|
PHP - Pdo Prepare Query Into A Function?
Hey, I am coding this forum and the following PDO prepare query calls the topic details. The prepare query works perfectly well, however when I add it into a function within another class and then call it, the script does not seem to work.
I get errors like the following: Fatal error: Call to a member function fetch() on a non-object in C:\wamp\www\new\sources\forum\new.php on line 117 The prepare query fails to excute, this is because I do not know how to add it into a function. This is what I tried: Code: [Select] class FUNC { function userDetails($table, $column, $cVaulue, $oBy, $ASDSC) { global $dbh; $sth = $dbh->prepare('SELECT * FROM `'.$table.'` WHERE `'.$column.'` = '.$cVaulue.' ORDER BY `'.$oBy.'` '.$ASDSC.''); $sth->bindParam(':id', $id, PDO::PARAM_INT); $sth->execute(); } } The FUNC class is called as the $load variable, and in my forum class I have decalred it in my global so the variable can be passed: Code: [Select] $id = $forum_data['id']; $load->userDetails('db_topics', 't_forum_id', ':id', 't_whenlast', 'DESC'); $coll=$sth->fetch(PDO::FETCH_ASSOC); $this->html->RightForum($coll); The code is very silly, but the fact is I did not know how to do this.. Please help me put this query into a function because I need to make use of it in many other parts of the forum and I don't want to constantly declare this query. Similar TutorialsExcerpts of code:
function addUser() {
$username = $_POST['username'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$bio = $_POST['bio'];
$email = $_POST['email'];
$c_status = 0;
//$avatar =
//$username_query = $pdo->prepare("SELECT * from profiles001 WHERE username=':username'");
//$username_query->bindValue(':username', $username);
//$username_query->execute();
$query = $pdo->prepare("INSERT into profiles001 (username, password, email, c_status, bio) VALUES (:username, :password, :email, :cstat, :bio)");
$query->bindValue(':username', $username);
$query->bindValue(':password', $password);
$query->bindValue(':email', $email);
$query->bindValue(':cstat', $c_status);
$query->bindValue(':bio', $bio);
$query->execute();
setAvatar();
}
function setAvatar() {
// check if avatar is set, if not give default avatar
if (isset($file) && $fileError === UPLOAD_ERR_OK) {
$file = $_FILES['userfile'];
$fileName = $file['name'];
$fileTmpName = $file['tmp_name'];
$fileSize = $file['size'];
$fileError = $file['error'];
$fileType = $file['type'];
$fileExt = explode('.', $fileName);
$fileActualExt = strtolower(end($fileExt));
$allowedExtensions = array('jpg', 'jpeg', 'png');
}
// if user has not assigned avatar, assign the default.
if (empty($file)) {
$avatar = "assets/soap.jpg";
$query = $pdo->prepare("INSERT INTO profiles001 (avatar) VALUES (:avatar)");
$query->bindValue(':avatar', $avatar);
$query->execute();
}
}
addUser();
}
From the database file:
<?php
$host = "localhost";
$database = "soapbox";
$username = "drb";
$password = "m1n3craft";
// Create connection
$pdo = new PDO('mysql:host=localhost;dbname=soapbox;', $username, $password);
/*
Print error message and or code to the screen if there is an error.
*/
?>
NOTE: I also require dbcon.php at the top of the confirmation.php file which is NOT included in the excerpt at the top. Making pdo a global variable would probably fix it, but from what I heard globals are frowned upon. Hi All, I have the following code which works fine:
$mysqli = new mysqli("server", "user", "pass", "database");
if($mysqli->connect_error) {
exit('Could not connect');
}
$sql = "SELECT customer_contactname, customer_companyname, customer_phonenumber, customer_emailaddress, customer_address1, customer_address2, customer_city, customer_postcode
FROM ssm_customer WHERE customer_id = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s", $_GET['q']);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($ccontname, $ccompname, $cphoneno, $cemail, $cad1, $cad2, $ccity, $cpost);
$stmt->fetch();
$stmt->close();
however, when i use my dbconn.php as an include rather than the top section of this code, i get the following error: function prepare() on null The error references the following $stmt = $mysqli->prepare($sql); In my database connection file, i am using the following: $conn = mysqli_connect($db_servername, $db_username, $db_password, $db_name); This seems to be the issue and i believe i am mixing procedural and object based but not sure why there should be a difference here? when i used my database connection file, i do change $mysqli->prepare to $conn->prepare Kind Regards Edited February 4, 2019 by AdamhumbugHello,
I am pretty new to PDO but have heard that it is good to use prepared statements to help avoid mysql injections.
