I need some help putting together this PHP SQL update. I am pretty sure I need a foreach loop to post this query, but I am not sure how to write it.
Basically it needs to match ticketID from the string to ticketID in the database and update that row with the following developer.
The query string will look something like:
ticketID=1483&developer=Reme&ticketID=1484&developer=Reme&ticketID=1485&developer=Reme&isActive=1
Although there could be as many as 30/40 pairs with isActive being a variable to end it all. DBConn and all that is already set up, this is the last thing I need to solve before moving onto sessions.
This is being posted over using an Ajax call. Everything I need is arriving at its destination; it's just getting each pair and update in the database accordingly that I am stumped on.
You can't use the same parameter (ticketID) twice in a query string, because the second will overwrite the first.
In this case you have to use an array:
ticketID[]=1483&developer[]=Reme&ticketID[]=1484&developer[]=Reme&ticketID[]=1485&developer[]=Reme&isActive=1
And then you could use a foreach to loop.
It depends on how you want to update them, but I would suggest using JSON or some other more defined structure.
If you do
ticketID[]=1483&developer[]=Reme&ticketID[]=1484&developer[]=Reme&ticketID[]=1485&developer[]=Reme&isActive=1
you will have one array for ticketID, one array for developer, etc. Which means that you should be really careful with the other on which you are placing the parameters.
Instead of that I would prefer structure like this:
["isActive":1,
"tickets":{"ticketID" :1483
"developer": "Reme"},
{"ticketID": 1484
"developer": "Reme"},
{"ticketID": 1485,
"developer": "Reme"}]
On that you are confident that you are updating the right properties on the right object.
Related
So far I store all the relevant parameters that I need for my website as variables in a php file; then I point to this file through a requirestatement in each page that needs those parameters.
This is most of times good and easy to mantain, but sometimes I need to change those variables "on the fly" and I feel the need of some sort of web-panel where I can change them even more easily (I'm thinking to a web page with a form to update the parameters).
So I've created a table in my MySQL database to store parameters (basically, this table has two columns: ParamName and ParamValue; I've stored the parameter names as a varchar without the $ sign at the beginning), in order to create the web-panel I've in my mind.
I was thinking to extract all the parameters names and values using this query:
$query=$mysqli->query('select * from parameters');
while($row=mysqli_fetch_assoc($query)) {
$ParamName=$row["ParamName"];
$$ParamName=$row["ParamValue"]; }
Is this a good or a bad idea?
What are the main issues I could encounter doing so (in terms of security, too)?
How deprecable and dangerous is the use of $$ParamName?
I'd better change my mind or can I proceed this way?
EDIT: I changed mysql_ syntax into mysqli_ as suggested.
Using arbitrary values in a database as variable references is highly risky. What you'd want to do is fetch the data from your key/value store into a self-contained associative array and use that instead.
You also do not want to be using mysql_query for anything these days. Please, put that thing away.
If the parameters are all constants that will not be changed over time, it is faster to use a single file that stores them as constants in a simple associative array.
If these parameters will change, using a database that specializes in key-value stores might be more useful for you instead of using a standard relational database.
If you cannot change your database from a relational database, or you are not changing the values often, it would be faster to cache them using something like memcached.
Is there a way using php to take a MYSQL query result, get a value from a column in the first record fetched, and then put that record back into the query result so when when looping over the result set later, that record can be used again? If this is possible, can I put the record back in the first position again?
Or should I return the value that I need from that first row as a separate variable in my routine in MYSQL. If this would be the better route to take, can someone give me some insight on how to return both a query result set and a separate variable as well? I cannot seem to get this to work either.
Or would the best way to do this be to create my own array from the query result set and then manipulate the mysql result set as need? I'm trying to stay away from this just to cut out the step of creating that array if one of the above two options is possible, otherwise I will just go with this.
Thanks in advance.
Just before you need to loop through again, you could use mysql_data_seek($query, 0);
Then the next call to fetch will be the first row again.
I haven't personally used it, but that's what I understood from the php manual:
http://us.php.net/manual/en/function.mysql-data-seek.php
I agree with the answers above but just to state it a slightly different way:
There is no point rewinding a pointer inside the query result object. You have to keep track of where it is, and it's easy to mess up, and it isn't worth the tiny speed increase.
