|
PHP - How Do I Change This Select Statement To $pdo->query
I need to convert the following select statement to a pdo->query but have no idea how to get it working: SELECT t.id FROM ( SELECT g.* FROM location AS g WHERE g.start <= 16785408 ORDER BY g.start DESC, g.end DESC LIMIT 1 ) AS t WHERE t.end >= 16785408; Here's the code I'm trying:
<?php
$php_scripts = '../../php/';
require $php_scripts . 'PDO_Connection_Select.php';
require $php_scripts . 'GetUserIpAddr.php';
function mydloader($l_filename=NULL)
{
$ip = GetUserIpAddr();
if (!$pdo = PDOConnect("foxclone_data"))
{
exit;
}
if( isset( $l_filename ) ) {
$ext = pathinfo($l_filename, PATHINFO_EXTENSION);
$stmt = $pdo->prepare("INSERT INTO download (address, filename,ip_address) VALUES (?, ?, inet_aton('$ip'))");
$stmt->execute([$ip, $ext]) ;
$test = $pdo->prepare("SELECT t.id FROM ( SELECT g.id FROM lookup AS g WHERE g.start <= inet_aton($ip) ORDER BY g.start DESC, g.end DESC ) AS t WHERE t.end >=inet_aton($ip)");
$test ->execute() ;
$ref = $test->fetchColumn();
$ref = intval($ref);
$stmt = $pdo->prepare("UPDATE download SET ref = '$ref' WHERE address = '$ip'");
$stmt->execute() ;
header('Content-Type: octet-stream');
header("Content-Disposition: attachment; filename={$l_filename}");
header('Pragma: no-cache');
header('Expires: 0');
readfile($l_filename);
}
else {
echo "isset failed";
}
}
mydloader($_GET["f"]);
exit;
It gives the following error: QuoteFatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '.144.181) ORDER BY g.start DESC, g.end DESC ) AS t WHERE t.end >=inet_aton(7' at line 1 in /home/foxclone/test.foxclone.com/download/mydloader.php:19 Stack trace: #0 /home/foxclone/test.foxclone.com/download/mydloader.php(19): PDO->prepare('SELECT t.id FRO...') #1 /home/foxclone/test.foxclone.com/download/mydloader.php(38): mydloader('foxclone40a_amd...') #2 {main} thrown in /home/foxclone/test.foxclone.com/download/mydloader.php on line 19 How do I fix this? Similar TutorialsThere are about 400 records in a database with a field zabp_package = T_SIMT. They were uploaded in an order where specific category lists were uploaded together. For example, first 100 dining, then 75 insurance, then 150 health, then 75 cars. So from an auto increment standpoint they were inserted in that order. I want to select at random 100 of these 400 and update two fields. My update statement is: update `usersOld` SET `m_org` = 'ZABP.org Corporate HQ' , `m_orgID` = 'PFL2a96bW' WHERE `zabp_package` = 'T_SIMT' This works for all, I just need to limit a random selection to 100. Any Help on this, thanks in advance. Hello all,
Based on the suggestion of you wonderful folks here, I went away for a few days (to learn about PDO and Prepared Statements) in order to replace the MySQLi commands in my code. That's gone pretty well thus far...with me having learnt and successfully replaced most of my "bad" code with elegant, SQL-Injection-proof code (or so I hope).
The one-and-only problem I'm having (for now at least) is that I'm having trouble understanding how to execute an UPDATE query within the resultset of a SELECT query (using PDO and prepared statements, of course).
Let me explain (my scenario), and since a picture speaks a thousand words I've also inlcuded a screenshot to show you guys my setup:
In my table I have two columns (which are essentially flags i.e. Y/N), one for "items alreay purchased" and the other for "items to be purchased later". The first flag, if/when set ON (Y) will highlight row(s) in red...and the second flag will highlight row(s) in blue (when set ON).
I initially had four buttons, two each for setting the flags/columns to "Y", and another two to reverse the columns/flags to "N". That was when I had my delete functionality as a separate operation on a separate tab/list item, and that was fine.
Now that I've realized I can include both operations (update and delete) on just the one tab, I've also figured it would be better to pare down those four buttons (into just two), and set them up as a toggle feature i.e. if the value is currently "Y" then the button will set it to "N", and vice versa.
So, looking at my attached picture, if a person selects (using the checkboxes) the first four rows and clicks the first button (labeled "Toggle selected items as Purchased/Not Purchased") then the following must happen:
1. The purchased_flag for rows # 2 and 4 must be switched OFF (set to N)...so they will no longer be highlighted in red.
2. The purchased_flag for row # 3 must be switched ON (set to Y)...so that row will now be highlighted in red.
3. Nothing must be done to rows # 1 and 5 since: a) row 5 was not selected/checked to begin with, and b) row # 1 has its purchase_later_flag set ON (to Y), so it must be skipped over.
