This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 6 years ago.
I am a newbie in PHP. I am working on searching function, but it does not work well and I could not find why. The problem is; the $query has been sent and accepted well however it could not find the $query in the database even though the $query existed. I think, the $sql command might be wrong somewhere, but could not find it anyway. Thank you.
Here is my code: asset_search.php
<?php
//Search data in database
$query = $_GET['query'];
$min_length = 3;
if(strlen($query) >= $min_length)
{
//$query = htmlspecialchars($query);
//$query = mysql_real_escape_string($query);
$query = strtoupper($query);
$sql = "SELECT * FROM asset WHERE ('asset_name' LIKE '%".$query."%')";
$result = mysqli_query($conn, $sql);
$row_cnt = mysqli_num_rows($result);
$count = 0;
if($row_cnt > 0)
{
echo "<table style='padding: 5px; font-size: 15px;'>";
echo "<tr><th style='width: 30px; border: 1px solid black; align:'center''>No</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Status</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Asset Sub-identifier</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Asset Name</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Asset Type</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Brand</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Service Tag/ Product Tag/ Product S/N</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>CSM Tag</th>";
echo "<th style='width: 200px; border: 1px solid black; align:'center''>Action</th></tr>";
while($row = mysqli_fetch_assoc($result))
{
echo "<tr><td align='center'>" . ++$count . "</td>";
echo "<td align='center'>" . $row["asset_status"] . "</td>";
echo "<td align='center'><a href='asset_viewfull.php?asset_id=" . $row["asset_id"] . "'><ins>" . $row["asset_subidentifier"] . "</a></ins></td>";
echo "<td align='center'>" . $row["asset_name"] . "</td>";
echo "<td align='center'>" . $row["asset_type"] . "</td>";
echo "<td align='center'>" . $row["asset_brand"] . "</td>";
echo "<td align='center'>" . $row["asset_sertag"] . "</td>";
echo "<td align='center'>" . $row["asset_csmtag"] . "</td>";
if($row["asset_status"] == "DISPOSE")
{
echo "<td align='center'><a href='asset_delete.php?asset_id=" . $row["asset_id"] . "'>Delete</a>";
echo " ";
echo "<a href='asset_print.php?asset_id=" . $row["asset_id"] . "'>Print</a></td></tr>";
}else
{
echo "<td align='center'><a href='asset_editform.php?asset_id=" . $row["asset_id"] . "'>Edit</a>";
echo " ";
echo "<a href='asset_delete.php?asset_id=" . $row["asset_id"] . "'>Delete</a>";
echo " ";
echo "<a href='asset_disposeform.php?asset_id=" . $row["asset_id"] . "'>Dispose</a>";
echo " ";
echo "<a href='asset_print.php?asset_id=" . $row["asset_id"] . "'>Print</a></td></tr>";
}
}
}else
{
echo "<tr> There is no asset in the database </tr>";
}
echo "</table>";
}
else
{
echo "<script languange = 'Javascript'>
alert('Minimum length is' .$min_length);</script>";
}
//Close connection
mysqli_close($conn);
$count = 0;
?>
Change your query to the following:
SELECT * FROM asset WHERE (`asset_name` LIKE '%".$query."%')
Note the `` around asset_name instead of ''
you should try this without the brackets sometimes it trows out the search,
$sql = "SELECT * FROM asset WHERE `asset_name` LIKE '%{$query}%'";
this is how i preform this task and has never failed me yet!
Related
I am trying to do a simple pagination exercise with HTML table but only page 2 shows info. It doesn't show table information when I hit 'previous' button.
For example, when I open the page, it shows nothing. When I click on page 2, there is information. When I reach the end, all is ok but then I click 'previous' button or page 1 and it does not show anything again.
