I have a display page pulling from a database. With that I have a display function. I have everything working correctly, but I want to change the variable that is visible at the end of the URL, now it is from the 'id' column in my database and I would like it to be from the 'name' column.
This is my display function (included in another file)
public function __construct($rid, $table) {
/* Connect to Database */
require('dbinfo.php');
//$table=$this->table; // Choose Table Optional
$link = mysql_connect($databaseip,$username,$password);
mysql_select_db($database,$link);
$query = "SELECT * FROM $table WHERE rid=$rid";
$result=mysql_query($query);
$this->result = $result;
mysql_close($link);
And the Get PHP in the header of the display page is as follows:
<?php
$rid = $_GET['r'];
require('func/recipe.php');
// Recipe Display Function
if (isset($_GET['r'])) {$recipe = new recipeObject($rid,'my table name');} else {
header('location: SET URL');
}
?>
And my database structure looks like this - https://www.dropbox.com/s/rfga1vl8miqcd9s/database.png?dl=0
So I missed this big time the first time around. My apologies. Here is what I found to work for the query portion. And should help with SQL Injections.
$termSafe = mysql_real_escape_string($rid);
$query = "select * FROM $table WHERE (name LIKE '$termSafe')";
Related
hi guy's i have a question.
how to declare a multiple where clause condition inside one php only.
i have try to make my project has a minimum of a php file. i want to make my where clause inside one php file only.
this is the problem i mean. i want to put my code into one php file or inside one <?php ?>. the php code like this
<?php
include("../../Connections/koneksi.php");
$date1= $_POST['date1'];
// Data for Titik1
$sql = "SELECT * FROM termocouple where tanggal='$date1' AND silo='Silo 1'";
$query = mysqli_query($db,$sql);
$rows = array();
while($tmp= mysqli_fetch_assoc($query)) {
$rows[] = $tmp;
}
echo json_encode($rows);
mysqli_close($db);
?>
on the code above the query has select table termocouple and the filter of where condition is tanggal and silo. now the problem is i have 12 php file like that. and the different of every php is from the selecting silo, i put Silo 1,Silo 2,Silo 3, ....Silo 12.
please someone help me with this. i want to make it simple in one php file. im really appreciated when you give me an example
In order to minimize your code, if you are using the same query or code more than one time in the same project, it is more recommended to create a function, that you will call anytime you need to execute the code.
So here, since you are using the same query 12 times, you will have to create a function that executes this query, and then call this function every time you want to execute the query.
The function takes parameters, so you will have to give the function the database connection parameter $db in order to connect to the database since you are using this connection inside the function, and then you have to add the values of the where clause to the parameters also.
So your function here will take the database connection $db, $date1 fetched from $_POST, and $silo fetched from $_POST
At the end of the function, you can return any value you wish to return, so in your case, you will have to return the $rows array fetched from the query
Create a common php fileand create a function in it.
Lets say the file name is libraries.php
in this file write the following code:
<?php
function getRows($db, $date, $silo) {
$sql = "SELECT * FROM termocouple where tanggal='$date' AND silo='$silo'";
$query = mysqli_query($db, $sql);
$rows = array();
while($tmp= mysqli_fetch_assoc($query)) {
$rows[] = $tmp;
}
return json_encode($rows);
}
?>
And in each of the files where you are calling the query you will remove the php code and replace it with the following:
<?php
include("../../Connections/koneksi.php");
include("{path-to-file}/libraries.php");
$date1= $_POST['date1'];
$silo = $_POST['silo'];
$rows = getRows($db, $date1, $silo) ;
?>
I am assuming these 12 PHPs are called in diff scenarios. Why dont you pass some param from client side so that the PHP knows which scenario to execute.
$date1= $_POST['date1'];
$silo= $_POST['silo'];//This could be 'Silo 1 OR 'Silo 2' etc.
// Data for Titik1
$sql = "SELECT * FROM termocouple where tanggal='$date1' AND silo='$silo'";
$query = mysqli_query($db,$sql);
I am creating a library for PHP scripts and I want to be able to show php code on a html webpage.