What I'm wondering is, when using prepare, does one need to bind parameters or would one be able to do something like the following without risking security?
$db = new PDO(..);
$r = $db->prepare("SELECT * FROM test WHERE col=$_POST['col']");
$r->execute();
Thanks
I'd love to use anonymous placeholders on my ecommerce site project. I am writing half with php and half with golang. On the three examples below, when run, gives the following exception, " Error: Call to a member function execute() on string. " I tried it with a decimal too. Thanks in advance.
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->execute();
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->bindParam(1, $productID, PDO::PARAM_INT);
$stmt->execute();
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
//this one calls exception
$stmt->bindValue(1, $productID, PDO::PARAM_INT);
$stmt->execute();
Here is the rest of the code :
<?php
$filename = "";
$keyword1 = $_GET['keyword'];
$titleOfSelectedDropDown = $_GET['val1'];
$fileID = "";
$imageID = "a";
$displayID = "";
$keyword1 = "test";
$titleOfSelectedDropDown = "cc";
$host = 'localhost';
$user = 'root';
$pass = '';
$database = 'ecommerce';
$options = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => false
);
$gKeyword1 = "";
$gKeyword2 = "";
$gKeyword3 = "";
$key1ID = "";
$key2ID = "";
$key3ID = "";
$string1 = "<center><h1><u>Search Results</u><h1></center></p>";
$dbo = new PDO("mysql:host=$host;dbname=$database", $user, $pass, $options);
$stmt = $dbo->prepare = ("SELECT * FROM products WHERE ProductName = ?");
$test = "1";
$stmt->execute([ $test ]);
Edited March 17 by JoshEir mistake I'm trying to clean up all my functions with any queries which take dynamic parameters using PDO prepared statements. I originally thought I was using prepared statements and was told later I wasn't so it's been on my to-do list to go and clean them up. I have cleaned up a lot of them and tested them and they are working fine. This one is giving me a problem though..
/*fetch production data*/
if( isset( $field ) && isset( $type ) && isset( $value ) ) {
$sql = 'SELECT id, job_number, enterprise, description, line_item, as400_ship_date
FROM production_data
WHERE :field :type :value
ORDER BY enterprise, job_number, line_item LIMIT :offset, :records_per_page';
$stmt = $pdo->prepare($sql);
$stmt->execute( [ 'field' => $field, 'type' => $type, 'value' => $value, 'offset' => $offset, 'records_per_page' => $records_per_page ] );
} else {
$sql = 'SELECT id, job_number, enterprise, description, line_item, as400_ship_date
FROM production_data
ORDER BY enterprise, job_number, line_item LIMIT '. $offset . ', '. $records_per_page;
}
It takes values from some drop downs (I'm using tabulator to generate a table and this part is related to it's pagination functions)...here is the HTML for those elements.
<div class="table-controls">
<div class="form-row">
<div class="col">
<label for="filter-field" class="col-form-label-sm">Field: </label>
<select id="filter-field" class="form-control form-control-sm">
<option></option>
<option value="Job Number">Job Number</option>
<option value="Enterprise">Enterprise</option>
</select>
</div>
<div class="col">
<label for="filter-type" class="col-form-label-sm">Type: </label>
<select id="filter-type" class="form-control form-control-sm">
<option value="like" selected="selected">Like</option>
<option value="=">Equal to</option>
</select>
</div>
<div class="col">
<label for="filter-value" class="col-form-label-sm">Value: </label>
<input id="filter-value" class="form-control form-control-sm" style="float: left;" type="text" placeholder="Value to filter...">
</div>
<div class="col d-flex align-content-end flex-wrap">
<button id="filter-clear" class="btn btn-primary btn-sm rounded-0">Clear Filters & Sorting</button>
</div>
</div>
</div>
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? ? ORDER BY enterprise, job_number, line_item LIMIT ?, ?' at line 3 in C:\wamp64\www\test\scripts\order_status.php on line 125 I have this at the top of my index.php:
<?php
session_start();
// start of script every time.
