PHP - Simple Query

The following mysql query is not returning rows like I expect it to. '$update_field' is a variable,  matching an actual field name in table 'users'. 'user_task[1]' is an integer value. What am I missing here?
Code: [Select]
$query_update_user = "UPDATE users SET ".$update_field." = 'Y' WHERE user_no = '".$user_task[1]."'";

This topic has been moved to MySQL Help.

http://www.phpfreaks.com/forums/index.php?topic=329660.0

The following query or while loop is only increasing the ArticleID variable every 3rd time the script is run, I've narrowed it down to the following code snippet. Can you spot a problem with this, I'm in my first week of PHP and MySQL and I can't see any problem with it.

Any help would be mighty appreciated by this idiot 

Code snippet:
---
$result = mysql_query("SELECT ArticleID FROM test_top ORDER BY ArticleID ASC LIMIT 1") or die(mysql_error()); 
   while($row = mysql_fetch_array($result))
   {
   $ArticleID=$row['ArticleID'];
   }
$ArticleID=intval($ArticleID);
$ArticleID++;
---

This topic has been moved to MySQL Help.

http://www.phpfreaks.com/forums/index.php?topic=314391.0

This topic has been moved to MySQL Help.

http://www.phpfreaks.com/forums/index.php?topic=350117.0

OK, here it is.  I have been trying to do this myself, but it has been driving me insane and I turn to professionals here for help.   I am a basic web developer for a company that I work for in other capacities. I have a reasonable understanding of HTML and that is about where my expertise ends. I am not typically a programmer, just a simple (extremely) part time designer that uses Muse and Dreamweaver when necessary.   However, recently my company has asked me to accomplish a task for their website. In plain English, they want a large database that exists currently as a CVS file made into a searchable web page.  It is 21 columns by approximately 6,700 rows.   To explain what I need a little more technically, here are my ideas and where I have gotten to so far:   1. The company uses godaddy, into which I *believe* I have successfully imported the spreadsheet. I believe it is successful because through godaddy's SQL Control Panel (phpMyAdmin console), I can do the EXACT searches that the company needs, and it spits out the EXACT results that I need.   2. The end result needs to be a .php that I can upload to the website's root folder that can be then inserted into premade pages using:

<iframe src="SMQ.php" scrolling="yes" width="950" height="800"></iframe>

3. On the .php page, I need to have a way to log in to the SQL server and a simple search box built in that will allow the user to input a very simple search string consisting of no more than 4 numbers and 3 letters at a time. No buttons, no check boxes, just a search box.   3. This query then needs to be output as a nice data table, similar to this: This in fact is a screenshot of a search I performed out of my SQL database, in phpMyAdmin using the column "Scott" for the search, and the number 226 as the search term. All column names are visible with the exception of the first column, entitled LINEID, made to be the key, and the output should not include the key but have everything else as above.   4. I can see what the simple line of php is that performed this task:

SELECT * FROM `SMQSQL` WHERE `Scott` = '226' ORDER BY `LINEID` ASC 

but I can't figure out how the hell to get this incorporated to a .php search.   To sum it up, I need a .php page written that can connect to a SQL database, perform a data based search, and spit out a clean table when it is done.   I had accomplished this in the past using an import into google docs and using it to perform a search and result display via the following code built into a php called SMQ.php:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Example of Google Spreadsheet Data Visualisation</title>
</head>

<body>

<form id="form1" method="post" action ="<?php echo $_SERVER['PHP_SELF']; ?>"> <label>
<input id="search" name="search" type="text" />
</label>
<label>
<input id="Scott #" name="Scott #" type="submit" value="Scott #" />
</label>

