I generate below query through php
$sql .= "Select * from test";
$sub_sql = '';
foreach($value as $n_k => $n_v)
{
switch($n_v)
{
case '1':
$sub_sql .= " OR (id = 1 )";
break;
case '2':
$sub_sql .= " OR (category = 4) ";
break;
case '3':
$sub_sql .= " OR (location = 'U.S.') ";
break;
}
}
if($sub_sql != '')
{
$sql .= " where ( 0 ".$sub_sql." ) ";
}
$sql .= "GROUP BY id ORDER BY stored_date DESC LIMIT 0, 5 ";
But as you'll can see where $subsql is concatenated to $sql, that part looks really messy. Evn though it works fine but it looks really poor. Can anyone pls help me with this?
How about adding the conditions to the sql?
Something like:
Select * from test where a=1
AND
(
($n_v = 1 AND id = 1)
OR
($n_v = 2 AND category = 4)
OR
($n_v = 3 AND location = 'U.S.')
)
Is this a simplified example? Because I see no reason not to simplify it like this:
$sql .= "Select * from test where a=1";
foreach($value as $n_k => $n_v)
{
switch($n_v)
{
case '1':
$sql .= " AND (id = 1 )";
break;
case '2':
$sql .= " AND (category = 4)";
break;
case '3':
$sql .= " AND (location = 'U.S.')";
break;
}
}
$sql .= " ORDER BY stored_date DESC LIMIT 0, 5 ";
Note, that I removed the GROUP BY from your statement. You shouldn't use it, if you don't use aggregate functions. Group by collapses group of rows and displays random rows from each group. If you have a need to remove duplicate rows, consider to use the DISTINCT keyword in the SELECT clause.
UPDATE:
Your new version can be shortened like this:
$sql .= "Select * from test";
foreach($value as $n_k => $n_v)
{
switch($n_v)
{
case '1':
$sql .= " where (id = 1 ) ";
break;
case '2':
$sql .= " where (category = 4) ";
break;
case '3':
$sql .= " where (location = 'U.S.') ";
break;
}
}
$sql .= " GROUP BY id ORDER BY stored_date DESC LIMIT 0, 5 ";
Basically it comes down to this. If you have to add multiple AND conditions, you always add a WHERE 1=1 (if you have no other fix (non-dynamic) conditions) to the query. It doesn't change anything, the optimizer will throw it away again. But you can easily append as many conditions as you want. That's what I did in my original answer before your edit. Note though, that you can not just append OR whatever = true when you are mixing AND and OR conditions. You will have to use parantheses to not get a false resultset. This is where your (0 OR ...) thing comes from. Since you only have 1 condition, there's no need at all for all I said right now. Just add it as WHERE whatever = true and that's it.
Related
In the following example there is a base query. Other parameters can be dynamically added to complete the query.
However, my base query has no clause WHERE.
What is the best way to deal with it.
If I use in the base query, for example, WHERE 1 = 1, it seems to solve, but I have some doubts that is a correct solution.
$myQuery = "SELECT fr.oranges, fr.aplles, fr.bananas,
FROM fruits fr
LEFT JOIN countrys ct ON fr.id_fruit = ct.id_fruit";
if(!empty($countrys){
$myQuery .= " AND countrys = ? ";
}
if(!empty($sellers){
$myQuery .= " AND seller = ? ";
}
$myQuery .=" GROUP BY fr.id_fruit ORDER BY fr.fruit ASC";
Edited: I fixed a writing gap from $empty to empty.
The WHERE 1=1 is a simplistic hack that works well because it simplifies your code. There is a great post here which explains the performance implications of WHERE 1=1. The general consensus is it will have no effect on performance.
Also, slight note ($empty) is probably not a function you've defined. I think you want empty(). You could write it like this:
$myQuery = "SELECT fr.oranges, fr.aplles, fr.bananas,
FROM fruits fr
LEFT JOIN countrys ct ON fr.id_fruit = ct.id_fruit";
$where = [];
if(!empty($countrys){
$where[] = "countrys = ?";
}
if(!empty($sellers){
$where[] = "seller = ?";
}
if (!empty($where)) {
$myQuery .= " WHERE " . implode(" AND ", $where);
}
$myQuery .= " GROUP BY fr.id_fruit ORDER BY fr.fruit ASC";
You can use an array to control your SQL like this:
$where = [];
if(!$empty($countrys){
$where[] = " countrys = ? ";
}
if(!$empty($sellers){
$where[] = " seller = ? ";
}
if(count($where) > 0) {
$myQuery .= " WHERE ".implode('AND', $where);
}
I'm trying to filter through my database according to filters done by visitors.
