$_REQUEST problem
Script displays data which is homeworks sent for a teacher. All that stores in works table. Works are selected according to teacher's subject which stores in subjects table in DB.
All works display correctly, but when clicking to the link which should lead you to a work evaluating form
, you've got a blank page instead of work itself and evaluating form.
However the url contains work id that is why I can't understand what is the reason of the problem.
Could somebody hint what is the reason?
All works display correctly, but when clicking to the link which should lead you to a work evaluating form
, you've got a blank page instead of work itself and evaluating form.
However the url contains work id that is why I can't understand what is the reason of the problem.
<?php
// start session
session_start();
include('connection.php');
if (!$_SESSION['login'])
{
echo "<a href='./login.php'>Нужно войти</a>"
}
elseif (!in_array($_SESSION['userdata']['stat'], array("Директор", "Декан", "Мастер")))
{
echo "<a href='./login.php'>Доступ запрещен<
}
else
{
$page_title = 'Проверка работ';
include('header.php');
/* PAGE CONTENT */
if ($_SESSION['userdata']['stat'] == "Директор")
{
$allworks = isset($_REQUEST['allworks']);
}
else
{
$allworks = FALSE;
}
$id = (int) $_REQUEST['id'];
if ($id || $id == 0)
{
// работа
$result2 = mysql_query("SELECT * FROM subjects WHERE nick = '"
$row2 = mysql_fetch_assoc($result2);
$subjcase = $allworks ? "" : "AND subject='{$row2['subj']}'";
$row = mysql_fetch_assoc(mysql_query("SELECT works.*, timetable.name AS lecti
var_dump($row);
if ($row)
{ $row["nick"];
switch($_REQUEST['what'])
{
case 'mark':
mysql_query("UPDATE works SET points=" . ((int) $_POST['mark']) . ", comment='{$_POST['comment']}', stat='П
mysql_query("UPDATE test SET points = points + " . ((int) $_POST['mark']) . " WHERE nick = '".$row["nick"]."'");
echo "<center><span style='color: green; fon
break;
case 'reject':
// mysql_query("UPDATE works SET rejectcomm
$work = mysql_fetch_assoc(mysql_query("SELECT * FROM works WHERE id=$id LIMIT 1"
mysql_query("DELETE FROM works WHERE id=$id LIMIT 1"
$user = mysql_fetch_assoc(mysql_query("SELECT email FROM test WHERE nick='" . mysql_escape_string($work['nick']) . "' LIMIT 1"));
mail($user['email'], "=?koi8-r?B?" . base64_encode(convert_cyr_string("Ваша работа была отклонена", "w", "k")) . "?=", convert_cyr_string(
"Ваша работа была отклонена. Причина отк
. "<br><br>{$work['workcomp']}"
,
"w", "k"),
"From: ... <none@nowhere.com>\r\nContent-T
echo "<center><span style='color: green; fon
break;
default:
/* вывод работы */
echo "<center>Предмет: <b>{$row['subject']}<
if ($row['wmode'] == 1)
{
echo "Лекция: <b>{$row['lectionname']}</b>";
}
else
{
echo "Дополнительная работа по предмету";
}
echo "<br><br>Отправлена: <b>{$row['nick']}<
echo "<h1>{$row['name']}</h1>";
echo "<br><br>{$row['workcomp']}";
echo "<form action='{$_SERVER['PHP_SELF']}' m
echo "<input type=hidden name=id value=$id><i
if ($allworks) echo "<input type=hidden name=allworks value=1>
echo "<b>Поставить оценку: <select name=mark>
for ($i = 0; $i < 13; $i++) echo "<option value='$i'>$i</option>";
echo "</select><br><br>";
echo "Комментарий к работе:<br><textarea name=c
echo "<input type=submit value='Оценить работ
echo "Комментарий к отклонению:<br><textarea n
echo "<input type=submit value='Отклонить раб
echo "</form><a href='menu.php'>Веренуться в г
/* END вывод работы */
}
}
}
if (!$id)
{
// таблица
$result2 = mysql_query("SELECT * FROM subjects WHERE nick = '"
$row2 = mysql_fetch_assoc($result2);
$subjcase = $allworks ? "" : "WHERE subject='{$row2['subj']}'";
?><table cellspacing=2 cellpadding=0 wid
<tr><td><b>Дата</b></td><td><b>Предмет<
<?php
// число работ
$count = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) AS cnt FROM works $subj
// постраничная выборка
$mpp = 20;
$p = (int) $_REQUEST['page'];
$query = "SELECT works.*, timetable.name AS lecti
LEFT JOIN timetable ON works.lection=tim
WHERE works.subject IN (SELECT subj FROM s
WHERE nick = '".mysql_escape_string($_SESSION['userdata']['nick'])."' )
ORDER BY time DESC LIMIT " . ($p * $mpp) . ", $mpp";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo "<tr>";
echo "<td>" . date('d.m.Y H:i', $row['time']) . "</td>";
echo "<td>{$row['subject']}</td>";
echo "<td><a href='{$_SERVER['PHP_SELF']}?"