I have looked at using highlight_file(); but this will show the whole page
For example, If I have a page called code.php which has an sql query on ( select code from table where sequence = $_GET["id"] ) - example then I use
Highlight_file('code.php?id=123');
This will work but will also show the select query which I do not want to show. I would just want to show the code from the database (code column)
How can I display just the code from the database with the correct colours and formatting etc
UPDATE:
<?php
$conn=mysql_connect("localhost","charlie_library","Pathfinder0287");
mysql_select_db("charlie_library",$conn);
function highlight_code_with_id($id, $conn)
{
$query = "select * from library_php where sequence = '$id' ";
$rs = mysql_query($query,$conn);
$code = mysql_fetch_array($rs);
echo highlight_string($code["code"]);
}
// and, use it like this:
highlight_code_with_id($_GET['id'], $conn);
?>
I have tried the above code, which is just displaying the code in plain text
use highlight_string function, like this:
<?php
highlight_string($code);
?>
where $code is the code you have obtained from your SQL query.
You can create a function around this (something along the following lines):
<?php
function highlight_code_with_id($id, $mysqli) {
$query = $mysqli->query("select code from table where sequence = '$id'");
$code = current($query->fetch_assoc());
return highlight_string($code);
}
// and, use it like this:
echo highlight_code_with_id($_GET['id'], $mysqli);
UPDATE:
Your code is a bit incorrect, you can use:
<?php
$conn=mysql_connect("localhost","charlie_library","Pathfinder0287");
mysql_select_db("charlie_library",$conn);
function highlight_code_with_id($id)
{
$query = "select * from library_php where sequence = '$id' ";
$rs = mysql_query($query);
$code = mysql_fetch_assoc($rs); // change is in this line
echo highlight_string($code["code"]);
}
// and, use it like this:
highlight_code_with_id($_GET['id']);
?>
Note that you do not need to include $conn in your function, it can be ommitted. Also, note that you should use mysqli->* family of functions, since mysql_* family has been deprecated.
Perhaps this would work for you.
This post is originally for HTML, but the answer linked above shows an example using PHP.
I'm trying to create a function that runs a query that returns all of the data located in my MySQL database.
My current code only returns the one row of data (there are 7)
function staff_get() {
$this->load->database();
$sql = 'SELECT * from Staff';
$query = $this->db->query($sql);
$data = $query->row();
$this->response($data, 200);
}
I'd imagine it has something to do with the line "$data = $query->row();" however I've tried switching "row" with "array" but this doesn't work. The text is designed to come out as plaintext so that I can manipulate it using a jQuery template.
Thank you for your help in advance.
You need to encase the results in a while loop. Something along the lines of this.
function staff_get() {
$this->load->database();
$sql = 'SELECT * from Staff';
$query = $this->db->query($sql);
while($data = $query->row()) {
$this->response($data, 200);
}
}
I am trying to grab ad code from my database and echo it on to the page, but for some reason it is not showing up?
$getad = ("SELECT * FROM ads WHERE place='non-mobile' AND who='adbrite' ");
while($rows = mysql_fetch_array($getad))
{
$code = $rows['code'];
}
$ad1 = $code;
later down the page i print it like this.
<?php print $ad1 ?>
I think your problem is that you don't actually execute the query, you just have saved it in a variable ($getad) and then try to do a fetch af an array containing a string as I see it. If I remeber correctly you have to save you query in a variable, as you did, and then type
$getad = "SELECT * FROM ads WHERE place='non-mobile' AND who='adbrite' ";
$q = $db->query($getad);
// generate results:
while ($q->fetchInto($row)) {
//display or store
}
You should also include checks, for example that this code has extracted at least one row, or that database connection is working, etcetera.
i want to do a check if a user id exists in all of the table rows i search for.
edit sorry i was missleading i think.
I want to check if the user has read all of the articles in a category, i have a forum front end displaying the categories and within the categories are the articles.