$query = "select * from Sheet1 where";
//filter query start
if (!empty($brand)) {
$branddata = implode("','", $brand);
//testing removing query
$query .= " Brand in('$branddata') and";
}
if (!empty($model)) {
$modeldata = implode("','", $model);
//testing removing query
$query .= " Model in('$modeldata') and";
}
/* if(!empty($model) && empty($brand)){
} */
if (!empty($spower) && !empty($epower)) {
$query .= " Power>='$spower' and Power<='$epower' and";
}
if (!empty($sprice) && !empty($eprice)) {
$query .= " Doors>='$sprice' and Doors<='$eprice'";
}
$rs = mysqli_query($conn, $query) or die("Error : " . mysqli_error($conn));
The result I wish to get is a sql query that works and has correct syntax. Such as select * from Sheet1 where Doors>='$sprice' and Doors<='$eprice', if the visitor is filtering by price.
Currently, my code is made so that it simply adds a certain string to the variable. This means that if you don't filter by model, it skips model, because the model variable is empty. The problem comes to if you filter by power, the SQL will become select * from Sheet1 where Power>='$spower' and Power<='$epower' and. Obviously this doesn't work, so I need help in making the code make sure it works for every combination of filters.
Append $query .= " 1 = 1"; at the end. I did some modification in your given code. Have a look.
<?php
$query = "SELECT * FROM `Sheet1` WHERE";
//filter query start
if(!empty($brand)){
$branddata = implode("','",$brand);
$query .= " (Brand in('$branddata')) AND";
}
if(!empty($model)){
$modeldata = implode("','",$model);
$query .= " (Model in('$modeldata')) AND";
}
if(!empty($spower) && !empty($epower)){
$query .= " (Power>='$spower' AND Power<='$epower') AND";
}
if(!empty($sprice) && !empty($eprice)){
$query .= " (Doors>='$sprice' AND Doors<='$eprice') AND"; //Added 'AND'
}
$query .= " 1 = 1"; //Added new line
$rs = mysqli_query($conn,$query) or die("Error : ".mysqli_error($conn));
?>
Add AND on each query appended in if conditions. Then, at last add $query .= " 1 = 1";. Which will save you from extra AND coming at the end. If none of the conditions satisfy, then your query will be SELECT * FROM Sheet1 WHERE 1 = 1. Simple. And, don't forget to differentiate between conditions in query. Differentiate your conditions like how I did by opening and closing brackets.
I would do it this way
$filters=array();
if(!empty($brand)){
$branddata =implode("','",$brand);
//testing removing query
$filters[]= " Brand in('$branddata')";
}
if(!empty($model)){
$modeldata =implode("','",$model);
//testing removing query
$filters[]= " Model in('$modeldata') and";
}
if(!empty($spower) && !empty($epower)){
$filters[]= " Power>='$spower' and Power<='$epower' and";
}
if(!empty($sprice) && !empty($eprice)){
$filters[]= " Doors>='$sprice' and Doors<='$eprice'";
}
$query = "select * from Sheet1 where";
foreach ($filters as $filter) {
$query.=' AND '.$filter;
}
$rs = mysqli_query($conn,$query) or die("Error : ".mysqli_error($conn));
I want to show database records ordered by Datetime or Price when users click on links sort by Datetime or sort by Price. Should I add a condition into the query ?
$sql = "SELECT p.title AS Title, p.date_published) AS Datetime , p.price AS Price, c.name AS Category FROM products p
INNER JOIN categories c
ON c.id = p.category
INNER JOIN brands b
ON b.id = p.brand
.
.
.
";
if (isset($_GET['search'])){
$locations = array();
$getters = array();
$queries = array();
foreach($_GET as $key => $value) {
.
.
.
}
if (!empty($brands)) {
$brd_q = implode(",",$brands);
}
if(!empty($getters)) {
foreach($getters as $key => $value){
${$key} = $value;
switch($key) {
case 'search':
array_push($queries, "(p.title LIKE '%$search%' || p.description LIKE '%$search%' || p.number LIKE '%$search%')");
break;
case 'scategory':
array_push($queries, "p.category = $scategory");
break;
case 'sbrands':
array_push($queries, "p_brd.brand_id IN ($brd_q)");
break;
.
.
.
}
}
}
if(!empty($queries)) {
$sql .= " WHERE ";
$i=1;
foreach($queries as $query) {
if ($i < count($queries)) {
$sql .= $query." AND ";
}else{
$sql .= $query;
}
$i++;
}
}
$sql .= " ORDER BY Datetime DESC";
}
You already have this clause:
$sql .= " ORDER BY Datetime DESC";
All you need, is to add ordering parameter to your query, say $_GET['order'] as integer index(1-based) in your whitelist orders where sign points to order direction.
$orders = ['Datetime', 'Price'];
if (empty($_GET['order'])) $_GET['order'] = -1; // set default order
$index = abs($_GET['order'])-1;
$ord = isset($orders[$index]) ? $orders[$index] : $orders[0];
$direction = $_GET['order'] > 0 ? 'ASC' : 'DESC';
$sql .= " ORDER BY {$ord} {$direction}";
In simple way you can use if else condition for sort query only. According to your condition like this.
$sql = "Rest of the Query..";
if($_GET['order'] == 'price') {
$sql .= " ORDER BY Price DESC";
} else {
$sql .= " ORDER BY Datetime DESC";
}
When user click Sort by Price or Datetime then query will executed as per the condition.
