I am trying to query two different tables just, to see if there is one match. I have done a lot of research on how to do this and all I keep seeing is using the join clause. But I am not looking for a match between two tables. I just need to query both tables and see if there is one row with a match.
This is the code I'm using.
$query = " SELECT id,account_type,email, password FROM client
WHERE email = ?
UNION
SELECT id,account_type,email, password FROM freelancers
WHERE email = ? ";
$email = $this->input->post("email");
$result = $this->db->query($query, [$email]);
// Just check if first there is an email that exists the database
if($result -> num_rows() == 1) {
//Do something
}
You could try using a subquery:
$query = "SELECT * FROM client WHERE email = (SELECT email FROM freelancers WHERE email = ?)";
$email = $this->input->post("email");
$result = $this->db->query($query, array($email));
Related
I want to run two queries at a time in a function to verify the username and email separately when registering. If one of them already exists in the database, it will return the correct error message on the form.
I investigate them separately so that they can be linked to two separate messages based on a query.
If the username already exists in the database, display the corresponding message. If I put them in a single query, then the separate investigation cannot be done.
My error is: It does not allow you to run two queries at the same time and throws the following error: there is a problem with the preceding parameter. Or it returns an incorrect value.
function pl($connection) {
$query = "SELECT username FROM users WHERE username = ?";
$query2 = "SELECT email FROM users WHERE email = ?";
if ($statment = mysqli_prepare($connection, $query) && $statment2 = mysqli_prepare($connection, $query2)) {
mysqli_stmt_bind_param($statment, "s", $_POST['usern']);
mysqli_stmt_execute($statment);
$result = mysqli_stmt_get_result($statment);
$record = mysqli_fetch_assoc($result);
mysqli_stmt_bind_param($statment2, "s", $_POST['email']);
mysqli_stmt_execute($statment2);
$result2 = mysqli_stmt_get_result($statment2);
$record2 = mysqli_fetch_assoc($result2);
}
if ($result != null) {
echo "succes";
//it will enter even if there is an error
}
}
How it could be solved to execute two mysqli_prepare() at a time?
Why you do not use one query?
Something like:
$query = "SELECT username, email FROM users WHERE username = ? and email = ?";
$statment = mysqli_prepare($connection, $query);
mysqli_stmt_bind_param($statment, "ss", $_POST['usern'], $_POST['email']);
mysqli_stmt_execute($statment);
$result = mysqli_stmt_get_result($statment);
$record = mysqli_fetch_assoc($result);
if (!$record) {
echo "succes";
//it will enter even if there is an error
}
also you miss the } at end of your first if
First off, I know about sql injection and that my code is not foolproof, prone to injection etc. Will be working on that next.
Now : from my Android app to my PHP file I submit a JSON array of phone numbers like :
[{"phone_number":"+12345678"},
{"phone_number":"+23456789"},
{"phone_number":"34567890"},
{"phone_number":"45678901"}
etc... etc...
These are contacts in my app user's phone. If these contacts are people who are also users of my app then I want to insert those numbers into my contacts table.
But I can't get it to work. mysqli_fetch_assoc isn't working correctly. I don't know why.
In my contacts table I have 3 columns - an auto increment, user_id and contact_id. The first two values are inserted correctly but the contact_id is always put in as '0', which is wrong.
Here is my code :
require('dbConnect.php');
//this is me, +567890123, my user_id in the user table
$user_id = '20';
//post all contacts in my phone as a JSON array
$json = $_POST['phonenumber'];
$array = json_decode($json);
foreach ($array as $value) {
$phonenumber = $value->phone_number;
$sql = "SELECT username FROM user WHERE username = '$phonenumber'";
$result = mysqli_query($con, $sql);
$num_rows = mysqli_num_rows($result);
if ($num_rows > 0) {
echo "phonenumber is " . $phonenumber . "<br>";
// we want to put $phonenumber in the contacts table, as one of +567890123 contacts
// In the user table get the associated rows of $phonenumber
while ($row = mysqli_fetch_assoc($result)) {
// get the associated user_id in that row, that's what we want to put into the contacts table
$contact_id = $row['user_id'];
$insert_into_contacts_command = "INSERT INTO contacts VALUES(NULL, '$user_id','$contact_id')";
$insert_into_contacts_table = mysqli_query($con, $insert_into_contacts_command);
}
} //if +353864677745 is NOT in the user table...
else {
echo 'not a match.';
}
}
$contact_id = $row['user_id'];
Here $contact_id will be null, because you are trying to access not existing field $row['user_id'] of the $row .
Actually there is only one field username in your results set, as you specified:
$sql = "SELECT username FROM user WHERE username = '$phonenumber'";
Try to change your query to this:
$sql = "SELECT user_id, username FROM user WHERE username = '$phonenumber'";
Your query selects the column username, not userid.
