This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 7 years ago.
im having trouble with a seemingly correct query for mysql database. The Query in question is:
"SELECT * FROM Users WHERE Email =".$email.";". The Query itself is
executing fine but the $result that is returned back is false (if i
replace "Email =".$email."" with "Id = 1" it works and returns a
value).
if($emailCheck = TRUE){
echo "<script type='text/javascript'>alert('Email check true.');</script>";
$sql = "SELECT * FROM Users WHERE Email =".$email.";";
echo $sql;
$result = $conn->query($sql);
if ($result){
$row = mysqli_fetch_array($result) ;
echo "<script type='text/javascript'>alert('".(string)$row['FirstName']."');</script>";
} else { echo "<script type='text/javascript'>alert('bad result');</script>";}
}
Some info:
$emailCheck = TRUE is working fine.
When using "Id = 1" instead of "Email =".$email."" everything works
echo $sql; returns "SELECT * FROM Users WHERE Email =zxzx#hotmail.com;"
any help why $result is returned false when using "Email =".$email.""?
This is because if you are using id then it is integer so no need to put it in quotes('') But if you use email then it is string so you need to write it in quotes('') as follow
$sql = "SELECT * FROM Users WHERE Email ='" . $email . "'";
Related
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
How can I prevent SQL injection in PHP?
(27 answers)
Closed 2 years ago.
Expected result:
Loop through all entries in the checkedout table, and select the entry from the game table where the barcode field is the same.
Actual behaviour / issue:
For the most part, this is working as intended. If I set the barcode field to a numerical value in the game table, and then "checkout" that barcode, everything works as intended. The barcodes I'll be using are in the format of ABC12345678. Once I change the values in the barcode field, in the game table to the alphanumeric version, it no longer runs the secondary select statement and displays this error: Fatal error: Call to a member function fetch_assoc() on boolean which refers to the following line: while ($row2 = $result2->fetch_assoc()) {
Oddly enough, if I run the exact same select statement SELECT * FROM game WHERE barcode = 'ABC12345678' on the MySQL instance, it returns the proper results.
Question
Do I need to be using a different method to select based on the value now being alphanumeric? Do I need to manipulate the data in some way?
Code:
$sql = "SELECT * FROM checkedout";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$userid = $row["userid"];
$barcode = $row["barcode"];
echo "$userid </br>";
echo "$barcode </br>";
$sql2 = "SELECT * FROM game WHERE barcode = " . $barcode . "";
$result2 = $conn->query($sql2);
while ($row2 = $result2->fetch_assoc()) {
$title = $row2["title"];
$console = $row2["console"];
echo "$title </br>";
echo "$console </br>";
}
checkedout table:
game table:
I don't understand this because I'm just getting into query's and php.
I'm trying to get the user's ID from the database and set that equal to a different users friendreq column.
Don't worry about me not escaping properly, this is only a test so I can practice! Thank you! (Although I'm not sure what escaping is, I'm going to do my research!)
$usernameID = "SELECT Id FROM Users WHERE Username = '$username'";
$sql = "UPDATE Users SET FriendReq = $usernameID WHERE Username = '$usernamebeingreq'";
$result = mysqli_multi_query($con, $usernameID, $sql);
if(!$result)
{
echo 'Failed';
}
else
{
echo 'Friend added!';
}
According to the PHP reference of mysqli_multi_query your two queries need to be concatenated with a semicolon. You're passing each query as its own parameter.
Use the following instead:
$result = mysqli_multi_query($con, $usernameID . "; " . $sql);
This will concatenate your two queries, so that it's the following:
SELECT Id FROM Users WHERE Username = '$username'; UPDATE Users SET FriendReq = $usernameID WHERE Username = '$usernamebeingreq'
This question already has answers here:
Single result from database using mysqli
(6 answers)
Closed 4 years ago.
I need to get only the id of member who's username is X from the mysql database.
Can this only be done with a while loop or is there any other way around this?
