Mysqli SELECT JOINS multiple WHERES - php

I have a problem with multiple wheres in a consult to database mysqli. I don't know how to make it. I'm reading about JOINS for multiple consults, but I don't know it very well, and it still doesn't work. This is my code:
$status = mysqli_escape_string($con, $_POST['status']);
$type = mysqli_escape_string($con, $_POST['type']);
$beds = mysqli_escape_string($con, $_POST['beds']);
$baths = mysqli_escape_string($con, $_POST['baths']);
$query = "SELECT * FROM properties WHERE beds LIKE '%".$beds."%' OR baths LIKE '%".$baths."%' " ;
I need to obtain all results that have beds, baths, status, types, etc, but it does not work with the actual SELECT. I already made some tries with JOINS, but that did not work the way I expected. This function gives all the results but not filtered. Thank you for any help!
EDIT:
This is all my code, my form
<form action="" id="amenities-form" name="amenities-form" data-name="Amenities Form" class="top-search-form-left" method="POST">
<select id="status" name="status" data-name="status" class="select-search-form w-select">
<option value="sale">For Sale</option>
<option value="rent">For Rent</option>
</select>
<select id="type" name="type" data-name="type" class="select-search-form w-select">
<option value="">Type of property</option>
<option value="condo">Condo</option>
<option value="house">House</option>
<option value="commercial">Commercial</option>
<option value="lot">Lot</option>
<option value="villa">Villa</option>
<option value="business">Business</option>
<option value="fractional">Fractional</option>
<option value="boat">Boat</option>
</select>
<input type="text" class="input-search-form w-input" maxlength="256" name="beds" data-name="beds" placeholder="Beds" id="beds">
<input type="text" class="input-search-form w-input" maxlength="256" name="baths" data-name="baths" placeholder="Baths" id="baths">
<input type="submit" value="Go" class="btn-search-left w-button">
</form>
<form action="" id="search-form" name="search-form" data-name="Search Form" class="top-search-form-right" method="POST">
<input type="text" class="input-search-form w-input" maxlength="256" name="search" data-name="search" placeholder="Search..." id="search-word">
<input type="submit" value="Lupa" class="btn-search-right w-button">
</form>
This is my code of php
if (!empty($_POST)) {
$con = new mysqli($host, $user, $pass, $db);
if (mysqli_connect_errno()) {
printf("Falló la conexión failed: %s\n", $con->connect_error);
exit();
}
if (isset($_POST['search'])) {
$search = mysqli_escape_string($con, $_POST['search']);
$query = "SELECT * FROM properties WHERE title LIKE '%".$search."%'" ;
}else{
$status = mysqli_escape_string($con, $_POST['status']);
$type = mysqli_escape_string($con, $_POST['type']);
$beds = mysqli_escape_string($con, $_POST['beds']);
$baths = mysqli_escape_string($con, $_POST['baths']);
$query = "SELECT * FROM properties WHERE beds LIKE '%".$beds."%' OR baths LIKE '%".$baths."%' " ;
}
$res = $con->query($query);
if (!$res) {
trigger_error('Invalid query: ' . $con->error);
}
if ($res->num_rows) {
while ($row = $res->fetch_object()) {
//$status_name = $con->query("SELECT * FROM status WHERE id = {$row->status_id}");
//$status_name = $status_name->fetch_object();
//echo "{$row->title} ({$status_name->title})<br>";
echo "{$row->title} ({$row->status_id})<br>";
}
}else{
echo "No results";
}
$res->free();
$con->close();
}else{
echo 'No results';
}
I will try some suggest you did

Related

for loop over selection option value HTML with PHP

Hi I work like loop through the selection option values with PHP instead of duplicating it, from value 500 to 510. Can you kindly show me how to do it?
<body>
<div class="form-group">
<br> <label>Job Description</label>: <b><?php echo $row['job_desc']; ?><br></b>
<select class="form-control" name="job_code">
<option value="500">System Analysis</option>
<option value="501">Programmer</option>
<option value="502">Database Designer</option>
<option value="503">Electrical Engineer</option>
<option value="504">Mechanical Engineer</option>
<option value="505">Civil Engineer</option>
<option value="506">Clerical Support</option>
<option value="507">DSS Analyst</option>
<option value="508">Application Designer</option>
<option value="509">Bio Technician</option>
<option value="510">General Support</option>
</select>
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary" name="update" value="Update Data">Save</button>
</div>
</body>
Employee BDJob DB
<?php
$connection = mysqli_connect("localhost", "root", "");
$db = mysqli_select_db($connection, 'amaz');
if (isset($_POST['update'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$sex = $_POST['sex'];
$emp_salary = $_POST['emp_salary'];
$dept_name = $_POST['dept_name'];
$job_code = $_POST['job_code'];
$query = "UPDATE employee
SET employee.first_name='$_POST[first_name]',employee.last_name='$_POST[last_name]',employee.sex='$_POST[sex]',employee.emp_salary='$_POST[emp_salary]',employee.dept_id='$_POST[dept_name]',employee.job_code='$_POST[job_code]'
WHERE employee.emp_num='$_POST[id]'";
$query_run = mysqli_query($connection, $query);
}
?>