You haven't posted anything about the table user, so it's hard to suggest a new query, but I guess it's the following:
$stmt = mysqli_prepare($con, "SELECT userid FROM user WHERE username = ?");
$stmt->bind_param("s", $phonenumber);
$stmt->execute();
$stmt->bind_result($userid);
while ($stmt->fetch()) {
// Work with $userid
}
You'll note that this uses a prepared statement with a bound parameter. That way, your code is not prone to SQL injections.
I want to check if username and email taken in my registration script.
This is how I check with query:
$emailcheck = "SELECT COUNT(email) AS nume FROM members WHERE email = :email";
//bindValue
//execute
//fetch
if($rowe['nume'] > 0){
$errors[] = "E-mail exist.";
}
And also I'm doing the same thing for username;
$usercheck = "SELECT COUNT(username) AS numu FROM members WHERE username = :username";
//bindValue
//execute
//fetch
if($rowu['numu'] > 0){
$errors[] = "Username taken.";
}
*
I want to go one step further and handle all of stuff with one query.
But I couldn't came up with such query.
I tried:
$check = "SELECT COUNT(username) AS numu and COUNT(email) AS nume FROM members WHERE username = :username OR email = :email";
but probably It's ridiculous.
How to handle what I want with one query?
And after I want to check like that:
if($row['numu'] > 0){
$errors[] = "Username taken.";
}
if($rowe['nume'] > 0){
$errors[] = "E-mail exist.";
}
So it will be less code, instead of connecting same table twice and bindValue, execute, fetch for second time.
You can just do Union All to unite those queries:
SELECT COUNT(email) AS num FROM members WHERE email = :email
UNION ALL
SELECT COUNT(username) AS num FROM members WHERE username = :username
Then extract 2 according rows.
OR, MySQL allows this thing:
SELECT
(SELECT COUNT(email) FROM members WHERE email = :email) as nume,
(SELECT COUNT(username) FROM members WHERE username = :username) as numu
if you want 1 rows with 2 columns.
Do that only if you need to see which one is already present. Otherwise just do this:
SELECT 1 FROM members WHERE email = :email OR username = :username LIMIT 1
Yes, consider not doing count() because you don't need to count all the rows. You just need to stop if you find just one. So either do a LIMIT or IF EXISTS()
I don't think you really need to count. Assuming you want to check if either username or email already exist because they are required to be unique on your user table, you can do this:
First, add a unique index to each of those columns in your database. You may already have this, but if you want those values to be unique, this will ensure that even if your PHP code fails to do so for some reason.
Then you can use this query:
SELECT username, email FROM members WHERE username = :username OR email = :email
This will return either zero, one, or two rows, where:
0 = neither username nor email was found
1 = one row was found having either username, email, or both
2 = username was found in one row and email was found in another
Then you can loop over your results, comparing them to the user input, and set your errors.
while ($row = //fetch) {
if ($row['username'] == $username) {
$errors[] = "Username taken.";
}
if ($row['email'] == $email) {
$errors[] = "E-mail exist.";
}
}
You can try this after removing and between count
$check = "SELECT COUNT(username) AS uname ,
COUNT(email) AS uemail FROM members
WHERE (username = :username OR email = :email)";
Hi i want to make an insert in my mysql database but first I want to check if the email is not avaible in the table blacklist. If the mail is in the blacklist I want to ignore the insert.
$sqlinsertqueue = "
INSERT INTO queue Set
email = '$email'"
mysql_query($sqlinsertqueue,$db);
My blacklist has also the field email. My tablename from my blacklist is blacklist.
Since #EdGibbs deleted his answer before I got to say this, he was on the right track with an INSERT ... SELECT;
INSERT INTO queue (email)
SELECT 'dummy#example.com' FROM DUAL
WHERE 'dummy#example.com' NOT IN (SELECT email from Blacklist);
An SQLfiddle to test with.
You may want to use PDO or MySQLi instead of the deprecated mysql_* api, or at the very least do mysql_escape_string() on the email addresses before inserting them into the SQL query.
Something like this:
$email = mysql_real_escape_string($email);
//check blacklist
$sql = "
SELECT
COUNT(*)
FROM
blacklist
WHERE
email='$email'
";
$result = mysql_query($sql, $db);
if (!$result) {
die('Invalid query: ' . mysql_error());
}
$row = mysql_fetch_array($result, MYSQL_NUM);
if ($row[0] == 0)
{
//insert
$sqlinsertqueue = "
INSERT INTO queue Set
email = '$email'";
mysql_query($sqlinsertqueue,$db);
}
Don't use mysql_* functions - they are deprecated.
I need help finishing this statement. It is frustrating that two of the PHP phone books here gloss over PDO's almost all together.
All I need to do is check the database for a username that is already taken.
Here is the start of the statement.
$sql = " SELECT * FROM users WHERE userid = '$userid'";
$result = $dbh->query($sql);
What parts do I need to add to write my 'if' statement?
Something like this:
$sql = " SELECT * FROM users WHERE userid = '$userid'";
$result = $dbh->query($sql);
$row = $result->fetch();
if ($row)
echo 'Userid is taken';
I'm not sure about your question because you're asking about username but selecting userid... did you mean to select on username?