My code is this:
<?php
echo "Test1";
$con=mysqli_connect("Removed");
$Amount=$_GET["Amount"];
$GetType=$_GET["Type"];
var_dump($GetType);
var_dump($Amount);
$sql_query = "SELECT * FROM EventRecord WHERE EventType='$GetType' ORDER BY EventId DESC";
$sql_result = mysqli_query($con,$sql_query)
or exit(mysqli_error($con));
while($sql_row = mysqli_fetch_assoc($sql_result)){
echo $sql_row['EventId'].'<br>';
}
mysqli_close($con);
?>
For some reason, when I go to http://www.example.com/MyPhp.php?Type=Join&Amount=10, all that is outputted is "Test1string(4) string(2)".
Note: I am aware of SQL Injection vulnerabilities, however they do not affect me specifically with this code. All table structure is correct.
Additionally, how would I make it echo the top rows, as determined by how large the EventId is, but echo only the top 2, or top 3, or top 7, or top any other number, depending on what $Amount is?
Replace
$sql_result = mysqli_query($con,$sql_query)
or exit(mysqli_error($con));
With
if(!($sql_result = mysqli_query($con,$sql_query))) {
exit(mysqli_error($con));
}
See :
PHP: mysqli::$error - Manual
and PHP: mysqli::query - Manual
How about using the LIMIT to display the first $Amount results from the database?
SELECT * FROM EventRecord WHERE EventType='$GetType' ORDER BY EventId DESC LIMIT 0, $Amount
Please correct me if I your question.
Related
I'm trying to get ORDER BY id DESC to work in this line of php but I can't get it to work. It works without it though but they just display in the opposite order. Where should I position it?
$query = mysql_query("SELECT * FROM photos ORDER BY id DESC WHERE title LIKE '%".$search."%'");
Update:
I've updated the php with your suggestion that works now thanks. I've also updated it to mysqli as suggested, could this be structured better in anyway? It is working, just wondered if anyone has any improvements?
<?php
$search = $_GET['search'];
$db = mysqli_connect("", "", "", "") or die ("could not connect to mysql");
$sql = "SELECT * FROM photos WHERE title LIKE '%".$search."%' ORDER BY id DESC";
$result = mysqli_query($db, $sql);
if(mysqli_num_rows($result) >=1) {
while ($row = mysqli_fetch_array($result)) {
echo"<div id='img_div'>";
echo"<img src='images/".$row['image']."'>";
echo"<h1>".$row['title']."</h1>";
echo"<p>".$date = date('j F, Y', strtotime($row['date']))."</p>";
echo"<p>".$row['link']."</p>";
echo"</div>";
}
//continue
}else{
echo "No Results";
}
?>
Your query is wrong. ORDER BY id DESC should be placed after the WHERE clause, like this:
$query = mysql_query("SELECT * FROM photos WHERE title LIKE '%".$search."%' ORDER BY id DESC");
Sidenote(s):
Don't use mysql_* functions, they are deprecated as of PHP 5.5 and are removed altogether in PHP 7.0. Use mysqli or pdo instead. And this is why you shouldn't use mysql_* functions.
Learn about prepared statement because right now your query is susceptible to SQL injection attacks. Here's a good read on how you can prevent SQL injection in PHP.
How would I go about displaying data from new to old? Right now it shows the oldest posts on top and each new post is placed underneath it.
<?php
require_once('connectimage.php');
$sql ="SELECT * FROM table WHERE id=1";
$res = mysqli_query($conn,$sql);
if(mysqli_num_rows($res) > 0){
while($row = mysqli_fetch_assoc($res)){
echo " ".$row['data']." ";
//newest post
//oldest post
}
}
else{
echo "fail";
}
mysqli_close($conn);
?>
Posting this as a community wiki; I've nothing to gain from this.
Read the manual on how to "order by", it's MySQL 101 stuff.
http://dev.mysql.com/doc/refman/5.7/en/order-by-optimization.html
It's all in there.
See also http://dev.mysql.com/doc/refman/5.7/en/sorting-rows.html
Btw, community wikis have no rep gain.
As you said:- How would I go about displaying data from new to old?
So you need to go for ORDER BY clause with sort order DESC like below:-
$sql ="SELECT * FROM table ORDER BY id DESC";
Note:-
I removed WHERE id = 1 part because it will give you only one record not all records.Thanks
I am getting the below error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'testing order by id'
Here is the main page..
echo "<div ><a href='secondpage.php?title=".urlencode($row['title'])."'>".wordwrap($row['title'], 35, "<br />\n", true)."</a></div>";
and here is the second page the error appearing on. the address bar reads http://localhost/secondpage.php?title=more+testing
<?php
$mydb = new mysqli('localhost', 'root', '', 'test');
$sql = "SELECT * FROM test where urlencode(title) =".$_GET['title']" order by id ";
$result = $mydb->query($sql);
if (!$result) {
echo $mydb->error;
}
?>
<div>
<?php
while( $row = $result->fetch_assoc() ){
echo $row['firstname'];
}
$mydb->close ();
?>
</div>
You want to use urldecode to decode the encoded string in your query:
$title = urldecode($_GET['title']);
$sql = "SELECT * FROM test where title = '$title' order by id";
I'm assuming you have a column named title in your test table. I don't think MySQL has urlencode function unless you have a procedure by that name which functions exactly like PHP's urlencode.
