We Keep Coding

How to decrypt String in mysql by Selecting? [duplicate]

This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Reference: What is variable scope, which variables are accessible from where and what are "undefined variable" errors?
(3 answers)
Reference - What does this error mean in PHP?
(38 answers)
Closed 5 years ago.
2 fields in my table are encrypted (email, name) and the other not.
I use the function $email = decrypt('email'); to get the original String.
How to use the function into mysql?
the question: how can I insert this function : decrypt('email') into this query below ? :
$query = mysqli_query($con, "select 'name', 'tel', 'adress', 'email' from users where id = 10");
for Encrypting works :
INSERT INTO `users` (`name`, `tel`, `adress` , `email`) VALUES (encrypt($name),$tel, $adress, encrypt($email));

mysql error (Column count doesn't match value count at row 1) [duplicate]

This question already has answers here:
PHP, MySQL error: Column count doesn't match value count at row 1
(3 answers)
Closed 2 years ago.
I have SQL syntax:
$input = mysql_query("INSERT INTO member (id_member, fullname, username, password, email, phone, ktp, address) VALUES ('$idm', '$fullname','$username', '$password', '$email', '$phone', '$ktp', '$address')") or die ("Error..".mysql_error());
When I'm running this code i got an error like this (Column doesn't match value count at row 1).

single quotation mark '' does not parse the variable rather than send whatever inside as it is, so basically you insert a string valued $idm itself instead of its value. So what you need is to make the variable out of the string.
$input = mysql_query("INSERT INTO member (id_member, fullname, username, password, email, phone, ktp, address) VALUES ('".$idm."', '".$fullname."','".$username."', '".$password."', '".$email".', '".$phone."', '".$ktp."', '".$address."')") or die ("Error..".mysql_error());

PDO query with php variables [duplicate]

This question already has answers here:
Can PHP PDO Statements accept the table or column name as parameter?
(8 answers)
Closed 8 years ago.
Why this line doesn't work:
$db_Table = "myTable";
$pdo->prepare("INSERT INTO :db_Table VALUES (...
$query->execute(array(
':db_Table' => $db_Table,
Whereas this one works:
$pdo->prepare("INSERT INTO myTable VALUES (...
How can I solve it ?

Tablenames can not be replaced in a PDO Query.
Further information you can find in the following thread
Can PHP PDO Statements accept the table or column name as parameter?

unfortunately there are no builtin function for binding table names, you have to do it yourself:
$db_Table = "myTable";
$query = $pdo->prepare("INSERT INTO `$db_Table` VALUES (...)");
$query->execute();
But that is still not being escaped, one workaround is to have an array of table, then check if it exist:
$list_of_tables = array('myTable1', 'myTable2', 'myTable3');
if(!in_array($db_Table, $list_of_tables){
//table does not exist !
}

UPDATE table values without knowing column names PHP [duplicate]

This question already has answers here:
MySQL query to get column names?
(22 answers)
Closed 9 years ago.
Here is the situation. I just know total number of columns the table test_table has but don't know their names(sounds strange but its true). Is there any way I can write UPDATE Query for all column values on basis of some ID(auto-increment primary key)?
To add row in this table, I did following which is working but don't have idea how to do it for UPDATE:
$newCols = $_POST['newRowCols'];
$query = "INSERT INTO test_table VALUES "."("."NULL";
foreach($newCols as $col)
{
$query .= ",'$col'";
}
$query.=")";
mysqli_query($con,$query);
Thanks.

No this is not possible. But you can get the column names using the information_schema database:
SELECT
`ORDINAL_POSITION`,
`COLUMN_NAME`
FROM `information_schema`.COLUMNS
WHERE
`TABLE_SCHEMA` = $dbname
AND
`TABLE_NAME` = $tablename
ORDER BY `ORDINAL_POSITION`

Unknown Column 1 in field list? [duplicate]

This question already has answers here:
Inserting multiple values into a MySQL at once [duplicate]
(3 answers)
Closed 9 years ago.
Completely stumped. Getting Error as stated in question title, and no idea why. All my coloumns have text names an there is no reference as far as i know in my code to a column named "1". I have had someone modify this slightly to help me out so maybe there is an issue here i am unaware of.
(string)$insert;
if(is_array($_POST['Year'])){
foreach($_POST['Year'] as $k=>$v){
$insert .= "($_POST['Name'][$k], $_POST['Short'][$k], $_POST['Med'][$k], $_POST['Long'][$k], $_POST['VLong'][$k], $_POST['Extreme'][$k], $_POST['LJump'][$k], $_POST['HJump'][$k], $_POST['Shotputt'][$k], $_POST['Discuss'][$k], $_POST['Javelin'][$k], $_POST['Date'][$k], $_POST['Year'][$k]),";
}
$insert = substr_replace($insert ,0,-1);
}else{
$insert .= "($_POST['Name'], $_POST['Short'], $_POST['Med'], $_POST['Long'], $_POST['VLong'], $_POST['Extreme'], $_POST['LJump'], $_POST['HJump'], $_POST['Shotputt'], $_POST['Discuss'], $_POST['Javelin'], $_POST['Date'], $_POST['Year'])";
}
$sql="INSERT INTO results_main
(`Name`, `Short`, `Med`, `Long`, `VLong`, `Extreme`, `LJump`, `HJump`, `Shotputt`, `Discuss`, `Javelin`, `Date`, `Year`)
VALUES
".$insert;
$result = mysql_query($sql) or die(mysql_error());
// close connection
mysql_close($conn);

The reason is because you are wrapping the values with backticks. Values should be wrap with single quotes if they are string literals. MySQL is treating your values as columns because of the backticks around them. Backticks are used for identifiers not string literals. So the rought example would look like this,
INSERT INTO tableName (col1, col2, col3)
VALUES ('hello', 'world', 'stack')