echo "<td>{$row['nick']}</td>";
echo "<td>{$row['stat']}</td>";
echo "<td>{$row['points']}</td>";
echo "</tr>";
}
?></table><center><a href='menu.php'>Верен
include('functioncount.php');
shownumerlist($p, $count['cnt'], $mpp, $_SERVER['PHP_SELF'] . "?" . ($allworks ? "allworks&" : ""));
}
/* END PAGE CONTENT */
include('footer.php');
}
?>
// start session
session_start();
include('connection.php');
if (!$_SESSION['login'])
{
echo "<a href='./login.php'>Нужно войти</a>"
}
elseif (!in_array($_SESSION['userdata']['stat'], array("Директор", "Декан", "Мастер")))
{
echo "<a href='./login.php'>Доступ запрещен<
}
else
{
$page_title = 'Проверка работ';
include('header.php');
/* PAGE CONTENT */
if ($_SESSION['userdata']['stat'] == "Директор")
{
$allworks = isset($_REQUEST['allworks']);
}
else
{
$allworks = FALSE;
}
$id = (int) $_REQUEST['id'];
if ($id || $id == 0)
{
// работа
$result2 = mysql_query("SELECT * FROM subjects WHERE nick = '"
$row2 = mysql_fetch_assoc($result2);
$subjcase = $allworks ? "" : "AND subject='{$row2['subj']}'";
$row = mysql_fetch_assoc(mysql_query("SELECT works.*, timetable.name AS lecti
var_dump($row);
if ($row)
{ $row["nick"];
switch($_REQUEST['what'])
{
case 'mark':
mysql_query("UPDATE works SET points=" . ((int) $_POST['mark']) . ", comment='{$_POST['comment']}', stat='П
mysql_query("UPDATE test SET points = points + " . ((int) $_POST['mark']) . " WHERE nick = '".$row["nick"]."'");
echo "<center><span style='color: green; fon
break;
case 'reject':
// mysql_query("UPDATE works SET rejectcomm
$work = mysql_fetch_assoc(mysql_query("SELECT * FROM works WHERE id=$id LIMIT 1"
mysql_query("DELETE FROM works WHERE id=$id LIMIT 1"
$user = mysql_fetch_assoc(mysql_query("SELECT email FROM test WHERE nick='" . mysql_escape_string($work['nick']) . "' LIMIT 1"));
mail($user['email'], "=?koi8-r?B?" . base64_encode(convert_cyr_string("Ваша работа была отклонена", "w", "k")) . "?=", convert_cyr_string(
"Ваша работа была отклонена. Причина отк
. "<br><br>{$work['workcomp']}"
,
"w", "k"),
"From: ... <none@nowhere.com>\r\nContent-T
echo "<center><span style='color: green; fon
break;
default:
/* вывод работы */
echo "<center>Предмет: <b>{$row['subject']}<
if ($row['wmode'] == 1)
{
echo "Лекция: <b>{$row['lectionname']}</b>";
}
else
{
echo "Дополнительная работа по предмету";
}
echo "<br><br>Отправлена: <b>{$row['nick']}<
echo "<h1>{$row['name']}</h1>";
echo "<br><br>{$row['workcomp']}";
echo "<form action='{$_SERVER['PHP_SELF']}' m
echo "<input type=hidden name=id value=$id><i
if ($allworks) echo "<input type=hidden name=allworks value=1>
echo "<b>Поставить оценку: <select name=mark>
for ($i = 0; $i < 13; $i++) echo "<option value='$i'>$i</option>";
echo "</select><br><br>";
echo "Комментарий к работе:<br><textarea name=c
echo "<input type=submit value='Оценить работ
echo "Комментарий к отклонению:<br><textarea n
echo "<input type=submit value='Отклонить раб
echo "</form><a href='menu.php'>Веренуться в г
/* END вывод работы */
}
}
}
if (!$id)
{
// таблица
$result2 = mysql_query("SELECT * FROM subjects WHERE nick = '"
$row2 = mysql_fetch_assoc($result2);
$subjcase = $allworks ? "" : "WHERE subject='{$row2['subj']}'";
?><table cellspacing=2 cellpadding=0 wid
<tr><td><b>Дата</b></td><td><b>Предмет<
<?php
// число работ
$count = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) AS cnt FROM works $subj
// постраничная выборка
$mpp = 20;
$p = (int) $_REQUEST['page'];
$query = "SELECT works.*, timetable.name AS lecti
LEFT JOIN timetable ON works.lection=tim
WHERE works.subject IN (SELECT subj FROM s
WHERE nick = '".mysql_escape_string($_SESSION['userdata']['nick'])."' )
ORDER BY time DESC LIMIT " . ($p * $mpp) . ", $mpp";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
echo "<tr>";
echo "<td>" . date('d.m.Y H:i', $row['time']) . "</td>";
echo "<td>{$row['subject']}</td>";
echo "<td><a href='{$_SERVER['PHP_SELF']}?"
echo "<td>{$row['nick']}</td>";
echo "<td>{$row['stat']}</td>";
echo "<td>{$row['points']}</td>";
echo "</tr>";
}
?></table><center><a href='menu.php'>Верен
include('functioncount.php');
shownumerlist($p, $count['cnt'], $mpp, $_SERVER['PHP_SELF'] . "?" . ($allworks ? "allworks&" : ""));
}
/* END PAGE CONTENT */
include('footer.php');
}
?>
Could somebody hint what is the reason?
