Two part question...(note that I'm using a PostGres)
My SQL query is formatted like this:
$.ajax({
url: "https://something?q=SELECT *database_final_form_merge where territory in ("+terrs+")",
type: 'GET',
dataType: 'JSON',
success: function(data) {
}
});
The variable terrs is an array like this:
["D1VE3011", "D1VE3011", "D1VD2209", "D1VD2209", "D1VD2103", "D1VD2103"]
This formats the SQL query like this though:
SELECT* from database_final_form_merge where territory IN (D1VE3011,D1VE3011,D1VD2209,D1VD2209,D1VD2103,D1VD2103)
But it needs to be in this format (I think):
SELECT* from database_final_form_merge where territory IN ('D1VE3011','D1VE3011','D1VD2209','D1VD2209','D1VD2103','D1VD2103')
This works when I try it directly without an AJAX GET. Is there a different way I should be passing this array?
That's question 1.
Question 2...is there a way to pass that array so that only unique values are passed? You'll note that in my array there are duplicates, but wondering if there's a way to only pass along unique values.
Thanks.
Let's put passing query as a parameter aside and get into the problem.
For the question 2 you can use
jQuery.unique
And for the former question:
"('" + terrs.join("','") + "')" generates ('D1VE3011','D1VE3011','D1VD2209','D1VD2209','D1VD2103','D1VD2103') part.
Mind the white spaces though. You might end up with string like this
'(' D1VD2209',' D1VD2103','D1VD2103 ')
*EDITED accordingly
Related
I'm trying to run this: $query->selectRaw('count(?)', [$column]) on Laravel 7.0, but gives me an error:
SQLSTATE[42P18]: Indeterminate datatype: 7 ERROR: could not determine data type of parameter $1.
PS: $column is a string.
When I put count(distinct ?), it results in wrong count.
I already tried "{$column}" and '%'.$column.'%', but it didn't work.
I tried other ways for hours, until I ask in a community and someone answered me that it's not possible to do this. The binding will only works with column values or something like that, despite that it doesn't have detailed uses of the selectRaw method.
Well, I've lost many hours, so I gave up and went to my objective with another approach.
You can use param in selectRaw by using quotes
Example:
$column = 1;
$query->selectRaw('count(**$column**)');
A jquery builder (from http://querybuilder.js.org/ ) is used to let the user pick a date and further select data for a DataTables (datatables.net/ ) via a PHP function.
The DataTables and especially Ajax function looks like this:
var table = $(id).DataTable({
serverSide: true,
searching: true,
processing: true,,
ajax: {
url: "controllers/myAjax.php",
type: "POST",
data: result
}
});
The object passed as data is defined by queryBuilder and appended to my query string in the PHP script. To nail things down I pass the data as plain SQL (http://querybuilder.js.org/plugins.html#import-export). In my problem test case this is:
WHERE birthdate < '1990-01-01'
This would result in the SELECT query:
SELECT * from table_1 WHERE birthdate < '1990-01-01'
This query throws a MySQL error:
"[...] check the manual that corresponds to your MySQL
server version for the right syntax to use near '\'1990-01-01\' "
Obviously the date doesn't get escaped correctly. But when I enter exactly this query to my MySQL workbench, the server executes and returns a correct set of results. Even more, the workbench doesn't care if I use single quote (') or double quote (").
Further, I tried to manually remove those escape chars using PHP str_replace. The function then returns values, but obviously interpreted as int and breaking other queries (like equal ID). Same goes for msqli.real-escape-string (http://php.net/manual/de/mysqli.real-escape-string.php).
Another approach I tried was to change the dataType of the Ajax function a little bit - but basically I am sending form-encoded data, so the default type for this should be fine?
So why does (only) the date field get escaped in a wrong manner? Is there any rather quick fix for this, before I have to write my own PHP functions for accessing the DB?
Lets say I have this info stored in my database, in a JSON format.
