if user select anything besides "all" it will lead to a where statement involving KodDaerah
$where = '';
$sql= "SELECT * FROM maklumatakaun
LEFT JOIN detailakaun ON maklumatakaun.id = detailakaun.id
LEFT JOIN maklumatbilakaun ON maklumatakaun.NoAkaun = maklumatbilakaun.NoAkaun
LEFT JOIN kodjenisakaun ON detailakaun.KodJenisAkaun = kodjenisakaun.KodJenisAkaun
LEFT JOIN kodlokasi ON detailakaun.KodLokasi = kodlokasi.KodLokasi
LEFT JOIN kodkategori ON maklumatakaun.KodKategori = kodkategori.KodKategori
LEFT JOIN koddaerah ON maklumatakaun.KodDaerah = koddaerah.KodDaerah
WHERE maklumatakaun.KodKategori = '$KodKategori'
AND detailakaun.KodJenisAkaun = '$KodJenisAkaun'
AND maklumatbilakaun.BulanBil = '$BulanBil'
AND maklumatbilakaun.TahunBil ='$TahunBil'
".mysql_real_escape_string($where)."
ORDER BY koddaerah.NamaDaerah ";
if($KodDaerah != "all"){
$where = "AND maklumatakaun.KodDaerah = '$KodDaerah' "; //Add your where statement here
//Whatever you want to do
}
else {
$where = "";
}
if user select all then the system will just use the current sql statement that i provided, for now im not sure what's wrong, so here is where user select the KodDaerah from drop down list box
<?php include('dbase.php');
$sql = "SELECT KodDaerah, NamaDaerah FROM koddaerah";
$result = mysql_query($sql);
echo "<select name='KodDaerah' id='KodDaerah' class='input_field' required />
<option>Pilih Daerah</option>
<option value='all'>Seluruh Pahang</option>";
while ($kod = mysql_fetch_array ($result)){
echo "<option value=".$kod['KodDaerah'].">" .$kod['NamaDaerah']."</option>
<option value='all'>Seluruh Pahang</option>";
}
echo "<?select>";
?>
The problem is now even when i select a certain KodDaerah, it will just run the provided sql query without using the WHERE statement in the $where. Can anybody help?
EDIT:
$sql = $sql . $where;
$result = mysql_query ($sql);
$BilAkaun = mysql_num_rows ($result);
try to move up the if statement:, remove mysql_real_escape_string
(escape before)
$where = '';
if($KodDaerah != "all"){
$where = "AND maklumatakaun.KodDaerah = '$KodDaerah' "; //Add your where statement here
//Whatever you want to do
}
else {
$where = "";
}
$sql= "SELECT * FROM maklumatakaun
LEFT JOIN detailakaun ON maklumatakaun.id = detailakaun.id
LEFT JOIN maklumatbilakaun ON maklumatakaun.NoAkaun = maklumatbilakaun.NoAkaun
LEFT JOIN kodjenisakaun ON detailakaun.KodJenisAkaun = kodjenisakaun.KodJenisAkaun
LEFT JOIN kodlokasi ON detailakaun.KodLokasi = kodlokasi.KodLokasi
LEFT JOIN kodkategori ON maklumatakaun.KodKategori = kodkategori.KodKategori
LEFT JOIN koddaerah ON maklumatakaun.KodDaerah = koddaerah.KodDaerah
WHERE maklumatakaun.KodKategori = '$KodKategori'
AND detailakaun.KodJenisAkaun = '$KodJenisAkaun'
AND maklumatbilakaun.BulanBil = '$BulanBil'
AND maklumatbilakaun.TahunBil ='$TahunBil'
".$where."
ORDER BY koddaerah.NamaDaerah ";
and then do not append $where again
$result = mysql_query ($sql);
$BilAkaun = mysql_num_rows ($result);
Related
I've got the following code which queries a table. Then it uses the result to make another query. That result is then used to make a third query.
