This question already has answers here:
Nested joins in Codeigniter
(2 answers)
Closed 1 year ago.
I am new to Codeigniter, and I want to convert the SQL query into the Codeigniter-style query
My query looks like this :
SELECT tbl_detail_order.ID, tbl_detail_order.order_id, tbl_detail_order.produk, products.name, tbl_detail_order.qty, tbl_detail_order.harga, tbl_order.tanggal, tbl_pelanggan.nama, tbl_pelanggan.alamat, tbl_pelanggan.telp
FROM tbl_pelanggan
INNER JOIN (tbl_order INNER JOIN
(products INNER JOIN tbl_detail_order
ON products.kd_barang = tbl_detail_order.produk)
ON tbl_order.ID = tbl_detail_order.order_id)
ON tbl_pelanggan.ID = tbl_order.pelanggan;
And I try to make it in Codeigniter like this
public function getAllJoin()
{
$this->db->select('tbl_detail_order.ID, tbl_detail_order.order_id, tbl_detail_order.produk, products.name, tbl_detail_order.qty, tbl_detail_order.harga, tbl_order.tanggal, tbl_pelanggan.nama, tbl_pelanggan.alamat, tbl_pelanggan.telp');
$this->db->from('tbl_detail_order');
$this->db->join('tbl_order','tbl_detail_order.order_id = tbl_order.id','INNER');
$this->db->join('tbl_pelanggan','tbl_order.pelanggan = tbl_pelanggan.id','INNER');
$this->db->join('products','products.kd_barang = tbl_pelanggan.id','INNER');
$query = $this->db->get();
return $query->result_array();
}
Can you correct my code? Is it wrong or right?
As this other post mentions, there isn't an API for nested joins in the CodeIgniter DB syntax. So you just use the outer one, and move the rest inline with that.
public function getAllJoin()
{
$this->db->select('tbl_detail_order.ID, tbl_detail_order.order_id, tbl_detail_order.produk, products.name, tbl_detail_order.qty, tbl_detail_order.harga, tbl_order.tanggal, tbl_pelanggan.nama, tbl_pelanggan.alamat, tbl_pelanggan.telp');
$this->db->from('tbl_detail_order');
$this->db->join('tbl_order INNER JOIN (products INNER JOIN tbl_detail_order ON products.kd_barang = tbl_detail_order.produk) ON tbl_order.ID = tbl_detail_order.order_id','tbl_detail_order.order_id = tbl_order.id','INNER');
$query = $this->db->get();
return $query->result_array();
}
Related
Im trying to insert an SQL statment into a variable. The statement contains keywords entered by the user in a search bar. However, for some reason I can keep getting the error "Trying to get the property of non-object". Below is my code:
public function searchTable() {
$sql = "SELECT grades_eng.Grade, domain_math_eng.Domain, cluster_eng.Cluster, math_standards_eng.Standard FROM ".$this->standardsTable."
WHERE Standard LIKE '%".$this->keyword." %'
INNER JOIN grades_eng ON math_standards_eng.Grade_Id = grades_eng.Id
INNER JOIN domain_math_eng ON math_standards_eng.Domain_Math_Eng_Id = domain_math_eng.Id
INNER JOIN cluster_eng ON math_standards_eng.Cluster_Eng_Id = cluster_eng.Id";
$results = $this->conn->query($sql);
//returns array
return $results;
}
The code for the object being used:
$search = new SearchResult($conn, $subject, $keyword);
$queryResults = $search->searchTable();
$search->displayResults($queryResults);
Im confident is my sql query that's causing the error because when I use the following code, it displays results :
$sql = "SELECT * FROM ".$this->standardsTable." WHERE Standard LIKE '%".$this->keyword."%' ";
$results = $this->conn->query($sql);
Im Trying to display the same results but replace the IDs with actual text. The query does work when I run it in MySql.
P.S Still working on learning to use Aliases so I apologize in advance.
I just learned that the "Where" keyword was suppose to go towards the end. Lesson learned!
$sql = "SELECT grades_eng.Grade, domain_math_eng.Domain, cluster_eng.Cluster, math_standards_eng.Standard FROM ".$this->standardsTable."
