I have a php code to import csv data into mysql. It works fine. The only problem is that it doesn't work if there is a single quote in the data. How can I solve this ?
$conn = mysqli_connect("localhost", "U16******", "***********", "DB16******");
if (isset($_POST["import"])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
fgetcsv($file, 10000, ",");
while (($column = fgetcsv($file, 10000, ",")) !== false) {
$sqlInsert = "INSERT into tblrabobank (IBAN_BBAN,Munt,BIC,Volgnr,Datum,Rentedatum,Bedrag,Saldo_na_rtn,Tegenrekening_IBAN_BBAN,Naam_tegenpartij,Naam_uiteindelijke_partij,Naam_initierende_partij,BIC_tegenpartij,Code,Batch_ID,Transactiereferentie,Machtigingskenmerk,Incassant_ID,Betalingskenmerk,Omschrijving1,Omschrijving2,Omschrijving3,Reden_retour,Oorspr_bedrag,Oorspr_munt,Koers)
values ('" . $column[0] . "','" . $column[1] . "','" . $column[2] . "','" . $column[3] . "','" . $column[4] . "','" . $column[5] . "','" . $column[6] . "','" . $column[7] . "','" . $column[8] . "','" . $column[9] . "','" . $column[10] . "','" . $column[11] . "','" . $column[12] . "','" . $column[13] . "','" . $column[14] . "','" . $column[15] . "','" . $column[16] . "','" . $column[17] . "','" . $column[18] . "','" . $column[19] . "','" . $column[20] . "','" . $column[21] . "','" . $column[22] . "','" . $column[23] . "','" . $column[24] . "','" . $column[25] . "')";
$result = mysqli_query($conn, $sqlInsert);
if (!empty($result)) {
$type = "success";
$message = "CSV Data geimporteerd in de database";
} else {
$type = "error";
$message = "Probleem met importeren CSV Data";
}
}
}
}
you should use PDO extension to mysql together with prepared statement rather than concatenation to build the query, that will handle the single quote issue and will protect your code against SQL injections.
Something like this :
$stmt = $dbh->prepare("INSERT INTO tblrabobank (IBAN_BBAN,Munt,BIC,Volgnr,Datum,Rentedatum,Bedrag,Saldo_na_rtn,Tegenrekening_IBAN_BBAN,Naam_tegenpartij,Naam_uiteindelijke_partij,Naam_initierende_partij,BIC_tegenpartij,Code,Batch_ID,Transactiereferentie,Machtigingskenmerk,Incassant_ID,Betalingskenmerk,Omschrijving1,Omschrijving2,Omschrijving3,Reden_retour,Oorspr_bedrag,Oorspr_munt,Koers) VALUES (:iban, :munt, ...........)");
$stmt->bindParam(':iban', $column[0]);
$stmt->bindParam(':munt', $column[1]);
[.....]
$stmt->execute();
check this page for more details https://www.php.net/manual/en/pdo.prepared-statements.php
You can try something like this..
<?php
$dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
if (isset($_POST["import"])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
fgetcsv($file, 10000, ",");
$dataToInsert = [];
$columns = explode(',','IBAN_BBAN,Munt,BIC,Volgnr,Datum,Rentedatum,Bedrag,Saldo_na_rtn,Tegenrekening_IBAN_BBAN,Naam_tegenpartij,Naam_uiteindelijke_partij,Naam_initierende_partij,BIC_tegenpartij,Code,Batch_ID,Transactiereferentie,Machtigingskenmerk,Incassant_ID,Betalingskenmerk,Omschrijving1,Omschrijving2,Omschrijving3,Reden_retour,Oorspr_bedrag,Oorspr_munt,Koers');
while (($column = fgetcsv($file, 10000, ",")) !== FALSE) {
$sql = "INSERT INTO tblrabobank (".implode(',', $columns).") VALUES (";
foreach($column as $key => $value){
$dataToInsert[":".$columns[$key]] = $value ?? null;
}
$sql .= "(".implode(',',array_keys($dataToInsert)).")";
$stmt = $dbh->prepare($sql);
foreach($dataToInsert as $key => $value){
$stmt->bindParam($key, $value);
}
if($stmt->execute()){
$type = "success";
$message = "CSV Data geimporteerd in de database";
} else {
$type = "error";
$message = "Probleem met importeren CSV Data";
}
}
$stmt->execute();
}
}
?>
In the above code snippet,
you can make an array of the given columns, and attach each value to a 2D array with keys made of the columns and their corresponding values from csv.
The append each column to the sql statement, using array_keys and bing each value.
This is scalable for small dataset but with huge number of columns.
For a large number of data set, sql queries will be multiple. You should consider in mind that too.
Source:
https://www.php.net/manual/en/pdostatement.execute.php (execute statement of PDO)
https://www.php.net/manual/en/pdostatement.bindparam.php (binding a parameter)
https://www.php.net/manual/en/pdo.connections.php (how to make and use connections in PDO)
I want to UPDATE a row in a table or INSERT it if it doesn't exist?
