When trying to insert this problem generates me. Use of the undefined constant SEQUENCE_ID_PROBLEMA - assumed SECUENCIA_ID_PROBLEMA
I do not know where the problem is, please help.
My Oracle sequence:
<code>
CREATE SEQUENCE INFORMACION.SECUENCIA_ID_PROBLEMA
START WITH 0
MAXVALUE 9999999999999999999999999999
MINVALUE 0
NOCYCLE
NOCACHE
NOORDER;
</code>
My code in PHP:
<code>
$sql = "INSERT INTO $tabla (ID_PROBLEMA, HORA_INICIO, PROBLEMA, CAUSA,
SOLUCION, HORA_FIN, ID_ASIGNACION) VALUES (?, ?, ?, ?, ?, ?, ?)";
$stmt = odbc_prepare($Conex, $sql);
$success = odbc_execute($stmt,[SECUENCIA_ID_PROBLEMA.nextval,$HORA_INICIO,$PROBLEMA, $CAUSA,SOLUCION,sysdate, $ID_ASIGNACION] );
</code>
PHP and SQL are entirely different languages and what you're getting is a PHP warning triggered by the PHP interpreter:
define('FOO', 3.1416);
echo FOO; // 3.1416
echo BAR; // Warning: Use of undefined constant BAR - assumed 'BAR' (this will throw an Error in a future version of PHP)
Your code tries to handle the sequence name as dynamic input. You cannot use prepared statements for that because the whole purpose of prepared statements is to prevent that from happening. If you really have to, you need to generate the basic SQL skeleton with plain string functions:
$table = 'PROBLEMA';
$sequence = 'SECUENCIA_ID_PROBLEMA';
$sql = "INSERT INTO $table (ID_PROBLEMA, HORA_INICIO, PROBLEMA, CAUSA,
SOLUCION, HORA_FIN, ID_ASIGNACION) VALUES ($sequence.nextval, ?, ?, ?, ?, ?, ?)";
INSERT INTO PROBLEMA (ID_PROBLEMA, HORA_INICIO, PROBLEMA, CAUSA,
SOLUCION, HORA_FIN, ID_ASIGNACION) VALUES (SECUENCIA_ID_PROBLEMA.nextval, ?, ?, ?, ?, ?, ?)
However, your code also tries to feed the dynamic bound variable with a fixed hard-coded text. I wonder if this extra complexity is intentional and necessary. Having different tables with the same exact column names is a potential code smell :)
In the end you can not use the sequence from php. What I did was create a trigger in the Oracle Data Bae so that it executes the sequence when insert a new row
<code>
CREATE SEQUENCE INFORMACION.SECUENCIA_ID_PROBLEMA
START WITH 0
MAXVALUE 9999999999999999999999999999
MINVALUE 0
NOCYCLE
NOCACHE
NOORDER;
CREATE TRIGGER problema_on_insert
BEFORE INSERT ON PROBLEMA
FOR EACH ROW
BEGIN
SELECT SECUENCIA_ID_PROBLEMA.nextval
INTO :new.ID_PROBLEMA
FROM dual;
END;
</code>
Related
Im new at Android. I'm trying to fetch some data from localhost server. My query is running perfectly on phpMyAdmin But I facing error in api. I have very little knowledge about Php so did not get what the issue is.
Code:
public function saveUserProgress($user_id,$course_id,$topic_id,$quiz_marks){
$output = $this->con->prepare("INSERT INTO user_progress (user_id, course_id, topic_id,quiz_marks)
VALUES (?, ?, ?,?)
ON DUPLICATE KEY UPDATE
user_id=?, course_id=?, topic_id=?, quiz_marks = quiz_marks + ?");
$output->bind_param("iiii",$user_id,$course_id,$topic_id,$quiz_marks);
if($output->execute()){
return PROGRESS_SAVED;
}else{
return ERROR_OCCUR;
}
}
Error:
{"error":true,"message":403}
Warning: mysqli_stmt::bind_param(): Number of variables doesn't match number of parameters in prepared statement
If as you said your unique key is user_id and course_id then you do not need to update them on duplicate key. You only need to update the remaining 2 values. Together with the 4 you wanted to add it makes 6 placeholders, so you need to bind 6 variables.
$output = $this->con->prepare("INSERT INTO user_progress (user_id, course_id, topic_id,quiz_marks)
VALUES (?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
topic_id=?, quiz_marks = quiz_marks + ?");
$output->bind_param("iiiiii", $user_id, $course_id, $topic_id, $quiz_marks, $topic_id, $quiz_marks);
I am still learnig using php, and I got some problems.
So, I have a database named dbcoma and these tables;
pic of tables and the data
here is my question if I wanna make a registration for patient using php, what is the correct script?
I tried this one but it wasn't working (cant execute)
public function createPasien($id_alat, $id_patient, $passwordpas, $namepas, $age, $datein, $id_hospital, $id_alat){
$password = md5($passwordpas);
$stmt = $this->con->prepare("INSERT INTO `dbcoma`.`patient` (`id_patient`, `passwordpas`, `namepas`, `age`, `datein`, `id_alat`, `id_hospital`) VALUES (?, ?, ?, ?, ?, ?, ?);");
$stmt->bind_param("sssssss", $id_patient, $passwordpas, $namepas, $age, $datein, $id_alat, $id_hospital);
$stmt->execute();
// …
}
UPDATE: I FIXED IT AND FOUND THE PROBLEM. THANK YOU
There are some points to keep in mind:
Check the response return by execute() statement.
Echo the query and run it on the mysql terminal and see what happens.
While dealing with foreign key the value you are trying to insert must present in the master table, only then you can insert it in child table.
I need to convert an existing project from mysql to mysqli and using prepared statement.
In the existing project there are queries that uses repeated variable values.