INNER JOIN grades_eng ON math_standards_eng.Grade_Id = grades_eng.Id
INNER JOIN domain_math_eng ON math_standards_eng.Domain_Math_Eng_Id = domain_math_eng.Id
INNER JOIN cluster_eng ON math_standards_eng.Cluster_Eng_Id = cluster_eng.Id
WHERE Standard LIKE '%".$this->keyword."%' ";
The query I'm trying to write is
SELECT Equipment.Name, Equipment.EquipmentTag, LoanedOut.StudentNumber, LoanedOut.DueDate
FROM Equipment, LoanedOut
WHERE Equipment.EquipmentRecordID = LoanedOut.EquipmentRecordID AND LoanedOut.StudentNumber = 040828055
I can't figure out how to do it using the query builder for codeigniter, the best I have so far is
$this->db->select('Equipment.Name, Equipment.EquipmentTag, LoanedOut.StudentNumber, LoanedOut.DueDate');
$this->db->from('Equipment e, LoanedOut l');
$this->db->join('l', 'e.EquipmentRecordID = l.EquipmentRecordID')->join('l', 'l.StudentNumber', $studentNumber);
This will give you what you want//
$sql = 'SELECT e.Name,e.EquipmentTag,l.StudentNumber,l.DueDate FROM Equipment e LEFT JOIN LoanedOut l ON e.EquipmentRecordID = l.EquipmentRecordID WHERE l.StudentNumber = "040828055"'
$query = $this->db->query($sql);
I have a problem with active record codeigniter ver 2 wih special criteria like this:
$this->db->select('t_po_detail_item, t_process_shif, m_machine_lines, m_machine_mac, t_po_detail_no,
t_prod_lot, CONCAT(t_prod_lot, "-", t_prod_sublot) AS nolot,
COUNT(t_prod_sublot) AS qtybox, SUM(t_process_qty) AS qtypcs,
ROUND((SUM(t_process_qty)*m_process_weight)/1000,1) AS qtyberat', FALSE);
$this->db->join(self::$table2, 't_process_prod_id = t_prod_id', 'left')
->join(self::$table3, 't_prod_lot = t_po_detail_lot_no', 'left')
->join(self::$table5, 't_process_machine = m_machine_id', 'left')
->join(self::$table4, 'CONCAT_WS("-",t_po_detail_item, t_process_cat) = CONCAT_WS("-",m_process_id, m_process_proc_cat_id)', 'left');
$this->db->where('t_process_cat', 16);
$this->db->group_by('nolot');
$query = $this->db->get(self::$table1);
there are have special criteria join condition with concat WS. If i use standard query mysql, the query is running ok.
$sql = 'SELECT t_po_detail_item, t_process_shif, m_machine_lines, m_machine_mac, t_po_detail_no, t_prod_lot, CONCAT_WS("-",t_prod_lot, t_prod_sublot) AS nolot,
COUNT(t_prod_sublot) AS qtybox, SUM(t_process_qty) AS qtypcs, ROUND((SUM(t_process_qty)*m_process_weight)/1000,1) AS qtyberat
FROM `t_process`
LEFT JOIN t_prod ON t_process_prod_id = t_prod_id
LEFT JOIN t_po_detail ON t_prod_lot = t_po_detail_lot_no
LEFT JOIN m_machine ON t_process_machine = m_machine_id
LEFT JOIN m_process ON CONCAT_WS("-",t_po_detail_item, t_process_cat) = CONCAT_WS("-",m_process_id, m_process_proc_cat_id)
WHERE t_process_cat=16
GROUP BY(nolot)';
$query = $this->db->query($sql);
There are wrong in my active record code ?
regards,
Neos.
When using MySQL functions inside Codeigniter query builder, you need functions to be outside quotes "", so you need to pass an optional fourth parameter to join, which says rather to escape the inputs or not, and your query becomes,
$this->db->join($table, $condition, $join_type, false);
Read more here: CI Docs - Query Builder
Im working on ecommerce platform. I have a query in normal form. i want to convert to codeigniter.
this is my query
SELECT products.product_name,products.product_id,products.short_description,pi.img,
CASE WHEN products.sp_price=0 THEN products.price WHEN products.sp_price!=0 THEN products.sp_price END as pprice FROM
(`offers_products`) JOIN `products` ON `offers_products`.`product_id` = `products`.`product_id`
LEFT JOIN (SELECT image_name as img,product_id as pid from product_images GROUP BY pid)pi
ON `products`.`product_id` = `pi`.`pid` .
