I have been trying to write the the select statement to fetch from the products table using the combination of the companyid and customerid, I am very sure I'm not doing it the right way, kindly help me to write the right sql to fetch using these parameters.
$customerid=$_SESSION['customersid'];
$companyid=$_SESSION['companyid'];
$test="SELECT producttype,quantity FROM product WHERE username= '" . mysql_real_escape_string($customerid) . "'" . 'AND'.mysql_real_escape_string($companyid) . "'" ;
You must put the fieldname for the companyid in the query
$test="SELECT producttype,quantity FROM product WHERE username= '" . mysql_real_escape_string($customerid) . "'" . 'AND COMPANYID_FIELDNAME ='.mysql_real_escape_string($companyid) . "'" ;
your syntax is incorrect. Try the following:
$customerid = mysql_real_escape_string($_SESSION['customersid']);
$companyid = mysql_real_escape_string($_SESSION['companyid']);
$test = "
SELECT producttype,quantity
FROM product
WHERE username='$customerid'
AND company='$companyid'
";
Btw, you should be using mysqli and not mysql since it is deprecated.
I am generating the first part of the query like this:
while ($all_products = $db->fetch_array($all_prods))
{
$filter_string .= 'AND product_id !=';
$filter_string .= $all_products['item_id'];
$filter_string .= ' ';
}
and then the second part like this:
$sql_more_items = $db->query("SELECT * FROM db_products
WHERE owner_id='" . $user_id . "' AND active=1 '" . $filter_string . "'
ORDER BY RAND() LIMIT 10");
However it's giving me a mySQL syntax error and the $filter_string part strangely adds ' twice before and after the string, so it runs like this:
WHERE user_id='12345' AND active=1 'AND product_id !=0001 AND product_id !=0002 ' ORDER BY RAND ...
What am I doing wrong?
$filter_string adds ' because you put it there. :P
Try with just the double quotes around $filter_string:
$sql_more_items = $db->query("SELECT * FROM db_products WHERE owner_id='" . $user_id . "' AND active=1 " . $filter_string . "ORDER BY RAND() LIMIT 10");
$sql_more_items = $db->query("SELECT * FROM db_products
WHERE owner_id='" . $user_id . "' AND active=1 '" . $filter_string . "'
ORDER BY RAND() LIMIT 10");
Check the way you're performing a string concatenation (putting together strings). It seems like there's a copy/paste error as you're using '" instead of just a "
I would use whitespace (and a good code editor) to your advantage by reformatting your code to look like this:
$queryString = "SELECT * FROM db_products WHERE owner_id='$user_id'"
." AND active=1 " //Note these
. $filter_string //are separated
. "ORDER BY RAND() LIMIT 10 "; //into individual lines
$sql_more_items = $db->query($queryString);
This style helps you keep track of whether you're using " or ' for your strings and also helps you debug things more easily than putting it into one giant hard to read string.
That's probably because of the part
`"' AND active=1 '"`
^.... This ' here
guys i have a large database so when i want to fully update my some column i have timeout error (i attempt some method to increase timeout and fail) But my question is i want to bypass this problem i want to update my empty column in some table. so i want to use this query code but i have blank page with no error can some one tell me what problem with that or if possible pleas tell me a good method.
$sql = 'SELECT topic_first_poster_avatar FROM ' . TOPICS_TABLE . ' WHERE topic_poster = ' . (int) $row['user_id'] . 'IF topic_first_poster_avatar = ""
SET topic_first_poster_avatar = \'' . $db->sql_escape($avatar_info);
$db->sql_query($sql);
As plalx said in the comments, you don't need a SELECT or IF, you can specify WHERE for the update statement and have multiple contraints with AND/OR.
$sql = "UPDATE ". TOPICS_TABLE ."
SET topic_first_poster_avatar = '" . $db->sql_escape($avatar_info) ."'
WHERE topic_poster = " . (int) $row['user_id'] . " AND topic_first_poster_avatar = ''";
I've made a microblog system (like Twitter) using PHP and MySQL. Every time someone posts an item it includes the UNIX timestamp in the database. But my question is, how do i get the newest item on top of the page, the second to newest as second, etc? So basically, the one with the 'highest' timestamp on top of the page, the one with a bit 'less' timestamp under that.
This is what I got (I know mysql_ functions are deprecated):
<?php
/*Database test.
© 2013 Sydcul. All rights reserved.
