I am using bellow MYSQL query to delete single records from table and working perfect for me but how to write for multiple records with IN operator.
$sql = "DELETE FROM reg WHERE id = :id";
$query = $this->db->prepare($sql);
$query->execute(array(':id' => $id));
For example I have ids from array like $id = array(23,24); and I have treid with loop like bellow but not worked :(
for($i=0; $i<count($id); $i++) {
$id = $id[$i];
$sql = "DELETE FROM $table_name WHERE id = :$id";
$query = $this->db->prepare($sql);
$query->execute(array(':id' => $id));
}
I hope you understand my question and hope you will help me.
Thanks.
for($i=0; $i<count($id); $i++) {
$sql = "DELETE FROM $table_name WHERE id = :id";
$query = $this->db->prepare($sql);
$query->execute(array(':id' => $id[$i]));
}
Related
I was hoping someone would guide me in the right direction. What I am trying to accomplish is the following:
user uploads a csv file the data is then stored in a multidimensional array $formatted_payments. Then I check the records on the file against the records on the DB. I need to check if the route from the file matches the route on DB if it does for all records then commit all the updates but if there is one mismatch then i need to rollback all the update. I hope this all makes sense. Here is what I did but I haven't tested yet.
Thank you
$conn->autocommit(FALSE);
$route_errors = [];
foreach($formatted_payments as $val){
$sql = "SELECT id, account_no, payment_amount, route_id, payment_date FROM car_payments WHERE payment_date = '".$date."' AND account_no = '".$val['account_no']. "'";
$res = $conn->query($sql);
$data = $res->fetch_object();
if($data){
if($val['amount'] > 0){
if($val['route_id'] != $data->route_id){
$route_errors[] = $val['account_no'];
}else{
$sql = "UPDATE car_payments SET payment_amount = ? charged = ? WHERE id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sss", $val['amount'], 'Si', $data->id);
$stmt->execute();
}
}else{
$sql = "UPDATE car_payments SET payment_amount = ? charged = ?, pending = ? WHERE id = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param("ssss", $val['amount'], 'No', 1, $data->id);
$stmt->execute();
}
}
}
if(!empty($route_errors)){
$conn->roll_back();
echo 'The following accounts do not match the route. Records not imported.<br>';
foreach($route_errors as $value){
echo '<li>' . $value . '</li>';
}
}else{
$conn->commit();
}
I have a simple SQL query that is not working. I have tried everything I know to fix this query, but to no avail.
$Data = $connection->prepare("SELECT * FROM EXAMPLE");
The table on the database exists, and the connection to the database is set properly.
I have also tried this:
$Data = $connection->prepare("SELECT ID FROM EXAMPLE WHERE EXAMPLE1=:EXAMPLE1 ");
$Data->execute(array(
':EXAMPLE1' => $EXAMPLE1,
));
If your connection is fine..
$Data=$connection->prepare("SELECT ID FROM EXAMPLE WHERE EXAMPLE1 = :EXAMPLE1");
$Data->execute(array(
':EXAMPLE1' => $EXAMPLE1,
));
$result = $Data->fetchAll();
Or
$result = array();
$sql = "SELECT ID FROM EXAMPLE WHERE EXAMPLE1 = {$EXAMPLE1};";
foreach ($connection->query($sql) as $row) {
$result[] = $row;
}
I would like to secure my requests in my code.
Today my curent functions are like this.
public function UpdatePMS($table,$data,$where) {
$ret = array();
$set_data = "";
foreach($data as $key => $value){
$set_data .= $key."= '".$value."', ";
}
if (isset($where)) {
$where = "WHERE ".$where;
}
$sql = "UPDATE ".$table." SET ".$set_data."".$where;
$sql = str_replace(", WHERE", " WHERE", $sql);
$stm = $this->db->prepare($sql);
$ret = $stm->execute();
return $ret;
}
With this way, i can select any tables, any datas, and any conditions.
For example:
WHERE id = 1 and status < 10
Or only
WHERE id = 10
Or sometimes
WHERE id = 1 and status >= 5
The content of where could change.
A kind of universal request.
Same for Delete, Update, Select, insert.
I tried to do like this, but it doesn't work.
$db = new PDO('mysql:host=localhost;dbname=asterisk','root','');
$table = "my_table";
$where = "WHERE id = 1";
$sql = 'SELECT * FROM :table :where';
$stm = $db->prepare($sql);
$stm->execute(array(":table" => $table, ":where" => $where));
$ret = $stm->fetchall(PDO::FETCH_ASSOC);
Any ideas?
Frankly, you cannot use prepared statements this way. There are rules to follow. So it just makes no sense to write something like this
$table = "my_table";
$where = "WHERE id = 1";
$sql = 'SELECT * FROM :table :where';
$stm = $db->prepare($sql);
$stm->execute(array(":table" => $table, ":where" => $where));
instead you should write this code
$sql = 'SELECT * FROM my_table WHERE id = ?';
$stm = $db->prepare($sql);
$stm->execute(array($id));
Besides, you cannot parameterize table and field names, so it's better to write them as is.
so i need to make one function per different requests, right?
