New Topic/Question
Reply
view_selection (where the product id is retrieved and put in the process page, form is near bottom)
<?php # Script 17.6 - view_selection.php
// This page displays the details for a particular selection.
include ('includes/header.html');
session_start();
$row = FALSE; // Assume nothing!
if (isset($_GET['pid']) && is_numeric($_GET['pid']) ) { // Make sure there's a product ID!
$pid = (int) $_GET["pid"];
// Get the print info:
require_once ('mysqli_connect.php');
$q = "SELECT productid, productName, price, image_name, systemName
FROM products, systems
WHERE productid=$pid
AND systems.systemid = products.systemid";
$r = mysqli_query ($dbc, $q);
if (mysqli_num_rows($r) == 1) { // Good to go!
//echo "<center>";
// Fetch the information:
$row = mysqli_fetch_array ($r, MYSQLI_ASSOC);
//include ('includes/header.html');
// Display a header:
echo "<h1>{$row['productName']}</h1><br />";
// Print the size or a default message:
//echo (is_null($row['size'])) ? '(No size information available)' : $row['size'];
// Get the image information and display the image:
if ($image = @getimagesize ("images/{$row[image_name]}")) {
echo "<p><img src=\"show_image.php?image_name=" . urlencode($row['image_name']) . "\" $image[3] alt=\"{$row['productName']}\" /></p>\n";
} else {
echo "<p>No image available.</p>\n";
}
// Add the description or a default message:
echo '<p>System: ' . ((is_null($row['systemName'])) ? '(No system name available)' : $row['systemName']) . '</p>';
echo "<p>Price: \${$row['price']}<br />";
echo "<p><a href=\"add_cart.php?pid=$pid\" style=\"border-style: none\"><img src=\"add_cart_btn.jpg\"></a></p>";
//$rater_id=$pid;
//$rater_item_name='$row['productName']';
//include("rater.php");
} // End of the mysqli_num_rows() IF.
//mysqli_close($dbc);
}
if (!$row) { // Show an error message.
$page_title = 'Error';
include ('includes/header.html');
echo '<div align="center">This page has been accessed in error!</div>';
}
$searchNotFound = false;
// Query for Feedback
$q = "SELECT name, feedback
FROM comments";
$num_results = 0;
echo '<p>Comments on this Game</p>';
// Create the table head:
echo '<table border="0" cellspacing="1" cellpadding="1" width="90%">';
// Display all the selections
$result = mysqli_query ($dbc, $q);
// If the result is not empty
$num_results = mysqli_num_rows($result);
if( $num_results ) {
while ($row = mysqli_fetch_array ($result, MYSQLI_ASSOC)) {
// Display each record:
echo "\t<tr>
<td align=\"middle\"><p>Customer Name: {$row['name']}</p></td>
</tr>\n
\t<tr>
<td align=\"middle\"><p>Comments: {$row['feedback']}</p></td>
</tr>\n
</tr>\n";
} // End of while loop.
// Free up the resources.
mysqli_free_result($result);
} else {
// wanted string not found - set not found flag on true
$searchNotFound = true;
}
// Close the database connection.
mysqli_close($dbc);
if( $searchNotFound ) {
echo '<p>No comments yet on this item.</p>';
}
?>
<FORM ACTION="process_feedback.php" METHOD="post">
<P>
<h2>Submit Comment About This Game</h2>
<p>Your name:<BR>
<INPUT TYPE="text" NAME="name" VALUE="" SIZE="55">
<P>Your email address:<BR/>
<INPUT TYPE="text" NAME="email" VALUE="" size="55"><br>
<input type="radio" name="rating" value="1"> 1<br>
<input type="radio" name="rating" value="2"> 2<br>
<input type="radio" name="rating" value="3"> 3<br>
<input type="radio" name="rating" value="4"> 4<br>
<input type="radio" name="rating" value="5"> 5<br>
<P>Your Comments:<BR/>
<TEXTAREA COLS="60" ROWS="10" NAME="feedback"></TEXTAREA>
<type="hidden" name="product_id" value="<?php echo $pid; ?>">
<P><INPUT TYPE="reset"><INPUT TYPE="submit" NAME="submitted" VALUE="Submit Feedback"/></P>
<?php
// Complete the page:
include ('includes/footer.html');
?>
process_feedback
<?php # process_feedback.php
// This page stores data from a feedback form into a table called comments.
// Set the page title and include the HTML header.
$page_title = 'Process Customer Feedback';
// Receive data from the feedback form
if (isset($_GET['pid']) && is_numeric($_GET['pid']) ) {
$errors = array(); // Initialize error array
$product_id = $_POST['product_id'];
echo "pid is: $product_id";
$rating = $_POST['rating'];
// Check for name
if (empty($_POST['name'])) {
$errors[] = 'You forgot to enter your name.';
} else {
$name = $_POST['name'];
}
// Check for email address
if (empty($_POST['email'])) {
$errors[] = 'You forgot to enter your email.';
} else {
$email = $_POST['email'];
}
// Check for feedback
if (empty($_POST['feedback'])) {
$errors[] = 'You forgot to enter your comment.';
} else {
$feedback = $_POST['feedback'];
}
//echo "feedback: $feedback";
//echo "pid: $product_id";
//echo "rating: $rating";
//echo "email: $email";
//echo "name: $name";
if (empty($error)) { // If everything is okay
// Establish a connection to the database
require_once ('mysqli_connect.php');
// Create a query to insert data into the comments table
$query = "INSERT INTO comments (name, email, feedback, rating, product_id, recorddate)
VALUES ('$name', '$email', '$feedback', '$rating', $product_id, NOW() )";
// Execute the query
$result = mysqli_query ($dbc, $query);
if ($result) { // If it ran OK.
echo '<p>Thank you for your feedback.</p>';
// Send an email, if desired.
$body = "Thank you for your comment!\n";
//mail ($_POST['email'], 'Thank you for your comment! Come again!', $body, 'From: ecommadmin@cscc.edu');
} else { // If it did not run OK.
echo '<p>Your comment has not been processed due to a system error. We apologize for any inconvenience.</p>';
}
} else { // if there is error in the data received, print error message
echo 'The following error(s) occurred:<br />';
foreach ($errors as $msg) { // Print each error.
echo " - $msg<br />\n";
}
echo '</p><p>Please try again.</p>';
}
} else {
echo '<p>No product ID</p>';
}
//mysqli_close($dbc); // Close the database connection.
?>
MultiQuote
I also moved the form up in the code and noticed I forgot to close the form tag, too. 
| 