<img src="loading.gif" width="16" height="11" />
</form>
<p>
<?php
$search= $_REQUEST['search'];
if ($search > ''){ $search = $search;} else { $search = '';}
?>
<script type="text/javascript" src="http://www.google.com/jsapi"></script>
<script type="text/javascript">
google.load('visualization', '1', {packages: ['table']});
</script>
<script type="text/javascript">
var visualization;
function drawVisualization() {

var query = new google.visualization.Query(
'https://docs.google.com/spreadsheet/ccc?key=0AronCwm9QPefdGpIUllscGgtLUJod2pOazc0bjU0cUE&usp=sharing');

query.setQuery('SELECT A, B, C, D, E, F, G, H, I, J, K, L, M, N, O ,P ,Q ,R ,S ,T WHERE (A) LIKE ("<?php echo $search; ?>") order by A asc label A "Scott #", B "Den", C "Color", D "Cond", E "40", F "60", G "70", H "70J", I "75", J "75J", K "80", L "80J", M "85", N "85J", O "90", P "90J", Q "95", R "95J", S "98", T "98J"');
query.send(handleQueryResponse);
}

function handleQueryResponse(response) {
if (response.isError()) {
alert('Error in query: ' + response.getMessage() + '' + response.getDetailedMessage());
return;
}

var data = response.getDataTable();

    visualization = new google.visualization.Table(document.getElementById('table'));
    visualization.draw(data, { page: 'enable', page: 16, pageSize: 16, legend: 'bottom'});
}
google.setOnLoadCallback(drawVisualization);
</script>

 <div id="table"></div>

</div>

</body>
</html>

But as you can see, this may not be the most secure thing in the world, plus we want to be able to expand it in the future and not be so simplistic, hence the need to switch to SQL.   Please let me know right away by contacting me at disead@gmail.com if this is something YOU might be able to help with. I'm sure for an experienced programmer, once you have the details from me that you need, it would take maybe 10 minutes to write. I don't have much, but I can pay a little bit for this one time job. If it ends up working out, I may be able to pay more down the line for more advanced options such as being able to do drop-down searches based on the column titled "ISSUE", as well as more things down the line as it grows.   Thank you so much, I hope to hear from someone soon!!!

Im sure this is simple, but I cannot see what my problem is!

I am hitting an error on my insert query

Code: [Select]
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
I know the output of $user_id is 1, so my error is on $mysavepath

Code: [Select]
$mysavepath = $folder.'/'.$worldname.'_'.date("dMjY");
echo $mysavepath;
$savepath = mysql_query("INSERT INTO saves (user_id,savepath) VALUES ('$user_id','$mysavepath')");
echo '<br>'.$savepath;
if(!mysql_query($savepath))
{
die('<br>Error: ' . mysql_error());
}

however it all echos out ok?

Code: [Select]
188ea678f0dcdc8252aeb15e3c910408/world_15Jan152012
1
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1

Can anyone see the problem?

Cheers
Dave

Hi,

very simple i'm sure... i have a code for a text box to pull info into from a mysql table. easy enough:

Code: [Select]
<?php echo "<input type=\"text\" id=\"b_info\" name=\"b_info\" value=\"$b_info\" style=\"width: 327px\"  /text>"; ?>

but suppose i dont just want a "line of text" i want one of those boxes with the scroll bar down the side (lol like the one im writing this in  ) how do i change the above code to do it?

i though doing this:
Code: [Select]
<?php echo "<input type=\"textarea\" id=\"b_info\" name=\"b_info\" value=\"$b_info\" style=\"width: 327px\" style=\"height: 185px\" /textarea>"; ?>

would work, but obviously not, all ive done is make the box bigger 

easy workaround?

Thanks

I'm building a query that searches by database and returns matching (or almost matching) terms.  That part isn't the problem- I have it up and working.  The problem is that I'm trying to narrow down the search results, and it's not working.

Here's the query that works:
Code: [Select]
$result = mysql_query("SELECT * FROM auctions WHERE  name LIKE '%".$searchterm."%' OR Address LIKE '%".$searchterm."%' OR state like '%".$searchterm."%'");
Here's the query that DOESN'T works:
Code: [Select]
$result = mysql_query("SELECT * FROM auctions WHERE type='Cars' AND  name LIKE '%".$searchterm."%' OR Address LIKE '%".$searchterm."%' OR state like '%".$searchterm."%'");
What I'm trying to do is say "give me all the results from type:Cars.  Instead, it ignores the WHERE type='Cars' statement, and returns results for all types.  It frustrates me because I use the same exact query in a thousand other places, and it works everywhere else.  For example:

Code: [Select]
$sql = "SELECT * FROM auctions WHERE type='Boats' AND state='$v4' ORDER BY $v1 $v2";
works just fine.  I'm not exactly an expert on any of this, but I can see no logical reason why this works, but the Search code doesn't.  They appear in all ways identical, at least as far as query structure goes.  Can anyone spot where I screwed up?
Thanks!
Kyle

Hello, I am trying to pick up php again and just exercising my skills. So I have it so that it fills my form with the values of what I want to edit, and when I click the edit button, it doesn't edit any of the information. When I echo out $result, I get a MYSQL query string that has the same values as the table, so its not getting the new values that are edited.


