Related
I have a php code to import csv data into mysql. It works fine. The only problem is that it doesn't work if there is a single quote in the data. How can I solve this ?
$conn = mysqli_connect("localhost", "U16******", "***********", "DB16******");
if (isset($_POST["import"])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
fgetcsv($file, 10000, ",");
while (($column = fgetcsv($file, 10000, ",")) !== false) {
$sqlInsert = "INSERT into tblrabobank (IBAN_BBAN,Munt,BIC,Volgnr,Datum,Rentedatum,Bedrag,Saldo_na_rtn,Tegenrekening_IBAN_BBAN,Naam_tegenpartij,Naam_uiteindelijke_partij,Naam_initierende_partij,BIC_tegenpartij,Code,Batch_ID,Transactiereferentie,Machtigingskenmerk,Incassant_ID,Betalingskenmerk,Omschrijving1,Omschrijving2,Omschrijving3,Reden_retour,Oorspr_bedrag,Oorspr_munt,Koers)
values ('" . $column[0] . "','" . $column[1] . "','" . $column[2] . "','" . $column[3] . "','" . $column[4] . "','" . $column[5] . "','" . $column[6] . "','" . $column[7] . "','" . $column[8] . "','" . $column[9] . "','" . $column[10] . "','" . $column[11] . "','" . $column[12] . "','" . $column[13] . "','" . $column[14] . "','" . $column[15] . "','" . $column[16] . "','" . $column[17] . "','" . $column[18] . "','" . $column[19] . "','" . $column[20] . "','" . $column[21] . "','" . $column[22] . "','" . $column[23] . "','" . $column[24] . "','" . $column[25] . "')";
$result = mysqli_query($conn, $sqlInsert);
if (!empty($result)) {
$type = "success";
$message = "CSV Data geimporteerd in de database";
} else {
$type = "error";
$message = "Probleem met importeren CSV Data";
}
}
}
}
you should use PDO extension to mysql together with prepared statement rather than concatenation to build the query, that will handle the single quote issue and will protect your code against SQL injections.
Something like this :
$stmt = $dbh->prepare("INSERT INTO tblrabobank (IBAN_BBAN,Munt,BIC,Volgnr,Datum,Rentedatum,Bedrag,Saldo_na_rtn,Tegenrekening_IBAN_BBAN,Naam_tegenpartij,Naam_uiteindelijke_partij,Naam_initierende_partij,BIC_tegenpartij,Code,Batch_ID,Transactiereferentie,Machtigingskenmerk,Incassant_ID,Betalingskenmerk,Omschrijving1,Omschrijving2,Omschrijving3,Reden_retour,Oorspr_bedrag,Oorspr_munt,Koers) VALUES (:iban, :munt, ...........)");
$stmt->bindParam(':iban', $column[0]);
$stmt->bindParam(':munt', $column[1]);
[.....]
$stmt->execute();
check this page for more details https://www.php.net/manual/en/pdo.prepared-statements.php
You can try something like this..
<?php
$dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
if (isset($_POST["import"])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
fgetcsv($file, 10000, ",");
$dataToInsert = [];
$columns = explode(',','IBAN_BBAN,Munt,BIC,Volgnr,Datum,Rentedatum,Bedrag,Saldo_na_rtn,Tegenrekening_IBAN_BBAN,Naam_tegenpartij,Naam_uiteindelijke_partij,Naam_initierende_partij,BIC_tegenpartij,Code,Batch_ID,Transactiereferentie,Machtigingskenmerk,Incassant_ID,Betalingskenmerk,Omschrijving1,Omschrijving2,Omschrijving3,Reden_retour,Oorspr_bedrag,Oorspr_munt,Koers');
while (($column = fgetcsv($file, 10000, ",")) !== FALSE) {
$sql = "INSERT INTO tblrabobank (".implode(',', $columns).") VALUES (";
foreach($column as $key => $value){
$dataToInsert[":".$columns[$key]] = $value ?? null;
}
$sql .= "(".implode(',',array_keys($dataToInsert)).")";
$stmt = $dbh->prepare($sql);
foreach($dataToInsert as $key => $value){
$stmt->bindParam($key, $value);
}
if($stmt->execute()){
$type = "success";
$message = "CSV Data geimporteerd in de database";
} else {
$type = "error";
$message = "Probleem met importeren CSV Data";
}
}
$stmt->execute();
}
}
?>
In the above code snippet,
you can make an array of the given columns, and attach each value to a 2D array with keys made of the columns and their corresponding values from csv.
The append each column to the sql statement, using array_keys and bing each value.
This is scalable for small dataset but with huge number of columns.
For a large number of data set, sql queries will be multiple. You should consider in mind that too.
