I want to run a mssql query that has a part of the user defined function.
This is my code:
$connection = $this->em->getConnection();
$sql = 'select * from ssm.table where ip = dbo.fn_ConvertIpAddressToBinary(\'192.168.0.1\')';
$result = $connection->executeQuery($sql);
$results = $result->fetchAll();
var_dump($results);
However, I get a blank response. If you set the request without function, everything works fine. This query works fine in sql query analyzer.
What can I do wrong?
try rewrite as:
$sql = "select * from ssm.table where ip = dbo.fn_ConvertIpAddressToBinary('192.168.0.1')";
Related
am using localhost and database from phpmyadmin
in php
<?php
$pdo = new PDO("mysql:host=localhost;port=3306;dbname=site_1", "root", "");
$query = "SELECT * FROM comment_v1";
$stmt = $pdo->prepare($query);
$avatars = $stmt->fetchAll(PDO::FETCH_ASSOC);
print_r($avatars);
?>
in output
Array ( )
am working on games download site and i created 4 tables for now and all scripts working 100% without pb and the query the same but when i try to SELECT anything from table comment_v1 his apears nothing and idk the reason so i try to disable all the old query in scripts but the same result i got , but when i try code to SELECT the old query again his shows nothing with knowing that old query still working for now and idk why when i try to SELECT them again his show me nothing
Have you tried adding an execute() function before the fetchAll()?
something like:
<?php
$pdo = new PDO("mysql:host=localhost;port=3306;dbname=site_1", "root", "");
$query = "SELECT * FROM comment_v1";
$stmt = $pdo->prepare($query);
$stmt = $stmt->execute();
$avatars = $stmt->fetchAll(PDO::FETCH_ASSOC);
print_r($avatars);
?>
i just want a direct answer and explanation why my prior query works but the latter does not..
here is the query that works just fine:
$sql = "SELECT * FROM productslist WHERE brand LIKE ?";
and this doesn't work at all and just returns an error:
$sql = 'SELECT * FROM productslist WHERE brand LIKE "%'.$search_string.'%"';
can someone please explain me why the latter query doesn;t work at all?
thanks in advance..
I tested the query with a table on my own DB. worked fine... I used a constant
Try mysqli_real_escape_string:
$search_string = mysqli_real_escape_string($conn, $search_string);
$sql = 'SELECT * FROM productslist WHERE brand LIKE "%'. $search_string .'%"';
Try this with PDO (Edit: Including PDO connection string since he didn't specify if he was using PDO) -
$dbh = new PDO("mysql:hostname=$your_server;dbname=$database_name, $username, $password);
$sql = "SELECT * FROM productslist WHERE brand LIKE :search";
$query = $dbh->prepare($sql);
$query->bindValue(":search", "%$search_string%");
$query->execute();
$result = $query->fetchAll(PDO::FETCH_ASSOC);
I have a database where I can make queries to all tables without problems except for the 'employees' table. I tried making this basic query in php:
<?php
error_reporting(0);
require "init.php";
$sql = "SELECT * FROM empleados;";
$result = mysqli_query($con, $sql);
$response = array();
while($row = mysqli_fetch_array($result)){
$response[]=$row;
}
echo json_encode($response);
?>
... and I do not get any results. However when I run this query for other tables, it works well, what can it be?
This same query works fine from phpmyadmin
NEWS: if you use SELECT DNI FROM empleados it works, if I use SELECT * FROM empleados it doesn't.... (DNI is the key, is it possible that I can only access the primary key?)
Be careful with special characters such as Spanish accents, if you remove these the query works correctly
It seems you are not connecting to database.
Try this.
$con=mysqli_connect("localhost","my_user","my_password","my_db");
$result = mysqli_query($con, $sql);
Do not forget to change the credentials.
I am using below code to execute MySQL query in PHP.
$cus_id = '1';
$query = new QUERY();
$clause = "SELECT * FROM customers WHERE cus_id=:cus_id AND status='ACTIVE'";
$params = array('cus_id'=>$cus_id);
$result = $query->run($clause, $params)->fetchAll();
Now the question is: is it secure enough. Or do I need to bind the static String as well? Something like:
$clause = "SELECT * FROM customers WHERE cus_id=:cus_id AND status=:status";
$params = array('cus_id'=>$cus_id, 'status'=>'ACTIVE');
It's secure because ACTIVE isn't user input. So you don't need to bind it.
It's fine the way you have it. The value for status isn't being dynamically assembled and doesn't create any vulnerabilities.
I have a mysqli query given below
$content = mysqli_real_escape_string($link,$_GET['content']);
$query = "SELECT id,siteName,address,latitude,longitude,info,budget,tts,markerType FROM maptable WHERE siteName = '". $content ."'";
$result = mysqli_query($link, $query);
I'm currently confused right now because I am using this script for my ajax call but when i tried to remove the WHERE clause, the query function works, when I include the WHERE clause looking for the Id it still works but when I tried to use the WHERE clause on any database fields starting form siteName,address,etc it fails and returns an empty value how is that happening? is there something wrong with my query?