You make a SELECT query that looks at the jobs table:
$server = 'localhost';
$user = 'root';
$pass = '';
$db = 'amaz';
$mysql = new mysqli($server, $user, $pass, $db);
if ($mysql->connect_error !== null) {
printf("Connect failed: %s\n", $mysql->connect_error);
exit;
}
$select = $mysql->query("SELECT * FROM jobs WHERE job_code > 409 and job_code < 511");
$jobs = [];
while ($row = $select->fetch_array(MYSQLI_ASSOC)) {
$jobs[] = $row;
}
?>
<select class="form-control" name="job_code">
<?php foreach ($jobs as $job): ?>
<option value="<?=$job['job_code']?>"><?=$job['job_desc']?></option>
<?php endforeach; ?>
</select>
This will output:
<select class="form-control" name="job_code">
<option value="500">System Analysis</option>
<option value="501">Programmer</option>
<option value="502">Database Designer</option>
...etc
</select>

Inserting Data into MySQL table using HTML form

I am currently trying to insert rows into a MySQL database, and most of the code is there but I'm having a few issues I can't diagnose. I know the database connection is good, and every time the submit button is pressed it runs the correct php script. The issue I'm having is that it always adds 2 records to the database table and fails to carry though any of the form data (it inserts two completely blank rows.)
Here's the code for the form (with a little extra code for the wordpress page)
<div class="main-container">
<div class="content-area">
<div class="middle-align">
<div class="site-main" id="sitefull">
<?php while ( have_posts() ) : the_post(); ?>
<?php get_template_part( 'content', 'page' ); ?>
<div>
<form method="POST" name="cutting tool" action="add-tool-script.php">
<table style="width:auto;">
<tr>
<th width="50%"><h2><ul>Tool Information</ul></h2><br></th>
<th width="50%"><ul><h2>Storage Information</h2></ul><br></th>
</tr>
<tr>
<td width="50%">
<h3>Tooling Name</h3><br>
<input type="text" name="name" placeholder="e.g. ShearHog"><br><br>
<h3>Tooling Type</h3><br>
<select name="type">
<option selected disabled hidden style='display: none' value=''></option>
<option value="Ballnose Endmill">Ballnose Endmill</option>
<option value="Bullnose Endmill">Bullnose Endmill</option>
<option value="Boring Bar">Boring Bar</option>
<option value="Brush">Brush</option>
<option value="Burnishing">Burnishing</option>
<option value="Chamfer Mill">Chamfer Mill</option>
<option value="Countersink">Countersink</option>
<option value="Drill">Drill</option>
<option value="Drill/Mill">Drill/Mill</option>
<option value="Engraver">Engraver</option>
<option value="Face Mill">Face Mill</option>
<option value="Flat Endmill">Flat Endmill</option>
<option value="High Feed Mill">High Feed Mill</option>
<option value="Reamer">Reamer</option>
<option value="Slitting Saw">Slitting Saw</option>
<option value="Spot Drill">Spot Drill</option>
<option value="Tap">Tap</option>
<option value="Threadmill">Threadmill</option>
<option value="Woodruff">Woodruff</option>
<option value="Other">Other</option>
</select><br><br>
<h3>Tooling Brand</h3><br>
<input type="text" name="brand" placeholder="e.g. Lakeshore Carbide"><br><br>
<h3>Part Number</h3><br>
<input type="text" name="part_number" placeholder="e.g. 360014X"><br><br>
<h3>Price</h3><br>
<input type="text" name="price" placeholder="e.g. 24.95"><br><br>
<h3>Overall Length</h3><br>
<input type="text" name="oal" placeholder="e.g. 2.5"><br><br>
<h3>Tooling Material</h3><br>
<select name="material">
<option selected disabled hidden style='display: none' value=''></option>
<option value="Carbide">Carbide</option>