I have already read solution from this link. How do I UPDATE a row in a table or INSERT it if it doesn't exist?
So, i used replace but it did not work. It only added new row into the table but did not update anything.
this is my structure
<?php
define('ROOTPATH', __DIR__);
$output = [];
$output['result'] = [];
$output['image_path'] = [];
$applicationName = (isset($_POST) && array_key_exists('applicationName', $_POST)) ? $_POST['applicationName'] : 'applicationName';
if (empty($applicationName)) {
$output['result'][] = 'missing application name';
}
else if (is_array($_FILES) && array_key_exists('image', $_FILES) && array_key_exists('logo', $_FILES))
{
$upload_dir = '/upload_dir/';
$upload_path = ROOTPATH . $upload_dir;
$applicationName = $_POST['applicationName'];
$sql_field_list = ['applicationName'];
$sql_value_list = [$applicationName];
foreach ( $_FILES as $key => $upload) {
if($key != 'image' && $key != 'logo')
{
$output['result'][] = $key . ' is invalid image';
}
else
{
if ($upload['error'] == UPLOAD_ERR_OK &&
preg_match('#^image\/(png|jpg|jpeg|gif)$#', strtolower($upload['type'])) && //ensure mime-type is image
preg_match('#.(png|jpg|jpeg|gif)$#', strtolower($upload['name'])) ) //ensure name ends in trusted extension
{
$parts = explode('/', $upload['tmp_name']);
$tmpName = array_pop($parts);
$fieldname = ($key == 'image') ? 'bgBNPage' : 'logo';
$filename = $applicationName . '_' . $fieldname . '.' . pathinfo($upload["name"], PATHINFO_EXTENSION);
if (move_uploaded_file($upload["tmp_name"], $upload_path . $filename))
{
$sql_field_list[] = $fieldname;
$sql_value_list[] = $upload_dir . $filename;
$output['image_path'][$key] = $upload_dir . $filename;
}
else
{
$output['result'][] = $key . ' upload fail';
}
}
else
{
$output['result'][] = $key . ' error while upload';
}
}
}
//after upload complete insert pic data into database
$con = mysqli_connect("localhost", "root", "root", "museum");
if (!$con) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$fields = implode(', ', $sql_field_list);
$values = implode("', '", $sql_value_list);
$sql = "REPLACE INTO general (" . $fields . ") VALUES ('" . $values . "');";
if (!mysqli_query($con, $sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
} else {
$output['result'][] = 'no file selected';
}
header('Content-type: application/json');
echo json_encode($output);
echo json_encode('finish');
?>
Can i use
if(logo or bgBNPage is enpty)
{
insert into database
}
else{
Update database
}
please tell me the correct syntax.
I'm guessing username is the field where, if it's a duplicate, you want to update. So, if username is a unique key, you can do something like:
insert into general ([fields]) values ([values])
on duplicate username update
[whatever]
I found the solution.
I use if else condition to proove it.
This is my code result
//after upload complete insert pic data into database
$con = mysqli_connect("localhost", "root", "root", "museum");
$sql = "SELECT logo,bgBNPage FROM general ";
$result = mysqli_query($con, $sql);
if (!$con) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$fields = implode(', ', $sql_field_list);
$values = implode("', '", $sql_value_list);
if(mysqli_num_rows($result) > 0)
{
$str_array = [];
for($i =0; $i < count($sql_field_list); $i++)
{
$str_array[] = $sql_field_list[$i] . "='" . $sql_value_list[$i] ."'";
}
$sql = 'UPDATE general SET ' . implode(',', $str_array);
//$sql = "UPDATE general SET (" . $fields . ") = ('" . $values . "');";
}
else
{
$sql = "INSERT INTO general (" . $fields . ") VALUES ('" . $values . "');";
}
if (!mysqli_query($con, $sql)) {
die('Error: ' . mysqli_error($con));
}
mysqli_close($con);
The code i tried is for only exporting the excel data to MySql database.
$source = fopen('email.csv', "r");
$query = '';
while (($data = fgetcsv($source, 1000)) !== FALSE) {
for ($i = 1; $i < 2; $i++) {
$name[$i] = $data[0];
$email[$i] = $data[1];
$mobile[$i] = $data[2];
$query.="INSERT INTO table tablename (`name1`,`email`, mobile) VALUES ('" . $name[$i] . "','" . $email[$i] . "','" . $mobile[$i] . "') ;";
//return $query;
}
}
$connection->createCommand($query)->execute();
I want to filter the repeated numbers and to show the alert message for filtering the numbers... Is it possible?
Yes, possible:
Try this code to insert only unique data.