Honestly - yes. It will spare you from A LOT of headaches.
public function UpdatePMS($data, $id)
{
$data[] = $id;
$sql = "UPDATE table SET f1 = ?, f2 = ? WHERE id = ?";
$stm = $this->db->prepare($sql);
$ret = $stm->execute($data);
return $ret;
}
which is going to be used like
$obj->UpdatePMS([$f1, $f2], $id);
here is my mysql code and equivalent pdo code i need to know what is wrong
$id = $_POST['id'];
$query1=mysql_query("SELECT Quantity,id FROM `yumyum`.`food` where `food`.`id` LIKE $id");
$r = array();
while($r = mysql_fetch_assoc($query1)) {
$output = $r['Quantity'];
echo $output;
$query2=mysql_query("UPDATE food SET Quantity = Quantity - 1 where `food`.`id` LIKE ".$r["id"]);
PDO code
$stmt = $db->prepare("SELECT * FROM yuymuym WHERE id=:id AND Quantity=:Quantity");
$stmt->execute(array($id, $Quantity));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC)
How about this. I don't know what $_POST['id'] is so you have to figure the rest youself. It updates every item with id in $ids array. So this updates items with id 1,2,3,4 and 5.
$db = new PDO('mysql:host=localhost;dbname=yumyum', 'username_here', 'password_here');
$ids = array(1,2,3,4,5);
foreach($ids as $id){
$stmt = $db->prepare("SELECT Quantity, id FROM `food` WHERE `food`.`id` = :id");
$stmt->bindParam(':id', $id);
$stmt->execute();
$row = $stmt->fetch();
if($row){
//uncomment to see $row content
//var_dump($row);
$rowId = (int)$row['id'];
$rowQuantity = (int)$row['Quantity'];
echo $rowQuantity;
$ustmt = $db->prepare("UPDATE `food` SET `Quantity` = `Quantity` - 1 WHERE `food`.`id` = :id");
$ustmt->bindParam(':id',$rowId);
$ustmt->execute();
}else{
var_dump($stmt->errorInfo());
}
}
But PDO basics:
Query (Works with select, insert, update, everything else):
$id = (int)$_POST['id'];
$else = $_POST['string'];
// Connect to database
$db = new PDO('mysql:host=HOST_HERE;dbname=DATABASENAME_HERE', 'USERNAME_HERE', 'PASSWORD_HERE');
// First we prepare our query
$stmt = $db->prepare("... WHERE `id` = :id AND `something` = :else");
// We bind values to our prepared query
$stmt->bindParam(':id',$id);
$stmt->bindParam(':else',$else);
// We execute our query
$success = $stmt->execute();
// If we want to fetch only one row:
$row = $stmt->fetch();
echo $row['id'];
// If we want to fetch all rows:
$rows = $stmt->fetchAll();
foreach($rows as $row){
echo $row['id'];
}
These are very basics, if you don't understand what is really happening here, you should learn some more.
I've an issue with a migration from a drupal 6 to 7 website. I'm a beginner in PHP and MySQL and I can't find a solution to my problem.
The code I'm struggling with is following:
$sql = "select ID_Speler from TB_Spelers where uid = ".$id;
$row = db_fetch_array(db_query($sql));
$speler = $row['ID_Speler'];
I always get a "Call to undefined function db_fetch_array()"
Any help is very much appreciated.
Use this in Drupal 7:
$query = db_select('field_data_field_order_no', 'fdfon');
$query->addField('fdfon', 'entity_id', 'nid');
$query->addField('fdfnt', 'field_notification_type_value', 'type');
$query->join('field_data_field_notification_type', 'fdfnt', 'fdfon.entity_id = fdfnt.entity_id AND (fdfon.bundle = :fdfon_bundle AND fdfnt.bundle = :fdfnt_bundle)', array(':fdfon_bundle' => "order_notification_type", ':fdfnt_bundle' => "order_notification_type"));
$query->condition('fdfon.field_order_no_value', $order_id)->orderBy('fdfnt.entity_id', 'asc');
$result = $query->execute();
while ($records = $result->fetchAssoc()) {
...
}
There's no db_fetch_array() in Drupal 7, the (almost) equivalent code would be
$sql = "select ID_Speler from TB_Spelers where uid = :uid";
$args = array(':uid' => $uid);
$row = db_query($sql, $args)->fetchObject();
$speler = $row->ID_Speler;
See the Database API docs for more info.
Try like that:
$sql = "select ID_Speler from TB_Spelers where uid = %d";
$query = db_query($sql, $id);
while ($records = db_fetch_array($query)) {
$spelers[] = $records['ID_Speler'];
}
print_r($spelers);