0

Ok so,

I have been trying to make a ticket system for my wxPanel in order to provide basic support for the application. Although I am easily able to make a database record with the provided code:

PHP:

if (isset($_POST['submit'])) {
    $subject = $_POST['subject'];
    $message = $_POST['message'];

    $date = date('D M H:i');

    $subject = mysqli_real_escape_string($subject);
    $message = mysqli_real_escape_string($message);
    $ticket_id = 'TICK_'.rand(00000,99999);

    if (strlen($subject) === 0) {
        echo "Subject Invalid.";
    } elseif (strlen($message) === 0) {
        echo "Message Invalid.";
    } else {
        mysqli_query("INSERT INTO tickets VALUES(
        NULL,
        '".$ticket_id."',
        '".$_SESSION['user']."',
        '".$subject."',
        '1',
        '".$date."',
        '".$message."'
        )");
    }
    header('Location: /view-ticket?identifier='.$ticket_id);
}

Works fine... Then there is this, which is ment to fetch the ticket records and display the titles one by one:

PHP:

$query = mysqli_query("SELECT `subject`,`ticket_id` FROM tickets WHERE `username` = '".$_SESSION['user']."'");

while ($row = mysqli_fetch_assoc($query)) {
    $tickets = $row['subject'];
    $id = $row['ticket_id'];
}

foreach ($tickets as $ticket) {
    echo '
    <a href="view-ticket?identifier='.$id.'"><h2>'.$ticket.'</h2></a>
    ';
}

This always returns NULL. And also none of this works either:

if (isset($_GET['identifier']) === false || empty($_GET['identifier']) === true) {
    header('Location: /tickets');
    exit();
}

$id = mysqli_real_escape_string($_GET['identifier']);

$query = mysqli_query("SELECT `ticket_id`,`message`,`timestamp`,`status` FROM tickets WHERE `ticket_id` = '".$id."'");

while($row = mysqli_fetch_assoc($query)) {
    $ticket_id = $row['ticket_id'];
    $message = $row['message'];
    $timestamp = $row['timestamp'];
    $status = $row['status'];
}

foreach($message as $msg) {
    echo '
    <div class="ticket-message">
        <h2>'.$message.'</h2>
    </div>';
}

Thank you in advance!

p.s. Some of my code may be messy. Advice is always appreciated :)

Improve this question
12
  • 1
    For one thing, mysqli_real_escape_string() needs a DB connection parameter $subject = mysqli_real_escape_string($subject); which should read as $subject = mysqli_real_escape_string($con,$subject); - $con being the DB connection variable. Plus, I don't know how you're connecting with the rest of your code. This $query = mysqli_query("SELECT should look something like $query = mysqli_query($con,"SELECT... - Your DB connection wouldn't happen to be mysql_ by any chance, would it? Commented May 28, 2014 at 22:55
  • I am using the mysqli_connect, I wasn't aware that I needed to use a connection variable to directly interact with the database. Commented May 28, 2014 at 23:08
  • 1
    Yep and for so many reasons using mysqli_* functions. In the olden days of mysql_, once a connection was established, the functions didn't need it afterwards; all the more reasons for security reasons. So, doing that may very well fix all or most of the problems. Commented May 28, 2014 at 23:09
  • 1
    Add error reporting to the top of your file(s) error_reporting(E_ALL); ini_set('display_errors', 1); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); if you're not already doing so during development. It will signal any errors found, if any. Commented May 28, 2014 at 23:14
  • It is also very dangerous to code INSERT's without naming the columns as well as providing the data. Some bright spark is bound to look at the table definition and decide to move column2 after columns4 and then at best your query breaks and at worst puts data into the wrong column which nobody realises for days or weeks and really messes up your database. Commented May 28, 2014 at 23:26

1 Answer 1

Reset to default
2

Once you get the SELECT query working you are also going to have to look at the code that processes the results.

If ticket_id identifies a unique row

$query = mysqli_query($con, "SELECT ticket_id,message,timestamp,status 
                             FROM tickets WHERE ticket_id = '$id'");


$row = mysqli_fetch_assoc($query);
$ticket_id = $row['ticket_id'];
$message   = $row['message'];
$timestamp = $row['timestamp'];
$status    = $row['status'];

echo '<div class="ticket-message"><h2>'.$message.'</h2></div>';

If ticket_id does not identify a unique row

$query = mysqli_query($con, "SELECT ticket_id,message,timestamp,status 
                             FROM tickets WHERE ticket_id = '$id'");

// initialise the arrays that hold multiple row results
$ticket_id[] = array();
$message[]   = array();
$timestamp[] = array();
$status[]    = array();

while($row = mysqli_fetch_assoc($query)) {
   $ticket_id[] = $row['ticket_id'];
   $message[]   = $row['message'];
   $timestamp[] = $row['timestamp'];
   $status[]    = $row['status'];
}

foreach($message as $msg) {
   echo '<div class="ticket-message"><h2>'.$msg.'</h2></div>';
}
Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

Thank you both of you for helping, everything is up and running! Enjoy the rest of your evenings.
Ok, ran into one small problem
I have found that if I try to output $username or $timestamp it returns "Array".
I dont see any reference to $username but $timestamp is an array if you are using my amended code. It has to be as it contains data from multiple fetches
Well actually I may have assumed to much. As your query has a WHERE Ticket_id = '$id', if that identifies a unique row in the table then the code can be changed, give me a second to change my answer.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.