Using a plugin I'm able to use PHP on page by using [insert_php] as a tag however, whenever I try using SQL it doesn't seem to work.
I tried using:
global $wpdb;
$prepared = $wpdb->get_row(
"SELECT SiteID, SiteName
FROM $wpdb->Site
WHERE SiteID = 1");
echo $prepared->SiteName;
echo "test";
All I'm getting is test on the page and I've tested to see if my sql statement was at fault and it seems to be working fine so I'm guessing there's an issue with $wpdb or the way I'm outputting the data.
WordPress.org has a lot of detailed information in their reference.
I think attempting to refer to $wpdb->Site is a likely suspect for why your code is not working. You will need to know the exact fields in the table to pull your information.
Here is a reference for the wp_site table. I think you're actually looking for the 'domain' field, not 'sitename'.
Try replacing $wpdb->Site with the actual name of the table. I also get errors like that at first since $wpdb->table_name only works with the default wp tables.
EDIT
It should be something like this:
SELECT SiteID, SiteName FROM Site WHERE SiteID = 1
Related
I'm trying to search for specific users, using a form with a text input. Right now I'm testing the connection and var_dump the array on the page to see if my search is returning any results. Currently with the following code I'm able to connect to my database and pull in the correct users if I only search for the last name. If I search for the first and last name it returns no results in the array. What am I doing wrong here?
if (isset($_POST['user'])) {
$keyword = $_POST['user'];
$skuser = $wpdb->get_results("SELECT * FROM table_name WHERE last LIKE '%$keyword%';");
var_dump($skusers);
}
This is WordPress on a custom page template as you can see from my code snippet I'm using the $wpdb global database variable. Again, this does work if I type in someones last name but if I type their entire name it can't find anything. Thanks for pointing me in the right direction!
SELECT *
FROM table
WHERE CONCAT( nameFirst,' ', nameLast ) LIKE '%Noman%'
sanitize any user submitted input before applying in the query or use MYSQLi
First post on stackoverflow. I have been following this site for a long time, and usually find what im looking for. But this has me perplexed.
Let me set the stage. I am developing a web driven program. I have Wordpress, with the Divi theme from Elegant Themes. and I am using shortcodes to insert into the modules. I am a newbie (this says it all.)
Here is my problem. I have run a wpdb query that returns a single row of results.
$editresult = $wpdb->get_results ("SELECT `serialnumber`, `batttype`, `cells`, `fullvolts` FROM listbattery WHERE serialnumber = '$serialnumber'", ARRAY_A);
When I vardump this, i get the following.
array(1) {[0]=>array(4) {["serialnumber"]=>string(10)"battery #2" ["batttype"]=>string(5) "NiCad" ["cells"]=>string(1) "8"["fullvolts"]=>string(6)"12.125"}}
So with that being said, I know that the query is working fine. I know that I am receiving the information. What I can't for the life of me figure out, is how to turn the results from each column into individual variables, so that I can insert each variable randomly throughout my page.
I have tried about 8 different methods so far. I hope you guys can help! thanks!!!
You can loop through the result:
foreach($editresult as $result) {
$serialnumber = $result['serialnumber'];
$batttype = $result['batttype'];
$cells = $result['cells'];
$fullvolts = $result['fullvolts'];
}
If only one row is expected to be returned, you can do the following
$editresult = $wpdb->get_row("SELECT `serialnumber`, `batttype`, `cells`, `fullvolts` FROM listbattery WHERE serialnumber = '$serialnumber'", ARRAY_A);
Then you can access returned values like
$editresult['serialnumber']
$editresult['batttype']
$editresult['cells']
$editresult['fullvolts']
or if you change ARRAY_A to OBJECT, you will be able to access these values like so
$editresult->serialnumber
$editresult->batttype
$editresult->cells
$editresult->fullvolts
There is no need in get_results and foreach like shown in #nanodanger's answer if you always expect to get only 1 row
Lets say I have a file called comments.php. In it I have a row like this:
$post_id = $_GET['id'];
$result = mysqli_query($con,"SELECT * FROM comments WHERE post_id = $post_id");
$post_id is the id of the actual entry.
If I echo $post_id it shows the entry's number, no problem there.
There's also a file called comment_send.php.
In it I want to send a comment, alongside with the id of the actual entry, so the comments will know where they belong to.
$post_id = $_GET['id'];
$result = mysqli_query($con,"SELECT * FROM comments WHERE post_id = $post_id");
$sql="INSERT INTO comments (comment, post_id) VALUES ('$_GET[comment]','$post_id')";
However, when I hit the submit button I get this: Notice: Undefined index: id
I dont understand the problem because in the comments.php everything works fine but if I move the same part into another file it fails. Does anyone know what my problem might be?