$rowperpage = 5; // Total rows display
$row = 0;
if(isset($_GET['page'])){
$row = $_GET['page']-1;
if($row < 0){
$row = 0;
}
}
$link = pg_connect("host=127.0.0.1 port=5432 dbname=swxxxg5_en user=swapng5_control password=xxxxxxxx");
$query = "select id from registrados";
$resultfichados = pg_query($link, $query);
$totalfichados = pg_num_rows($resultfichados);
$allcount = pg_num_rows($resultfichados);
//echo $allcount;
$limitrow = $row*$rowperpage;
$db = pg_connect("host=127.0.0.1 port=5432 dbname=swxxxg5_en user=swapng5_control password=xxxxxxxxxxxxx");
$result = pg_query($db,"select
id,
usuario,
nombre,
apellido,
flag,
reputacion,
ingreso,
lastlogin,
passport,
loyalty,
certified
from registrados order by id asc limit " . $limitrow . " offset 0");
//from registrados order by reputacion asc limit 5 offset 0");
?>
<table align='center' class='table table-hover table-striped' id='t01'>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>id</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Usuario</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Nombre</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Apellido</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Flag</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Reputacion</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Ingreso</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Lastlogin</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Passport</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Loyalty</td>
<td align='center' style='font-weight:bold; color:#fff; background: #3498db;'>Certified</td>
<?php
while($rowdatauser=pg_fetch_assoc($result)){
echo "<tr>";
echo "<td align='center' width='200' style='color:#7f8c8d; font-weight:bold;'>" . $rowdatauser['id'] . "</td>";
echo "<td align='center' width='200' style='color:#7f8c8d; font-weight:bold;'>" . $rowdatauser['usuario'] . "</td>";
echo "<td align='center' width='200'>" . $rowdatauser['nombre'] . "</td>";
echo "<td align='center' width='60'>" . $rowdatauser['apellido'] . "</td>";
echo "<td align='center' width='60' style='background: #e74c3c; color:#fff; font-weight:bold;'>" . $rowdatauser['flag'] . "</td>";
echo "<td align='center' width='200' style='background: #ff9900; font-weight:bold;'>" . $rowdatauser['reputacion'] . "</td>";
echo "<td align='center' width='200'>" . $rowdatauser['ingreso'] . "</td>";
echo "<td align='center' width='200' style='background: #58c0ce;'>" . $rowdatauser['lastlogin'] . "</td>";
echo "<td align='center' width='200'>" . $rowdatauser['passport'] . "</td>";
echo "<td align='center' width='200'style='background: #7863a0; color:white; font-weight:bold;'>" . $rowdatauser['loyalty'] . "</td>";
echo "<td align='center' width='200'>" . $rowdatauser['certified'] . "</td>";
echo "</tr>";
}
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #fff;'></td>";
echo " <td align='center' style='background: #4567;'>TOTALES</td>";
echo "<td align='center' width='200' style='background: #eee;'>", $totalfichados ,"</td>";
echo "</table>";
?>
<!-- Number list (start) -->
<ul class="pagination">
<?php
// calculate total pages
$total_pages = ceil($allcount / $rowperpage);
$i = 1;$prev = 0;
// Total number list show
$numpages = 5;
// Set previous page number and start page
if(isset($_GET['next'])){
$i = $_GET['next']+1;
$prev = $_GET['next'] - ($numpages);
}
if($prev <= 0) $prev = 1;
if($i == 0) $i=1;
// Previous button next page number
$prevnext = 0;
if(isset($_GET['next'])){
$prevnext = ($_GET['next'])-($numpages+1);
if($prevnext < 0){
$prevnext = 0;
}
}
// Previous Button
echo '<li >Previous</li>';
if($i != 1){
echo '<li ><a href="?page='.($i-1).'&next='.$_GET['next'].'" ';
if( ($i-1) == $_GET['page'] ){
echo ' class="active" ';
}
echo ' >'.($i-1).'</a></li>';
}
// Number List
for ($shownum = 0; $i<=$total_pages; $i++,$shownum++) {
if($i%($numpages+1) == 0){
break;
}
if(isset($_GET['next'])){
echo "<li><a href='?page=".$i."&next=".$_GET['next']."'";
}else{
echo "<li><a href='?page=".$i."'";
}
// Active
if(isset($_GET['page'])){
if ($i==$_GET['page'])
echo " class='active'";
}
echo ">".$i."</a></li> ";
}
// Set next button
$next = $i+$rowperpage;
if(($next*$rowperpage) > $allcount){
$next = ($next-$rowperpage)*$rowperpage;
}
// Next Button
if( ($next-$rowperpage) < $allcount ){
if($shownum == ($numpages)){
echo '<li >Next</li>';
}
}
?>
</ul>
<!-- Numbered List (end) -->
I guess you are trying to paginaate using LIMIT a OFFSET b system. In that case, your a should be the page size and b the place where you start.