<option value="Ceramic">Ceramic</option>
<option value="Diamond">Diamond</option>
<option value="HSS">HSS</option>
<option value="Powdered Metal">Powdered Metal</option>
</select><br><br>
<h3>Cutting Diameter</h3><br>
<input type="text" name="cutting_diam" placeholder="e.g. 0.250"><br><br>
<h3>Shank Diameter</h3><br>
<input type="text" name="shank_diam" placeholder="e.g. .250"><br><br>
<h3>Number of Flutes</h3><br>
<input type="text" name="flutes" placeholder="e.g. 3"><br><br>
<h3>Length of Cut (Flute Length)</h3><br>
<input type="text" name="loc" placeholder="e.g. .750"><br><br>
<h3>Corner Radius</h3><br>
<input type="text" name="corner_rad" placeholder="e.g. .004"><br><br>
</td>
<td width="50%">
<h3>Quantity in Stock</h3><br>
<input type="text" name="qty" placeholder="e.g. 37"><br><br>
<h3>Minimum Trigger Quantity</h3><br>
<input type="text" name="trigger_qty" placeholder="e.g. 4"><br><br>
<h3>Reorder Link</h3><br>
<input type="text" name="reorder_link" placeholder="e.g. example.com"><br><br>
<h3>Toolbox Number</h3><br>
<input type="text" name="toolbox_no" placeholder="e.g. 1"><br><br>
<h3>Drawer Number</h3><br>
<input type="text" name="drawer_no" placeholder="e.g. 1"><br><br>
<h3>Bin Number</h3><br>
<input type="text" name="bin_no" placeholder="e.g. 1"><br><br>
<h3>Product</h3><br>
<input type="text" name="product" placeholder="e.g. Widget #2"><br><br>
<input type="submit" value="Add to Tool Crib" name="submitbutton" action="submit"/>
</td>
</tr>
</table>
</form>
</div>
<?php
//If comments are open or we have at least one comment, load up the comment template
if ( comments_open() || '0' != get_comments_number() )
comments_template();
?>
<?php endwhile; // end of the loop. ?>
</div>
<div class="clear"></div>
</div>
</div>
</div>
<?php get_footer(); ?>
And here's the code for the php script to add form data to the database:
//MySQL Database
$servername = "url.com";
$username = "user_login";
$password = "user_password";
$datab = "database_name";
// Create connection
$conn = new mysqli($servername, $username, $password, $datab);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$name = $_REQUEST['name'];
$type = $_REQUEST['type'];
$brand = $_REQUEST['brand'];
$part_number = $_REQUEST['part_number'];
$price = $_REQUEST['price'];
$oal = $_REQUEST['oal'];
$material = $_REQUEST['material'];
$cutting_diam = $_REQUEST['cutting_diam'];
$shank_diam = $_REQUEST['shank_diam'];
$flutes = $_REQUEST['flutes'];
$loc = $_REQUEST['loc'];
$corner_rad = $_REQUEST['corner_rad'];
$qty = $_REQUEST['qty'];
$trigger_qty = $_REQUEST['trigger_qty'];
$reorder_link = $_REQUEST['reorder_link'];
$toolbox_no = $_REQUEST['toolbox_no'];
$drawer_no = $_REQUEST['drawer_no'];
$bin_no = $_REQUEST['bin_no'];
$product = $_REQUEST['product'];
$username = $user_login;
$sql = "INSERT INTO `cutting tools` (`name`, `type`, `brand`, `part_number`, `reorder_link`, `oal`, `price`, `material`, `cutting_diam`, `shank_diam`, `flutes`, `loc`, `corner_rad`, `qty`, `trigger_qty`, `user`, `drawer_no`, `bin_no`, `toolbox_no`)
VALUES ('$name', '$type', '$brand', '$part_number', '$reorder_link', '$oal', '$price', '$material', '$cutting_diam', '$shank_diam', '$flutes', '$loc', '$corner_rad', '$qty', '$trigger_qty', '$username', '$drawer_no', '$bin_no', '$toolbox_no')";
if(mysqli_query($conn, $sql)){
echo "Record added successfully.";
} else{
echo "ERROR: Could not execute $sql. " . mysqli_error($conn);
}
// Close connection
mysqli_close($conn);
?>
Also I know my database is vulnerable to injection, that was a change I planned on making once the form was up and running.