// setup a path for all of your canned php scripts
$php_scripts = '/home/larry/web/test/php/'; // a folder above the web accessible tree
// load the pdo connection module
require $php_scripts . 'PDO_Connection_Select.php';
require $php_scripts . 'GetUserIpAddr.php';
//*******************************
// Begin the script here
$ip = GetUserIpAddr();
if (!$pdo = PDOConnect("foxclone")):
{
echo "Failed to connect to database" ;
exit;
}
else:
{
$stmt = $pdo->prepare("INSERT INTO 'download' ('IP_ADDRESS', 'FILENAME') VALUES (?, ?");
$stmt->bindParam(1, $ip);
$stmt->bindParam(2, $filename);
$stmt->execute();
}
endif;
//exit();
?>
I'm getting the following error at the $pdo->prepare line:
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''download' ('IP_ADDRESS','FILENAME') VALUES (?, ?' at line 1 in /home/larry/web/test/public_html/index2.php:23
Stack trace: #0 /home/larry/web/test/public_html/index2.php(23):
PDO->prepare('INSERT INTO 'do...') #1 {main} thrown in /home/larry/web/test/public_html/index2.php on line 23
I verified the format of the statement at https://www.w3schools.com/php/php_mysql_prepared_statements.asp but am unsure if it needs to be in the PDO_Connection_Select.php, or it belongs where I have it since the db is already connected. Hello, I have this code
<?php
$stmt = $db->prepare("INSERT INTO `members` (`playername`,`player_login_name`,`player_login_pass`,`my_email`,
`my_gender`,`signup_IP`,`signup_time`)
VALUES(?,?,?,?,?,?,?)");
$stmt->bind_param("ssssssi",$_POST['email'],$_POST['email'],md5($_POST['pass']),$_POST['email'],$_POST['gender'],$_POST['REMOTE_ADDR'],time());
$stmt->execute();
$stmt->close();
?>
and i will not insert into my database. I have check the syntax and there is no error, can anyore help me
thanks
with php pdo, the bindParam is not working. The query outputs :words and instead of the $words value. How can i get this code working?
$sql = "SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST (':words' IN BOOLEAN MODE)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':words', $words);
$stmt->execute();
which code example is more safe? The code below now has $words instead of :words but is missing bindParam.
$stmt = $db->prepare(SELECT count(*) FROM posts WHERE MATCH (comments) AGAINST ('$words' IN BOOLEAN MODE)");
$stmt->execute();
$words is passed through both php $_get and $_post
I've followed the PHP Freaks pagination tutorial which you can find here. And I also got it to work, the only problem is that the script won't work when I use the query outside of the function. Here's the function: <?php function knuffix_list ($query, $dbc) { // find out how many rows are in the table: $query_row = "SELECT COUNT(*) FROM con"; $query_run = mysqli_query ($dbc, $query_row); $row = mysqli_fetch_row($query_run); $num_rows = $row[0]; // number of rows to show per page $rows_per_page = 5; // find total pages -> ceil for rounding up $total_pages = ceil($num_rows / $rows_per_page); // get the current page or set a default if (isset($_GET['current_page']) && is_numeric($_GET['current_page'])) { // make it an INT if it isn't $current_page = (int) $_GET['current_page']; } else { // default page number $current_page = 1; } // if current page is greater than total pages then set current page to last page if ($current_page > $total_pages) { $current_page = $total_pages; } // if current page is less than first page then set current page to first page if ($current_page < 1) { $current_page = 1; } // the offset of the list, based on current page $offset = (($current_page - 1) * $rows_per_page); echo "test " . $query; // SCRIPT ONLY WORKS IF I INSERT QUERY HERE $query = "SELECT * FROM con, user WHERE con.user_id = user.user_id ORDER BY contributed_date DESC LIMIT $offset, $rows_per_page"; $data = mysqli_query ($dbc, $query) or die (mysqli_error ($dbc)); // Loop through the array of data while ($row = mysqli_fetch_array ($data)) { global $array; // Variables for the table $con_id = $row['con_id']; $likes_count = $row['likes']; $dislikes_count = $row['dislikes']; $dbuser_name = $row['nickname']; $dbuser_avatar = $row['avatar']; $user_id = $row['user_id']; // The TABLE echo "<table padding='0' margin='0' class='knuffixTable'>"; echo "<tr><td width='65px' height='64px' class='avatar_bg' rowspan='2' colpan='2'><img src='avatar/$dbuser_avatar' alt='avatar' /></td>"; echo "<td class='knuffix_username'><strong><a href='profile.php?user=$dbuser_name' title='Profile of $dbuser_name'>" . $dbuser_name . "</a> ___ " . $user_id . "____ <form action='' method='POST'><button type='submit' name='favorite' value='fav'>Favorite</button></form>"; echo "</strong><br />" . $row['category'] . " | " . date('M d, Y', strtotime($row['contributed_date'])) . "</td></tr><tr><td>"; echo "<form action='' method='post'> <button class='LikeButton' type='submit' name='likes' value='+1'>Likes</button> <button