This system has it's limitations, like when rows are added or removed the same time you are viewing data, but if this is acceptable, then it might be the easiest way.
Other ways to paginate are shown in this article.
Two notes: One DB handle is enough, you don't need two connections. And if you want to count the rows in yous set, SELECT count(*) FROM... is easier than pg_num_rows()
I'm trying to display results as a percentage bar (css), I get $row['Balai'] from mysql query, then count the $proc of it, I set $sum as well. It's works fine, but instead of getting different inner value(bar) I always get the same and all the bars looks the same
while($row=$list->fetch_assoc()){
$proc = round((($row['Balai'] / $sum) * 100),1); ?>
<style type="text/CSS">
.outter{
height 25px;
width:500px;
border-right:solid 1px #000;
background-color: red;
}
.inner{
height:25px;
width: <?php echo $proc ?>%;
border-right:solid 1px #000;
background-color:lightblue;
</style>
<tr>
<center>
<?php
echo "<td>" . $row['ID'] . "</td><td>" . $row['Vardas'] . "</td><td>" . $row['Pavarde'] . "</td><td>" . $row['Balai'] . "<td>"; ?>
<div class="outter">
<div class='inner'><?php echo $proc ?>%</div>
<?php
echo "</td><br />";
echo "</center>";
echo "</tr>";
$x++;
}
echo "</table>";
echo "<b>100% sudaro: " . $sum . "</b>";
Try this:(Please ensure the value of $proc is different)
<style type="text/CSS">
.outter{
height 25px;
width:500px;
border-right:solid 1px #000;
background-color: red;
}
.inner{
height:25px;
border-right:solid 1px #000;
background-color:lightblue;
</style>
<?php
while($row=$list->fetch_assoc()){
$proc = round((($row['Balai'] / $sum) * 100),1); ?>
<tr>
<center>
<?php
echo "<td>" . $row['ID'] . "</td><td>" . $row['Vardas'] . "</td><td>" . $row['Pavarde'] . "</td><td>" . $row['Balai'] . "<td>"; ?>
<div class="outter">
<div class='inner' style='width: "<?php echo $proc ?>"%'><?php echo $proc ?>%</div>
<?php
echo "</td><br />";
echo "</center>";
echo "</tr>";
$x++;
}
echo "</table>";
echo "<b>100% sudaro: " . $sum . "</b>";
I want to create a filter which filters my ouput from the database. I have no idea how to create this. I have searched some other topics but they were not so helpful, hopefully someone can help me out.
I have the following code which retrieves the information from my database and ouputs it into a table. (please ignore the table set-up and such, still need to clean the nesting and stuff..)