One such example is this: where the $prev_yr is used 3 times.
$sqlins = "Insert into studentclass (`StudentID`, `ClassID`, `Year`, `Level`, `SNo`, `TermList`, `DateStart`, `DateEnd`)
select StudentID, '$prev_cl', '$prev_yr', '$prev_lvl', '', '123456789', '$prev_yr-01-01', '$prev_yr-12-31' from student Where StudentID in ($ids) ";
Is there a better method than this:
$sqlins = "Insert into studentclass (`StudentID`, `ClassID`, `Year`, `Level`, `SNo`, `TermList`, `DateStart`, `DateEnd`)
select StudentID, '?', '?', '?', '', '123456789', '?-01-01', '?-12-31' from student Where StudentID in (?) ";
$stmt = $mysqli->prepare($sqlins);
$stmt->bind_param("ssssss", $prev_cl,$prev_yr,$prev_lvl,$prev_yr,$prev_yr,$ids);
$stmt->execute();
I am wondering if there is a way of binding the $prev_yr once for all 3 occurrences.
Because there are other queries that may have 2 occurrences of $prev_lvl, 5 occurrences of $prev_yr etc in one statement. The idea is that when the repeated occurrences of multiple variables becomes many in a statement - it becomes quite confusing to arrange them in the bind_param.
Any solution?
Thank you.
Does it even work like that, typical you wont't do this '?-01-01' in a query. I haven't used Mysqli, in about 4 years, as all I use now a days is PDO. But as far as I know when you send that to prepare it's gonna puke on the ? being in a string.
I would split it, there actually is no real need to do the select because the only thing being selected is the studentID which you already have. Simply
$insert = $mysqli->prepare("Insert into studentclass (`StudentID`, `ClassID`, `Year`, `Level`, `SNo`, `TermList`, `DateStart`, `DateEnd`)VALUES(?, ?, ?, ?, ?, ?, ?, ?)");
foreach( $ids AS $id ){
$stmt->bind_param("issssiss", $id, $prev_cl,$prev_yr,$prev_lvl,'', '123456789', $prev_yr.'-01-01',$prev_yr.'-12-31');
$stmt->execute();
}
I can't test it so hopefully I got everything in the right place.
As I said I don't think you can bind to the Fields part of the query and certainly not inside a partial string, besides it's making a select that is un-needed. Just make sure to prepare the insert before the loop.
Just to clearly the only thing that select actually gets from the DB is this
select StudentID ... from student Where StudentID in (?)
The rest are added in as "fake" columns, I don't know the term for it. It's difficult to read the original query..
I am wondering if there is a way of binding the $prev_yr once for all 3 occurrences.
No.
Besides, it wouldn't work this way anyway, as you cannot bind just an arbitrary query part of your choice. You can bind a complete data literal only. Means instead of '?-01-01' it should be just ?, whereas in your PHP code you should make it
$dateStart = "$prev_yr-01-01";
and then bind this variable for the whole value. So there will be no more repeating variables.
This is my code :
It gives no error when i change the array to index type instead of associative.
But the moment i change it back to associative it starts giving error.
Any help on this ?
$dbh=new PDO("mysql:host=localhost;dbname=sj_db", 'root', '');
$entryData = array(
"Team Name"=>$_POST['name']
, "Won"=>$_POST['w']
, "Lost"=>$_POST['l']
, "Draw"=>$_POST['d']
, "Points"=>$_POST['p']
);
$sql="INSERT INTO fb (`Team Name`, Won, Lost, Draw, Points) VALUES (?, ?, ?, ?, ?)";
$sth=$dbh->prepare($sql);
//$sth->execute($entryData[`Team Name`],$entryData['Won'],$entryData['Lost'],$entryData['Draw']
// ,$entryData['Points']);
$sth->execute($entryData);
//$sth->closeCursor();
Placeholders in your query are positional (?) ones.
Either change them to named (:name)
or pass array_values($entryData) into execute
Though you have to remove a space from Team Name key in order to use named placeholders
Here's the line of my code that is supposed to insert the row:
$query=mysqli_query($con,"insert * into orders
values
( ".$user_index.",".$order_date.",
".$_POST['item_number'].",".$_POST['price'].",
".$_POST['tax'].",'".$_POST['pay_method']."')
");
My connection doesn't throw any errors ever either. Also, the line of code after it definitely executes. This is my first time using the date data type with PHP and MySQL, but I'm inserting the date in the format yyyymmdd. I'm so frustrated. I checked everywhere online. Can you please help me?
The main problem with your query is the *. That is invalid for an INSERT statement.
Secondly, to avoid SQL injection vulnerabilities, you should be using a prepared statement with bound parameters. You should probably also use some form of error checking. For example
$stmt = $con->prepare('INSERT INTO `orders` VALUES (?, ?, ?, ?, ?, ?)');
if ($stmt === false) {
throw new Exception($con->error);
}
$stmt->bind_param('ssssss', $user_index, $order_date, $_POST['item_number'],
$_POST['price'], $_POST['tax'], $_POST['pay_method']);
if (!$stmt->execute()) {
throw new Exception($stmt->error);
}
FYI, without knowing the data types for your columns, I've assumed they're all strings.
First you have to remove * from the insert query
Second if you are inserting values like this make sure no of column in table is same as no of values you are inserting here(In this case 6)
There is so much wrong with your query. look at the documentation for proper syntax
mysqli_query($con,"INSERT INTO table_name (field1,field2,field1) values ('value1','value2','value3')");
In Specific to your problem
$query=mysqli_query($con,"INSERT INTO orders (your fields Here ) VALUES (
'".$user_index."', '".$order_date."', '".$_POST['item_number']."',
'".$_POST['price']."', '".$_POST['tax']."', '".$_POST['pay_method']."'
)");