this is the code i m getting error with:-
function sanitizeString($var)
{
$var = trim($var);
$var = stripslashes($var);
$var = strip_tags($var);
$var = htmlentities($var);
return $var;
}
$errors = array();
$query = "";
if (isset($_POST["tests_list"])) {
$test_id = mysqli_real_escape_string($con, sanitizeString($_POST["tests_list"]));
$can_ids = $_POST["checkCandidate"];
$status = "active";
foreach ($can_ids as $can_value) {
$sel = mysqli_query($con, 'select * from assign_table where candidate_id="' .$can_value.'" and test_id="$test_id"');
if(mysqli_num_rows($sel)>0){
$errors[] = $can_value . " already assigned<br>";
}else{
$query .= "insert into assign_table(test_id, candidate_id, status) values('$test_id', '" . $can_value . "', '$status');";
}
}
if(count($errors)===0){
if (mysqli_multi_query($con, $query)) {
echo "success";
} else {
echo "error";
}
}else{
foreach ($errors as $error) {
echo $error;
}
}
} else {
echo "Direct Access Not Allowed";
}
i want to check if selected candidate already assigned or not. if candidate is already assigned to test it should display message already assigned, else insert candidate to assign_table, nut its not validating the select query. Anyone can help?
Aucun commentaire:
Enregistrer un commentaire