I have this query
$DB->query("SELECT id FROM tfilter WHERE '". $Properties['Title'] ."' LIKE CONCAT('%', filter, '%')");
I need it to do so that the scrip dies if it gets a result, right now i have this :
if($DB->record_count() != 0) {
$Err = '<b>This cant be uploaded</b>';
include(SERVER_ROOT . '/sections/upload/upload.php');
die();
if($DB->record_count() != 0) {
Should this be something els? Because it dosnt die, even though i KNOW its got a result
This query looks like this in the phpscript. Its part of a bigger site
$DB->query("SELECT id FROM tfilter WHERE '". $Properties['Title'] ."' LIKE CONCAT('%', filter, '%')");
if($DB->record_count() != 0) {
$Err = '<b>This cant be uploaded</b>';
include(SERVER_ROOT . '/sections/upload/upload.php');
die();
$Properties['Title'] = String from the upload script that contains the titel.
$DB is the call til mysql
filter = the row in mysql
tfilter = the database name
WHAT DO I NEED:
I need the php to search the the tabel TFILTER in the row FILTER for matches to $Properties['Title'] and if it finds any then DIE. If the string: The.White.Tiger. exist in FILTER row, og the $Properties['Title'] contains The.White.Tiger.In.The.Yard, the the php should DIE.
I think your query needs to be (repace the single quotes around $Properties['Title'] with backtick):
$DB->query("SELECT id FROM filter WHERE `". $Properties['Title'] ."` LIKE CONCAT('%', filter, '%')");
Also, you don't need to use the concat function to prepend and append % character, you can simply use it as follows:
$DB->query("SELECT id FROM filter WHERE `". $Properties['Title'] ."` LIKE '%{$filter}%'");
could you not use
rowCount() ?
so it should look something like this:
$stmt = $DB->query("SELECT id FROM tfilter WHERE '". $Properties['Title'] ."' LIKE CONCAT('%', filter, '%')");
$numrows=$stmt->rowCount();
$error= $stmt->errorInfo();
echo $error[2];
if($numrows) {
$Err = '<b>This cant be uploaded</b>';
include(SERVER_ROOT . '/sections/upload/upload.php');
die();
Related
I build my query like this:
foreach($ids as $key => $idi) {
$ids[$key] = "'" . $idi . "'";
};
$ids_imploded = implode(", ", $ids);
$sql = "SELECT record_id, email FROM `actions_attendees` WHERE `action_id` IN (" . $ids_imploded . ") AND `backup` = 1 ORDER BY `timestamp` ASC LIMIT " . count($ids) . ";";
$result = mysqli_query($con, $sql);
Where $ids is just array of few numbers (so the $ids_imploded = "'132', '165'").
When I run the generated query in phpMyAdmin, I get what I want. When I run it from PHP, it returns just object with nulls. Why?
I doesn't work neither if I remove the escaping loop.
EDIT: generated query is echoed like
SELECT record_id, email FROM `actions_attendees` WHERE `action_id` IN ('1614', '1615') AND `backup` = 1 ORDER BY `timestamp` ASC LIMIT 2;
The problem could be that you are querying the wrong database, try select a db first, try executing this before the query :
mysql_select_db('yourdb');
Is the result of your query true ? Check your connection object, it seems like you are not on the right database.
It appears that the query was indeed working even in PHP, but later when I was processing the results, intellisense tricked me and I was using mysql_fetch_assoc instead of mysqli_fetch_assoc...
its my first post and I have a problem with a PHP search.
Here,
$searchq = $_POST['searchq'];
so far when a single word is supplied for searchq like naresh, google, lamgade then it search in a db but when there is a multiple search like
naresh lamgade at a same time then there is error for these word because it only search in a first_name column and what i want to search naresh in a first_name column and lamgade in a last_name column
Here is the code
<pre> $searchq = $_POST['searchq'];
$conn = mysqli_connect('localhost','root','','std_info') or die("Cant' Connect to db");
$query = mysqli_query($conn,"select * from student_details where first_name like '%$searchq%' or last_name like '%$searchq%'");
$count = mysqli_num_rows($query);
if($count == 0) {
echo "<br>";
echo "Can't find, try entering only first name or last name";
}
else {
do something`</pre>
}
The problem is
In a search bar, when i try entering naresh lamgade and search then
searchq =naresh+lamgade
and it search in both first_name and last_name column with a naresh+lamgade so there is no result.
I want to know , how to break these two words and search in a different column with these words.
The problem is
In a search bar, when i try entering naresh lamgade and search then
searchq =naresh+lamgade"
I guess that you put the textfield inside a form without method="post".
If you did, try like this in searchq:
... WHERE first_name LIKE "'%'.$searchq.'%'" or last_name like "'%'.$searchq.'%');
Use explode to split query.
Also your code is dangerous. Use mysqli_escape_real_string to escape special characters in a query:
<?php
$searchq = explode(" ", $_POST['searchq']);
$conn = mysqli_connect('localhost', 'root', '', 'std_info') or die("Cant' Connect to db");
$query = mysqli_query($conn, "select * from student_details where (first_name like '%" . mysqli_real_escape_string($searchq[0]) . "%' OR first_name like '%" . mysqli_real_escape_string($searchq[1]) . "%') OR (last_name like '%" . mysqli_real_escape_string($searchq[1]) . "%' OR last_name like '%" . mysqli_real_escape_string($searchq[0]) . "%'");
$count = mysqli_num_rows($query);
if ($count == 0)
{
echo "
";
echo "Can't find, try entering only first name or last name";
}
else
{
do something`
Thanks everyone for the answer but I have used this query and it's working perfectly as I wanted.