class='DislikeButton' type='submit' name='dislikes' value='-1'>Dislikes</button> <input type='hidden' name='hidden_con_id' value='" . $con_id . "' /> </form></td><td class='votes'>Y[" . $likes_count . "] | N[" . $dislikes_count . "]</td></tr>"; echo "<tr><td class='knuffix_name' colspan='3'><strong>" . htmlentities($row['name']) . "</strong><br /></td></tr>"; echo "<tr><td colspan='2' class='knuffix_contribution'><pre>" . $row['contribution'] . "</pre><br /></td></tr>"; echo "</table>"; // POST BUTTONS inside the table $likes = $_POST['likes']; $dislikes = $_POST['dislikes']; $con_id = $_POST['hidden_con_id']; $favorite = $_POST['favorite']; $array = array ($likes, $dislikes, $con_id, $user_id, $favorite); } /********* build the pagination links *********/ // BACKWARD // if not on page 1, show back links and show << link to go back to the very first page if ($current_page > 1) { echo " <a href='{$_SERVER['PHP_SELF']}?current_page=1'><<</a> "; // get previous page number and show < link to go to previous $prev_page = $current_page - 1; echo " <a href='{$_SERVER['PHP_SELF']}?current_page=$prev_page'><</a> "; } // CURRENT // range of number of links to show $range = 3; // loop to show links in the range of pages around current page for ($x = ($current_page - $range); $x < (($current_page + $range) + 1); $x++) { // if it's a valid page number... if (($x > 0) && ($x <= $total_pages)) { // if we're on current page if ($x == $current_page) { // highlight it but don't make a link out of it echo "[<b>$x</b>]"; // if it's not the current page then make it a link } else { echo "<a href='{$_SERVER['PHP_SELF']}?current_page=$x'>$x</a>"; } } } // FORWARD // if not on the last page, show forward and last page links if ($current_page != $total_pages) { // get next page $next_page = $current_page + 1; // echo forward link for next page echo " <a href='{$_SERVER['PHP_SELF']}?current_page=$next_page'>></a> "; // echo forward link for last page echo " <a href='{$_SERVER['PHP_SELF']}?current_page=$total_pages'>>></a> "; } /***** end building pagination links ****/ mysqli_close($dbc); } ?> As you can see above, the script will only work if I put the query right below the $offset variable and above the $data variable. I put the test echo above the query to see how the query looks like when I induce the query from the outside through the function parenthesis into the function, and this is what I get printed out: test SELECT * FROM con, user WHERE con.user_id = user.user_id ORDER BY contributed_date DESC LIMIT , Obviously the $offset and the $rows_per_page variables are not set, when I induce the query from the outside into the function. So in that sense my question is: How can I induce the query from the outside into the function SO THAT the $offset and the $rows_per_page variables are set as well and NOT empty? p.s. I need the query outside of the function because I'm using a sort by category functionality. hey... found this website when googling for a php help forum... hopefully this is the right place. I am about to start a major project for a new high profile company contract my company is presently bidding on. One of the requirements is a web interface to communicate between the 2 companies. I recently read (and have been reading more into it) that MDB2 is (one of) the best methods to communicate with a database (using prepared statements). It seems to be extremely popular, and not to difficult to use... however, for some reason, it just wont work for me. Code: [Select] <?php require_once '/include/MDB2.php'; function connect(){ $SQL = array( 'driver' => 'mysql', 'user' => '***', 'pass' => '***', 'host' => '127.0.0.1', 'dbname' => '***', ); $SQL['sql'] = $SQL['driver']."://".$SQL['user'].":".$SQL['pass']."@".$SQL['host']."/".$SQL['dbname']; $mdb2 = MDB2::connect($SQL['sql']); $mdb2->setOption('emulate_prepared',true); if(PEAR::isError($mdb2))die("Error while connecting : " . $mdb2->getMessage()); return $mdb2; } $mdb2 = connect(); $statement = $mdb2->prepare("INSERT INTO `test` (id,name) VALUES (?, ?)", array('integer','text'), MDB2_PREPARE_MANIP); $statement->execute(array(1,'someuser')); $statement->free(); ?> For some reason, this is not working? However if I just execute a normal query, it works no problem: Code: [Select] <?php $mdb2 = connect(); $statement = $mdb2->query("INSERT INTO `test` (id,name) VALUES (1,'someuser')"); ?> So, I am connecting properly, everything is good... but this prepared statement just hates me Any help please? Hi, I will be creating pdf in php using following library. http://sourceforge.net/projects/pdf-php/ After creating pdf ,I want to send PDF data in byte[] to web service. Any idea how to read pdf and prepare pdf data in byte[] array. With Kind Regards, Zohaib. Hey guys I am stuck on how to best create a php function to do the following.