Looking at my code below, I'm guessing (and here's where I need the help) that there's something wrong in the code within the section that says "/*** loop through the results/collection of checked items ***/". I've probably made it more complex than it should be, and that's due to the fact that I have no idea what I'm doing (or rather, how I should be doing it), and this has driven me insane for the last 2 days...which prompted me to "throw in the towel" and seek the help of you very helpful and intellegent folks. BTW, I am a newbie at this, so if I could be provided the exact code, that would be most wonderful, and much highly appreciated.
Thanks to you folks, I'm feeling real good (with a great sense of achievement) after having come here and got the great advice to learn PDO and prepared statements.
Just this one nasty little hurdle is stopping me from getting to "end-of-job" on my very first WebApp. BTW, sorry about the long post...this is the best/only way I could clearly explaing my situation.
Cheers guys!
case "update-delete":
if(isset($_POST['highlight-purchased']))
{
// ****** Setup customized query to obtain only items that are checked ******
$sql = "SELECT * FROM shoplist WHERE";
for($i=0; $i < count($_POST['checkboxes']); $i++)
{
$sql=$sql . " idnumber=" . $_POST['checkboxes'][$i] . " or";
}
$sql= rtrim($sql, "or");
$statement = $conn->prepare($sql);
$statement->execute();
// *** fetch results for all checked items (1st query) *** //
$result = $statement->fetchAll();
$statement->closeCursor();
// Setup query that will change the purchased flag to "N", if it's currently set to "Y"
$sqlSetToN = "UPDATE shoplist SET purchased = 'N' WHERE purchased = 'Y'";
// Setup query that will change the purchased flag to "Y", if it's currently set to "N", "", or NULL
$sqlSetToY = "UPDATE shoplist SET purchased = 'Y' WHERE purchased = 'N' OR purchased = '' OR purchased IS NULL";
$statementSetToN = $conn->prepare($sqlSetToN);
$statementSetToY = $conn->prepare($sqlSetToY);
/*** loop through the results/collection of checked items ***/
foreach($result as $row)
{
if ($row["purchased"] != "Y")
{
// *** fetch one row at a time pertaining to the 2nd query *** //
$resultSetToY = $statementSetToY->fetch();
foreach($resultSetToY as $row)
{
$statementSetToY->execute();
}
}
else
{
// *** fetch one row at a time pertaining to the 2nd query *** //
$resultSetToN = $statementSetToN->fetch();
foreach($resultSetToN as $row)
{
$statementSetToN->execute();
}
}
}
break;
}
CRUD Queston.png 20.68KB
0 downloads
I have two tables...one is scheduled_umps and one is games. Both tables have a column 'game_id'. I need to select how many games a person is scheduled for in a given time frame. Here's what I have for the select...and it's not working (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE scheduled_umps.ump_id = '34' AND games.game_id = scheduled_umps.game_id AN' at line 1) Code: [Select] <?php $today_is_this_date = date('Y-m-d'); $four_months_ago = date('Y-m-d', strtotime('-4 months', strtotime($today_is_this_date))); $four_months_from_now = date('Y-m-d', strtotime('+4 months', strtotime($today_is_this_date))); /// How many games have you worked? //$query = "SELECT COUNT(ump_id) FROM scheduled_umps WHERE `ump_id` = '$_SESSION[ump_id]'"; ///this one selects how many games you've worked NO MATTER WHAT THE DATE $query = "SELECT scheduled_umps.game_id, games.game_id, COUNT(scheduled_umps.ump_id) WHERE scheduled_umps.ump_id = '$_SESSION[ump_id]' AND games.game_id = scheduled_umps.game_id AND games.game_id BETWEEN $four_months_ago AND $four_months_from_now"; $result = mysql_query($query) or die(mysql_error()); while($row = mysql_fetch_array($result)){ echo "You have been scheduled on <b>". $row['COUNT(ump_id)'] ."</b> dates for the $_SESSION[association_name]."; } ?> [\code] Any ideas where I'm going wrong? Thanks for the help...I HATE multi-table selects! Hey guys, I'm trying to get this working... No errors right now, but I'm not returning any results :/ been messing with it for days. Code: [Select] <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" /> <label for="search_by">Search By</label> <select name="search_by"> <option value"player">Player</option> <option value"city">City</option> <option value"alliance">Alliance</option> <option value"browse">Browse</option> </select> <input type="text" name"search"> <input type="submit" value="search" name="search"> <?php $search_by = $_POST['search_by']; $search = $_POST['search']; echo "<table><tr><td>Player</td><td>city</td><td>alliance</td><td>x</td><td>y</td><td>other</td><td>porters</td><td>conscripts</td><td>Spies</td><td>HBD</td><td>Minos</td><td>LBM</td><td>SSD</td><td>BD</td><td>AT</td><td>Giants</td><td>Mirrors</td><td>Fangs</td><td>ogres</td><td>banshee</td></tr>" ; $dbc = mysqli_connect('xx', 'xx', 'xx', 'xx') or die ('Error connecting to MySQL server'); $sql = "SELECT * FROM players WHERE ('$search_by') LIKE ('$search') "; //problem is here^^?? $result = mysqli_query($dbc,$sql) or die("Error: " .mysqli_error($dbc)); Not sure, any help would be greatly appreciated. $sql=mysql_query("SELECT * FROM `buds` WHERE `level`<='$user_level' UNION SELECT * FROM `buds`, `unlocked_buds` WHERE buds.`id` = unlocked_buds.`bud_id` ORDER BY buds.`id` ASC") or die("A MySQL error has occurred.