Update:
Thanks to #GeorgeLund, who pointed out the point of SQL Injection. Important topic which I missed earlier during answering your question. Please have a look at: https://www.owasp.org/index.php/SQL_Injection
For the very least please update your code to following:
$title = urldecode($_GET['title']);
$title = mysqli_real_escape_string($title); // Addition
$sql = "SELECT * FROM test where title = '$title' order by id";
$sql = "SELECT * FROM test where urlencode(title) ='".$_GET['title']."' order by id ";
Try like
$sql = "SELECT * FROM test WHERE urlencode(title) = ".$_GET['title']." ORDER BY id ";
You missed . leads syntax go away.
As far as I know SQL does not have function urlencode and why would you even want to urlencode the column name?
Also to store the encoded title string which is received from the last page you should decode the encoded title
So here is what I think you meant to do.
$sql = "SELECT * FROM test WHERE title = ".urldecode($_GET['title'])." order by id ";
Please try this code using urldecode
$sql = "SELECT * FROM test where title =".urldecode($_GET['title'])" order by id ";
Suppose I have code like that
$teachersql = mysql_query("SELECT * FROM `teacher` WHERE status = '2' ORDER BY name") or die(mysql_error());
while($teachers = mysql_fetch_array($teachersql))
{
echo "results";
}
But I have 100 results. I want only first 10 result in output. How? Please anybody help me now.
$teachersql = mysql_query("SELECT * FROM teacher
WHERE status = '2'
ORDER BY name
LIMIT 10")
The mandatory warning:
mysql_* is deprecated, use mysqli_* or PDO.
If you need 10 result in result set then you can make your code as below using limit.
$teachersql = mysql_query("SELECT * FROM `teacher` WHERE status = '2' ORDER BY name limit 10") or die(mysql_error());
or
if you want to fetch all rows and display only 10 result using while loop then you can use counter as below.
$cnt=0;
while($teachers = mysql_fetch_array($teachersql))
{
$cnt++;
echo "results";
if($cnt==10)
break;
}
Try:
SELECT * FROM teacher WHERE status = '2' ORDER BY name limit 10
i got a point system that are like people can upgrade to [PRO1] user. everyones rights(pro1,pro2,user) are stored in my mysql users table. But i want to make a little feed, that shows the latest one that upgraded to [PRO1]. the upgrade code:
$insert = "UPDATE `users` SET `points` = (`points`-50) WHERE `username` = '".$username."' and points > 50";
mysql_query($insert);
if (mysql_affected_rows() > 0)
{
// other codes
$insert = "UPDATE users SET rights=' [PRO1]' WHERE `username` = '".$username."'";
mysql_query($insert);
header('location: succesupgrade.php');
}else{
echo "You don't have enough points";
}
?>
the upgrade code works fine(just incase i need to add a time/date. and tha code for where i want the"'username' wast the last to upgrade to [PRO1]" is in this code:
<?php
require("dbc.php");
$query = mysql_query("select * from users WHERE rights='[PRO1]' order by right DESC limit 1") or die(mysql_error());
while($array = mysql_fetch_array($query)) {
echo "{$array['username']}<br>";
}
?>was the last to upgrade to:
<?php
require("dbc.php");
$query = mysql_query("select * from users WHERE rights='[PRO1]' order by rights DESC limit 1") or die(mysql_error());
while($array = mysql_fetch_array($query)) {
echo "{$array['rights']}<br>";
}
?>
But that code gives me this error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DESC limit 1' at line 1
order by right must be order by rights in the first query of the second code block.
That query is going to do nothing to tell you who the last user to upgrade to rights='[PRO1]'. That is just a string field. You would need some sort of datetime/timestamp field that is updated when the users rights change, by which you can make the sort.
You also don't need to do 2 queries. You have two queries doing the exact same thing.
Just do:
SELECT username FROM users WHERE rights='[PRO1]' ORDER BY update_timestamp DESC LIMIT 1
Where update_timestamp would be the field that is updated when the rights change.
The reason is because right is a used keyword, you need a back stroke to solve this :;
Like :
select * from `users` WHERE rights='[PRO1]' order by `rights` DESC limit 1