How do i convert this to codeigniter query.
I tried, but getting syntax error. Please help me, im new to codeigniter.
There is no need to convert your query. And also the is no rule that you should use codeigniter query only.
you can use
$res = $this->db->query("your query here")->result();
$res will have that result() you want.
This will help you.
For more reference, check here
Just use
public function method_name()
{
$query = $this->db->query("SELECT products.product_name,products.product_id,products.short_description,pi.img, CASE WHEN products.sp_price=0 THEN products.price WHEN products.sp_price!=0 THEN products.sp_price END as pprice FROM (`offers_products`) JOIN `products` ON `offers_products`.`product_id` = `products`.`product_id` LEFT JOIN (SELECT image_name as img,product_id as pid from product_images GROUP BY pid)pi ON `products`.`product_id` = `pi`.`pid`");
$result = $query->result_array();
return $result;
}
We use result_array for pass data as Objective array
This question already has answers here:
Does CodeIgniter automatically prevent SQL injection?
(12 answers)
Closed 9 years ago.
I want to prevent my statement for injection but i am getting confused about active records and query bindings.
This is my current mysql query called results.
$results = $this->EE->db->query("SELECT t.transactionid, t.transactiontime, t.created, ct.title, cd.field_id_6, cd.field_id_5, cd.field_id_7, t.pricebefordiscount, t.priceafterdiscount, t.error, t.cardid, em.email, emd.m_field_id_2, emd.m_field_id_6, emd.m_field_id_5, emd.m_field_id_7, emd.m_field_id_4, t.restaurant_id
FROM exp_members as em
INNER JOIN transactions as t on (em.member_id = t.cardid-10000000)
INNER JOIN exp_channel_titles as ct on (t.restaurant_id = ct.entry_id)
INNER JOIN exp_channel_data as cd on (ct.entry_id = cd.entry_id)
INNER join exp_member_data as emd on em.member_id = emd.member_id
WHERE em.member_id = '".($_GET['cardid']-10000000)."'");
And this is how i tried to prevent mysql injection. Is this safe enough?
$results = $this->EE->db->query("SELECT t.transactionid, t.transactiontime, t.created, ct.title, cd.field_id_6, cd.field_id_5, cd.field_id_7, t.pricebefordiscount, t.priceafterdiscount, t.error, t.cardid, em.email, emd.m_field_id_2, emd.m_field_id_6, emd.m_field_id_5, emd.m_field_id_7, emd.m_field_id_4, t.restaurant_id
FROM exp_members as em
INNER JOIN transactions as t on (em.member_id = t.cardid-10000000)
INNER JOIN exp_channel_titles as ct on (t.restaurant_id = ct.entry_id)
INNER JOIN exp_channel_data as cd on (ct.entry_id = cd.entry_id)
INNER join exp_member_data as emd on em.member_id = emd.member_id
WHERE em.member_id = '".$this->db->escape(($_GET['cardid']-10000000))."'");
But is this also an option or ?
$this->load->database();
$this->load->library('table');
$this->db->select(' t.transactionid, t.transactiontime, t.created, ct.title, cd.field_id_6, cd.field_id_5, cd.field_id_7, t.pricebefordiscount, t.priceafterdiscount, t.error, t.cardid, em.email, emd.m_field_id_2, emd.m_field_id_6, emd.m_field_id_5, emd.m_field_id_7, emd.m_field_id_4, t.restaurant_id');
$this->db->from('exp_members');
$this->db->join('transactions', 'exp_members.member_id = transactions.cardid-10000000', 'inner');
$this->db->join('exp_channel_titles', 'transactions.restaurant_id = exp_channel_titles.entry_id', 'inner');
$this->db->join('exp_channel_data', 'exp_channel_titles.entry_id = exp_channel_data.entry_id', 'inner');
$this->db->join('exp_member_data', 'exp_members.member_id = exp_member_data.member_id', 'inner');
$this->db->where('exp_members.member_id', $this->db->escape(($_GET['cardid']-10000000)));
$query = $this->db->get();
echo $query;
Is this safe enough or right approach or am i missing something.
Last two approaches are correct to avoid SQL injection. On last code, using Active Record, you don't need to call escape as CodeIgniter will do it automatically.