(Or)
You can update query case condition like below example.
ORDER BY
CASE WHEN "price" = $_GET['order'] THEN price END DESC,
CASE WHEN "datetime" = $_GET['order'] THEN datetime END DESC
(or)
ORDER BY
CASE $_GET['order']
WHEN "price" THEN price END DESC,
WHEN "datetime" THEN datetime END DESC
etc...
Whatever you choose booth will be same performance and efficiency.
Hi I'm using PHP to try and retrieve data from a database while looping through an array inside the in statement like this.
$sql2 = "SELECT * FROM pixacour_pixacourt.UserCaseMessages WHERE FavorIDs IN (" ;
$count = 0;
foreach($followingArray as $value)
{
if($count==count($followingArray)-1)
{
$sql2 .= "LIKE";
$sql2 .= "%'".$value."'%";
}
else
{
$sql2 .= "LIKE";
$sql2 .= "%'".$value."'%,";
}
++$count;
}
$sql2 .= ")";
I get this error, that says
"trying to get property of non object"
I can't figure out what is going on any suggestions would be much appreciated thank you for your time.
You should not be using LIKE in an IN clause but you do need to comma delimit elements. No need to keep track of the count, either. foreach will cease when the array has been traversed and you can trim off the trailing comma.
$sql2 = "SELECT * FROM pixacour_pixacourt.UserCaseMessages WHERE FavorIDs IN (" ;
foreach($followingArray as $value)
{
$sql2 .= "'".$value."', ";
}
$sql2 = rtrim($sql2,',');
$sql2 .= ");";
If this fails, like Gordon says, echo $sql2 and the syntax error will probably be clear.
If you do indeed need to use LIKE and wildcard matching, you could append multiple OR clauses, one for each $value.
$sql2 = "SELECT * FROM pixacour_pixacourt.UserCaseMessages WHERE " ;
$whereClause = "";
foreach($followingArray as $value)
{
$whereClause .= " OR FavorIDs LIKE '%".$value."%' ";
}
$whereClause = ltrim($whereClause, " OR");
$sql2 .= $whereClause . ";";
UPDATE 1/9/15
I realized there's a bug in this code in that when $followingArray is empty, we'd receive a MySQL syntax error because the query ends with "WHERE". Here's a new version which resolves that bug:
$sql2 = "SELECT * FROM pixacour_pixacourt.UserCaseMessages" ;
if(count($followingArray) >= 1) {
$sql2 .= " WHERE";
}
$whereClause = "";
foreach($followingArray as $value)
{
$whereClause .= " OR FavorIDs LIKE '%".$value."%' ";
}
$whereClause = ltrim($whereClause, " OR");
$sql2 .= $whereClause . ";";
I need to set up a SQL query with multiple parameters that are being pulled from the URL. So far I can only get it to work with the there is only one item in the URL.
My default query to pull in all the content
$sql = "SELECT ";
$sql .= "* ";
$sql .= "FROM ";
$sql .= "cms_site_content ";
$sql .= "WHERE ";
$sql .= "1";
I then check if anything was passed through the URL and retrieve it.
if (isset($_GET["d"])) {
$d=$_GET["d"];
Inside the if statement, I break the values passed as "d" into separate items
$newD = explode(',',$d);
$countD = count($newD);
foreach($newD as $discipline) {
if ($countD == 1) {
$sql .= " AND";
$sql .= " discipline='".$discipline."'";
}
My problem is getting the SQL to work if there is more than one discipline value. It should read something like this:
SELECT * FROM cms_site_content WHERE 1 AND discipline="value"
however if there's more than one discipline value, it should read:
SELECT * FROM cms_site_content WHERE 1 AND discipline="value OR discipline="value2" OR discipline="value3"
Is there a more efficient way to write this? I can't figure out how to insert the OR into the foreach statement.
Save all discipline values in an array;
$discipline_arr = array();
foreach($newD as $discipline) {
$discipline_arr[] = $discipline;
// by the way, don't forget to escape for sql injection
// mysql_escape_string is the depracated one, u can use that if u have no
// other choice
}
Then in your sql, add them as discipline in ('value1','value2', 'etc ...') condition (that is for strings, for numeric types it would be like discipline in (1,2,3,4, etc)
$sql = " SELECT * FROM cms_site_content WHERE 1 " .
(empty($discipline_arr) ? "" : "and
discipline in ('". implode("','" , $discipline_arr). "') ") ;
Link to escaping
http://tr1.php.net/manual/en/function.mysql-escape-string.php
Assuming the rest of your query is in tact. Simply store all of your discipline values in an array as follows, then feed the $discipline_string to your $sql query:
$discipline_ary = array('option1', 'option2', 'option3');
$discipline_string = "";
for($i=0; $i < count($discipline_ary); $i++){
$discipline_string .= " discipline = '" . $discipline[$i] . "' ";
if($i+1 == count($discipline_ary)){
break;
}else{
$discipline_string .= " OR "
}
}