ROW with id=23: {
"age":50,
"name":"Nick",
"messages":["msg 1","msg 2","msg 3"]
}
ROW with id=24: {
"age":22,
"name":"John",
"messages":["msg 4","msg 3","msg 9"]
}
Now, all I want is to perform an SQL query using PHP to retrieve rows that contains the message msg 3.
How can I do that?
Any advice will be appreciated.
Thanks
Using LIKE '%%' is performance overkill, try to avoid that.
Objects are made to live, why fossilize them ?
Not to mention, this is also obviously violating 1NF.
As someone suggested, why don't you try MongoDB or other NoSQL database ? Queries are performed using JSON (well, BSON...)
I am getting stuck with an example I found on SO about this very topic.
See original article: How do I show next result in MySQL on "onclick" in JavaScript?
I followed this example to the T, with the exception of using some updated functions. Anyway, I am getting stuck on one step, was hoping someone could explain.
within the jquery below, the code is setting $number and then passing number in the POST action to the php file. My problem is is that when echo 'count', it echos "$number". I am not sure why it is not passing an actual number such as "0" rather than the string "$number". I am probably doing something seriously wrong, but not sure what is going on.
jquery
$(function(){
$('#showMore').click(function(event) {
event.preventDefault();
$number = $('.result').size();
$.ajax({
type: "POST",
url: "getNext.php",
data: "count=$number",
success: function(results){
$('#results').append(results);
}
});
});
PHP
I am passing count into a variable so that I can use it in a query, like so:
$pst = $_POST['count'];
SQL
$sql = "SELECT * FROM tablename LIMIT $pst,1";
I went ahead and captured the error I am receiving (see below) - as mentioned previously it is inserting "$number" instead of an actual number.
"Fatal error: Query Failed! SQL: SELECT * FROM tablename LIMIT $number,1
any help would be much appreciated
Try changing this line:
data: "count=$number",
To this
data: "count=" + $number,
Javascript doesn't "read" strings for variables like php does, so you need to concat the value manually.
problem is you are sending count as string which is $number in your case.
your data should be
data: {"count":$number}, //notice `"`
send it as object.
or
$data:"count=" + $number,
concate the var
i prefer data as object which is more readable.
I have a problem. The story so far:
PHP1 reads an array from the database, that contains only integers - it has the following form:
[0, 70, 44, ...]
Because the number of entities it contains varies, I want to be able to read and store the whole array into one cell of the database - the solution must not disregard this, then.
PHP1 contains some JS, that allows a user to do something on the website, which alters one of the entities in the array, which makes it, e.g.;
[0, 75, 44, ...]
So far, so good.
Now I want this new array to replace the one in the database, this is the central goal that I fail to achieve.
What I'm currently working with - which isn't working:
PHP1 executes some AJAX magic, and sends this array to PHP2, which works fine:
var arrayX = [0, 75, 44, ...];
var arrayY = JSON.stringify(arrayX);
$.ajax({
url: 'PHP2.php',
type: 'post',
data: {arrayY: arrayY }
});
PHP2 then connects to the DB, and attempts to update that one cell with the new array, by means of the following, which doesn't work (!):
$arrayZ = json_decode($_POST['arrayY'], true);
mysql_query("UPDATE userbase SET db_column = $arrayZ WHERE id=0", $con);
mysql_close($con);
I've tried serializing $arrayZ in PHP2, as well as a whole set of other solutions I found on Stackoverflow, but none of them worked (or I didn't apply them correctly of course) and now I've found myself deadstruck...
I'm hoping your talents will get me further than my own have!
I assume db_column holds a string value, and as such you probably just need quotes around $arrayZ in your SQL string.
mysql_query("UPDATE userbase SET db_column = '$arrayZ' WHERE id=0", $con);
But as Fake51 pointed out, your database schema is flawed.
Also, you're susceptible to a SQL Injection attack.