute the SQL query directly against your database to ensure that it's returning an accurate/correct row of data? You'll need to substitue variables with actual data of course.
Pete
Also, can you execute the SQL query directly against your database to ensure that it's returning an accurate/correct row of data? You'll need to substitue variables with actual data of course.
Pete
ASKER
When I call the file directly as you requested, the content appears exactly as it's supposed to.
So I am geussing this means the SQL would return the same.
So I am geussing this means the SQL would return the same.
Exactly, the SQL should be returning what you need. The issue is occuring with the link that executes the javascript for the popup. I'm assuming popcontact() uses the url as the parameter to do an ajax call to get the data from pop-up.php?
You may need to tweak that link to make the javascript work. You can try pulling out the popcontact() call initially and replace it with just something simple like alert(\'hello\') to make sure that the link is responding correctly and you have the current escaping of the single quotes.
Pete
You may need to tweak that link to make the javascript work. You can try pulling out the popcontact() call initially and replace it with just something simple like alert(\'hello\') to make sure that the link is responding correctly and you have the current escaping of the single quotes.
Pete
ASKER
Doesn't it mean the way I am calling the $id is wrong not the popcontact? I only say this because the popup is appearing and I can also get the popup to display the last record.
I am taking a stab in the dark here.
I am taking a stab in the dark here.
It may depend on what the popcontact does. Can you provide the code for that javascript method?
ASKER
Here is that javascript method:
<!-- Begin POP-UP SIZES AND OPTIONS CODE
function popcontact(URL) {
var popup_width = 600
var popup_height = 420
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,lo
}
// End -->
<!-- Begin POP-UP SIZES AND OPTIONS CODE
function popcontact(URL) {
var popup_width = 600
var popup_height = 420
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,lo
}
// End -->
I'm not sure what parseVariables() returns, but the syntax is a little wrong in the link, probably has to be more like this:
$value = '<a href="javascript:popcontac
if that doesn't work, just try this:
$value = '<a href="javascript:popcontac
In the popup you should code for SQL injection here since I can replace $id with anything I want, and you should avoid using $_REQUEST if possible, can be as simple as this:
$id = $_REQUEST['id'];
should be:
$id = (int) $_GET['id'];
$value = '<a href="javascript:popcontac
if that doesn't work, just try this:
$value = '<a href="javascript:popcontac
In the popup you should code for SQL injection here since I can replace $id with anything I want, and you should avoid using $_REQUEST if possible, can be as simple as this:
$id = $_REQUEST['id'];
should be:
$id = (int) $_GET['id'];
ASKER
Okay, you're a smart dude, so I must be leaving something out here. I am gonna give you a overview of this.
I have a file called 'datagrid_port.php'
inside this file I have...
<?php
require 'class.eyemysqladap.inc.ph
require 'class.eyedatagrid.inc.php
// Load the database adapter
$db = new EyeMySQLAdap('hostmane', 'db', 'passwd', 'uname');
// Load the datagrid class
$x = new EyeDataGrid($db);
// Set the query
$x->setQuery("*", "fb_data17");
// Add a row selector
//$x->addRowSelect("alert(
// Apply a function to a row
function returnSomething($id)
{
return strrev($id);
}
$x->setColumnType('id', EyeDataGrid::TYPE_FUNCTION
Inside one of those include files mentioned above I have this:
case self::TYPE_HREF:
if ($value)
$value = '<a href="javascript:popcontac
which calls this pop-up.php file:
include_once "../connection/connect_to_
$id = $_GET['id'];
$sql = "SELECT fb_pic, rank FROM fb_data17 WHERE id='$id'";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_array($result)
{
$fb_pic = $row["fb_pic"];
$rank = $row["rank"];
$id = $row["id"];
}
?>
<!--- snippit data to save space
<tr>
<td height="15" align="left" valign="TOP" bgcolor="#FFFFFF">Current Value.....................
<td align="left" valign="TOP" bgcolor="#FFFFFF"><font color="#0082c0"><?php print "$current_value"; ?></font></td>
</tr>
What am I missing, because when I plug in the user's id manually it populates accurately?
I have a file called 'datagrid_port.php'
inside this file I have...
<?php
require 'class.eyemysqladap.inc.ph
require 'class.eyedatagrid.inc.php
// Load the database adapter
$db = new EyeMySQLAdap('hostmane', 'db', 'passwd', 'uname');
// Load the datagrid class
$x = new EyeDataGrid($db);
// Set the query
$x->setQuery("*", "fb_data17");
// Add a row selector
//$x->addRowSelect("alert(
// Apply a function to a row
function returnSomething($id)
{
return strrev($id);
}
$x->setColumnType('id', EyeDataGrid::TYPE_FUNCTION
Inside one of those include files mentioned above I have this:
case self::TYPE_HREF:
if ($value)
$value = '<a href="javascript:popcontac
which calls this pop-up.php file:
include_once "../connection/connect_to_
$id = $_GET['id'];
$sql = "SELECT fb_pic, rank FROM fb_data17 WHERE id='$id'";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_array($result)
{
$fb_pic = $row["fb_pic"];
$rank = $row["rank"];
$id = $row["id"];
}
?>
<!--- snippit data to save space
<tr>
<td height="15" align="left" valign="TOP" bgcolor="#FFFFFF">Current Value.....................
<td align="left" valign="TOP" bgcolor="#FFFFFF"><font color="#0082c0"><?php print "$current_value"; ?></font></td>
</tr>
What am I missing, because when I plug in the user's id manually it populates accurately?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I changed this (from the datagrid php file)
:
$value = '<a href="javascript:popcontac
to this:
$value = '<a href="javascript:popcontac
But now not even the pop-up appears. Any idea what I am doing wrong?