But how do I grab the userid field from the 2nd query in order to grab a name from a users table and join that to the result of the 3rd query?
Please note once I figure out the code I will convert this to a prepared statement. It's just easier for me to work with legacy code when figuring out queries.
$selectaudioid = "SELECT audioid FROM subscribe WHERE userid = $userid";
$audioResult=$dblink->query($selectaudioid);
if ($audioResult->num_rows>0) {
while ($row = $audioResult->fetch_assoc()) {
$newaudio = $row[audioid];
$getallaudio = "SELECT opid, userid from audioposts WHERE audioid = $newaudio" ;
$getallresult = $dblink->query($getallaudio);
if ($getallresult->num_rows>0) {
while ($row = $getallresult->fetch_assoc()) {
$opid = $row[opid];
$opuserid = $row[userid];
$getreplies =
"SELECT * from audioposts ap WHERE opid = $opid AND opid
NOT IN (SELECT opid FROM audioposts WHERE audioposts.opid = '0' )";
$getreplyresults = $dblink->query($getreplies);
if ($getreplyresults->num_rows>0) {
while ($row = $getreplyresults->fetch_assoc()) {
$dbdata[]=$row;
}
}
}
}
}
} "SELECT * from audioposts ap WHERE opid = $opid AND opid
NOT IN (SELECT opid FROM audioposts WHERE audioposts.opid = '0' )";
$getreplyresults = $dblink->query($getreplies);
if ($getreplyresults->num_rows>0) {
while ($row = $getreplyresults->fetch_assoc()) {
$dbdata[]=$row;
}
}
}
}
}
}
echo json_encode($dbdata);
The result I need are rows of json encoded instances of $getreplyresults with the $row[userid] from the original result joined to each row.
Here's what I did in the end. Now I just have to figure out how to convert this to a prepared statement in order to avoid malicious injection.
$selectaudioid = "SELECT audioid FROM subscribe WHERE userid = $userid";
$audioResult=$dblink->query($selectaudioid);
if ($audioResult->num_rows>0) {
while ($row = $audioResult->fetch_assoc()) {
$newaudio = $row[audioid];
$getallaudio = "
SELECT ap.audioid, ap.title, us.name FROM audioposts ap
INNER JOIN audioposts a2 ON a2.audioid = ap.opid
INNER JOIN users us ON us.id = a2.userid
WHERE ap.opid = $newaudio AND ap.opid <> '0'
";
$getallresult = $dblink->query($getallaudio);
if ($getallresult->num_rows>0) {
while ($row = $getallresult->fetch_assoc()) {
$dbdata[]=$row;
}}}}
Is this possible to be done with SQL?
I need to make a SQL selection depending if a $query is false WHERE (u.id_user = ".$userId." OR fu.id_user = ".$userId." OR ff.id_user = ".$userId.")" ELSE "$query";
That's my starting point where both conditions have to be met:
$validatedSearchData = array(
"q"=>strip_tags($_GET["q"])
);
$query= " AND a.tags LIKE ".lib::$db->qstr("%".$validatedSearchData["q"]."%");
$feed = lib::$db->GetAll("SELECT SQL_CALC_FOUND_ROWS
a.*,
u.name,
fu.id_user AS fu_user_id,
ff.id_followed_user AS ff_user_id
FROM feed AS a
LEFT JOIN userfollow AS fu ON a.id_author = fu.id_user
LEFT JOIN userfollow AS ff ON a.id_author = ff.id_followed_user
INNER JOIN user_profiles AS u ON a.id_author = u.id_user
WHERE (u.id_user = ".$userId." OR fu.id_user = ".$userId." OR ff.id_user = ".$userId.")" . $query. "
GROUP BY a.id_article
");
Change this line
$query= " OR a.tags LIKE ".lib::$db->qstr("%".$validatedSearchData["q"]."%");
replace OR in the place of AND
I want to show the selected query from the table
<?php
$where = "";
if(isset($_GET['category']))
{
$catid = $_GET['category'];
$where = " WHERE product.categoryid = $catid";
}
Thus is the $where function to get the category