Source:
https://www.php.net/manual/en/pdostatement.execute.php (execute statement of PDO)
https://www.php.net/manual/en/pdostatement.bindparam.php (binding a parameter)
https://www.php.net/manual/en/pdo.connections.php (how to make and use connections in PDO)
I want to upload a csv file in my database. If a cell of the csv file is empty i want to set the value = 0 because it gives error Undefined offset. i tried to check the values in a for loop but it does not works.
$msg = 0;
if (isset($_POST['import'])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
$i = 0;
while (($column = fgetcsv($file)) !== FALSE) {
if ($i > 0) {
if (!empty($column[0])){
//$insertdate = date("Y-m-d", strtotime(str_replace('/', '-', $column[3])));
$sql = "INSERT into tab1 (country,jan,feb,mar,apr,may,jun,jul,aug,sep,oct,nov,dece)
values ('" . $column[0] . "','" . $column[1] . "','" . $column[2] . "','" . $column[3] . "','" . $column[4] . "','" . $column[5] . "','" . $column[6] . "','" . $column[7] . "','" . $column[8] . "','" . $column[9] . "','" . $column[10] . "','" . $column[11] . "','" . $column[12] . "')";
$result = mysqli_query($conn, $sql);
if (isset($result)) {
$msg++;
}
}
}
$i++;
}
}
}
I'll update your code for add this section :
if( count($column) < 13 ){
$tmpI = count($column);
while( $tmpI < 14 ){
$column[$tmpI] = 0;
$tmpI++;
}
}
The code check if you have 13 elements in your array, if not create the missing key with the value 0.
$msg = 0;
if (isset($_POST['import'])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
$i = 0;
while (($column = fgetcsv($file)) !== FALSE) {
if ($i > 0) {
if (!empty($column[0])){
if( count($column) < 13 ){
$tmpI = count($column);
while( $tmpI < 14 ){
$column[$tmpI] = 0;
$tmpI++;
}
}
//$insertdate = date("Y-m-d", strtotime(str_replace('/', '-', $column[3])));
$sql = "INSERT into tab1 (country,jan,feb,mar,apr,may,jun,jul,aug,sep,oct,nov,dece)
values ('" . $column[0] . "','" . $column[1] . "','" . $column[2] . "','" . $column[3] . "','" . $column[4] . "','" . $column[5] . "','" . $column[6] . "','" . $column[7] . "','" . $column[8] . "','" . $column[9] . "','" . $column[10] . "','" . $column[11] . "','" . $column[12] . "')";
$result = mysqli_query($conn, $sql);
if (isset($result)) {
$msg++;
}
}
}
$i++;
}
}
}
I wrote a code that imports data from a CSV file into the database. However, I have a problem with setting charset on cp1250. When I use Polish characters in the database I see strange characters. I tried to use the SET NAMES function, but it does not work - any ideas?
<?php
$conn = mysqli_connect("localhost", "b", "c", "d");
if (isset($_POST["import"])) {
$fileName = $_FILES["file"]["tmp_name"];
if ($_FILES["file"]["size"] > 0) {
$file = fopen($fileName, "r");
while (($column = fgetcsv($file, 10000, ",")) !== FALSE) {
$sqlInsert = "INSERT INTO evdb_Historia_Aktualizacja(ID,Imie_I_Nazwisko,Suma_Brutto_Przejazdy,Suma_Netto_Przejazdy,Gotowka_Przejazdy_Uber,Brutto_UberEats,Netto_UberEats,VAT_UberEats,Netto_Gotowka,Bonusy_Dodatki,Napiwki_Brutto,Napiwek_18,Napiwek,Dodatki_UberEats,Ilosc_Dni,Prowizja_Evelstar,Kwota_Po_Prowizji_Evelstar,VAT_Przejazdy,Faktury_Brutto,Faktury_Netto,VAT_Faktury,VAT_Nalezny,Suma_Bez_Skladek,Rodzaj_Umowy,Kwota_Skladek,Potracenia_Reczne,Potracenia_Stale,Przelew_Przewoz,Przelew_UberEats,Data_Od,Data_Do,Login)
values ('" . $column[0] . "','" . $column[1] . "','" . $column[2] . "','" . $column[3] . "','" . $column[4] . "','" . $column[5] . "','" . $column[6] . "','" . $column[7] . "','" . $column[8] . "','" . $column[9] . "','" . $column[10] . "','" . $column[11] . "','" . $column[12] . "','" . $column[13] . "','" . $column[14] . "','" . $column[15] . "','" . $column[16] . "','" . $column[17] . "','" . $column[18] . "','" . $column[19] . "','" . $column[20] . "','" . $column[21] . "','" . $column[22] . "','" . $column[23] . "','" . $column[24] . "','" . $column[25] . "','" . $column[26] . "','" . $column[27] . "','" . $column[28] . "','" . $column[29] . "','" . $column[30] . "','" . $column[31] . "')";
$result = mysqli_query($conn, $sqlInsert);
if (! empty($result)) {
$type = "success";
$message = "CSV Data Imported into the Database";
} else {
$type = "error";
$message = "Problem in Importing CSV Data";
}
}
}
}
?>
I searched many stackoverflow questions it didn't help
I want to increment id by fetching last id from MySQL table.