To set the database settings, use the 'install' directory*/
include ($_SERVER['DOCUMENT_ROOT'] . '/test/config.inc.php');
$connection = mysql_connect($host, $user, $password);
mysql_select_db($database, $connection);
$messages = mysql_query("SELECT * FROM `" . $prefix . "microblog`");
while($row = mysql_fetch_array($messages))
{
$names = mysql_query("SELECT first_name,last_name FROM `" . $prefix . "data` WHERE id='" . $row['id'] . "'");
$name = mysql_fetch_assoc($names);
$fullname = $name['first_name'] . " " . $name['last_name'];
echo "<h2>Posted by " . $row['id'] . " (" . $fullname . ")</h2>";
echo $row['message'] . "<br><br>";
}
mysql_close($connection);
?>
Please explain how to do it, instead of only giving me code, otherwise I and the other people on stackoverflow can't learn from it :)
Use ORDER BY in your SQL
SELECT * FROM tablename ORDER BY datefield DESC
if you have an auto_incrementing ID field, fetch your data and ORDER BY ID or else if you have a DateField, Order by that in a descending order
ORDER BY `ID` DESC
as simple as that.
I'm learning PHP and Zend Framework. The following PHP function is supposed to fill a temporary table using "INSERT INTO ... SELECT" style query. However, when I SELECT * from the newly appended table, I see that most but not all of the new records have been duplicated once. I have deleted the contents of the table each time I run this scripts. Anyone know why there would be duplicates?
public function fillTableByOfficeName($officeName) {
if ($officeName != '') {
$officePhrase = "b.oof_name ='" . $officeName . "' AND ";
} else {
$officePhrase = '';
}
$whereAddenda = $officePhrase .
"a.fil_bool_will_file_online = false AND " .
"a.fil_bool_confirmed = false AND " .
"a.fil_bool_duplicate = false AND " .
"a.fil_bool_not_found = false AND " .
"(a.fil_res_id_fk NOT IN (4,7,10) OR a.fil_res_id_fk IS NULL) AND " .
"a.fil_will_recorder_rec_id IS NULL AND " .
"d.tag_description NOT IN (
'Already a trust client',
'Not received from local office',
'Southtrust client (already centralized)')";
//"a.fil_date_of_transfer_to_will_recorder IS NULL";
$sql = "INSERT INTO adds(fil_id,REC_ID,FIRST_NAME,LAST_NAME,MIDDLE_INITIAL,SSN," .
"MAILING_ADDRESS_1,MAILING_ADDRESS_2,CITY,STATE,ZIP_CODE,PHONE_NUMBER,BIRTH_DATE," .
"ORIGINATION_OFFICE,FILE_LOCATION,WILL_DATE,LAST_CODICIL_DATE,TRUST_DATE,REV_TRUST,POA_DATE) " .
"SELECT a.fil_id_pk, " .
"a.fil_will_recorder_rec_id, " .
"a.fil_first_name, " .
"a.fil_last_name, " .
"a.fil_middle_name, " .
"a.fil_ssn, " .
"a.fil_mailing_address_1, " .
"a.fil_mailing_address_2, " .
"a.fil_city_address, " .
"a.fil_state_address, " .
"a.fil_zip_code_fk, " .
"a.fil_phone_number, " .
"a.fil_date_of_birth, " .
"b.oof_name, " .
"a.fil_box_id_fk, " .
"a.fil_date_of_will, " .
"a.fil_date_of_last_codicil, " .
"a.fil_date_of_trust, " .
"a.fil_notes, " .
"a.fil_date_of_poa " .
"FROM files a, origination_offices b, nn_files_tags c, tags d " .
"WHERE " .
"a.fil_oof_id_fk = b.oof_id_pk AND " .
"a.fil_id_pk = c.fil_id_fk AND " .
"d.tag_id_pk = c.tag_id_fk AND " .
$whereAddenda;
$this->getAdapter()->query($sql);
return $this;
}
The way you are joining the table will give you the cartesian product of the rows from the tables (all pairs of matching rows are returned).
With no specific knowledge of the domain, I would guess at the tags table - if you've got multiple tags for a particular file, you will get multiple copies of the file in your result set (one per each matched tag).
As you're not using tags fields in the result set, just the where clause, the solution would be to get rid of tags / nn_files_tags from the main query, and in your where clause, use NOT EXISTS to check for matching rows in the tags table, something like:
AND NOT EXISTS (SELECT tag_id_pk FROM tags WHERE tags.tag_id_pk ...
You are using C for a many to many relationship. For example, if you have invoices between companies and customers and you select from join of them, you will get as many rows as you have invoices. From that, if you only select the company name and costumer name, you will have many duplicates because the same pair has produced many invoices.
This is the same issue you have here.
As asc99c said, you could use an inner select to make your WHERE clause without joining on that relationship or you could use the DISTINCT key word (which effectively is a group by on everything in your SELECT clause). I would think the INNER SELECT solution more efficient (yet I could be totally wrong about that), but the DISTINCT way is 8 key press away...