I have the following date input box in an HTML code:
<input type="date" name="DOB" size="20">
The form data are passed to a different PHP file using the POST method. And there the date is saved to a variable.
$DOB=$_POST['DOB'];
When I echo this variable it prints the date value saved in it. However if I use this variable in a query, the value won't be read. The query does not return any values.
This is my query:
"SELECT site_no, name,NIC,gender,address,telephone FROM employee WHERE emp_no=$emp_no AND DOB=$DOB"
Try this
use single quotes with date(assumption you got date value in $DOB variable )
"SELECT site_no, name,NIC,gender,address,telephone FROM employee WHERE emp_no=$emp_no AND DOB='$DOB'"
EDIT
MySQL expects DATE and DATETIME literal values to be single-quoted as strings like '2001-01-01 00:00:00'
You need to enclose variables in single quotes. Use the code below
"SELECT site_no, name,NIC,gender,address,telephone FROM employee WHERE emp_no='$emp_no' AND DOB='$DOB'"
Hope this helps you
For visibility it's good practice to add quotes to your SQL. It's important to know what types you're working with and to escape the values, especially with something like this.
Your query with quotes and indentation for visibility:
SELECT
`site_no`, `name`, `NIC`, `gender`, `address`, `telephone`
FROM
`employee`
WHERE
`emp_no` = '$emp_no'
AND
`DOB` = '$DOB'
Best practice to save dates is either using DATE/DATETIME or timestamps. You'll want to verify the DOB format and input, strip unnecessary characters etc. Look up real_escape_string, time and date for PHP
Use single quotes for $DOB
"SELECT site_no, name,NIC,gender,address,telephone FROM employee WHERE emp_no=$emp_no AND DOB='$DOB'"
Related
Code below adds date in correct format but hours/minutes/seconds are inserted as 00:00:00.
$timestamp[] = 'date("2017-12-31 21:01:50")';
$i because I have this inside a a loop.
$sql = "INSERT INTO posts (post_id, username, content, timestamp, likes)
VALUES ('$post_id[$i]', '$username[$i]', '$content[$i]', $timestamp[$i],
'$likes[$i]')";
Result:
MySQL's date function returns a date without a time portion, which is why it's getting truncated to midnight.
You should be able to ignore the call to date entirely, and just pass the raw string - it's already in a format that MySQL will understand:
$timestamp[] = '2017-12-31 21:01:50';
$sql = "INSERT INTO posts (post_id, username, content, timestamp, likes)
VALUES ('$post_id[$i]', '$username[$i]', '$content[$i]', '$timestamp[$i]', '$likes[$i]')";
(Note the added quotes around the $timestamp variable)
You should also look into using prepared statements, rather than building up your SQL string manually. It'd be both a security and readability benefit.
I have tried to insert the current date using the now() syntax but it's not working. The column in MySQL is under datetime called date_added but when I check the command prompt all I get is 0000-00-00 00:00:00.
INSERT INTO FOOD (food_name, food_type, total, available, date_added)
VALUES
('$_POST[food_name]','$_POST[food_type]','$_POST[total]','$_POST[available]','NOW()')";
You need to remove the single quotes from NOW():
...
VALUES (
$_POST[food_name],
$_POST[food_type],
$_POST[total],
$_POST[available],
NOW())";
Remove the quotes around NOW(), in that way NOW() is treated as a SQL function instead of a string.
VALUES ('$_POST[food_name]','$_POST[food_type]','$_POST[total]','$_POST[available]',NOW())";
Try if the following option works:
GETDATE()
offtopic:
Is this possible with the array? Never gave it a shot:
$food= array('apple', 'Banana', 'Pineapple');
INSERT INTO food ('fruit_arrays') VALUES ($food)
I am having a very strange problem inserting values into my mysql database, using php, so i was running a test, the simplest of the simple insert; the following doesnt work:
<?php
include("config.php"); // put the *FULL* path to the file.
mysql_query("INSERT INTO 'lms'.'test2' ('trn') VALUES ('17')");
?>
However the following works:(Note the difference in single quotes)
<?php
include("config.php"); // put the *FULL* path to the file.
mysql_query("INSERT INTO `lms`.`test2` (`trn`) VALUES ('17')");
?>
I really can't see what the problem is could I get sum assistance please
You don't need to encapsulate tables within a query unless they have space or they are reserved words.
INSERT INTO 'lms'.'test2' ('trn') VALUES ('17')
// This makes no real sense to the db. It should be:
INSERT INTO lms.test2 (trn) VALUES ('17')
If the column trn accepts numbers, it really should be:
INSERT INTO lms.test2 (trn) VALUES (17)
With MySQL, you can use the tilted quote character to encapsulate names, but not strings. To enter a string in the query you will have to use normal quotes like '.
You can to this:
select `someTable`.`someColumn` from `someTable`
but not this:
select someTable.someColumn from someTable where myName=`Tommy`;
The correct use would be:
select someTable.someColumn from someTable where myName='Tommy';
In my MySQL database, I have this Time data type as one of my values: 06:00:00. I have the following query that checks the time as one of the conditions that has to be satisfied
$time = "06:00:00";
$getdetails=SELECT First_Name, Last_Name, EMAIL
FROM parents
WHERE Email_Receive_Time = $time;
$results=mysql_query($getdetails);
However I do not get any results. On further research I have seen that it is because I am comparing a STRING type value ($time) to a TIME type value (value in my database). Is there a way i can compare the two without changing my database structure to a varchar? All help will be appreciated.
MySQL is perfectly capable of comparing a string to a TIME value. You just need to have the proper query syntax. In your case, you need to quote the comparison value:
$time = "06:00:00";
$getdetails = "SELECT First_Name, Last_Name, EMAIL
FROM parents
WHERE Email_Receive_Time = '$time'";
$results=mysql_query($getdetails);
And if it is user-supplied, well you should escape it.
You are wrong.
Your mistake is much simpler, it has nothing to do with data formats, but with query format.
Ask yourself what does mean 06:00:00 in terms of SQL syntax.
Btw, running query this way will help you A LOT:
$results=mysql_query($getdetails) or trigger_error(mysql_error()." in ".$getdetails);
always run all your queries this way and get in touch with every error occurred
This will work when comparing against TIME type of field:
To compare against DATETIME or TIMESTAMP, I'd suggest running the $time variable through strotime() first.
$time = "06:00:00";
$getdetails = "SELECT First_Name,
Last_Name,
EMAIL
FROM parents
WHERE Email_Receive_Time = '$time'";
$results = mysql_query($getdetails);
Try using STR_TO_DATE function, it should work for you.
Thanks
Ravi Mudaliar
i have a csv file that i'm interest and the date format is 20-Nov-2010 how do I format it for insertion into mysql accepted format for a field with Date as its type?
date("Y-m-d", strtotime("20-Nov-2010"));
Andreas' answer is a bit terse - in PHP this will return a string which you can splice
into your query:
$d=date("Y-m-d", strtotime("20-Nov-2010"));
$qry="INSERT INTO sometable (adate) VALUES('$d')";
But if you omit the punctuation, you can ad it without the quotes:
$d=date("Ymd", strtotime("20-Nov-2010"));
$qry="INSERT INTO sometable (adate) VALUES($d)";
A drawback of this approach is that strtotime() tends to always return some sort of date value - and sometimes not what you expect.
However you could do the parsing in MySQL, which is a lot more strict:
$d='20-Nov-2010';
$qry="INSERT INTO sometable (adate) VALUES(STR_TO_DATE($d, '%d-%b-%Y'))";
But remember to check for errors when mysql tries to parse the date.