I don't want to do auto increment in MySQL table because already one column is auto incremented.
<?php
include 'db.php';
$created = date('Y-m-d H:i:s');
//$json_data = array();
$message = array();
$error = array();
if ($_GET['vendor_id'] == "") {
$message[] = array("message" => "Values Empty");
} else {
$result = mysqli_query("SELECT loo_id FROM loo_list ORDER BY loo_id DESC LIMIT 1");
if ($result) {
$order_array = mysqli_fetch_assoc($result) or die(mysqli_error());
//echo $order_array['loo_id'];
}
$loo_id = $order_array['loo_id'] + 1;
$sql = "insert into loo_list(loo_id,name,address,geolocation,price,facility_category,facilities,count,accessbility,image,type,category,created_vendor,days,timings,terms_conditions,vendor_approval,created,warning,url,user_ids,overall,admin_approval,updated)values('" . $loo_id . "','" . $_GET['loo_name'] . "','" . $_GET['address'] . "','" . $_GET['loo_location'] . "','" . $_GET['price'] . "','" . $_GET['facility_category'] . "','" . $_GET['facilities'] . "','" . $_GET['count'] . "','" . $_GET['accessbility'] . "','" . $_GET['image'] . "','Offerers','" . $_GET['category'] . "','" . $_GET['vendor_id'] . "','" . $_GET['days'] . "','" . $_GET['timings'] . "','" . $_GET['terms_conditions'] . "','1','" . $created . "','0','','" . $_GET['user_ids'] . "','" . $_GET['overall'] . "','1','" . $created . "')";
$res1 = mysqli_query($db, $sql) or die(mysqli_error());
$message[] = array("message" => "success");
}
$json_data = array("result" => $message);
echo json_encode($json_data);
?>
Try this code.
if(trim($order_array['loo_id']) === ''){
$loo_id = 1;
}else{
$loo_id = intval($order_array['loo_id']) + 1;
}
I create a script to convert my mysql database to a postgres database
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$psql = "
INSERT INTO subscriptions_sub (id,cust_id,tarrif_id,des,datetime_created,datetime_modified,credit,credit_limit,status,date_start,date_end,backoffice_userref,backoffice_deleted,backoffice_createdon,backoffice_createdby, backoffice_updatedon,backoffice_updatedby,backoffice_administration,backoffice_readonly,backoffice_order,backoffice_dummy)
VALUES('" .(int) $row["subscription_id"] . "','" . (int) $row["customer_id"] . "','" . (int) $row["tariffplan_id"] . "','" . $row["description"] . "',NULLIF('" . $row["datetime_created"] . "','0000-00-00 00:00:00')::timestamp,NULLIF('" . $row["datetime_modified"] . "','0000-00-00 00:00:00')::timestamp,'" . (int) $row["credit"] . "','" . (int) $row["credit_limit"] . "','" . $row["status"] . "',NULLIF('" . $row["date_start"] . "','')::timestamp,NULLIF('" . $row["date_end"] . "','')::timestamp,'" . (int) $row["backoffice_userref"] . "','" . (int) $row["backoffice_deleted"] . "',NULLIF('" . $row["backoffice_createdon"] . "','0000-00-00 00:00:00')::timestamp,'" . (int) $row["backoffice_createdby"] . "',NULLIF('" . $row["backoffice_updatedon"] . "','0000-00-00 00:00:00')::timestamp,'" . (int) $row["backoffice_updatedby"] . "','" . (int) $row["backoffice_administration"] . "','" . (int) $row["backoffice_readonly"] . "','" . (int) $row["backoffice_order"] . "','" . (int) $row["backoffice_dummy"] . "');
";
print_r($row);
$ret = pg_query($db, $psql);
if(!$ret){
echo pg_last_error($db);
} else {
echo "Records created succesfully\n";
}
When I run it I get this error:
invalid input syntax for type timestamp: "" in /home/ruud/Database2.php on line 38
ERROR: invalid input syntax for type timestamp: ""root#149-210-204-94:/home/ruud#
datetime_created and datetime_modified are from type TIMESTAMP
date_start and date_end are from type DATE
backoffice_createon and backoffice_update on are from type DATETIME
I cant seem to find out where I'm making a error.