<?php

@mysql_connect('localhost', 'root', '') or die("Could not connect to Mysql Server. " . mysql_error());

@mysql_select_db('tutorials') or die("Could not connect to Database. " . mysql_error());

if(isset($_GET['edit']))

{

$id = $_GET['edit'];

$query = "SELECT `username`, `password` FROM `users` WHERE `id` = '$id'";

$result = mysql_query($query);

$row = mysql_fetch_array($result);

$name = $row['username'];

$password = $row['password'];

}

if(isset($_POST['edit']))

{

$id = $_GET['edit'];

$query = "UPDATE `users` SET `username` = '$name', `password` = '$password' WHERE `id` = '$id'";

$result = mysql_query($query);

echo $query;

if(!$result)

{

echo mysql_error();

}else{

echo 'updated post';

}

}
?>
<form method="POST" action="" >

<input type="text" name="name" value="<?php echo $name; ?>" /> First name <br />

<input type="text" name="password" value="<?php echo $password; ?>" /> Last name <br />

<input type="submit" name="edit" value="edit" />
</form>


I believe it has something to do with the values of $name and $password in the form conflicting with the first if isset and the second if isset.

Thanks for any help possible   

I'm so sorry for this question but I not really know how to play with single and double quote.

If I have a query like this:

Code: [Select]
  mysql_query('UPDATE table SET Status=1,Sending=Done WHERE ID IN ('.implode(',', $done).')');
And I wish to add Code: [Select]
SentAt='$date' in the query as well , and I try this:

Code: [Select]
  mysql_query('UPDATE table SET Status=1,Sending=Done,SentAt='$date' WHERE ID IN ('.implode(',', $done).')');
Not working...how should I write it?

Thank you.

I'm attempting to implement a simple social networking system but at the moment am confused about how to create a multiple query which will display a certain user's friends list.

The database contains four tables, the two tables that I'm using at the moment at 'usersTable' and 'friendshipsTable' are detailed below.


usersTable           | Table that stores all the user data

UserID         | Default primary key
Forename              |
Surname         |
Username           |
Password              |
Email Address      |


friendshipTable   | Table that stores information about friendships between users

FriendshipID      |  Default primary key
userID_1                |  UserID
userID_2         |  UserID
Status         |  Either Pending or Confirmed.

The user's id is parsed into the url, and then saved into a variable.

blah.com/userprofile.php?id=6

$id = $_GET['id']; 

I am familiar with creating simple queries, but can't quite work out how to set up multiple table queries.

What the query needs to do is to check the userID that is parsed with the url, and then check the friendshipsTable by checking if either the userID_1 or userID_2 field  matches the userID to grab the records from the table where there is a match.

The next step is to check to see if the friendship is 'Confirmed' or 'Pending' and if it is 'Pending' to ignore it. Once the records have then been chosen I need the query to then check the value in either userID_1 or userID_2 that doesn't match userID and then pull the user's username and name from the usersTable so it can be displayed on a webpage.

I've no idea hoe much I may or may not be overcomplicating this, an example of the code that I've got so far for this query can be found below, but that's as far as I've got at the moment.

$displayFriends = mysql_query("SELECT * FROM friendshipTable, usersTable WHERE friendshipTable.userID_1='$id' OR friendshipTable.userID_2='$id' ");

Cheers for any help.

