I currently have a mysql_query line that looks like this:
mysql_query("SELECT * from users WHERE id = '". $id1 ."' ") or die(mysql_error());
However, I want to select everything from users where id = $id1 OR $id2. How would I edit this line to do so?
I've thought about just having two copies of this line, one with $id1 and one with $id2. However, I'm sure that there is a more efficent way to accomplish this. I'm very new to SQL.
The answer is almost in your question. You should change the query into this:
mysql_query("SELECT * from users WHERE id = '". $id1 ."' OR id = '" . $id2. "'")
You should however not be using the mysql_* functions anymore, since they are deprecated. Use mysqli_* or PDO instead.
You can use the IN clause just like the example below.
SELECT * FROM employees WHERE id IN ( 250, 220, 170 );
Your query statement can be something like
$query = "SELECT * FROM users WHERE id IN('{$id1}','{$id2}')";
or,
$query = "SELECT * FROM usrs WHERE id = '{$id1}' or id = '{$id2}'";
mysql_* is officially deprecated, so use mysqli or PDO to query your statements.
Related
I have my code:
$db_date2;
$today2 = date("Y-m-d");
$sql1 = "SELECT * FROM todays_spend WHERE id =$user_id_session AND date=$today2";
$date_records = mysql_query($sql1);
while($today_trip=mysql_fetch_assoc($date_records)){
$db_date2 = $today_trip['date'];
}
echo $db_date2;
It is saying "Undefined variable: db_date2". When I remove the AND statement it works. Am I doing the AND statement wrong? the 'date' field in my database is also saved in the format Y-m-d.
also tried the single qoutes '' around the variables, still not working!
Actually it is using your variables as string in the query rather than their values so Just replace your code with the following:
$db_date2;
$today2 = date("Y-m-d");
$sql1 =
$sql1 = "SELECT * FROM todays_spend WHERE id ='".$user_id_session."' AND date='".$today2."'";
$date_records = mysql_query($sql1);
while($today_trip=mysql_fetch_assoc($date_records)){
$db_date2 = $today_trip['date'];
}
echo $db_date2;
For your variables, you'll need single quotes:
This:
$sql1 = "SELECT * FROM todays_spend WHERE id =$user_id_session AND date=$today2";
Should be:
$sql1 = "SELECT * FROM todays_spend WHERE id ='$user_id_session' AND date='$today2'";
You need to write single quote'' around your variable.
Write your query as below:-
$sql1 = "SELECT * FROM todays_spend WHERE id ='$user_id_session' AND date='$today2'";
Warning
mysql_* was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0.
Instead, the MySQLi or PDO_MySQL extension should be used
Hope it will help you :-)
while executing the below query i'm not getting sucess value
$name=qwe;
$result = mysql_query("SELECT *FROM USER WHERE name = $name");
Instead of above query if i put the below, I can able to get the appropriate ans:
$result = mysql_query("SELECT *FROM USER WHERE name = 'qwe'");
Can anyone give a solution for my first query??
Close the variable in quote and concatenate the string into query
$name= "qwe";
$result = mysql_query("SELECT *FROM USER WHERE name = '".$name."'");
one more note
please use mysqli for security purposes. Thanks
Use the following:
$result = mysql_query("SELECT *FROM USER WHERE name = '".$name."'");
P.S. I have not tested the above code but it should work.
select * from table_name where col_name = '".$variable."'
Directly use :
$name = 'qwe';
$result = mysql_query("SELECT * FROM USER WHERE name = '$name'");
And on more advise, you should never use mysql_* functions now as they have been deprecated in newer versions of PHP and will produce the notices.
I am having problems trying to get these queries with a WHERE clause to work. I have two tables which look like this :
What I am trying to do is return the genre that each film has. At the moment no data is returning at all from what I can see. Here are the two queries:
$film_id = $row_movie_list['film_id'];
mysql_select_db($database_fot , $fot);
$query_get_genre = "SELECT * FROM film_genre WHERE `id_film` ='". $film_id. "'";
$get_genre = mysql_query($query_get_genre, $fot) or die(mysql_error());
$row_get_genre = mysql_fetch_assoc($get_genre);
$totalRows_get_genre = mysql_num_rows($get_genre);
$genre_id = $row_get_genre['id_genre'];
mysql_select_db($database_fot , $fot);
$query_genre = "SELECT * FROM genre WHERE `id_genre` ='". $genre_id. "'";
$genre= mysql_query($query_genre, $fot) or die(mysql_error());
$row__genre = mysql_fetch_assoc($genre);
$totalRows_genre = mysql_num_rows($genre);
PHP with content area. I fairly new to PHP so any help would be appreciated.
