im using php to insert into the review table.ive given the variables $email, $starcount, $bookid fixed values for now just to test the file. the $res query checks to see if there is a row with that book id and email in it. if theres not The $sql query inserts it, and then the $nex query loops through taking any starcount columns where the book column = $book.
if i change the the email at the top of the file it should insert into the new info database and pull out the new and existing starcount, but it does not post, it just returns the already existing starcount. i dont understand why its not working .... im using the array to return to my file.
<?php
mysql_connect("localhost","root","");
mysql_select_db("FunReads");
$email = "sd";
$starcount = "2";
$bookid = "5";
$res = mysql_query("SELECT * FROM Review WHERE book_id='$bookid' AND user_email='$email'");
if (mysql_num_rows($res) != 0) {
$array[]= array("starcount" => "already entered");
} else {
$sql = mysql_query("INSERT INTO Review(book_id,starcount,user_email) values('.$bookid.','.$starcount.','.$email')");
$nex = mysql_query("SELECT * FROM Review WHERE book_id='$bookid'");
while($row = mysql_fetch_array($nex)){
$star = $row["starcount"];
$array[] = array("starcount" => $star);
}
}
echo json_encode($array);
//echo "[{"name":"n1","city":"NY"},{"name":"n2","city":"Paris"}, ...]
?>
It seems to me "book_id" in "Review" table is primary key, as you have tried to add it multiple time, system shows the error duplicate key. Check the error & post it. Also check whether insert query is working or not.
you should not pass the primary key value manually
try this it will helps you
<?php
mysql_connect("localhost","root","");
mysql_select_db("FunReads");
$starcount="2";
$email = "vinodh#gmail.com";
$res=mysql_query("SELECT * FROM Review WHERE email ='$email'");
if(mysql_num_rows($res)!=0){
$array[]= array("starcount" => "already entered");
}else{
$sql=mysql_query("INSERT INTO Review (starcount,email) values('.$starcount.','.$email')");
$nex=mysql_query("SELECT * FROM Review WHERE email='$email'");
while($row=mysql_fetch_array($nex)){
$star = $row["starcount"];
$array[] = array("starcount" => $star);
}
}
echo json_encode($array);
?>
I just updated your code and it is working fine for me.
<?php
mysql_connect("localhost","user","");
mysql_select_db("xyz");
$email = "hari#gmail.com";
$starcount = "2";
$bookid = "5";
$sql = "SELECT * FROM review WHERE book_id='$bookid' AND user_email='$email'";
$res = mysql_query($sql);
if (mysql_num_rows($res) != 0) {
$array[]= array("starcount" => "already entered");
} else {
$sql = "INSERT INTO review(book_id,starcount,user_email) values('$bookid','$starcount','$email')";
$sql = mysql_query($sql);
$nex = mysql_query("SELECT * FROM review WHERE book_id='$bookid'");
while($row = mysql_fetch_array($nex)){
$star = $row["starcount"];
$array[] = array("starcount" => $star);
}
}
echo json_encode($array);
sample output :
[{"starcount":"2"},{"starcount":"3"},{"starcount":"1"},{"starcount":"2"},{"starcount":"1"}]
I updated the insert query, please try to update the same and test.
Related
I am playing around with php but the script doesnt execute to the last point and with no error...
What i am trying to do is checking the input of the user and comparing it what is in db and then applying conditions. So i have 2 files. update.php and dash.php.
dash.php is my html form page and i included 'update.php' in it
In my update.php, i have these codes
me.php is my html form page and i included 'update.php' in it
In my update.php, i have these codes
<?php
error_reporting(E_ALL);
include_once('database.php');
if(isset($_POST['submit']))
{
$q = $_GET['q'];
$next = $q + 1;
if($q == 26)
{
echo '<h2>Weldone!!</h2>';
}
elseif($q <= 25){
$sql = "SELECT * FROM Students WHERE Email=?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('s',
$_SESSION['login']);
$stmt->execute();
$result = $stmt->get_result(); $row = $result->fetch_assoc();
$Mark = $row['Mark'];
$Correct = $Mark + 1;
$Fail = $Mark + 0;
$sqlb = "SELECT * FROM Answers WHERE qid = ?";
$stmtb = $conn->prepare($sqlb);
$stmtb->bind_param('s', $q);
$stmtb->execute();
$resultb = $stmtb->get_result();
$rowb = $resultb->fetch_assoc();
$Answer =
$rowb['Answer'];
$Pick = $_POST['ans'];
if($Pick == $Answer)
{
$sqld = "UPDATE Students SET Mark=? WHERE Email = ?";
$stmtd = $conn->prepare($sqld);
$stmtd->bind_param('ss', $Correct,$_SESSION['login']);
$stmtd->execute();
$resultd = $stmtd->get_result();
echo "correct" ;
}
}
else
{
echo "<script type='text/javascript'>document.location.href='dash.php?q='.$next.';</script>";
}
}//post submit
?>
The else statement doesnt run. so it keeps reloading the same page.