Use WordPress to your advantage. Instead of defining your own connection, use global $wpdb, and then use the insert command.
global $wpdb;
$success = $wpdb->insert('tbl_name', array(<br>
'field1_name' => $_REQUEST['field1'],<br>
'field2_name' => $_REQUEST['field2'],<br>
));<br>
if($success){<br>
echo "Inserted correctly";<br>
} else {<br>
echo "Something went awry!";<br>
}

Here's a prepared statement, a more secure way of creating a MYSQL record in your table.
<?php
//MySQL Database
$servername = "url.com";
$username = "user_login";
$password = "user_password";
$datab = "database_name";
// Create connection
$con = new mysqli($servername, $username, $password, $datab);
global $con;
// Post form data
$name = $_POST['name'];
$type = $_POST['type'];
$brand = $_POST['brand'];
$part_number = $_POST['part_number'];
$price = $_POST['price'];
$oal = $_POST['oal'];
$material = $_POST['material'];
$cutting_diam = $_POST['cutting_diam'];
$shank_diam = $_POST['shank_diam'];
$flutes = $_POST['flutes'];
$loc = $_POST['loc'];
$corner_rad = $_POST['corner_rad'];
$qty = $_POST['qty'];
$trigger_qty = $_POST['trigger_qty'];
$reorder_link = $_POST['reorder_link'];
$toolbox_no = $_POST['toolbox_no'];
$drawer_no = $_POST['drawer_no'];
$bin_no = $_POST['bin_no'];
$product = $_POST['product'];
// Prepared statement
$insert = mysqli_prepare($con, "insert into cutting tools (name,type,brand,part_number,reorder_link,oal,price,material,cutting_diam,shank_diam,flutes,loc,corner_rad,qty,trigger_qty,user,drawer_no,bin_no,toolbox_no) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
mysqli_stmt_bind_param($insert, "sssssssssssssssssss", $name,$type,$brand,$part_number,$reorder_link,$oal,$price,$material,$cutting_diam,$shank_diam,$flutes,$loc,$corner_rad,$qty,$trigger_qty,$product,$drawer_no,$bin_no,$toolbox_no);
mysqli_stmt_execute($insert);
if ($insert) { echo "success"; mysqli_close($con); } else { echo "error"; mysqli_close($con); }
?>
Pay close attention to the order of your columns and the data you are submitting to those columns. I have edited this post because your order was incorrect in several places.
The column names and the data variables being uploaded to them have to be in the exact same order if you want data created correctly.
By the way the variable $product does not seem to match the column name of user, you may want to check this.

Dynamic dropdown for a webpage is not populating from my database

I cannot figure out why the dynamic dropdown won't populate from my database.:
<!doctype html>
<html>
<body>
<h2>Insert Album</h2>
<form action="insertalbum.php" method="POST">
Title: <input type="text" name="atitle" maxlength='50' required><br>
Band: <select name='bands'>
<?php
$conn = mysqli_connect("Server","database","password","username"); //i put in these placeholder for my actual credentials
// Check connection
if(mysqli_connect_errno()){
echo nl2br("Failed to connect to MySQL: " . mysqli_connect_error() . "\n ");
}
$query = "SELECT DISTINCT name FROM band";
$result = mysqli_query($conn, $query);
while ($row = mysqli_fetch_assoc($result)) {
unset($name);
$name = $row['name'];
echo '<option value="name"> $name </option>';
}
?>
</select>
<br>
Published Year: <input type="number" name="pyear" min='1900' max='2020' required><br>
Publisher: <input type="text" name="pname" maxlength='50' required><br>
Format:<select> <option value="record"> Record </option>
<option value="cd"> CD </option>
<option value="casette"> Casette </option>
</select> <br>
Price: <input type="number" name="price" min='0' max='9999.99'><br>
<input type="submit" value="Insert">
</form>
</body>
</html>

this a example:
<select id="employee">
<option value="" selected="selected">Select Employee Name</option>
<?php
/* connection */
$conn = mysqli_connect("Server","database","password","username");
/* query */
$sql = "SELECT id, employee_name, employee_salary, employee_age FROM employee LIMIT 10";
/* get data from db */
$resultset = mysqli_query($conn, $sql) or die("database error:". mysqli_error($conn));
/* build your dropdown*/
while( $rows = mysqli_fetch_assoc($resultset) ) {
?>
<option value="<?php echo $rows["id"]; ?>"><?php echo $rows["employee_name"]; ?></option>
<?php } ?>
</select>

