0

I got a list of id from 1 table . I recently make a few change to the table where i add another column(Active) for id activation . The table look like this

ID | name | active
---|------|-------
01 | Jack | 1
02 | Ben  | 1

The list show if the id is active , i use yellow bulb icon and if not active it show grey bulb icon . The problem i got is if i want to change the activation status of the id, it doesnt fetch the result(show only blank page).

SQL

$sql = "SELECT * FROM jobseeker";
$res = mysql_query($sql) or die(mysql_error());
while($row = mysql_fetch_array($res))

INDEX PHP

<td align="center"><?php if($row['active']) == '1'){ ?>
            <a href ="action.php?ID=<?php echo $row['ID']; ?>" onclick="return confirm ('You want to deactivate ?\n\nNo ID: <?php echo $row['ID']; ?>')"><img src="images/on.png" width="16" height="16" border="0" alt="Deactivate" style="cursor:pointer" align="absbottom" /></a>
            <?php } if($row['active'] == '0'){ ?>
            <a href ="action.php?ID=<?php echo $row['ID']; ?>" onclick="return confirm ('You want to activate ?\n\nNo ID: <?php echo $row['ID']; ?>')"><img src="images/off.png" width="16" height="16" border="0" alt="Activate" style="cursor:pointer" align="absbottom" /></a>
            <?php } ?></td>

ACTION PHP

<?php
session_start();

require_once "inc/db.php";
require_once "inc/tarikh.php";

if(isset($_GET['active'])){
    $status=$_GET['active'];
    $sql_status=mysql_query(" SELECT * FROM jobseeker WHERE id =".$status);
        while($row=mysql_fetch_object($sql_status)){
            $st=$row->active;

            if($st=='0'){
                $status2=1;
                }
                else{
                    $status2=0;
                    }

$update=mysql_query("UPDATE jobseeker SET active = ".$status2. WHERE ID = ".$status);
     if($update){
           header("Location: jobseeker_list.php");
           }
           else{
              echo mysql_error();
              }
     }
?>

Is there anything wrong with my code ? Please help me out

Improve this question
3
  • 2
    You're missing at least one quote character in action.php. Also your code is wide open to SQL injection. And all mysql_ functions are deprecated. Please consider switching to PDO instead. Commented Jan 28, 2014 at 7:56
  • @Arjan its still doesnt show any result Commented Jan 28, 2014 at 8:01
  • 1
    Small summary: What you are learning is already deprecated knowledge paired with a vulnerability (SQL Injection, as mentioned by @Arjan, en.wikipedia.org/wiki/SQL_injection) Commented Jan 28, 2014 at 8:07

1 Answer 1

Reset to default
1

You are only providing ID as a parameter to action.php.

<a href ="action.php?ID=<?php echo $row['ID']; ?>"

But you are only checking for $_GET['active']

if(isset($_GET['active'])){

So the code within the if clause will never execute. I guess you want to use $_GET['ID'] instead.

This has syntax errors (it should be obvious with the syntax highlighting)

$update=mysql_query("UPDATE jobseeker SET active = ".$status2." WHERE ID = ".$status);
                                                              ^- missing quote

And the usual advice: The mysql_* functions are deprecated and will be removed in future PHP versions. Your code will stop working then. Don't write new code with the mysql_* functions, use mysqli_* or PDO objects instad. Also, take a look at prepared statements to prevent SQL injections.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

thank! it work , i'm still learning about mysqli_* and PDO
great!! now start learning stackoverflow and accept the answer as the correct one ;)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.