[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 426
  • Last Modified:

user's link to user's data

I have a datagrid that has the name of the user and a few pieces of their data displaying (currently working correctly).  
Within this datagrid, I made the users name a link so you can select it, a pop-up appears with all their data (currently somewhat working correctly).
The problem is, no matter what name you select you get the user data from the last entry in the sql db rather then the name you selected.

I am guessing I need to pass along the variable ('fb_name') of the selected link name from the datagrid to the pop-up?
<?php //THIS IS JUST THE POP-UP CODE

include_once "../connection/connect_to_mysql.php";

$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17";
    $result = mysql_query($sql) or die(mysql_error());
    while ($row = mysql_fetch_array($result))
    {
		
    $fb_friends_count = $row["fb_friends_count"];
    $fb_name = $row["fb_name"];
	$fb_count = $row["fb_count"];
	$fb_last_post = $row["fb_last_post"];
	$fb_likes = $row["fb_likes"];
	$current_value = $row["current_value"];
	$fb_likes_pop = $row["fb_likes_pop"];
	$fb_status = $row["fb_status"];
	$fb_pic = $row["fb_pic"];
	$rank = $row["rank"];
	}
?>



<?php //THIS IS THE LINE OF CODE THAT CALLS THE POP-UP FILE
case self::TYPE_HREF:

if ($value)
$value = '<a href="javascript:popcontact(\'pop-up.php\')"' . $this->parseVariables($row, $criteria) . '">' . $value . '</a>';
 break;
?>

Open in new window

0
g0mab2
Asked:
g0mab2
  • 8
  • 5
  • 2
3 Solutions
 
upandrun3Commented:
Hi g0mab2,

Yep, you're right with your assessment. That PHP code needs to accept some kind of identifier about the person you want details information about. Their name would work. A unique key (auto_increment) would probably be better, in case you have two people with the same name.  

Then you'll need to update your SQL query to include that condition as a WHERE conditional.

Currently, what's happening with your code is that you get a list of all the people with the query, then loop through all the records, writing the values from each row iteration into the variables you're tracking. When the loop finally ends, the variables have the last record's data populated in them.

Hope this helps,
Pete
0
 
g0mab2Author Commented:
okay, so how do I pass the data from one php file (the datagrid) to the pop-up?

I changed this (from the datagrid php file)
:

$value = '<a href="javascript:popcontact(\'pop-up.php\')"' . $this->parseVariables($row, $criteria) . '">' . $value . '</a>';

to this:
$value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\)"' . $this->parseVariables($row, $criteria) . '">' . $value . '</a>';

But now not even the pop-up appears.  Any idea what I am doing wrong?
0
 
g0mab2Author Commented:
And I changed this (from the pop-up php file):
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17";

to this:
$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17 WHERE id='$id'";
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
upandrun3Commented:
You may be getting a javascript error there.  Try this:

$value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\')"' . $this->parseVariables($row, $criteria) . '">' . $value . '</a>';


then in the pop-up.php file, you can access the query string parameter with:

$id = $_REQUEST['id'];

Pete
0
 
g0mab2Author Commented:
okay,
so here is the new pop-up.php file:

<?php

include_once "../connection/connect_to_mysql.php";

$id = $_REQUEST['id'];

$sql = "SELECT fb_friends_count, fb_name, fb_count, fb_last_post, fb_likes, current_value, fb_likes_pop, fb_status, fb_pic, rank FROM fb_data17 WHERE id='$id'";
    $result = mysql_query($sql) or die(mysql_error());
    while ($row = mysql_fetch_array($result))
    {
            
    $fb_friends_count = $row["fb_friends_count"];
    $fb_name = $row["fb_name"];
      $fb_count = $row["fb_count"];
      $fb_last_post = $row["fb_last_post"];
      $fb_likes = $row["fb_likes"];
      $current_value = $row["current_value"];
      $fb_likes_pop = $row["fb_likes_pop"];
      $fb_status = $row["fb_status"];
      $fb_pic = $row["fb_pic"];
      $rank = $row["rank"];
      }
?>


And I added the following line to the datagrid php file:

$value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\')"' . $this->parseVariables($row, $criteria) . '">' . $value . '</a>';


And the end result is the pop-up is not displaying any data.
0
 
upandrun3Commented:
what happens if you call pop-up.php?id=INSERT_VALUE_HERE  directly? Do you see the content that the script should be producing?  

Also, can you execute the SQL query directly against your database to ensure that it's returning an accurate/correct row of data?  You'll need to substitue variables with actual data of course.