Code (retrieve.php):
<?php
// Connect to database server
mysql_connect("xx", "xx", "xx") or die (mysql_error ());
// Select database
mysql_select_db("xx") or die(mysql_error());
// SQL query
$strSQL = "SELECT * FROM informatie ORDER BY id DESC;";
// Execute the query (the recordset $rs contains the result)
$rs = mysql_query($strSQL);
//OUDE LOOP SPACE
// Write the value of the column FirstName (which is now in the array $row)
echo "<table width='100%' border='0' cellpadding='10' cellspacing='0'><tr style='background-color:#f04d44; color:#ffffff;'>";
echo "<td style='border-right:1px solid #ff9a88;'><strong>Klant</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Datum</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Eventviewer Nagekeken</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Eventviewer Opmerkingen</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Services Nagekeken</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Services Opmerkingen</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Backup Nagekeken</strong></td><td style='border-right:1px solid #ff9a88;'><strong>Backup Opmerkingen</strong></td><td><strong>Check Gedaan Door</strong></td>";
echo "</tr>";
// Loop the recordset $rs
// Each row will be made into an array ($row) using mysql_fetch_array
while($row = mysql_fetch_array($rs)) {
echo "<tr style='background-color:#ffffff;'>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['klant'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['datum'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['eventviewer_nagekeken'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['eventviewer_opmerkingen'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['services_nagekeken'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['services_opmerkingen'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['backup_nagekeken'];
echo "</td>";
echo "<td style='border-right:1px solid #cccccc; border-bottom:1px solid #cccccc;'>";
echo $row['backup_opmerkingen'];
echo "</td>";
echo "<td style='border-bottom:1px solid #cccccc;'>";
echo $row['check_door'];
echo "</td>";
}
echo "</tr></table>";
// Close the database connection
mysql_close();
?>
Thanks for helping me out!
For filtering, most of the time you can use your database.
Right now your SQL statement is like this:
$strSQL = "SELECT * FROM informatie ORDER BY id DESC;";
To filter on information from the table informatie, you should alter the SQL statment, for example:
$strSQL = "SELECT * FROM informatie WHERE `eventviewer_nagekeken` = 1 ORDER BY id DESC;";
This will return all rows where eventviewer_nagekeken equals 1. This way you will be able to create various outputs from the pool of data you have in the informatie table.
For documentation and examples, see the docs.
you can use where clause generated dynamically as bellow
$where = ' 1=1 ';
if(isset($_REQUEST['param1']))
{
$where .= " and db_field1 = ".mysql_real_escape_string($_REQUEST['param1']);
}
if(isset($_REQUEST['param2']))
{
$where .= " and db_field2 = ".mysql_real_escape_string($_REQUEST['param2']);
}
$strSQL = "SELECT * FROM informatie ".$where." ORDER BY id DESC;";
here mysql_real_escape_string will avoid mysql injection.
Hope this helps you.
I have a code that displays the data that is stored in a database. I want to make an edit button or link that allows me to edit the data (I have a table that displays the data in columns and rows).
Snippet of my edit code
// once saved, redirect back to the view page
header("Location: insertchart.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!123';
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{
// get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['newId']) && is_numeric($_GET['newId']) && $_GET['newId'] > 0)
{
// query db
$newId = $_GET['newId'];
$result = mysql_query("SELECT * FROM charts WHERE newId=$newId")
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$charts_date = $row['charts_date'];
$charts_retrace = $row['charts_retrace'];
$charts_start_of_swing_trade = $row['charts_start_of_swing_trade'];
$charts_end_of_swing_trade = $row['charts_end_of_swing_trade'];
$charts_bullflag = $row['charts_bullflag'];
$charts_bearflag = $row['charts_bearflag'];
$charts_ema_crossover = $row['charts_ema_crossover'];
$charts_trading_instrument = $row['charts_trading_instrument'];
// show form
renderForm($newId, $charts_date, $charts_retrace, $charts_start_of_swing_trade, $charts_end_of_swing_trade, $charts_bullflag, $charts_bearflag, $charts_ema_crossover, $charts_trading_instrument, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'Error!345';
}
}
?>
I get Error!345 when I click on my Edit button so I know it is quering the database fine but I have no idea why it is telling me that there is an error with my ID.
