0

I was trying to view each row details information when I clicked on the "select" button like image below:

the modal that shows details of staffID ot1234 popped out when i clicked on the "select" button on that row

However, only some select button will show it when clicked. Some of it like the "select" button for OT66918 and NE201314 does not show anything when click on it. Does anyone know how to solve it? Below is my code:

        <div class="wp-content">

  <div class="container-fluid">
  <h1>View Users</h1>
  <form action="admin.php" method="post">
  <main>
  <table>
    <thead>
      <tr>
        <th>
          StaffID
        </th>
        <th>
          Full Name
        </th>
        <th>
          Email
        </th>
        <th>
          Specialisation
        </th>
        <th></th>
      </tr>
    </thead>
    <tfoot>
      <tr>
        <th colspan='5'>
          MedTeam
        </th>
      </tr>
    </tfoot>
    <?php 
                
                $user = "SELECT * FROM users";
                $userQuery = mysqli_query($db,$user);
                if(mysqli_num_rows($userQuery) > 0) {
                    while($row=mysqli_fetch_assoc($userQuery)) {
          ?>     
    <tbody>
      <tr>
        <td data-title='Staff ID'>
        
        <?php    
                        echo $row['staffID'];                 //task name
        ?>
        
        </td>
        <td data-title='Full Name'>
        <?php    
                        echo $row['fullname'];                 //task name
        ?>
        </td>
        <td data-title='Email Address'>
        <?php    
                        echo $row['email'];                 //task name
        ?>
        </td>
        <td data-title='Specialisation'>
        <?php    
                        echo $row['specialisation'];                 //task name
        ?>
        </td>
        <td class='select'>

      
          <button type="button" name="submit" value=<?php echo $row['staffID'];?> class="btn btn-warning" data-toggle="modal" data-target="#modal-<?php echo $row['staffID'];?>">
          select </button>
          <?php echo $row['staffID']?>
          <a class='button' href="deleteuser.php?id=<?php echo $row['staffID']; ?>">
            Delete
          </a>
        
        </td>
        
   
      
      <div class="modal fade" id="modal-<?php echo $row['staffID'];?>">
                  <div class="modal-dialog">
                    <div class="modal-content">
                      <div class="modal-header">
                        <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                          <span aria-hidden="true">&times;</span></button>
                        <h4 class="modal-title">Default Modal</h4>
                      </div>
                      <div class="modal-body">
                        <div class="body table-responsive">
        <?php 
        $id=$row['staffID'];
        $viewuser= "SELECT * FROM users WHERE staffID ='$id'";
$result= mysqli_query($link,$viewuser);
if(mysqli_num_rows($result)>0){
  while($row=mysqli_fetch_assoc($result)){?>
           
                  <dl>
                    <dt>
                      StaffID
                    </dt>
                    <dd>
                    <?php echo $row['staffID']?>
                    </dd>
                    <dt>
                      E-mail
                    </dt>
                    <dd>
                    <?php echo $row['email']?>
                    </dd>
                    <dt>
                      Specialisation
                    </dt>
                    <dd>
                    <?php echo $row['specialisation']?>
                    </dd>
                    <dt>
                      Phone-Number
                    </dt>
                    <dd>
                    <?php echo $row['hp']?>
                    </dd>
                    <dt>
                      Address
                    </dt>
                    <dd>
                    <?php echo $row['address']?>
                    </dd>
                    <dt>
                      Emergency Address
                    </dt>
                    <dd>
                    <?php echo $row['Eaddress']?>
                    </dd>
                    <dt>
                      Emergency Contact
                    </dt>
                    <dd>
                    <?php echo $row['Ehp']?>
                    </dd>
                   
                  </dl>
                
          
       <?php   }  }?>
    

      <?php              }      ?>  
      </div>
</div>
</div>
</div>
</div>

      </tr> 
    </tbody>
  </table>
  <?php        
                }  
                else{
                    ?> <div class="mgn-3"><h2><?php echo "<strong> NO GROUP YET";?></h2></div><?php
                }
              ?>
</form>
marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Siu Qi Chai
  • 11
  • 1
  • 1
    for starters, change `value=` to `value=""` - that might have something to do with it – Kinglish May 14 '21 at 20:13
  • If this is user input you also should `htmlspecialchars` the output, otherwise XSS can occur. – user3783243 May 14 '21 at 20:21
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) – Dharman May 14 '21 at 20:50

0 Answers0