On the categories screen i want to display an image ALL ARTICLES READ or NOT ALL ARTICLES READ, so some how i need to loop through all of the articles per category which is what the example query below is doing and check if user id exists in ALL returned rows if yes then then all articles have been read if there are some rows missing the users id then some articles have not been read
This is my sql query
$colname_readposts = "-1";
if (isset($_GET['Thread_Category_Article_id'])) {
$colname_readposts = $_GET['Thread_Category_Article_id'];
}
mysql_select_db($database_test, $test);
$query_readposts = sprintf("SELECT Thread_Article_User_Read FROM Thread_Articles WHERE Thread_Category_Article_id = %s", GetSQLValueString($colname_readposts, "int"));
$readposts = mysql_query($query_readposts, $cutthroats) or die(mysql_error());
$row_readposts = mysql_fetch_assoc($readposts);
$totalRows_readposts = mysql_num_rows($readposts);
How can i check if all of the rows returned contain the users id?
The idea is to check to see if user has read all the articles if yes show READ if no show UNREAD.
The results per row are like so 0,15,20,37 these are id's entered when a user views a post.
i have managed to get this check for a single article to show if the user has read a specific article but unsure how i would check multiple:
here is my single article check:
<?php
$userid = $_SESSION['loggedin_id'];
$userreadlist = $row_readposts['Thread_Article_User_Read'];
$myarray = (explode(',',$userreadlist));
if (in_array($userid,$myarray )){
?>
html image READ
<?php } else { ?>
html image UNREAD
<?php } ?>
Any help would be appreciated.
Carl
First up, forget the mysql_* functions; ext/mysql is a deprecated API as of PHP 5.5 - so it's a really good idea to use mysqli or PDO.
From what I gather you're actually trying to see if any of those results contain a specific user's id? If so, do this in the SQL query:
SELECT Thread_Article_User_Read FROM Thread_Articles WHERE
Thread_Category_Article_id = %s AND UserID = %s
And supply this the User's ID as a second argument. (Syntax may not be 100% correct, but it should prove a point)
If you mean you want to check there there is any user's ID - then once again; do this in SQL:
SELECT Thread_Article_User_Read FROM Thread_Articles WHERE
Thread_Category_Article_id = %s AND UserID IS NOT NULL
This will ensure there is a valid value for 'UserID'.
Naturally replace 'UserID' with your column name if you base your solution on one of these examples.
However, if you're dumping out ALL the results from a table - and you need to see if your user's ID is present in a certain column (like you do!); then you can actually just adapt the logic that you're using on your single article page. Which should give you something like this...
$userid = $_SESSION['loggedin_id'];
$colname_readposts = "-1";
if (isset($_GET['Thread_Category_Article_id'])) {
$colname_readposts = $_GET['Thread_Category_Article_id'];
}
/* connect to db and run query; CHANGE ME TO SOMETHING NOT DEPRECATED */
mysql_select_db($database_test, $test);
$query_readposts =
sprintf("SELECT Thread_Article_User_Read FROM Thread_Articles WHERE
Thread_Category_Article_id = %s", GetSQLValueString($colname_readposts, "int"));
$readposts = mysql_query($query_readposts, $cutthroats) or die(mysql_error());
/* loop through all returned items */
while($row = mysql_fetch_assoc($readposts)) {
/* repeat the check you used on an individual
row on the single article page. i.e: */
$userreadlist = $row['Thread_Article_User_Read'];
$myarray = (explode(',',$userreadlist));
if (in_array($userid,$myarray )){
/* user has read */
} else {
/* user hasn't read */
}
}
If that code you worked for a single page then it should work in the above; as for every iteration of the loop you're working on a single row - just as you were on the single page. If the data is coming from the same table then the column names etc match up and it will work.
Or, if you just want to know if there are any unread posts at all, replace the loop with this one...
/* loop through all returned items */
$read = true;
while($row = mysql_fetch_assoc($readposts)) {
/* repeat the check you used on an individual
row on the single article page. i.e: */
$userreadlist = $row['Thread_Article_User_Read'];
$myarray = (explode(',',$userreadlist));
if (! in_array($userid,$myarray )){
$read = false;
break;
}
}
if( $read ){
/* all pages are read */
} else {
/* there are unread pages */
}