Pete
0
 
g0mab2Author Commented:
When I call the file directly as you requested, the content appears exactly as it's supposed to.  
So I am geussing this means the SQL would return the same.
0
 
upandrun3Commented:
Exactly, the SQL should be returning what you need. The issue is occuring with the link that executes the javascript for the popup. I'm assuming popcontact() uses the url as the parameter to do an ajax call to get the data from pop-up.php?  

You may need to tweak that link to make the javascript work. You can try pulling out the popcontact() call initially and replace it with just something simple like alert(\'hello\')  to make sure that the link is responding correctly and you have the current escaping of the single quotes.

Pete
0
 
g0mab2Author Commented:
Doesn't it mean the way I am calling the $id is wrong not the popcontact?  I only say this because the popup is appearing and I can also get the popup to display the last record.  
I am taking a stab in the dark here.
0
 
upandrun3Commented:
It may depend on what the popcontact does. Can you provide the code for that javascript method?
0
 
g0mab2Author Commented:
Here is that javascript method:

<!-- Begin POP-UP SIZES AND OPTIONS CODE


function popcontact(URL) {
var popup_width = 600
var popup_height = 420
day = new Date();
id = day.getTime();
eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width='+popup_width+',height='+popup_height+'');");
}


//  End -->
0
 
neorushCommented:
I'm not sure what parseVariables() returns, but the syntax is a little wrong in the link, probably has to be more like this:
$value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\')" '.$this->parseVariables($row, $criteria).' >' . $value . '</a>';

if that doesn't work, just try this:
$value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\')" >' . $value . '</a>';

In the popup you should code for SQL injection here since I can replace $id with anything I want, and you should avoid using $_REQUEST if possible, can be as simple as this:
$id = $_REQUEST['id'];
should be:
$id = (int) $_GET['id'];

0
 
g0mab2Author Commented:
Okay, you're a smart dude, so I must be leaving something out here.  I am gonna give you a overview of this.

I have a file called 'datagrid_port.php'
inside this file I have...

<?php
require 'class.eyemysqladap.inc.php';
require 'class.eyedatagrid.inc.php';

// Load the database adapter
$db = new EyeMySQLAdap('hostmane', 'db', 'passwd', 'uname');

// Load the datagrid class
$x = new EyeDataGrid($db);

// Set the query
$x->setQuery("*", "fb_data17");

// Add a row selector
//$x->addRowSelect("alert('(ID: %id%)')");

// Apply a function to a row
function returnSomething($id)
{
      return strrev($id);
}
$x->setColumnType('id', EyeDataGrid::TYPE_FUNCTION, 'returnSomething', '%id%');


Inside one of those include files mentioned above I have this:
case self::TYPE_HREF:
      if ($value)
      $value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\')" '.$this->parseVariables($row, $criteria).' >' . $value . '</a>';



which calls this pop-up.php file:
include_once "../connection/connect_to_mysql.php";

$id = $_GET['id'];

$sql = "SELECT fb_pic, rank FROM fb_data17 WHERE id='$id'";
    $result = mysql_query($sql) or die(mysql_error());
    while ($row = mysql_fetch_array($result))
    {
            
      $fb_pic = $row["fb_pic"];
      $rank = $row["rank"];
      $id = $row["id"];
      }
?>
<!--- snippit data to save space
  <tr>
      <td height="15" align="left" valign="TOP" bgcolor="#FFFFFF">Current Value...............................</td>
      <td align="left" valign="TOP" bgcolor="#FFFFFF"><font color="#0082c0"><?php  print "$current_value"; ?></font></td>
      </tr>

What am I missing, because when I plug in the user's id manually it populates accurately?
0
 
neorushCommented:
It depends what is going on up above this bit:
case self::TYPE_HREF:
      if ($value)
      $value = '<a href="javascript:popcontact(\'pop-up.php?id=' .$id .'\')" '.$this->parseVariables($row, $criteria).' >' . $value . '</a>';

My guess is that $id is either not getting set or is not getting set correctly...when you look at the link generated on the apge does it look like this? href="javascript:popcontact('pop-up.php?id=')"  This means that $id does not exist when the links are being generated...
0
 
g0mab2Author Commented:
Great point, that is exactly what is happening.  I need to add the $id = $_GET['id']; at the top of the page?
0

Featured Post

Prep for the ITIL® Foundation Certification Exam

December’s Course of the Month is now available! Enroll to learn ITIL® Foundation best practices for delivering IT services effectively and efficiently.

  • 8
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now