I need to echo out 4 restaurants. I have a database of numerous restaurant categories: breakfast, lunch, dinner, and coffee. In this database some categories have more results than others.
Basically I want to randomly choose results from each category query, Breakfast, Lunch, and dinner to create 4 echoed results. (I understand that one category will have an extra result as there are 3 categories and 4 echoed results.) I do not want one category of restaurant to bump out another category because it has more results. Also, if there are not enough or no results from one category, I want extra results from the other queries to make up for it so that there are always 4 echoed items.
Finally, if there are not enough results from breakfast, lunch, dinner to make 4 echoed items, I would like Coffee to fill the 4 required results.
Randomly echo 4 results from the below primary queries:
Primary Query: Breakfast Restraunts Query
Primary Query: Lunch Restraunts Query
Primary Query: Dinner Restraunts Query
Get results from secondary query if Primary queries can’t echo 4 results:
Secondary Query: Coffee Shops Query
I hope this makes sense. I understand how to do the mysql queries, I just don't know how to do the php function to echo the results as required. Any help would be appreciated!
Edited by jason360, 09 January 2015 - 06:53 PM. I have a script that runs at the end of a batch process specifically built to clean out empty records. How can I make it a function and then call the function. Here is my query; Code: [Select] $sql="DELETE FROM ".$dbname." . property WHERE property . id=''"; mysql_query($sql) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql . "<br />\nError: (" . mysql_errno() . ") " . mysql_error()); $sql="DELETE FROM ".$dbname." . agents WHERE agents . ip_source=''"; mysql_query($sql) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql . "<br />\nError: (" . mysql_errno() . ") " . mysql_error()); $sql="DELETE FROM ".$dbname." . settings WHERE settings . prop_id=''"; mysql_query($sql) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql . "<br />\nError: (" . mysql_errno() . ") " . mysql_error()); I would like this to be in a function that i could specifically call the function. Why? Well because I have 5 different sets of queries like this set above and I'm going to build a conditional. So like if condition 1 then run use this function, condition 2, use function ??? etc and so on. Hi, Doing a Query SELECT * FROM table WHERE field BETWEEN low_number AND high_number If i have three rows with three numbers: IE: 27, 50, 80. and i run the query above, it returns a result of: 27 and 50. How can i get it to return a result of: 27,50, and 80.?? WHY: age range search: i want to return an age range of people = and between the age of say: 20 and 70 but i want to include the 20 and 70. How can i do this? Hello I have a general php insert function that I want to use to insert data into tables regulary, the problem is, each time I use it it creates a new row in the table instead of using certain columns to add information to, here is the function, can you tell me why does it insert a new row each time I use it?