Also i want to ask why i keep getting the value of 2 for my $Correct variable stored on the database into column Mark for a single correct question instead of 1. What could be wrong?
Lastly, i dont want the script to run if the browser is edited by the user by changing the value of $q from the browser, because i am using get method, is there a way to do that.
Please be nice with your comments. Thanks in advance.!!!
how i can make a php page that adds values to the database, and if the value already exist to delete it instead of add it?
I am trying to do it but i am making a mistake and it only "deletes values".
<?php
require("database.php");
if (empty($username) || empty($password)) {
echo "error";
} else {
$cdtitle=$_POST["cds"];
$cdartist=$_POST["kal"];
$query= 'SELECT FROM cds WHERE cdtitle=:cdtitle && cdartist=:cdartist';
$result = $sql->prepare($query);
$result->execute([":cdtitle" => $cdtitle, ":cdartist" => $cdartist]);
$a = $result->fetchAll();
if ($a>0) {
$cdtitle=$_POST["cds"];
$cdartist=$_POST["kal"];
$query= 'DELETE FROM cds WHERE cdtitle=:cdtitle && cdartist=:cdartist';
$result = $sql->prepare($query);
$result->execute([":cdtitle" => $cdtitle, ":cdartist" => $cdartist]);
$a = $result->fetchAll();
echo "Deleted!";
} else {
$add = "INSERT INTO cds(username, cdtitle, cdartist) VALUES (:username, :cdtitle, :cdartist)";
$result = $sql->prepare($add);
$result->execute([":username" => $username ,":cdtitle" => $cdtitle, ":cdartist" => $cdartist]);
$result->fetchAll();
echo "Added!";
}
}
?>
ok where is my mistake? how i can make it this way that it will add the value to the database if it doesn't exists and it will delete the value from the database if it exist?
There is no column in the query you are selected.
Add * to select all.
$query= 'SELECT * FROM cds WHERE cdtitle=:cdtitle && cdartist=:cdartist';
Then you can add query to count.
$sqlCount = 'SELECT count(*) FROM cds WHERE cdtitle=:cdtitle && cdartist=:cdartist';
$exe = $conn->prepare($sqlCount);
$exe->execute([":cdtitle" => $cdtitle, ":cdartist" => $cdartist]);
$count = $exe->fetchColumn();
Then change if condition to.
if($count > 0)
Why MYSQLi does not update the DB record, but it does provide a successful message. Of course, with the following message: 0 records UPDATED successfully And no changes are made to the database.
my index php file code:
<?php
include 'connect.php';
$work = $_GET["work"];
if($work == "select"){
$query = "SELECT * FROM login ORDER BY City DESC";
$result = $connect->prepare($query);
$result ->execute();
$out = array();
while ($row = $result->fetch(PDO::FETCH_ASSOC)){
$record = array();
$record["InsID"] = $row["InsID"];
$record["Password"] = $row["Password"];
$record["Name"] = $row["Name"];
$record["City"] = $row["City"];
array_push($out,$record);
}
echo json_encode($out);
} elseif($work == "update"){
$name2 = $_REQUEST["Ali"];
$code2 = $_REQUEST["4779"];
$city2 = $_REQUEST["teh"];
$pass2 = $_REQUEST["123"];
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID = '$code2'";
$result2 = $connect->prepare($query2);
$result2 ->execute();
}
?>
I really do not know where my coding is wrong. Please help.
I don't get why you are updating InsID and also using 'where InsID like'
Also there is additional ; in query
You may try
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID like '$code2'";
Important = sanitize input data first**
if I understand what you're trying to accomplish then :
you don't have to set InsID again
you need to use = and not LIKE in the WHERE condition
i.e. this is the row you need :
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID = '$code2';";
also see Nico Haase's comment, it's super correct ! you must improve the code security, see : http://php.net/manual/en/security.database.sql-injection.php
Try this code
May be useful
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID = '$code2';
if(mysqli_affected_rows($connect)==1){
echo "updated successfully";
}
else{
echo "failed";
}
I need help! I just want to insert data from user but before that it will check first if the 'dami' column in database is <=100, if yes then it will insert the data entered by the user if no then it will prompt the user.
But with my code it keeps inserting regardless of the 'dami' sum. Badly need it! Here's my code!
public function do_create_businesscard($txttelno,$txttelno1,$txtfaxno,$txtmobileno,$txtmobileno1,$txtemail,$txtemail1,$txtPieces,$is_deleted)
{
$sql = "SELECT (SELECT SUM(dami)
FROM tbl_business_card_information
WHERE is_deleted = 1)
AS 'Total'";
if ('Total' >= 100){
echo "Sorry but you already reach you maximum request";
}else{
$sql = "INSERT INTO tbl_business_card_information (`tel_no`,`tel_no1`,`fax_no`,`mobile_no`,`mobile_no1`,`email`,`email1`,`dami`) VALUES (?,?,?,?,?,?,?,?)";
$data = array($txttelno,$txttelno1,$txtfaxno,$txtmobileno,$txtmobileno1,$txtemail,$txtemail1,$txtPieces);
$query = $this->db->query($sql,$data);
return $query;
}
}
Thank You !