$source = fopen('email.csv', "r");
$query = '';
while (($data = fgetcsv($source, 1000)) !== FALSE) {
$duplicate_raw = false;
$name = $data[0];
$email = $data[1];
$mobile = $data[2];
if( in_array($name , $name_array[] ){
echo 'Alredy exists: ' . $name . '<br>';}
$duplicate_raw = true;
else{
$name_array[] = $name;}
if( in_array($mobile , $mobile_array[] ){
echo 'Alredy exists: ' . $mobile . '<br>';}
$duplicate_raw = true;
else{
$mobile_array[] = $mobile;}
if( in_array($email , $email_array[] ){
echo 'Alredy exists: ' . $email . '<br>';}
$duplicate_raw = true;
else{
$email_array[] = $email;}
if ($duplicate_raw == false){
$query.="INSERT INTO table tablename (`name1`,`email`, mobile) VALUES ('" . $name . "','" . $email . "','" . $mobile . "') ;";}//return $query;
}
$connection->createCommand($query)->execute();
I have a csv upload plugin for wordpress. I can upload the files on a mac but on a windows pc it fails to upload. The csv files are created on the pc with utf-8 encoding.
if (isset($_POST) && !empty($_POST)) {
if (isset($_FILES) && $_FILES['csv_file']['size'] > 0 && $_FILES['csv_file']['type'] === 'text/csv') {
global $wpdb;
ini_set("auto_detect_line_endings", true);
$start_row = (int) $_POST['start_row'];
/*
* Get CSV data and put it into an array
*/
$fileData = file_get_contents($_FILES['csv_file']['tmp_name']);
$lines = explode(PHP_EOL, $fileData);
$csv = array();
foreach ($lines as $line) {
$csv[] = str_getcsv($line);
}
/*
* Put each row into the database
*/
$x = 1;
$insert_count = 0;
$insert_output = array();
$wpdb->query('TRUNCATE TABLE table');
foreach ($csv as $data) {
if ($x >= $start_row) {
$date = fix_date($data[0]);
$sql = "
INSERT INTO table ( date, column_1, column_2, column_3, column_4, column_5, column_6, column_7 )
VALUES ( '" . $date . "', '" . addslashes( $data[1] ) . "', '" . utf8_encode( $data[2] ) . "', '" . addslashes( $data[3]) . "', '" . $data[4] . "', '" . addslashes( $data[5] ) . "', '" . $data[6] . "', '" . $data[7] . "' )
";
$wpdb->query($sql)/* or die($sql)*/;
$insert_output[] = $insert_count . '. Added: ' . $data[1] . ' - ' . $data[3] . '<br />';
$insert_count++;
}
$x++;
}
echo '<div class="csv_success">Success. ' . number_format($insert_count) . ' rows uploaded.</div>';
} else {
echo '<div class="csv_failure">Please make sure the file you uploaded is a CSV.</div>';
}
}
Any ideas how I can get this to work on windows and mac?
Cheers
<?php
ini_set('max_execution_time', 0);
$con = mysql_connect("localhost", "", "") or die("not connect");
mysql_select_db("demo") or die("select db");
function readCSV($csvFile){
$file_handle = fopen($csvFile, 'r');
while (!feof($file_handle) ) {
$line_of_text[] = fgetcsv($file_handle, 1024);
}
fclose($file_handle);
return $line_of_text;
}
//Set path to CSV file
$csvFile = 'page.csv';
$csv = readCSV($csvFile);
//echo count($csv);
for ($i=1; $i <count($csv) ; $i++) {
$sql="insert into demo1 (name,bdate,phonenumber ) values('".$csv[$i][0]."','".$csv[$i][1]."' ,'".$csv[$i][2]."')";
mysql_query($sql);
}
echo 'done';
?>
I have a script that takes a CSV file and uploads each row to a database. However, foreign characters in the file not just display wrong, but don't display at all.
For example, here is an "input" row, and what it would read like in the database:
"This café is amazing", "1000", "www.example.com"
"This caf", "1000", "www.example.com"
This is the script that does the upload:
header("Content-Type: text/plain; charset=utf-8");
if (!isset($_POST['form_id'])) {
header("Location: ./?error=form_id");
exit();
}
$form_id = $_POST['form_id'];
$csv = $_FILES['csv_file'];
if ($csv['size'] > 0) {
$handle = fopen($csv['tmp_name'], "r");
require_once("db.php");
$i = (!isset($_POST['csv_headers']) ? 1 : 0);
while ($data = fgetcsv($handle, 1000, ',', '"')) {
if ($i > 0) {
$data[2] = str_replace(" + ", "+", $data[2]);
if (strpos($data[3], "http") === false && $data[3] != "") {
$data[3] = "http://" . $data[3];
}
mysql_query("INSERT INTO exhibitor_lists SET form_id = $form_id, company_name = '" . addslashes($data[0]) . "', country = '" . addslashes($data[1]) . "', stand_number = '" . addslashes($data[2]) . "', web_address = '" . addslashes($data[3]) . "', logo_file = '" . addslashes($data[4]) . "', added_date = NOW()");
}
$i++;
}
} else {
header("Location: ./?error=csv_file");
exit();
}
mysql_close();
header("Location: ./?success=upload");
exit();
Even when setting the content type header(), I get the problem.
Save the CSV file in UTF8 before uploading it.