class Query{
function add($table,$cols,$vals){
include 'conx.php';
$query = "
INSERT INTO $table($cols) VALUES('$vals');
";
$res = mysqli_query($con,$query) ;
if($res){
echo "Inserted value";
}else{
echo "Did not insert value";
}
}
}
Hi everyone, I used to know the function, but it was a very long time ago, for when you need to just extract a single value from a query... instead of having to use mysql_fetch_assoc in a while loop to build an array... e.g. Code: [Select] $TheResultingFieldValue = mysql_fetch_SOMETHING(mysql_query("SELECT aField FROM aTable WHERE anotherField = 'aCondition'")); I've created a function getsub(). The idea is that this function contains a query that grabs records from the categories table, using the $row['cat_id'] that I pass to it from within an existing while ($row=mysql_fetch_assoc($res)) loop. Heres the function: function getsub($rowid,$catsort) { global $system, $LANGUAGES, $subres; $subquery = "SELECT * FROM webid_categories WHERE parent_id = " . $rowid . " " . $catsort; $subres = mysql_query($subquery); $system->check_mysql($subres, $subquery, __LINE__, __FILE__); return $subres; } And heres the code that calls this function and passes the $row['cat_id'] value to it: // prepare categories list for templates/template // Prepare categories sorting if ($system->SETTINGS['catsorting'] == 'alpha') { $catsorting = ' ORDER BY cat_name ASC'; } else { $catsorting = ' ORDER BY sub_counter DESC'; } $query = "SELECT cat_id FROM " . $DBPrefix . "categories WHERE parent_id = -1"; $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); $query = "SELECT * FROM " . $DBPrefix . "categories WHERE parent_id = " . mysql_result($res, 0) . " " . $catsorting . " LIMIT " . $system->SETTINGS['catstoshow']; $res = mysql_query($query); $system->check_mysql($res, $query, __LINE__, __FILE__); while ($row = mysql_fetch_assoc($res)) { $subcats = getsub($row['cat_id'],$catsorting); while($subrow = mysql_fetch_assoc($subcats){ $template->assign_block_vars('sublist', array( 'SID' => $subrow['cat_id'], 'SNAME' => $category_names[$getrow['cat_id']] )); } $template->assign_block_vars('cat_list', array( 'CATAUCNUM' => ($row['sub_counter'] != 0) ? '(' . $row['sub_counter'] . ')' : '', 'ID' => $row['cat_id'], 'IMAGE' => (!empty($row['cat_image'])) ? '<img src="' . $row['cat_image'] . '" border=0>' : '', 'COLOUR' => (empty($row['cat_colour'])) ? '#FFFFFF' : $row['cat_colour'], 'NAME' => $category_names[$row['cat_id']] )); } then a .tpl file just references the {sublist.SID} and {sublist.SNAME} variables. BUT.... It ain't working. My page just goes blank. Any help would be massively appreciated. I want a simple function that converts a sql query into two queries for pagination purposes. So if the sql query is "SELECT `Name` FROM table1" I would like to perform: "SELECT COUNT(*) FROM table 1" and "SELECT `Name` FROM table1 LIMIT 10, 20" (example) (1) Would this work for most basic queries? (obviously if LIMIT wasn't already used)? (2) What command would I use to convert "SELECT `Name` FROM table1" to "SELECT COUNT(*) FROM table 1" I am aware there is more involved than this, but am just interested in the query side of things. Thanks in advance for help. I have a PHP script that has a function called traverseXMLNodes and it passes an xml string. I want anyone with a username and password to be able to call this function from his website or application or programming. In short i want my site to act as an API(Application Programming Interface). I am really stuck as to how to go about this. There are other functions i would like to call as well so traverseXMLNodes is not the only function i want to my "API" users to access. Below is the code I am using. the filename for my php i called remote.php. I am using the following query string to test and no results are returned. http://localhost/testfolder/remote.php?xmlstring=20 Code: [Select] <?php $allowedfuncs = array('xmlstring','remotefunction2'); if(in_array($_get['xmlstring'], $allowedfuncs)) { $func = $_get['xmlstring']; $output = traverseXMLNodes($func); // This calls $_get['funccall']() echo $output; } else { exit(); } function traverseXMLNodes ($func) { echo "The XML string is"; echo "<br/>"; echo $func; echo "<br/>"; } /* More functions go here */ ?> I'm trying to build a search function that will search all columns in a table. Here is what I've got: Code: [Select] if (isset($_POST['submitted'])) { $q = "SELECT * FROM children "; if(isset($_POST['query'])) { $q .= "WHERE "; $all = "SELECT * FROM children WHERE 1"; $r_all = mysqli_query($dbc, $all); while ($field = $r_all->fetch_field()) { // Get field headers for building query $f_name = "{$field->name} LIKE {$_POST['query']},:"; // Build query with search string $fn = explode(":",$f_name); // Need to convert $f_name to an array but this does not convert it to a single array but multiple arrays $q .= implode("OR", $fn); // Need to insert OR for the db query } // End while ($field = $r_all->fetch_field()) } // End if(isset($_POST['query'])) } // End if (isset($_POST['submitted'])) The explode function is what is not working for me. It gives me this (sam is the search string I entered into the form): Code: [Select] Array ( [0] => child_id LIKE sam, [1] => ) Array ( [0] => first_name LIKE sam, [1] => ) Array ( [0] => second_name LIKE sam, [1] => ) Array ( [0] => last_name1 LIKE sam, [1] => ) Array ( [0] => last_name2 LIKE sam, [1] => ) Array ( [0] => gender LIKE sam, [1] => ) Array ( [0] => dob LIKE sam, [1] => ) so instead of getting one array with each string being a value I get multiple arrays. Any ideas? |
|||||||