Your usage of SELECT is wrong. Here is the way.
public function do_create_businesscard($txttelno,$txttelno1,$txtfaxno,$txtmobileno,$txtmobileno1,$txtemail,$txtemail1,$txtPieces,$is_deleted)
{
$sql = "SELECT SUM(dami) FROM tbl_business_card_information WHERE is_deleted = 1";
$result = $this->db->query($sql);
$row = $result->fetch_array(MYSQLI_NUM);
$total = $row[0];
if ($total > 100){
echo "Sorry but you already reach you maximum request";
}else{
$sql = "INSERT INTO tbl_business_card_information (`tel_no`,`tel_no1`,`fax_no`,`mobile_no`,`mobile_no1`,`email`,`email1`,`dami`) VALUES (?,?,?,?,?,?,?,?)";
$data = array($txttelno,$txttelno1,$txtfaxno,$txtmobileno,$txtmobileno1,$txtemail,$txtemail1,$txtPieces);
$query = $this->db->query($sql,$data);
return $query;
}
}
guy's i want to ask about selecting with where clause.
the where clause i use $kode=$_POST['kode_mat'] and i call it in sql query into kode='$kode'.
nah the problem is.. when i have a string that need to pass into the sql query is same, like i use $kode but the $_POST['kode_mat'] has different id like kode_mat1,kode_mat2,kode_mat3,kode_mat4,kode_mat5. and i want to pass it into sql query $sql ="SELECT * FROM material WHERE kode='$kode' ";. how to do it?
i have try to separate the php function into 5 php file. and i think that's make my directory has many file that has been saved. i use this code for the 5 php file
<?php
include("../../Connections/koneksi.php");
$kode=$_POST['kode_mat']; // the variable for pass string i just change $_POST['']; ['kode_mat1'],['kode_mat2'],['kode_mat3']....
// Data for Titik1
$sql ="SELECT * FROM material WHERE kode='$kode' "; // and the query still same just change the id's of the textbox that i need to pass the string
$query = mysqli_query($db,$sql);
$rows = array();
while($tmp= mysqli_fetch_assoc($query)) {
$rows[] = $tmp;
}
echo json_encode($rows);
mysqli_close($db);
?>
this code above has no problem. it show the right value that i need. but i want to try it to make my separate php fuction can be called as one php.
i has to try two code like this but it not work.
1st code i have try
<?php
include("../../Connections/koneksi.php");
$kode=$_POST['kode_mat'];
$kode=$_POST['kode_mat1'];
$kode=$_POST['kode_mat2'];
$kode=$_POST['kode_mat3'];
$kode=$_POST['kode_mat4'];
$kode=$_POST['kode_mat5'];
// Data for Titik1
$sql ="SELECT * FROM material WHERE kode='$kode' ";
$query = mysqli_query($db,$sql);
$rows = array();
while($tmp= mysqli_fetch_assoc($query)) {
$rows[] = $tmp;
}
echo json_encode($rows);
mysqli_close($db);
?>
and the second code i have try
<?php
include("../../Connections/koneksi.php");
$kode=$_POST['kode_mat'];
$kode1=$_POST['kode_mat1'];
$kode2=$_POST['kode_mat2'];
$kode3=$_POST['kode_mat3'];
$kode4=$_POST['kode_mat4'];
$kode5=$_POST['kode_mat5'];
// Data for Titik1
$sql ="SELECT * FROM material WHERE kode='$kode' OR kode='$kode1' OR kode='$kode2' OR kode='$kode3' OR kode='$kode4' OR kode='$kode5'";
$query = mysqli_query($db,$sql);
$rows = array();
while($tmp= mysqli_fetch_assoc($query)) {
$rows[] = $tmp;
}
echo json_encode($rows);
mysqli_close($db);
?>
You can use if and else condition here for your solution like below.
<?php
include("../../Connections/koneksi.php");
if(isset($_POST['kode_mat']) && $_POST['kode_mat'] != "") {
$kode=$_POST['kode_mat'];
} else if(isset($_POST['kode_mat1']) && $_POST['kode_mat] != "") {
$kode=$_POST['kode_mat1'];
} else if(isset($_POST['kode_mat2']) && $_POST['kode_mat2'] != "") {
$kode=$_POST['kode_mat2'];
} else if(isset($_POST['kode_mat3']) && $_POST['kode_mat3'] != "") {
$kode=$_POST['kode_mat3'];
} else if(isset($_POST['kode_mat4']) && $_POST['kode_mat4'] != "") {
$kode4=$_POST['kode_mat4'];
} else {
$kode=$_POST['kode_mat5'];
}
// Data for Titik1
$sql ="SELECT * FROM material WHERE kode='$kode' ";
$query = mysqli_query($db,$sql);
$rows = array();
while($tmp= mysqli_fetch_assoc($query)) {
$rows[] = $tmp;
}
echo json_encode($rows);
mysqli_close($db);
?>