What I'm thinking of is something like:
$id = mysqli_query($con,'SELECT id FROM membrs WHERE username = '$username' LIMIT 1)
Thanks,
You can use:
mysqli_fetch_array();
// For Instance
$id_get = mysqli_query($con, "SELECT id FROM membrs WHERE username='$username' LIMIT 1");
$id = mysqli_fetch_array($id_get);
echo $id['id']; // This will echo the ID of that user
// What I use is the following for my site:
$user_get = mysqli_query($con, "SELECT * FROM members WHERE username='$username'");
$user = mysqli_fetch_array($user);
echo $user['username']; // This will echo the Username
echo $user['fname']; // This will echo their first name (I used this for a dashboard)
without while loop we can do it by the following code, if you are selecting more than 1 record you need to loop it
$row = mysqli_fetch_array($id);
echo $row['id'];
This question already has answers here:
why this mysql query is not working?
(7 answers)
Closed 8 years ago.
Please help me regarding the specified problem:
The code section:
$result = mysql_query("SELECT *, UNIX_TIMESTAMP(eventdate) AS eventdate,
UNIX_TIMESTAMP(throughdate) AS throughdate FROM events where
id='$_GET[id]' ORDER BY eventdate");
// the above query is not working
if (! $result) {
echo mysql_errno() . ": " . mysql_error(). "\n";
}
if ( mysql_num_rows($result) == 0 ) {
print "<p>No events right now.</p>\n";
}
else {
$lasteventmonth = '';
while ($row = mysql_fetch_array($result)) {
$eventmonth="";
$eventmonth = date("F Y",$row['eventdate']);
if ($lasteventmonth != $eventmonth) {
print "<p style='font-size: 18px;'><b>$eventmonth</b></p>";
}
$lasteventmonth = $eventmonth;
showEvent($row);
}
}
?>
........................
........................//other codes
when the code evaluates as follows:
No events right now.
But specific id is present in the database and if $_GET['id'] is echoed in the page the value is shown.
what is id in id='$_GET[id]' at the beginning?
If you have a query http:// ... ?id=123, I would put id in quotes. Having said that, better like this:
$id = mysql_real_escape_string($_GET['id']); // safe against SQL injection
$sql = "SELECT *, UNIX_TIMESTAMP(eventdate) AS eventdate, UNIX_TIMESTAMP(throughdate) AS throughdate FROM events where id='$id' ORDER BY eventdate";
$result = mysql_query($sql);
If you are still getting trouble, use echo to check the variables $id and $result before the query runs; then you will have a clearer idea why it is not running the query you expect.
I am sure id=$_GET[id] is checking an int versus an int where you have it checking an int vs a string. Remove the single quotes around $_GET['id'] and try again. The single quotes define it as a string rather than an int.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
How do I update if exists, insert if not (aka upsert or merge) in MySQL?
I know this is pretty basic.. but for some reason this is not working for me. I have a form that stores a Facebook user's ID to check if they already submitted the form. I have the form that submits the User ID into the database working perfectly. Its just this part of checking if the User ID value exists in the database that is tripping me up.
Here's my code....
$user_id = 1234567890;
$checkUserID = mysql_query("SELECT fbUserID from submissions WHERE fbUserID = '$user_id'");
if ($checkUserID) {
echo "GTFO BRO";
}
Whenever I do an "echo" on the $checkUserID variable I get this returned.. "Resource id #9"
mysql_query returns a resource containing the result of the query, you need to use something like this:
$user_id = 1234567890;
$checkUserID = mysql_query("SELECT fbUserID from submissions WHERE fbUserID = '$user_id'");
if (!$checkUserID) {
die('Query failed to execute for some reason');
}
if (mysql_num_rows($checkUserId) > 0) {
echo "User id exists already.";
$user = mysql_fetch_array($checkUserId);
print_r($user); // the data returned from the query
}
I think you query string is wrong. If you're using double quotes, you'd have to change it to
.... WHERE fbUserId = '{$user_id}'"
or you have to concatenate it
..... WHERE fbUserId = '" . $user_id . "'"
try the following piece of code:
$checkUserID = mysql_query("SELECT fbUserID from submissions WHERE fbUserID = '$user_id'");
while($test = mysql_fetch_array($checkUserID))
if ($test ) {
echo "GTFO BRO";
}
i hope this will work properly for you..