$sql = "SELECT category.*,
category.category_id , items.id AS itemID,items.asset_tag,items.name,
items.brand,items.status,
items.quantity,items.category_id,
items.color,items.texture,items.photo,items.date,
items.fetch_item FROM items LEFT JOIN category ON
category.category_id=items.category_id
WHERE items.status = 'Available' AND items.fetch_item = '0' $where";
?>
Looks like you did small mistake, because in your "default" query you have already WHERE statement, so in the if you should use AND or OR instead of WHERE again:
$where = "";
if(isset($_GET['category']))
{
$catid=$_GET['category'];
$where = " AND product.categoryid = $catid";
}
additionally you could make your injection of additional WHERE condition a bit more elegant by using sprintf() function. Take a look on example:
$additional_condition = 'AND active=1'
$statement = 'SELECT * FROM users WHERE condition=1 %s';
echo sprintf($statement, $additional_condition);
// Output: SELECT * FROM users WHERE condition=1 AND active=1
hello I have this variable $company->id
and I have function like this
<?php
function GetEmploees(){
$db = JFactory::getDBO();
$query = 'SELECT * FROM #__jbusinessdirectory_attribute_options AS c JOIN #__jbusinessdirectory_company_attributes AS cp
on c.id = cp.option_id';
$db->setQuery($query);
if( $rows = $db->loadObjectList() ) {
foreach( $rows as $row ){
echo $row->name;
}
}
}
echo GetEmploees($company->id);
?>
I want select $row->name as $company->id
how can I insert code WHERE company_id = '.$company->id.' in query?
company_id is in table #__jbusinessdirectory_company_attributes
Try
$sql = "SELECT * FROM #__jbusinessdirectory_attribute_options AS c INNER JOIN #__jbusinessdirectory_company_attributes AS cp (on c.id = cp.option_id) WHERE c.company_id = '.$company->id.'";
Should do the trick
When I add $elan_category, I get category_id, instead category_title.
Tried to apply "left join" but no success. I have following tables in database:
function getElanDetail()
{
global $con;
if (isset($_GET['elan_id'])) {
$elan_id = $_GET['elan_id'];
$get_elan = "select * from elan where elan_id='$elan_id'";
$run_elan = mysqli_query($con, $get_elan);
while ($row_elan = mysqli_fetch_array($run_elan)) {
$elan_id = $row_elan['elan_id'];
$elan_category = $row_elan['elan_category'];
$elan_title = $row_elan['elan_title'];
$elan_description = $row_elan['elan_description'];
$elan_image = $row_elan['elan_image'];
$elan_contact = $row_elan['elan_contact'];
echo "
$elan_category //Getting ID of category instead Title :(
$elan_title
$elan_description
$elan_image
$elan_contact
";
}
}
}
With join you can do something like:
$elan_id = $_GET['elan_id'];
$get_elan = "SELECT * FROM `elan`
JOIN `categories` ON `categories`.category_id = `elan`.elan_category
WHERE `elan`.elan_id='$elan_id'";
$run_elan = mysqli_query($con, $get_elan);
while ($row_elan=mysqli_fetch_array($run_elan)){
print_r($row_elan);
// see the keys in $row_elan and use them accordingly
}
For subcategories try this query:
SELECT * FROM `elan`
JOIN `categories` ON `categories`.category_id = `elan`.elan_category
JOIN `subcategories` ON `subcategories`.subcategory_id = `elan`.elan_subcategory
WHERE `elan`.elan_id='$elan_id'
$elan_category = $row_elan['elan_category'];
add these two lines after above code
$cat = mysqli_fetch_row(mysqli_query($con,"SELECT category_title FROM categories WHERE category_id = $elan_category"));
$cat_name = $cat[0];
$cat_name is your category name enjoy