I' am using MySQLI Wrapper as stated in the docs about running rawQuery. Since it doesn't have any function to search database I had write my own. Below is the code that am using.
$songs = $db->ObjectBuilder()->rawQuery('SELECT * FROM songs WHERE song_name LIKE ?', array('%test%'));
The query returns empty results, yes there are data in the database which should match the search keyword. Any idea what am I doing wrong in the Query?
I don't know the structure and content of songs but your code seems to be correct. You can try if problem persists when array('%test%') is inserted into query by inserting this manually. Try to execute this:
$db->ObjectBuilder()->rawQuery("SELECT * FROM songs WHERE song_name LIKE '%test%'");
If this query returns empty results then I would suspect that something wrong is either in your query or in the database. Otherwise, there is something wrong with rewriting parameters by rawQuery function.
Related
My database table contains an eloquent query
click here to see Database Table Snapshot
.I have fetched the query from database.Now problem is that I'm unable to execute the query that is in the collection.
I have Tried eval() to execute the query present the collection.But eval() is not executing it.
eval("\"$tempdata\";");
$tempdata contains the query that is in the database table.
You need to add return when using eval.
Try:
eval("return $tempdata;");
So, I created a query in PhpMyAdmin to pick one random online member that is part of a certain group. It works fine in PhpMyAdmin and does exactly what I want. However, when I run this query using PHP it does not return anything. I simply get 'NULL' when I use var_dump($result).
$sql= "SELECT
ow_base_user_online.userId,
ow_base_authorization_user_role.roleId
FROM
ow_base_user_online
INNER JOIN ow_base_authorization_user_role ON ow_base_authorization_user_role.userId = ow_base_user_online.userId
WHERE
ow_base_authorization_user_role.roleId = 14
ORDER BY
RAND()
LIMIT 1";
$result = OW::getDbo()->queryForList($sql);
Please, does anyone have any ideas?
Please does anyone have any ideas?
Yes, use error reporting from your mysql query and see what it returns. Check PHP errors too (can get auth warnings to show something daft like bad user/password etc).
Also, for testing, try removing the class you use and stick the DB connection code above that query and query all direct from a test script. If it works fine, then your query is ok, as is the connection and credentials.
From there you can work backwards checking the class you have.
Hey I'm writing a stored procedure in phpMyAdmin. I created one to search a database:
SELECT * FROM cars WHERE name LIKE CONCAT ('%', search ,'%');
The problem here is this: When I run it, it only returns 1 row, but it should return at least 3 when I input a search string. I also tried this part ('%', search ,'%'); with dots
('%'. search .'%'), but this gives me an SQL syntax error. What is the problem here? I run this procedure in phpMyAdmin.
G'day,
I'm not familiar with MySQL and this will probably be an easy question!
I am trying to mod a Joomla plugin and am working with this code that works well for a similar function:
$q="SELECT `".$naming."` AS naming FROM `#__users` WHERE `id`='".$jomsocial_event->creator."' ";
$db->setQuery($q);
$eventcreatorname = $db->loadResult();
$eventcreator = ''.addslashes($eventcreatorname).'';
What I need to do is lookup the field id in the table community_groups and return the matching field name. What I have is (note that $jomsocial_event->contentid contains the group ID):
$q="SELECT `".$naming."` AS naming FROM `#__community_groups` WHERE `id`='".$jomsocial_event->contentid."' ";
$db->setQuery($q);
$eventgroupname = $db->loadResult();
$eventgroup = ''.addslashes($eventcreatorname).'';
It returns nothing as the query is wrong; what should it be for my usage?
I'd work backwards from the database.
i.e. turn on SQL logging and look at what's actually arriving in the database. Tweak as necessary by playing with the resulting SQL until you get what you want (and expect) and then implement that in your code.
Take a look at your generated query in the debugging from Joomla.
Run it against mysql directly and see where it goes wrong.
Also, I'd use the JDatabaseQuery API because you are much less likely to get errors with quoting etc. It looks to me like you are treating id as a string not an integer.
Im writing PHP scripts for using with my mySQL database. The only problem i have is binding variables for drop table/ create table and so on.
$stmt = $link->prepare("DROP TABLE ?");
$stmt->bind_param('s','testing');
$stmt->execute();
is not working. I tried also:
SELECT * FROM (SELECT MAX(name) from profiles where name='testing') <- is working
DROP TABLE (SELECT MAX(name) from profiles where name='testing') <- dont work
Binding a parameter is not the same as just replacing a portion of the string : you cannot just bind anything you want.
In this case : you cannot use a bound parameter for a table name -- you'll have to use string concatenations to build your query, instead of using a prepared statement.
As a reference, quoting PREPARE Syntax :
Parameter markers can be used only
where data values should appear, not
for SQL keywords, identifiers, and so
forth.
As far as I know, you can only bind to a parameter, not to any part of a query you want. You're essentially telling the database "hey, I'm going to pass you a value here, and I want you to do your magic to make sure it doesn't overstep its bounds". Things like table names or field names aren't values, they're part of the table structure itself.
In this case, you'll have to just use a use a simple $query = "DROP TABLE " . $table;. It should be easy enough to check against a list of known tables to ensure you're not injecting anything harmful. Anything that makes DDL changes shouldn't be taking input from the user anyway, as far as I'm concerned. These sorts of changes can be based on user input, but the actual construction of the query should be really well known and shouldn't need outside data to construct.
Also, I'm not really sure what you're trying to do with this query:
DROP TABLE (SELECT MAX(name) from profiles where name='testing');
It looks like you might be trying to delete a record, but that's entirely the wrong syntax for that. If you're trying to drop a table whose name comes from the result of another query, I really don't think you can do that either. I'm 99% sure that DROP TABLE expects only a literal table name value.
Are you sure you want to drop tables dynamically?
It is extremely unusual.
It seems you have wrong database design.
And now you faced a consequence.
It seems you should have one table users and delete rows from it, not tables.