And yeah, the comment arrives in the database, with the number 0, instead of the entry number.
Your submitting data from the client to the server using a form, right? Check your action on your form. Is it POST (as it should be if you are updating your database)? If so, change $post_id = $_GET['id']; to $post_id = $_POST['id'];
As a troubleshooting tool, I typically add something like echo('<pre>'.print_r($_REQUEST,1).'</pre>'); to the top of my page. You can then find out what type of data you are sending to the server. Then when you get to your SQL statement, be sure to echo the query to see what it is.
Also, sanitize your data as you are open to SQL injection.
It doesn't look like you are passing 'id' to your comment_send.php page. Either pass it in with your comment, or save it as a $_SESSION variable on the previous page.
I am editing a template to try and add some conditional logic to my page.
The page template shows topics related to a user.
I want to add a piece of code which will grab the user name from the page we are viewing and then use that in a string for my conditional statements.
The code I have put together is as follows, but it breaks my page so I am doing something wrong.
<?php global
// I query the ID and try and set that to the $userID - I think I am doing this wrong, but when I echo the ID it gets the correct info.
$userID = get_queried_object()->ID;
// This is the string I create using the userID which should be from the query above
$memberstatus = get_user_meta($userID,'member_status',true);
?>
later on I use IF statements to use thsi result (which i know work) so i won't post them. My problem is trying to get the above to work.
Any help?
damm, looks like when I remove 'global' from the php it works! I thought global had to be in this...ah well
I need something simple; I have page where a user clicks an author to see the books associated with that author. On my page displaying the list of books for the author, I want a simple HTML title saying: 'The books for: AUTHORNAME'
I can get the page to display author ID but not the name. When the user clicks the link in the previous page of the author, it looks likes this:
<?php echo $row['authorname']?>
And then on the 'viewauthorbooks.php?author_id=23' I have declared this at the start:
$author_id = $_GET['author_id'];
$authorname = $_GET['authorname'];
And finally, 'The books for: AUTHORNAME, where it says AUTHORNAME, I have this:
echo $authorname
(With PHP tags, buts its not letting me put them in!) And this doesnt show anything, however if I change it to author_id, it displays the correct author ID that has been clicked, but its not exactly user friendly!! Can anyone help me out!
You could pull the author_id from the query string as you did using $_GET but beware you will need to validate what is coming through by the query. I hope you can see that without validation how bad of a security hole this is.
I am at work at the moment, but this is a quick example that should give you what you need without sanitizing your query.
$id = intval($_GET['author_id']);
// of course, perform more validation checks
// just don't assume its safe.
$sql = "SELECT authorname FROM authors_tb WHERE author_id=" . $id;
$result = mysql_query($sql);
while($row = mysql_fetch_array($result)) {
echo "The books for: " . $row['authorname'];
}
The reason why your approach wasn't working was because you utilize the $_GET URL parameter passing for author_name where you weren't supplying the parameters in the URL, just the author_id.
You don't send it in the query string, thus you can't get it from the $_GET array.
Just request it from the database using id.
An important note: Always use htmlspacialchars() when you display the data, coming from the client side.
This is because you do not define the author name in your get.
You should make the following your url:
<?php echo $row['authorname']?>
Or rather select the data from the database again, on the new page, using the ID you retrieved from the URI.
Author name won't be in $_GET. As your code stands, you only use it as the link title. It is no where in the address. Try this instead:
<?php echo $row['authorname']?>
It would be better to re-request it from the database using the author_id though.
EDIT:
To explain the problem in more detail. You have two pages, the new.php page and the viewauthorbooks.php page. You're sending users from the new page to the view page using the link you posted, right?
The problem with that is, your link assigns one variable in get. Here's the query string it would generate:
viewauthorbooks.php?author_id=13
What that will do is send the user to viewauthorbooks and place the value '13' in the $_GET variable: $_GET['author_id']. That is why the author_id is there and displays on viewauthorbooks. However, authorname is never passed to viewauthorbooks, it isn't in $_GET['authorname'] because you never set $_GET['authorname']. If you want it to be in $_GET, then you need your query string to look like this:
viewauthorbooks.php?author_id=13&authorname=bob
You can accomplish that using the new HTML code for the link I posted above. Look at it closely, there's a key difference from the one you have now.
However, it is generally discouraged to pass data through GET, because the query string is displayed to the user and it leaves you open to injection attacks. A better way to do this would be to use the author_id you are already passing to viewauthorbooks.php to retrieve the authorname from the database again. You can use the same code you used on the new.php page.