Hello all,   Based on the suggestion of you wonderful folks here, I went away for a few days (to learn about PDO and Prepared Statements) in order to replace the MySQLi commands in my code. That's gone pretty well thus far...with me having learnt and successfully replaced most of my "bad" code with elegant, SQL-Injection-proof code (or so I hope).   The one-and-only problem I'm having (for now at least) is that I'm having trouble understanding how to execute an UPDATE query within the resultset of a SELECT query (using PDO and prepared statements, of course).   Let me explain (my scenario), and since a picture speaks a thousand words I've also inlcuded a screenshot to show you guys my setup:   In my table I have two columns (which are essentially flags i.e. Y/N), one for "items alreay purchased" and the other for "items to be purchased later". The first flag, if/when set ON (Y) will highlight row(s) in red...and the second flag will highlight row(s) in blue (when set ON).   I initially had four buttons, two each for setting the flags/columns to "Y", and another two to reverse the columns/flags to "N". That was when I had my delete functionality as a separate operation on a separate tab/list item, and that was fine.   Now that I've realized I can include both operations (update and delete) on just the one tab, I've also figured it would be better to pare down those four buttons (into just two), and set them up as a toggle feature i.e. if the value is currently "Y" then the button will set it to "N", and vice versa.   So, looking at my attached picture, if a person selects (using the checkboxes) the first four rows and clicks the first button (labeled "Toggle selected items as Purchased/Not Purchased") then the following must happen:   1. The purchased_flag for rows # 2 and 4 must be switched OFF (set to N)...so they will no longer be highlighted in red. 2. The purchased_flag for row # 3 must be switched ON (set to Y)...so that row will now be highlighted in red. 3. Nothing must be done to rows # 1 and 5 since: a) row 5 was not selected/checked to begin with, and b) row # 1 has its purchase_later_flag set ON (to Y), so it must be skipped over.   Looking at my code below, I'm guessing (and here's where I need the help) that there's something wrong in the code within the section that says "/*** loop through the results/collection of checked items ***/". I've probably made it more complex than it should be, and that's due to the fact that I have no idea what I'm doing (or rather, how I should be doing it), and this has driven me insane for the last 2 days...which prompted me to "throw in the towel" and seek the help of you very helpful and intellegent folks. BTW, I am a newbie at this, so if I could be provided the exact code, that would be most wonderful, and much highly appreciated.   Thanks to you folks, I'm feeling real good (with a great sense of achievement) after having come here and got the great advice to learn PDO and prepared statements.   Just this one nasty little hurdle is stopping me from getting to "end-of-job" on my very first WebApp. BTW, sorry about the long post...this is the best/only way I could clearly explaing my situation.   Cheers guys!

case "update-delete":
	if(isset($_POST['highlight-purchased'])) 
		{
			// ****** Setup customized query to obtain only items that are checked ******
			$sql = "SELECT * FROM shoplist WHERE";
					for($i=0; $i < count($_POST['checkboxes']); $i++)
						{
							$sql=$sql . " idnumber=" . $_POST['checkboxes'][$i] . " or";
						}
					$sql= rtrim($sql, "or");
											
			$statement = $conn->prepare($sql);
			$statement->execute();
																						
			// *** fetch results for all checked items (1st query) *** //
			$result = $statement->fetchAll();

			$statement->closeCursor();
											
			// Setup query that will change the purchased flag to "N", if it's currently set to "Y"
			$sqlSetToN = "UPDATE shoplist SET purchased = 'N' WHERE purchased = 'Y'";
											
			// Setup query that will change the purchased flag to "Y", if it's currently set to "N", "", or NULL
			$sqlSetToY = "UPDATE shoplist SET purchased = 'Y' WHERE purchased = 'N' OR purchased = '' OR purchased IS NULL";

			$statementSetToN = $conn->prepare($sqlSetToN);
			$statementSetToY = $conn->prepare($sqlSetToY);
											
			/*** loop through the results/collection of checked items ***/
			foreach($result as $row)
				{
					if ($row["purchased"] != "Y")
						{
							// *** fetch one row at a time pertaining to the 2nd query *** //
							$resultSetToY = $statementSetToY->fetch();
															
							foreach($resultSetToY as $row)
								{															
									$statementSetToY->execute();																
								}
						}
					else
						{
							// *** fetch one row at a time pertaining to the 2nd query *** //
							$resultSetToN = $statementSetToN->fetch();
															
							foreach($resultSetToN as $row)
								{															
									$statementSetToN->execute();																
								}
						}
				}
				break;
		}

 CRUD Queston.png   20.68KB   0 downloads    

Here is my code:
// Start MySQL Query for Records
$query = "SELECT codes_update_no_join_1b" .
"SET orig_code_1 = new_code_1,
       orig_code_2 = new_code_2" .
"WHERE concat(orig_code_1, orig_code_2) = concat(old_code_1, old_code_2)";
$results = mysql_query($query) or die(mysql_error());
// End MySQL Query for Records


This query runs perfectly fine when run direct as SQL in phpMyAdmin, but throws this error when running in my script??? Why is this???