<?php do { echo $genre['genre']; } while($row_get_genre = mysql_fetch_assoc($get_genre)); ?>
Update: I am now able to get first genre but not second it just echos the first one twice and I have tried but still no luck:
do {do { echo $row_genre['genre']; } while($row_genre = mysql_fetch_assoc($genre));} while($row_get_genre = mysql_fetch_assoc($get_genre)); ?>
Avoiding the fact that you're using a deprecated way to establish connection and interact with MySQL, what you're doing is getting a single relation genre-film and then getting the row of the genre that matches. You should surround part of your code with a while that executes while it's still genres of the film with id. Something like:
$film_id = $row_movie_list['film_id'];
mysql_select_db($database_fot , $fot);
$query_get_genre = "SELECT * FROM film_genre WHERE `id_film` ='". $film_id. "'";
$get_genre = mysql_query($query_get_genre, $fot) or die(mysql_error());
while($row_get_genre = mysql_fetch_assoc($get_genre)){
$genre_id = $row_get_genre['id_genre'];
$query_genre = "SELECT * FROM genre WHERE `id_genre` ='". $genre_id. "'";
$genre= mysql_query($query_genre, $fot) or die(mysql_error());
$row__genre = mysql_fetch_assoc($genre);
// You should do whatever you want to do with $row__genre here. Otherwise it will be cleared.
}
I must insist this is a deprecated and insecure way of communication with a MySQL Database. I recommend you read about MySQLi or PDO extensions.
MySQLi: http://www.php.net/manual/en/book.mysqli.php
PDO: http://www.php.net/manual/en/book.pdo.php
I am trying to get a value from database using the code below. I want to save the value in the variable category so I can give this as parameter to a function. The id is dynamically given. Is the code below correct? because when trying this nothing works...
$thecategory = mysql_query("SELECT TYPE FROM lists WHERE id =" . this.id);
The use of '$id' provides a little security against sql injection
$thecategory = mysql_query("SELECT `TYPE` FROM `lists` WHERE `id` ='$id'");
$associate = mysql_fetch_assoc($thecategory);
$TYPE = $associate['TYPE'];
Use mysql_result:
$thecategory = mysql_query("SELECT TYPE FROM lists WHERE id =" . $id); // changed $id
$type = mysql_result($thecategory, 0);
I suggest that you use PDO instead of mysql_* functions, they are deprecated.
Try:
$thecategory = mysql_query("SELECT TYPE FROM lists WHERE id =" . this->id);
I have a problem!
I need to get player_id knowing only the player name from one MySQL table with one php query.
My code is this:
$user = $_POST['user_search'];
$player_id = mysql_query("SELECT * FROM `".$prism_table_players."` WHERE player = '".$user."'");
$player_id_2 = mysql_fetch_array($player_id);
$player_id_3 = $player_id_2['player_id'];
I'm already connected to the MySQL database etc... I just need to get the player_id when I have only the player name.
If needed the table is structurated like this:
player_id player
3411 John
4012 Mark
I need to get the player_id when having just the player
For example I need to get 3411 when I send as html input the player "John"
Resolved guys, here the correct code for extract it:
$player_id = mysql_query("SELECT * FROM `".$prism_table_players."` WHERE player = '".$user."'");
$player_id_2 = mysql_fetch_row($player_id);
$player_id_3 = $player_id_2['0'];
First of all, you're application isn't safe. User input is directly put into query and this allows your user to destroy your database. Secondly, you're using mysql_* functions - it is not recommended, use mysqli_* or PDO instead. To get player_id from your array, you have to use:
$user = $_POST['user_search'];
$player_id = mysql_query("SELECT * FROM `".$prism_table_players."` WHERE player = '".$user."'");
$player_id_2 = mysql_fetch_row($player_id);
$player_id_3 = $player_id_2[0];
It would be better if you would use mysqli prepared statements.
You really should NOT use the mysql_* functions - they are deprecated. Use either MySQLi or PDO connection; I personally prefer PDO so I'll write this as PDO:
//just to demonstrate the connection part:
$dbh = new PDO("mysql:host=".DB_HOST.";dbname=".DB_NAME,DB_USER,DB_PASS);
//the important stuff
$stmt = $dbh->prepare("Select player_id from {$prism_table_players}
WHERE player = :player");
$stmt->execute(array("player" => $_POST['user_search']));
$entry = $stmt->fetch(PDO::FETCH_ASSOC);
$player_id = $entry['player_id'];
// try to execute below echo in phpmyadmin or mysql console
echo $query = "SELECT * FROM `".$prism_table_players."` WHERE player = '".$user."'"
$player_id = mysql_query($query);
You can use trim() for
$user = trim($_POST['user_search']);
or
// try to execute below echo in phpmyadmin or mysql console
echo $query = "SELECT * FROM `".$prism_table_players."` WHERE player LIKE '".$user."'"
$player_id = mysql_query($query);