Display image WHILE

Beginners - Learning PHP
#1

Team,

I have searched the internet for a solution, but to no avail. I want an image to display when the value of a certain variable is “Approved”

[php]<?php
include(’…/htconfig/dbConfig.php’);
mysql_connect("$hostname","$username","$password");
mysql_select_db("$database")or die(“cannot select DB”);

if(isset($_GET[‘id’])) {
$id = $_GET[‘id’];
}
else {
echo Error;

}
$query=(“SELECT * FROM POs WHERE id = $id LIMIT 1”);
$result=mysql_query($query);
$num=mysql_numrows($result);
$i=0;

$f1=mysql_result($result,$i,“id”);
$f2=mysql_result($result,$i,“Agent”);
$f3=mysql_result($result,$i,“DateEntered”);
$f4=mysql_result($result,$i,“Shop”);
$f5=mysql_result($result,$i,“Category”);
$f6=mysql_result($result,$i,“Amount”);
$f7=mysql_result($result,$i,“Items”);
$f8=mysql_result($result,$i,“ApprovedDeclined”);
$f9=mysql_result($result,$i,“PurchaseDate”);
$f10=mysql_result($result,$i,“OrderNumber”);
$f11=mysql_result($result,$i,“Notes”);
$f12=mysql_result($result,$i,“Vendor”);

?>

Purchase Order
RXlogo
PURCHASE ORDER

Date: <?php echo $f3; ?>
PO #: <?php echo $f1; ?>
Vendor: <?php echo $f12; ?>
Shop: <?php echo $f4; ?>
 

Items: <?php echo $f7; ?>
Notes: <?php echo $f11; ?>
 

Amount: <?php echo $f6; ?>

 

Authorized by:

Date:
Rental Xpress, LLC PO Box 181140 Corpus Christi, TX 78480 Phone (361) 854-1111 Fax (361) 723-2114
[/php]

Line 74 is where I would like to display image “bittsig.jpg” after the text Approved By: if $f8 is “Approved”

I’d appreciate some input.

#2

You should rewrite this to use mysqli or pdo, as it stands it’s vulnerable to sql injection, and it looks horrible to maintain. Why all the fX-variables? They will make no sense to someone else trying to work on this. I would also change the database name as “POs” doesn’t really say anything about what you are selecting.

I would do it something like this:

SQL table orders (this still has a lot of room of improvement, depending on your solution you probably want to drag out amount and items into a table connecting items to orders, and then just summarizing their count/values.

[code]CREATE TABLE IF NOT EXISTS orders (
id int(11) unsigned NOT NULL AUTO_INCREMENT,
shop_id int(11) unsigned NOT NULL,
category_id int(11) unsigned NOT NULL,
vendor_id int(11) unsigned NOT NULL,
agent_id int(11) unsigned NOT NULL,
order_number int(11) NOT NULL,
items int(11) unsigned NOT NULL,
amount int(11) unsigned NOT NULL,
date_entered datetime NOT NULL,
date_purchased int(11) NOT NULL,
notes text NOT NULL,
status int(11) NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;

INSERT INTO orders (shop_id, category_id, vendor_id, agent_id, order_number, items, amount, date_entered, date_purchased, notes, status)
VALUES (1, 3, 5005, 134, 4623, 124, 199, ‘2013-11-13 21:09:39’, ‘2013-11-07 00:00:00’, ‘Some notes’, 1),
(1, 1, 5006, 130, 4423, 50, 299, ‘2013-11-13 21:10:21’, ‘2013-11-09 00:00:00’, ‘Some notes’, 0),
(2, 5, 5005, 134, 4601, 70, 349, ‘2013-11-13 21:13:45’, ‘2013-11-11 00:00:00’, ‘Some notes’, 1);
[/code]

DB.php
[php]<?php

class DB {

/**
*
* PDO connection
* @var PDO
*/
private $pdoConn = null;

/**
* Class constructor
*/
public function __construct() {
$this->_initDb();
}

/**
* Get PDO database connection
*
* @return
*/
public function getPDOConn() {
return $this->pdoConn;
}

/**
* Init db connection based on config
*/
private function _initDb() {
$this->pdoConn = new \PDO(‘mysql:dbname=test;host=localhost;charset=utf8’, ‘test’, ‘ghiShppmuHTulkXPq9CVBv9tkJj8ytyz’);
$this->pdoConn->exec(“set names utf8”);
$this->pdoConn->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
$this->pdoConn->setAttribute(\PDO::ATTR_EMULATE_PREPARES, false);
}

/**
* Executes parametarized query
* @param string $query
* @param array $params
* @param string $fetch_method
*/
public function query($query, $params = [], $fetch_method = ‘OBJ’, $class = ‘’) {
$stmt = $this->pdoConn->prepare($query);

  $result = $stmt->execute($params);
  
  if ($result) {
     $querybit = explode(" ", trim($query));
     if ($querybit[0] == 'SELECT') {
        if (strtoupper($fetch_method) === 'CLASS') {
           $ret = $stmt->fetchAll(constant('PDO::FETCH_CLASS'), $class);
        } else {
           $ret = $stmt->fetchAll(constant('PDO::FETCH_' . strtoupper($fetch_method)));
        }
     } else {
        $ret = [TRUE];
     }
  }      
  
  return !empty($ret) ? $ret : null;

}

/**
* Get last inserted id
*
* @return integer
*/
public function getLastInsertedId() {
return $this->pdoConn->lastInsertId();
}

/**
* Generate unnamed placeholders.
* Accepts an array of values that are to be inserted into the database.
*
* @param array $array
* @return string
*/
public function generatePlaceholders ($array) {
return rtrim(str_repeat(’?,’, count($array)), ‘,’);
}

/**
* Wrapper for mysql_real_escape_string
*
* @param string $string
* @return string
*/
protected function _escape($string) {
return mysql_real_escape_string($string);
}

}[/php]

order.php
[php]<?php

include_once ‘DB.php’;
$db = new DB();

$orderId = !empty($_GET[‘order’]) ? $_GET[‘order’] : null;
$order = $db->query(‘SELECT * FROM orders WHERE orders.id = ? LIMIT 1’, [$orderId])[0];

if (!empty($order)) {
$title = ‘Purchase order’;
include_once ‘template/header.php’;
include_once ‘template/purchaseOrder.php’;
include_once ‘template/footer.php’;

} else {
$title = ‘Order not found’;
include_once ‘template/header.php’;
include_once ‘template/404.php’;
include_once ‘template/footer.php’;
}
[/php]

template/style.css
[php].style1 {font-size: 36px}
.style2 {color: #999999}[/php]

template/header.php
[php]

<?= $title ?> [/php]

template/purchaseOrder.php
[php]

RXlogo
PURCHASE ORDER

Date: <?= $order->date_entered ?>
PO #: <?= $order->id ?>
Vendor: <?= $order->vendor_id ?>
Shop: <?= $order->shop_id ?>
 

Items: <?= $order->items ?>
Notes: <?= $order->notes ?>
 

Amount: <?= $order->amount ?>

 

Authorized by:

Date:
Rental Xpress, LLC PO Box 181140 Corpus Christi, TX 78480 Phone (361) 854-1111 Fax (361) 723-2114
[/php]

template/404.php
[php]

404 - Not found

[/php]

template/footer.php
[php]

[/php]

Hope this gives you an idea of how to break things up, and also do the sql-stuff much easier than what you’re doing today :slight_smile:

Sponsor our Newsletter | Privacy Policy | Terms of Service