$query = mysqli_query($conn, "SELECT * FROM student_details WHERE CONCAT(first_name,' ',last_name) like '%$searchq%'");
I am trying to write a simple search function that reads in a string $query.
my question is, can I use multiple ORs in a select statement? I am trying to search one string to see if it matches many column values, then print those rows.
function search($query) {
try {
$db = db_open();
$sql = "select * from pms where (name like :query) or (state like :query) or
(start like :query) or (finish like :query) ";
$statement = $db->prepare($sql);
$statement->bindValue(':query', $query);
$statement->execute();
$pms = $statement->fetchAll();
} catch(PDOException $e) {
die("Error: ".$e->getMessage());
}
return $pms;
}
This is not working, except when i search for a state.
Thanks
For sure.
SELECT * FROM pms WHERE (name LIKE :query) OR (start LIKE :query) OR (finish LIKE :query)
Should work just fine.
1) use backtick in table nam eand column names.
2) use bracket for each or for more clear understanding
3)if you are not using binding then use wildcat (%) with quotes .
try like this:
$sql = "select * from `pms`
where (`name` like '%query%')
OR (`state` like '%query%')
OR (`start` like '%query%')
OR (`finish` like '%query%') ";
I'm trying to select all the rows from my database, where 'street' is LIKE the contents from an array ($streets).
Here's what I have...
#TEXT AREA INPUT = $streets
$sql = "SELECT * FROM `data` WHERE `street` LIKE '%".implode("%' OR `street` LIKE '%",$streets)."%'";
echo $sql;
$result = mysqli_query($con,$sql) or die(mysql_error());
$totalitems1 = mysqli_num_rows($result);
echo $totalitems1 . "<br>";
while($row = mysqli_fetch_array($result))
{
echo $row['street']. "<br>";
}
the varible $streets is exploded from a text area input, each value on a new line.
When I process this using PHP, only the rows that are LIKE the last 'OR' are returned .. (The last line in the text area). But when I copy and paste the generated SQL into PHPMYADMIN, it returns ALL the data, as expected.
What am I missing here? Thanks.
My guess would be that you aren't stripping the newline from the end of each $street entry, therefore only the last entry looks valid as it probably doesn't have a trailing newline. No doubt your query probably looks like...
SELECT * FROM `data` WHERE `street` LIKE '%foo
%' OR `street` LIKE '%bar
%' OR `street` LIKE '%baz%'
The quick fix would be to use...
implode("%' OR `street` LIKE '%", array_map(function($s) use ($con) {
return $con->escape_string(trim($s));
}, $streets))
Ideally, you should be using a prepared statement with parameter binding.
I have a search script that retrieves an integer from one table and uses it to search through the IDs of a 2nd table. My issue is if the integer in Table1 appears more then once, I get duplicate results when querying Table2.
Does anyone know a way to use SQL or PHP so that if a row is already displayed it will skip it? Thanks
My code is rather convuleted but here it is if it helps:
//TV FILTERS
$sql = 'SELECT * FROM `table1`';
$where = array();
if ($searchlocation !== 'Any') $where[] = '`value` LIKE "%'.$searchlocation.'%"';
if ($searchmake !== 'Any') $where[] = '`value` LIKE "%'.$searchmake.'%"';
if ($searchtype !== 'Any') $where[] = '`value` LIKE "%'.$searchtype.'%"';
if (count($where) > 0) {
$sql .= ' WHERE '.implode(' OR ', $where);
} else {
// Error out; must specify at least one!
}
$tvqresult = mysql_query($sql);
$num_rowstvq = mysql_num_rows($tvqresult);
while ($rowtvq = mysql_fetch_array($tvqresult)) {
$contid = $rowtvq['contentid'];
//MAIN QUERY
$mainsql = 'SELECT * FROM `table2` WHERE `content` LIKE "%' . $searchterm . '%" AND `id` = ' . $rowtvq['contentid'] . ' AND `template` = 12';
$resultmain = mysql_query($mainsql);
$num_rowsmain = mysql_num_rows($resultmain);
if (!$resultmain) {
continue;
}
else {
while ($row = mysql_fetch_array($resultmain )) {
echo "[!Ditto? &parents=`134` &documents=" . $row['id'] . "&tpl=`usedtempchunk`!]";
}//END MAIN LOOP
}//END MAIN ELSE
}//END TV WHILE LOOP
You only seem to use the contentid column from your first query, so you could change it to:
$sql = 'SELECT distinct contentid FROM `table1`'; // rest would be the same
which would mean that no duplicates will be retreived saving you any hassle in changing your second set of code.
If you are using other columns from the first query somewhere else in your code, you can still fetch more columns with this method as long as there are no duplicate IDs:
$sql = 'SELECT distinct contentid, contentTitle, contentThing FROM `table1`';
If you have to have repeated IDs in your original query, I think you will have to store the data in a variable (like an array) and then make sure that the second dataset isn't repeating anything.
It sounds like you're only looking for 1 row, if so, then at the end of your SQL, simply add LIMIT 1. That'll ensure you only return 1 row, thereby ignoring any duplicate matches.