Code: [Select]
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= new_code_1, orig_code_2 = new_code_2WHERE concat(orig_code_1, orig_c' at line 1

If you also have any feedback on my code, please do tell me. I wish to improve my coding base.

Basically when you fill out the register form, it will check for data, then execute the insert query. But for some reason, the query will NOT insert into the database. In the following code below, I left out the field ID. Doesn't work with it anyways, and I'm not sure it makes a difference.

Code:

  Code: [Select]
mysql_query("INSERT INTO servers (username, password, name, type, description, ip, votes, beta) VALUES ($username, $password, $name, $server_type, $description, $ip, 0, 1)");
Full code:

Code: [Select]
<?php
include_once("includes/config.php");
 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><? $title; ?></title>
<meta http-equiv="Content-Language" content="English" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="style.css" media="screen" />
</head>
<body>
 
<div id="wrap">
 
<div id="header">
<h1><? $title; ?></h1>
<h2><? $description; ?></h2>
</div>
 
<? include_once("includes/navigation.php"); ?>
 
<div id="content">
<div id="right">
<h2>Create</h2>
<div id="artlicles">
<?php
 
if(!$_SESSION['user'])
{
 
        $username = mysql_real_escape_string($_POST['username']);
        $password = mysql_real_escape_string($_POST['password']);
        $name = mysql_real_escape_string($_POST['name']);
        $server_type = mysql_real_escape_string($_POST['type']);
        $description = mysql_real_escape_string($_POST['description']);
 
        if(!$username || !$password || !$server_type || !$description || !$name)
        {

        echo "Note: Descriptions allow HTML. Any abuse of this will result in an IP and account ban. No warnings!<br/>All forms are required to be filled out.<br><form action='create.php' method='POST'><table><tr><td>Username</td><td><input type='text' name='username'></td></tr><tr><td>Password</td><td><input type='password' name='password'></td></tr>";
        echo "<tr><td>Sever Name</td><td><input type='text' name='name' maxlength='35'></td></tr><tr><td>Type of Server</td><td><select name='type'>
       
        <option value='Any'>Any</option>
        <option value='PvP'>PvP</option>
        <option value='Creative'>Creative</option>
        <option value='Survival'>Survival</option>
        <option value='Roleplay'>RolePlay</option>
       
        </select></td></tr>
       
        <tr><td>Description</td><td><textarea maxlength='1500' rows='18' cols='40' name='description'></textarea></td></tr>";
        echo "<tr><td>Submit</td><td><input type='submit'></td></tr></table></form>";
        }
        elseif(strlen($password) < 8)
        {
        echo "Password needs to be higher than 8 characters!";
        }
        elseif(strlen($username) > 13)
        {
                echo "Username can't be greater than 13 characters!";
        }
        else
        {
                $check1 = mysql_query("SELECT username,name FROM servers WHERE username = '$username' OR name = '$name' LIMIT 1");
               
                if(mysql_num_rows($check1) < 0)
                {
                        echo "Sorry, there is already an account with this username and/or server name!";
                }
                else
                {
                        $ip = $_SERVER['REMOTE_ADDR'];

                        mysql_query("INSERT INTO servers (username, password, name, type, description, ip, votes, beta) VALUES ($username, $password, $name, $server_type, $description, $ip, 0, 1)");
                        echo "Server has been succesfully created!";
                }
        }
       
}
else
{
        echo "You are currently logged in!";
}
 
?>
</div>
</div>
 
<div style="clear: both;"> </div>
</div>
 
<div id="footer">
<a href="http://www.templatesold.com/" target="_blank">Website Templates</a> by <a href="http://www.free-css-templates.com/" target="_blank">Free CSS Templates</a> - Site Copyright MCTop
</div>
</div>
 
</body>
</html>