<br />Your Query: " . $sql . "<br /> Error: (" . mysql_errno() . ") " . mysql_error()); I have been trying to learn about UNION select statements. I ran the query above and got this response: Quote Error: (1222) The used SELECT statements have a different number of columns I think I know what the problem is, but not sure how to fix it. There is two columns, one is "buds" which holds the flowers seeds info. The seconds is "unlocked_buds" which just links the "id" from buds to "user_id" to the user table. Both buds and unlocked_buds are both 8 columns. What do I need to learn? I have a Select statement that relies on two session variables to complete the statement. One variable, $egroup, supplies a column name. I cannot make the SELECT work. It works fine if I substitute the real name of one of the columns such as "egroup1", or "egroup6", but that's what the variable $egroup is for. Can anyone tell me where I'm wrong? I guess the answer is in the syntax, but I'm not very good at this and I've been on it for too long. Any help gratefully taken. Code: [Select] <?php $query1 = mysql_query("SELECT * FROM topics WHERE managerId='".$managerId."' AND "$egroup"= 1 ORDER BY title ASC"); ?> Hi All, I have the following Query: Code: [Select] $query = 'SELECT `BookingID`,`OfferID`, `name`, `OfferCount`,`OfferPrice` FROM `Offers_Finance` JOIN offers_details ON `OfferID` = `o_d_id` WHERE `BookingID` ="' .$bookerid. '"'; if ( !$result = $mysqli->query( $query ) ) { die( $mysqli->error ); } $field = $result->fetch_object(); This will return anywhere between 0 and 50 Rows of Data. For Each Row returned, I want to do the following: Quote echo '<tr>'; echo '<td>' . $field->name.'</td>'; echo '<td></td>'; echo '<td>£' . $field->OfferPrice.'</td>'; echo '<td></td>'; echo '<td>' . $field->OfferCount . '</td>'; echo '<td></td>'; echo '<td>£' . $field->OfferPrice * $field->OfferCount . '</td>'; echo '</td>'; echo '</tr>'; The problem I have is - how do I loop through the results returned from the query to output multiple rows? Sorry if this doesn't make much snese, I'm new to PHP and the whole web development world, but have been landed with finishing a project someone else started! If someone would be kind enough to turn this into a working example, it would help no end as I have about 20 of these things to figure out across the project! Hi everybody i am beginnet with working with sql in php..so i confused.....i made one scripte and i am making the secound and now i am facing a problem....i hope u could help!! i have a dat=abse of my chatroom....this is the code i typed...please have a look at it! Code: [Select] $usern=$_SESSION['etchat_'.$this->_prefix.'username']; $con1 = mysql_connect("localhost","manosir_main","********"); if (!$con1) { die('Could not connect: ' . mysql_error()); } mysql_select_db("manosir_manoshos_main", $con1); $users= mysql_query(" select etchat_user_online_user_sex from db1_etchat_useronline where etchat_user_online_user_name = $usern "); in my database, i ahve a table called db1_etchat_useronline that keeps record of online users in chatroom. as u usee i qant to to get the user sex ( etchat_user_online_user_sex) of th current user!!! as u see i conected to database correctly but now i dont know how to echo the $users . before this i echo my sql results with mysql_fetch_array ..but now i cant.......i got nothing!!!! can someone help me!!!!! This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=327011.0 Hi Guys I don't know if this is possible but can someone point me in the right direction. I have a php function which takes two inputs and returns an output. for simplicity's sake let's say it's an addition function. What I want to do is use a mysql select statement to show all the rows from a database where field1 and field2 equal '3'. Here's the sort of thing I mean. function addNumbers($one,$two) { return $one + $two; } mysql_query("SELECT * FROM table WHERE 'addNumbers(field1,field2)' = '3'"); What I actually want to do is a lot more complex than this but I am trying to understand how to make the syntax work in simple terms first. Can anybody help? Many Thanks Dan This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=322930.0
//DATABASE CONNECTION VARIABLES
$myserver ="localhost";
$myname = "myname";
$mypassword = "mypassword";
$mydb ="mygamedb";
/*SQL CONNECTION*/
// Create connection
$conn = new mysqli($myserver, $myname, $mypassword, $mydb);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
else {
//variables
$username = $_POST["username"];
$password = $_POST["password"];
$ip = $_SERVER['REMOTE_ADDR'];
//INSERT USER
//prepare and bind
$stmt = $conn->prepare("INSERT INTO Players (Username, Password, IP) VALUES (?, ?, ?)");
//bind parameters
$stmt->bind_param("sss", $username, $password, $ip);
//set parameters and execute
$stmt->execute();
//close
$stmt->close();
//FETCH ID
$resultnews = mysql_query("SELECT * FROM Players WHERE Username ='$username'");
$rownews = mysql_fetch_array($resultnews);
$user_id = $rownews["ID"];
}
After having suffered an SQL injection into one of my sites, I figured it was time to overhaul it and use prepared statements. I am new to this. I figured out how to an INSERT with an example, but now I need to fetch an ID and cannot get it to work. Any help much obliged. All I need is just one good example. Looked all over the place, but all I get are insert examples, which is NOT what i need. Really need one with a select and fetch.
