0 
 public function getEmployeeId() {
        if (!isset($_SESSION["email"]) || !isset($_SESSION["passwrd"])) {
            header("Location:index.php");
            // Cannot Access this page without Login.
        }
        if (empty($_POST)){
            $_SESSION['ids'] = "";
            $query = mysqli_query($this->connection, "SELECT MAX(EmployeeId) AS EmployeeId FROM employees") or die("Query execution failed: " . mysqli_error());
            while ($row = $query->fetch_assoc()) {
                // Push the id to the array.
                $_SESSION['ids'] = $row["EmployeeId"];
            }
        }
    }

The above code snippet bring the latest registered employee ID from the database. ------------------------>--------------------

public function updateSalary(){
        if (!isset($_SESSION["email"]) || !isset($_SESSION["passwrd"])) {
            header("Location:index.php");
            // This code Snippet ensures that in order to access this page Employee needs to be Login.
        }
        $EmployeeID = (isset($_GET['EmployeeId']) ? $_GET['EmployeeId'] : '');
        $query = mysqli_query($this->connection, "SELECT * FROM salary WHERE EmployeeId= '" . $EmployeeID . "'") or die("Query execution failed: " . mysqli_error());
        while ($row = $query->fetch_assoc()){
            // Push the id to the array
            $_SESSION['eids'] = $row["EmployeeId"];
            $_SESSION['salry'] = $row["Salary"];
            if ($_SESSION['ids']) {
            $_SESSION['ids'] = "";
            }
        }

the above code snippet is my update function to update each record. And i have included both the above function in my html form at the top.

The Problem is that : As my insertion and updation form is same, so the session value which is in if statement is echoed in the text box , else part does not work even if session is unset in if part, What should i do ? See the below code

here is the value attribute :

 <td>
                   <input type="number" name="EmployeeId" placeholder="EmployeeId" value="<?php if (isset($_SESSION["ids"])){echo $id_salaries;}else{echo $emp_id;} ?>" id="EmployeeId" autocomplete="off" class="form-control" readonly>
                </td>
Improve this question
5
  • your session if ($_SESSION['ids']) seems to always be set even with empty value, and its comparison is checking if it only exists and is not valued, is not that the problem? Commented Sep 14, 2017 at 3:43
  • 1
    This is not unset $_SESSION['ids'] = ""; this is your assigning empty value to session . session unset should be unset($_SESSION['ids']) Commented Sep 14, 2017 at 3:46
  • Yes, the value is coming from database in textfield when i want to insert data , but when i want to update some data than the id is not coming in text field Commented Sep 14, 2017 at 3:46
  • Your code is vulnerable to SQL injection, you need to fix this. Commented Sep 14, 2017 at 3:47
  • 1
    yes it worked , thanks Commented Sep 14, 2017 at 3:48

1 Answer 1

Reset to default
1

This is not session unset $_SESSION['ids'] = ""; this is your assigning empty string value to session . session unset should be unset($_SESSION['ids'])

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.