It's much better to make a copy of the entire array and access the records using keys. Much easier to keep track of what is going on.
Basically I'm looking to create a page using PHP that will take SQL input, and output the results returned by the DB (MySQL). This is not for a production website (I understand the security implications). It's more for learning and practice. Kind of like the SQL console section of phpMyAdmin, or even similar to what sqlzoo.net can do (I think they are using perl, but I'd like to do it in PHP). Is there a practical way to accomplish this?
For example, how can I create a page in PHP/HTML to display a table of results when I don't know how many columns the query will return?
Also, what is the most practical way to allow a visitor to this web page to restore the DB to a default state with the original data? (e.g. create a sql dump of the original state and make a button that runs it? or is there a better way?)
Thanks!
Use * in your SQL query to fetch all columns and loop over the results from mysql_fetch_row() or mysql_fetch_assoc() with foreach.
Besides that, have you thought of using the mysql CLI ? It's useful for those requirements.
This question should be more specific than it is now.
"create a sql dump of the original state and make a button that runs it?" - Yes. But make sure you drop/delete the existing data.
You may have to run at least two queries... first return one row using LIMIT 1, and count the returning elements (using PHP count($row) if you use mysql $row = fetch_row($handle) ) to count the columns, and you can use SQL COUNT() to find out how many rows would be returned.
As for returning data to original state, I think a drop/recreation from a dump like you said may be the simplest and most reliable option.
Your best option is just running the query, checking if the amount of rows > 0, and then if it is, loop through the query resultset in a foreach and just show whatever you like.
I have written a PHP OO class which will update 4 fields of a certain row in a table. For now the row is decided by a constant (user with name 'jip')
I have corrected the query in a previous post here, so i'm pretty sure the query itself is fine. So, there must be some sort of error within the class itself. Probaply the vars don't reach the query somehow. I have been looking for hours, but can't find the problem. I have linked both files of the class, since i downt know where the error is, the values just don't show up in the database. If anyone would like to check them, (s)he'd make my entire week! SO here is the link and i hope someone is willing to help :)
UpdateForm.php: http://pastebin.com/dUaZPrn6
Update.class.php: http://pastebin.com/6mnL4DzE
Try replacing mysqli_real_escape_string($conn, $variable) with
$conn->real_escape_string($variable);
For example,
$conn->real_escape_string($this->Lengte_update);
You're using the object-oriented style, so you can't use the procedural escape function. See the docs on mysqli::real_escape_string.
Edit:
The query isn't being executed. You assign the query to $query, but you need to call
$conn->query($query);
For anything to happen in the database.
I have a PHP script which takes a value from a row in my MySQL database, runs it through a function, and if it determines it's true returns one value, and if it's false, it needs to go to the next value in the database and check that one until eventually one returns true.
I think I need to use mysql_fetch_assoc, but I'm not really sure in what way to use it... I wish I could post my code to be more specific, but it's a lot of code and most of it has no bearing on this issue...
Is the "function" something you could do in the database instead? It's really inefficient to process every row in the table to check for some type of condition. That's exactly what databases are good at, namely, processing queries efficiently and getting answers to you quickly.
So I'd recommend looking at how to do it all on the database side so that your PHP code is just fetching the end result (i.e. rows filtered by the function). Maybe if you provide more details of what your "function" is doing, a more specific answer can be provided.
You can use mysql_fetch_array, and just jump on the values fetched using $row[id] and not $row['name'].
Say your function returns true, you'd just use $row[lastid+1].
If the ID isn`t incremental, this could work :
$qry_result = mysql_query($qry) or die(mysql_error());
while ($row = mysql_fetch_array($qry_result)) {
$result = yourfunction($row['whatever');
if ($result != false)
break;
}
Also there is a php function next() which advances a pointer to the next array element. In your function you could implement an array builder, and then cycle between the elements with this. Depends on what your function actually does or script purpose is. It could lead to some load if there are alot of results.
You should not check database this way, as mentioned above. Database has a little difference from the plain text file.
You should not have a field in your database that has a bunch of values separated by value1:value2|value1:value2|value1:value2. It must be separate fields. Database has a little difference from the plain text file and you better learn it.
You could try something like this:
SELECT *
FROM table
WHERE field NOT LIKE '%$sessionvar:%';
I think that is what you are after?