What's the correct syntax for having a variable in a select statement? Here's an example of what I'm trying to do (after I'm already connected to the database). Code: [Select] $username = "thomas"; $query = mysql_query( "SELECT * from users WHERE username = $thomas" ); if( mysql_num_rows( $query ) > 0 ) { bla bla... It works if I don't put the WHERE part in, but I get an error if I use it, so I'm assuming I have the wrong syntax for using a variable in the select statement. I have got a set of data for a country for each week of the year, but want to display the data a quarter at a time, using a form which posts a value into LIMIT, which was OK for the 1st quarter, but for subsequent quarters I needed to use LIMIT in the form LIMIT start, rows.
I found by experiment that this had to be the last statement in the query.
when I added the start I got an error:
Parse error: syntax error, unexpected ',' in /homepages/43/d344817611/htdocs/Admin/Visitdata.php on line 10
Here is the SQL part of my code:
$Visit_data="SELECT WeekNo.WNo, WeekNo.WCom, Countries.Country, ctryvisits.CVisits FROM ctryvisits
LEFT JOIN Countries
ON ctryvisits.country=Countries.CID
LEFT JOIN WeekNo
ON ctryvisits.WNo=WeekNo.WNo
WHERE Countries.Country = '".$_POST["Country"]."'
ORDER BY ctryvisits.WNo LIMIT '".$_POST["QUARTER"]."'" - 13, '".$_POST["QUARTER"]."'";
Is this the best way of doing what I require or is there an easier way of achieving what I want?
here is some simple code for getting and displaying fata from a database Code: [Select] $sql="SELECT * FROM messages WHERE m_id = '".$id."'"; $result = mysql_query($sql); <table border='0' cellspacing="4"> while($row = mysql_fetch_array($result)) { echo "<tr>"; echo "<th>Message</th>"; echo "</tr>"; echo "<tr>"; echo "<td>" . $row['message'] . "</td>"; echo "</tr>"; } now ive used that while loop to display those results how can i do that again without having a new SQL statement. i cant do 2 while loops because the first one has already got to the end of the amount of rows basically how can i have another while loop displaying those same results again? Hi, I have the following code to change font color from within an IF staement but I can't seem to sort it out. //code if ($server['b']['ip'] == $adminarray1[6] && $server['b']['c_port'] == $adminarray2[6] && $player['name'] == $adminarray3[6]) { $player['name'] = "<font color='blue'>{$server['p'][$key]['name']}</font>"; } //code any help would be greatly appreciated. -Dodge This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=312377.0 Is it possible to have a loop inside a mysql select statement? If yes, can someone please give me an idea. I'm able to use PHP-ODBC to read the tables in an MDB file, as well as the column names on the tables. But when I try to read data from a particular table, it fails (I don't get an error, instead the browser pops up a message asking if I want to save the file "mdbtest.php" which is 0 bytes in size)! Any idea what's wrong? Code: [Select] //THIS WORKS $conn = odbc_connect( 'TestDB', '', '' ); if ( !$conn) exit("Connection Failed: " . $conn); //STILL FINE HERE $sql = 'SELECT * FROM Customers'; //INCLUDING THIS LINE OF CODE CAUSES THE PROBLEM $rs = odbc_exec( $conn, $sql ); how do i handle single quotes in sql query Code: [Select] " SELECT name from phrase WHERE name='$stitle' ";this returns an error because the name contains single quotes like this: Johnson's. |
|||||||