Search multiple words and single word at a time in a multiple row in Mysql php

I'm trying to use this search for searching more than one words or single word at a time from a database. Now the problem is that my script only running properly but please help me...
<form name="ds" method="post">
<input type="text" name="name" placeholder="Entername" />
<!--<input type="text" name="search" placeholder="Location" />-->
<select name="location[]" multiple="multiple">
<option value="delhi">Delhi</option>
<option value="Mumbai">Mumbai</option></select>
<input type="submit" name="submit" value="Search" />
</form>
<?
$conn=mysql_connect("localhost","root","");
mysql_select_db("dbrozgarexpress",$conn);
echo $search =$_POST['location'];
$description = "";
$name2=$_POST['name'];
if(isset($name2)&&$name2 != ""){
if($flag){
$cheack.= "AND ";
}
$cheack.="user_first_name ='$name2' ";
$flag =true;
}
if(isset($search)&&$search != ""){
if($flag){
$cheack.= "AND ";
}
foreach($search AS $s)
{
$cheack.="user_current_location_id ='$s' or ";
$flag =true;
}
}
$cheack = substr($cheack, 0, -4);
echo $query = "SELECT * FROM `tb_user` WHERE $cheack ";
?>
error SELECT * FROM `tb_user` WHERE user_first_name ='kum

I think I have a general idea of what you are after.
P.S. the query will only show after you submit the form - i.e. after you click search button
Try this:
<?php
// Handle Post
if (count($_POST))
{
// Load Params
$name = isset($_POST['name']) ? $_POST['name'] : '';
$locations = isset($_POST['location']) ? $_POST['location'] : array();
// Start Query
$sql = 'SELECT * FROM `tb_user` WHERE ';
// Build Query
$sql_parts = array();
if (!empty($name)) {
$sql_parts[] = "`user_first_name` = '$name'";
}
if (sizeof($locations)) {
foreach ($locations as $location) {
$sql_parts[] = "`user_current_location_id` = '$location'";
}
}
$sql = $sql . implode(' AND ', $sql_parts);
// Debug
echo $sql ."<br><br>";
}
?>
<form action="" name="ds" method="post">
<input type="text" name="name" placeholder="Entername" />
<select name="location[]" multiple="multiple">
<option value="delhi">Delhi</option>
<option value="Mumbai">Mumbai</option></select>
<input type="submit" name="submit" value="Search" />
</form>
Here's an example of this working:
No location selected, name only
name and one location
name and two location

Only update entry when there is a new value

I have a form that will update specified entries in a mysql table. The form will only submit if all the fields are filled in .
Is there a way to make it so that the form will only update fields that have a new value and leave the ones that have been left blank?
Form code :
<?php
error_reporting(E_ALL ^ E_DEPRECATED);
if(isset($_POST['update']))
{
$con = mysql_connect($server, $db_user, $db_pass);
if(! $con )
{
die('Could not connect: ' . mysql_error());
}
$id = $_POST['id'];
$english = $_POST['english'];
$math = $_POST['math'];
$science = $_POST['science'];
$table = $_POST['year'];
$sql = "UPDATE $table ".
"SET english = $english ,math = $math ,science = $science ".
"WHERE id = $id" ;
mysql_select_db('education');
$retval = mysql_query( $sql, $con );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
//header("Location: " . $_SERVER['PHP_SELF']);
//echo "Entered data successfully\n";
mysql_close($con);
}
else
{
?>
<?php } ?>
<h4 align="center">Update student details</h4>
<form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
Student ID:
<input name="id" type="text" id="id">
<br>
English mark:
<input name="english" type="number" id="english">
<br>
Math's mark:
<input name="math" type="number" id="math">
<br>
Science mark:
<input name="science" type="number" id="science">
<br>
Year: <br>
<select name="year" id="year">
<option value="">Select...</option>
<option value="year1">Year 1</option>
<option value="year2">Year 2</option>
<option value="year3">Year 3</option>
<option value="year4">Year 4</option>
</select>
<br>
<br>
<input name="update" type="submit" id="update" value="Submit">
</form>

use isset() before use the variables in your query

try this :
$sql = "UPDATE $table ".
"SET english = $english ,math = $math ,science = $science ".
"WHERE id = $id AND (english != $english OR math != $math OR science != $science)";

Categories