As requested, here is what my table code looks like that displays the Edit link:
$result = $conn->query($sql);
if($result && $result->num_rows > 0) {
// output data of each row
echo "<h2>What is currently inside the database?</h2><br><br>
<table style='border: solid #000000 1px;border-collapse:collapse;'>
<tr>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Chart</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Date</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Retrace</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Start of Swing Trade</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>End of Swing Trade</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Bull flag</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Bear flag</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>EMA Crossover</u></strong></td>
<td style='border: solid #000000 1px;padding:15px;'><strong><u>Trading Instrument</u></strong></td>
</tr>";
while ($row=mysqli_fetch_array($result)) {
echo "<tr><td style='border: solid #000000 1px;'><img src=". $row["charts_URL"]. " width='200px'></td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_date"]. "<br>"; echo "<a href='edit.php?id=" . $row['newId'] . "'>Edit</a></td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_retrace"]. "</td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_start_of_swing_trade"]. "</td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_end_of_swing_trade"]. "</td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_bullflag"]. "</td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_bearflag"]. "</td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_ema_crossover"]. "</td>";
echo "<td style='border: solid #000000 1px;'>" . $row["charts_trading_instrument"]. "</td></tr>";
}
echo "</table>";
} else {
echo "0 results";
}
The Edit code is underneath the charts_date cell.
Thanks to stackoverflow and its great solution, I have found a way to limit the characters in a table but it doesn't work for me. I tried a lot but with no success.
This is my table
<?php
$result = mysqli_query($conn,"SELECT * FROM library ORDER BY `CreatedTime` DESC");
echo "<table class='table-fill' border='0' cellpadding='0' cellspacing='0'>
<tr>
<th position='fixed' overflow='hidden' width='10%'>Book Name</th>
<th width='5%'></th>
</tr>";
while($row = mysqli_fetch_array($result) ) {
echo "<tr>";
echo "<td colspan='2' style='padding-bottom: 0;'><a href='library.details.php?id=". $row['id']."' target='content' class='positiontitle-link'><font style='text-shadow: none; font-weight: 800;'>" . $row['bookname']. "</td>";
echo "</tr>";
echo "<tr style='border-top-width: 0; padding-top: 0;'>";
echo '<td style="max-height: 10px;">' . $str . '</td>';
echo "<td style=' padding-top: 0; padding-left: 15px; width: 40%;'> <font color='gray'>Author :</font> " .($row['authorname'] ). "</td>";
echo "<td width='5%' style=' padding-top: 0;'> <font color='gray'>Year Published </font>" . $row['yearpublished'] . "</td>";
echo "</tr>";
if (strlen($row['bookname']) > 1) $str = substr($row['bookname'], 0, 1) . "...";
}
echo"</table>";
?>
This is how it looks like
Any help will be appreciated.
I'm doing this out of my head so forgive me any format issues and such...
Move the string length check to just under the while.
Overwrite $row['bookname'] instead of creating $str.
Remove the line with:
echo '<td style="max-height: 10px;">' . $str . '</td>';
Result:
while($row = mysqli_fetch_array($result) ) {
if (strlen($row['bookname']) > 9) $row['bookname'] = substr($row['bookname'], 0, 9) . "...";
echo "<tr>";
echo "<td colspan='2' style='padding-bottom: 0;'><a href='library.details.php?id=". $row['id']."' target='content' class='positiontitle-link'><font style='text-shadow: none; font-weight: 800;'>" . $row['bookname']. "</td>";
echo "</tr>";
echo "<tr style='border-top-width: 0; padding-top: 0;'>";
echo "<td style=' padding-top: 0; padding-left: 15px; width: 40%;'> <font color='gray'>Author :</font> " .($row['authorname'] ). "</td>";
echo "<td width='5%' style=' padding-top: 0;'> <font color='gray'>Year Published </font>" . $row['yearpublished'] . "</td>";
echo "</tr>";
}